EMEA Techshare 2009 The Future Begins SIP Trunking – Best Practices Aaron Miller Systems Engineer – SP Specialist April 1, 2009
EMEA Techshare 2009
The Future Begins
SIP Trunking – Best Practices
Aaron Miller
Systems Engineer – SP Specialist
April 1, 2009
EMEA Techshare 2009
The Future BeginsAgenda
What’s the big deal?
– What’s so great about SIP?
– Why are organizations moving to SIP trunking?
SIP trunk architecture
– Public and Private SIP trunks
– Review of TCP/TLS vs. UDP
– SES vs. SM – what’s the right choice for me?
Get it right the first time
– Aaron’s top ten best practices
– Closing thoughts
EMEA Techshare 2009
The Future BeginsAgenda
What’s the big deal?
– What’s so great about SIP?
– Why are organizations moving to SIP trunking?
SIP trunk architecture
– Public and Private SIP trunks
– Review of TCP/TLS vs. UDP
– SES vs. SM – what’s the right choice for me?
Get it right the first time
– Aaron’s top ten best practices
– Closing thoughts
EMEA Techshare 2009
The Future BeginsWhat’s so great about SIP?
More than just telephony– SIP supports a wide range of services and enterprise
applications• Instant Messaging• Presence Management• Voice enabled, web-based e-commerce
The protocol itself is: –Extensible and Simple
•Text based, efficient messages – a lightweight protocol–Stable and Secure
•Been around since the late 90’s, enables encryption, authentication and additional security extensions
–Interoperable•SIP standards are being adopted by the telecommunications industry
EMEA Techshare 2009
The Future BeginsAvaya SIP Solution Architecture
CM
HomeSES
EdgeSES
(Core Router)
HomeSES
CM
MM
MX
MX
MM CM CM
SIP
CM: Communication ManagerSES: SIP Enablement ServicesMM: Modular MessagingMX: Meeting ExchangeAVP: Avaya Voice PortalG860: High Density Trunking GW
SIPCMBE
SIPCMBE
AVPG860
AuraSession Manager
EMEA Techshare 2009
The Future BeginsAre we in the future yet?
SIP trunking is following an adoption model similar to IP telephony
– Businesses on the cutting edge of technology have already adopted SIP trunking
– Many others are in the process of trialing it in pilot programs
– Interop testing is being worked at a frantic pace between enterprise vendors and service providers
The “Tipping Point” is now
– In the down economy, cost savings are critical for businesses
– Many greenfield installs are requesting a SIP trunking solution
EMEA Techshare 2009
The Future BeginsSIP trunking – what’s in it for me?
Enterprise benefits– Reduction on enterprise hardware
• Reduction in footprint, power consumption and maintenance charges
– Flexibility in provisioning / design / resource utilization– Architecturally ready for future applications– Potential cost savings– Enhanced survivability– Use of high fidelity codecs, e.g. G.722
Service Provider motivations to move to SIP trunking– Dwindling, and the expectation of dwindling, TDM revenues– Offer new services and applications to maintain profits– Incumbents need to keep smaller competitors (without TDM
capabilities) out of their accounts– Provide one access method for all voice and data services
EMEA Techshare 2009
The Future Begins Limitation & Challenges of Private IP (H.323) Trunking
IP WANIP WAN
PSTNLocal &
Long Distance
PSTNLocal &
Long Distance
IP Data &Telephony
• Private IP (H.323) trunks are limited to VoIP communications between internal systems/sites• Separate TDM interfaces are required for external communication (partners/suppliers/customers)• Extra cost, extra hardware, extra complexity
Customers/ Partners/ Suppliers
LAN LAN
TDM in
terfa
ces TDM
interfaces
Why SIP Trunking?Why SIP Trunking?
IP Phone IP Phone IP Phone IP Phone
Exter
nal C
omm
unicat
ions
External Comm
unications
Internal Communications
EMEA Techshare 2009
The Future Begins SIP Trunking A Single Pipe to the Cloud
WANWAN
PSTNLocal &
Long Distance
PSTNLocal &
Long Distance
H.323
SIPSIP
Customers/ Partners/ Suppliers
LAN LAN
IP Phone IP Phone IP Phone IP Phone
• Single IP link for voice/data• Optimize use of WAN access by consolidating voice and data services• Eliminate PSTN interfaces for long-distance and local access• Assign local telephone numbers to any ‘virtual location,’ independent of physical location• Save on toll charges• Prepares for future SIP solutions
EMEA Techshare 2009
The Future BeginsAgenda
What’s the big deal?
– What’s so great about SIP?
– Why are organizations moving to SIP trunking?
SIP trunk architecture
– Public and Private SIP trunks
– Review of TCP/TLS vs. UDP
– SES vs. SM – what’s the right choice for me?
Get it right the first time
– Aaron’s top ten best practices
– Closing thoughts
EMEA Techshare 2009
The Future BeginsFlavors of SIP Trunking
Service Provider Service Provider
Service Provider Enterprise / Contact Center(one or multiple locations)
Enterprise / Contact Center Enterprise / Contact Center
Enterprise / Contact Center Application Servers
SIP trunking can be over the LAN, WAN or dedicated circuits.
Routing to the IP address of the server is the key.
SIP trunking can be over the LAN, WAN or dedicated circuits.
Routing to the IP address of the server is the key.
EMEA Techshare 2009
The Future Begins A SIP Trunking Solution
SIP
Modular Messaging
Voice Portal
CM Branch EditionCommunication Manager
SESMeeting Exchange
Enterprise SBC
DS3/ISDN
G860
CustomersPartnersSuppliers
Avaya one-X©
Communicator
SIP SPPSTN
SIP
SIP
CustomersPartnersSuppliers
SP SBC
EMEA Techshare 2009
The Future BeginsBuilding Blocks of SIP Trunking
Service Provider
– Service
– Session Border Controller (SBC)
Customer Premise
– Edge security device: SBC, Firewall, etc
– Communication Platform: Server(s), Gateway(s),SIP Proxies, etc
– Application Servers: messaging, video & audio conferencing, collaboration tools, IM, Presence, and more
– Endpoints: hardphones, softphones, mobile devices, application integration
Service Provider
SBCServer / Gtwy
… or direct connection
EMEA Techshare 2009
The Future BeginsWhen do I need an SES?
An SES is required for two reasons
– SIP endpoints
– Private SIP trunking with adjuncts, i.e. MM, VP
What about TCP/TLS vs. UDP?– Most (read ALL) SP’s use UDP for their SIP trunking solutions– In the Enterprise, SIP trunking uses TCP or TLS– Therefore, something is required in the “middle” to do protocol translation
What’s the something?
– That’s up to you and the customer – it could be an SES, an SBC, or any real-time protocol converter
EMEA Techshare 2009
The Future BeginsAvaya SIP Trunking SolutionCM 4.0 Introduced Direct Connect
For a SIP trunking solution, either an SES or an SBC is required to do the TCP/TLS conversion to UDP
SIP SPSIP SP
CM
SBC
TCP (or TLS)
UDP
SES
This can be done by the SES
Or this can be done by the SBC
Or both can be used
We’ll discuss the differences between the SES and an SBC in subsequent slides
SES
EMEA Techshare 2009
The Future Begins
SP SIP NWACME SBC SES
SIP Enablement Services with SM
Endpoints
VPAESMM
CM
SES
SM
GW
CM
GW
Endpointso o o o o o
Endpoints
MX
EMEA Techshare 2009
The Future BeginsKey Points
Sell SIP Enablement Services (SES) for:
– SIP Call Center
– DO System Integration
– Advanced SIP Telephony <1000 SIP Endpoints• Position SM Trial >1000 Endpoints
– Application Integration (Voice Portal, Modular Messaging)• Easy Upgrade to SM Later if Necessary
– Public SIP Trunking
SES SM Migration Path
– Database Conversion Tool Included with SM
– Customers Migrate from SES to SM at their own pace
EMEA Techshare 2009
The Future BeginsAgenda
What’s the big deal?
– What’s so great about SIP?
– Why are organizations moving to SIP trunking?
SIP trunk architecture
– Public and Private SIP trunks
– Review of TCP/TLS vs. UDP
– SES vs. SM – what’s the right choice for me?
Get it right the first time
– Aaron’s top ten best practices
– Closing thoughts
EMEA Techshare 2009
The Future BeginsLadies and Gentlemen…..
Aaron’s Top Ten Best Practices for Deploying SIP Trunking!!!
EMEA Techshare 2009
The Future Begins#10 – Ensure the SP offer has been tested in devConnect
SIP is described by many IETF RFCs, notably 3261– Each have many “SHOULDs”– Not all vendors implements all the “MUSTs”– Many SPs have equipment from various vendors
– Hence the SIP ‘standard’ is not tight Therefore it is absolutely critical that you ensure your SP
offer is certified through the Avaya devConnect program This is really not a “Best Practice” but rather a
requirement If you’re not sure –
– http://www.avaya.com/devconnect
EMEA Techshare 2009
The Future BeginsSIP SP devConnect members
EMEA– BT [Germany and Spain]
– Club Communications [UK]
– COLT [UK and Germany]
– KPN [Netherlands]
APAC– Singtel [Singapore]
– Telstra [Australia]
– TFN [Taiwan]
United States– AT&T
– BandTel
– Bandwidth.com
– Clear Channel Satellite
– ConneXon Telecom (911 Enable)
– Cox Communications
– Global Crossing
– Nectar (AGN Network)
– PAETEC (McLeodUSA)
– Telcordia
– Telepacific
– Verizon Business
– XO Communications
EMEA Techshare 2009
The Future Begins
DiscoveryDiscoveryPhasePhase
SupportSupportPhasePhase
CooperativeCooperativePhasePhase
CollaborationCollaborationPhasePhase
Collaborative TestingCollaborative Testing - Avaya and SP Labs are interconnected - SP allows Avaya engineers to lead test effort - Beta releases of Avaya code are consider for testing - Solution architectures are discussed as a team
Service Provider Independent Testing Limited ParticipationService Provider Independent Testing Limited Participation- The SP and Avaya start discussion regard “application” fit for Avaya CPE as edge technology to SP service offers. Usually customer/opportunity driven- Exploratory testing in SP’s lab with limited interactions with Avaya Test Engineering
- Sporadic often urgent demands for support when integration doesn’t work as expected- Unwilling to accept Avaya test results for integration certification- If Certification occurs, it follows the SP’s process in their Lab
SP Independent Testing onsite or remote SP Independent Testing onsite or remote ParticipationParticipation - Certification occurs in SP’s Lab with support from Avaya on-site or remotely - Relationships between Avaya and SP engineers start to develop - SP engineers take the lead role in conducting certification testing
Avaya & SP Cooperative Testing/CertificationsAvaya & SP Cooperative Testing/Certifications - Avaya Tests prior to going to SP lab - Avaya Lab test results are consider valid by SP however, certification still requires testing in SP’s Lab - Collaborative relationships are formed to solve integration issues
Getting to the Top with SP Certification
Background Background Evolution of Working Relationship with SPsEvolution of Working Relationship with SPs
Trust
& P
artn
ersh
ip
EMEA Techshare 2009
The Future Begins#9 – Use an SBC
A Session Border Controller on the Enterprise edge brings numerous advantages
Service Provider SBC is to provide protection and topology hiding of their network
Best practice: Enterprise customer should deploy their own SBC
Avaya recommends:– Acme Packet Net-Net SBC
Firewall that can handle real time packets
Network Address Translation / topology hiding
Call Admission Control
Protocol repair (remember those SHOULDs and MUSTs?)
CLAN load balancing
EMEA Techshare 2009
The Future BeginsSES and SBC Comparison
Capability Avaya SES Session Border Controller
Inbound Call Routing
Statically configured (Pattern Match) to specific CLAN. No Alternate Path or dynamic load Share*.
Load Balanced to Several CLANS, and intelligent add/removal of non-responsive CLANs from pool.
Local Server Redundancy Supported Supported
Geographic Redundancy Layer 2, same subnet Layer 2, same subnet
CM uses TCP or TLS and needs to be converted to UDP for SIP Service Provider
Supported Supported
Topology Hiding (of Customer's internal addressing, CLANs, Medpros, IP Endpoints.)
Not Supported
Customer SBC can terminate signaling and anchor media from Service Providers SBC. Customer SBC then speaks directly to CLANs, Medpros, IP Endpoints. This results in less exposure.
NAT Not Supported Supported
Call Admission Control
Integrated Firewall Enhanced Security Not Supprted Supported, higher layer/application level/DoS
Hardware Price Estimate dependent on resilience $5K - $20K ~$30K - 50K
SupportedNot Supported
EMEA Techshare 2009
The Future Begins#8 – Use CM 5.1.2 or greater
Very significant enhancements in CM 5.1.2 to public SIP trunking deployments
– This is also the load of software used in the latest devConnect and SIL testing
Fixes are not being backported to older loads
– Keep service packs up to date
Ensure the SES is also on the latest release
Sign up for email notifications to get the latest and greatest PSNs/PCNs for both CM and SES
– Check out http://support.avaya.com
EMEA Techshare 2009
The Future Begins#7 – Be careful with Wi[l]d(5)cards*
“Wildcards” or regular expressions are used when configuring the SES to match host and media maps for both inbound and outbound trunks
{N} The preceding item is matched exactly N times.
. Matches any single character.
* Matches zero or more occurrences of the character immediately preceding. For example, the regular expression .* means match any number of any characters
– For example, ca*t will match "ct" (0 "a"characters), "cat" (1 "a"), "caaat" (3 "a"characters), and so forth
Online “Tutorial”: Regular Expressions explained
– http://www.regular-expressions.info/tutorial.html
EMEA Techshare 2009
The Future BeginsAddress Maps
• Our Goal: Route Extensions 45010 – 45019
• Our Lab Host Map: ^sip:4501[0-9]
^sip:777[0-9]{3}@example.com
• Matches sip:[email protected]
• Doesn’t match
• sip:[email protected]
• sip:[email protected]
Be aware that what may work for a current implementation may cause problems as additional media maps or hosts are added
^sip:77*@example.com
Matches sip:[email protected]
EMEA Techshare 2009
The Future Begins#6 – Be aware of CLAN load balancing, or lack thereof
The SES creates a direct one to one mapping between a SIP trunk and a CLAN
– No capability for the system to dynamically shift the trunk to another CLAN if there is a fault
– Potential issues with reliability and redundancy for critical deployments
This can be resolved by using an SBC, which does have the capability to dynamically balance the trunk amongst different CLANs
Or, use the Adjunct Route feature and administer the CLAN pools in a VDN
EMEA Techshare 2009
The Future BeginsAdjunct System Routing Logic
SES Round-robin load-balances across the Adjunct Servers associated with the target Adjunct System
SESCombo /
Home
Adj. Server 1(e.g., MM MAS)
Adj. Server 2sip:[email protected]
Adj. Server 3sip:[email protected]
Adj. Sys.(e.g., MM)
x2000
1: Call 1
2: Call 2
3: Call 3
SESCombo /
Home
Adj. Server 1(e.g., MM MAS)
Adj. Server 2sip:[email protected]
Adj. Server 3sip:[email protected]
Adj. Sys.(e.g., MM)
x2000
4: Call 4
5: Call 4
6: Call 4
If an Adjunct Server is non-responsive (failure/network outage, etc), fast-failover (~5 sec) to next Adjunct Server (if available)
EMEA Techshare 2009
The Future BeginsExample of SES load balancing using the « Adjunct Systems » feature
G650 with 2 CLANs
G650 with 1 CLANs
SIP / Acme Packet
SES Cluster withNetwork Duplication
CommunicationManagerMain andStandby
All calls to the VDN number,e.g.
0203285594
1
2
3
4
5
1
2
3
45 6
6
20000 BHCCOver 4 CLANS is a N+1 CLAN redundancy
EMEA Techshare 2009
The Future Begins
#5 – Understand your duplication options
SES now offers cabled and network duplication
– Both offers are similar, work with a virtual IP address that front ends the system
– Network duplication offer requires both SES servers to be on the same subnet
Also possible to have two SES EDGE (or COMBO) servers in the same enterprise
– Duplication can be achieved through CM and the SP through the configuration of backup route patterns
– Please note that this can cause potential issues if SIP endpoints are brought into the environment
EMEA Techshare 2009
The Future Begins
Example config of non-duplicated SES
Service ProviderService Provider
G650G650Primary
Location 1
SES A Combo
G650 G650ESS
Location 2
SES B Combo
SBC
Primary Route Pattern
Secondary Route Pattern
EMEA Techshare 2009
The Future Begins
#4 - History info vs. Diversion Header
Service ProviderService Provider
x5555
Calling0207777555
5
SES02012345678
1) Inbound call from CPN 02012345678
2) Call routed over SIP trunk to CM IP phone, DDI 02077775555
3) Extension 5555 has EC500 set, CM sends outbound call onSIP trunk to mobile phone
4) CM sets History_info field to CPN of 02077775555
5) SP receives call from Avaya and checks the Diversion Header, whichAvaya doesn’t support
6) SP next checks P Asserted Identity; this is the number of the mobileextension we’re calling, also not recognized by the SP
7) Finally the SP checks the FROM field, but this is still set to the originalCPN of 02012345678. CM will never change this field.
8) SP is unable to route the call, and the call is rejected
EMEA Techshare 2009
The Future Begins
History info vs.Diversion Header CM 5.2 Major enhancement to SIP trunking capabilities with support
of Diversion Header Allows successful call redirect to a SIP Service Provider (SP) Implemented primarily for EC500 although the following is the full
set of supported features:– OPTIM applications EC500, ONE-X, CSP, FMC (PBFMC or
SPFMC)– Call Forwarding– Call Coverage– Call Vector Redirect
Uses the SIP Diversion Header– Partially implemented the expired IETF draft: draft-levy-sip-
diversion-08– SIP SPs tend not to support the standard History-Info header
and prefer to use the Diversion Header instead even though it is non-standard
– Support of the Diversion Header is widely deployed
EMEA Techshare 2009
The Future BeginsHistory info vs. Diversion Header
New SIP Trunk Group Protocol Variation field “Send Diversion Header? y/n” (default “n”)
The diverting user must be provisioned in public unknown numbering
New SIP Trunk Group Protocol Variation field “Support Request History? y/n” (default “y”)
– When the field is set to n(o) the History-Info header will not be transmitted (regardless of protocol signaling indicating the far end supports it) and CM will no longer signal support for it
– The Diversion Header and the History-Info header are mutually exclusive and can both be signaled
– At least one SP mandates that the History-Info header never enters their network under any condition
– Changing this default should be carefully considered and done only when absolutely necessary
EMEA Techshare 2009
The Future Begins#3 – Ensure timer on SIP Sig group is properly administered
Aaron Proxy Pizza
INVITE sip:[email protected]
INVITE sip:[email protected]
100 TRYING
180 RINGING
180 RINGING
Timer previously set to 2 seconds
Now administrableon SIP sig grp form
EMEA Techshare 2009
The Future BeginsAlternate Route Timer Field
Added in CM 5.1 to provide an administrable value
Alternate Route Timer (sec) on the SIP Signaling Group form
•The range is 2- 30 seconds
•The default is 6 seconds
EMEA Techshare 2009
The Future Begins#2 – Consider a phased deployment
As with any new technology there may be challenges in the implementation
Depending on how the Authoritative SIP domains are setup, there may be a requirement to have dedicated inbound SIP trunks and dedicated outbound SIP trunks
Potential issues with dialplan portability may encourage the use of outbound trunks first
For initial roll-out ensure there are traditional TDM trunks for fall-back purposes
EMEA Techshare 2009
The Future Begins#1
Will I use an SBC or an SES?
Have we testedwith this SP?
What are the implications to the dial plan?
What is myduplication strategy?
Does this SP supportT.38 FAX?
What applications doesthe customer use now?
THINK!!!
What is the customer’s technology roadmap?
Is QoS enabled on the network?
How will I get feedback on bad calls?
Do I need separate trunks for inbound and outbound?
EMEA Techshare 2009
The Future BeginsClosing thoughts
SIP trunking is becoming more and more prevalent in enterprise deployments
Through continuous test efforts, the protocol is becoming more refined
With the release of Avaya Aura, knowledge of SIP trunking will become absolutely critical to everyone in this room
The future begins now – learn and understand how to design and deploy SIP trunking!