StarLeaf Network Guide



Similar documents
Portal Tutorial. For resellers

Cisco TelePresence Video Communication Server (Cisco VCS) IP Port Usage for Firewall Traversal. Cisco VCS X8.5 December 2014

IP Ports and Protocols used by H.323 Devices

Cisco Expressway IP Port Usage for Firewall Traversal. Cisco Expressway X8.1 D December 2013

StarLeaf Cloud Troubleshooter

AVer Video Conferencing Network Setup Guide

StarLeaf Connectivity Services. Deployment Guide

Unified Communications in RealPresence Access Director System Environments

MINIMUM NETWORK REQUIREMENTS 1. REQUIREMENTS SUMMARY... 1

nexvortex Setup Guide

Video Conferencing and Firewalls

Polycom. RealPresence Ready Firewall Traversal Tips

OpenScape Business V2

White Paper. Traversing Firewalls with Video over IP: Issues and Solutions

nexvortex SIP Trunking Implementation & Planning Guide V1.5

Application Note. Firewall Requirements for the Onsight Mobile Collaboration System and Hosted Librestream SIP Service v5.0

VidyoWay IT Guide Product Version 3.0 Document Version 3.0 A 5/9/2014

District of Columbia Courts Attachment 1 Video Conference Bridge Infrastructure Equipment Performance Specification

LifeSize Transit Deployment Guide June 2011

TALKSWITCH VOIP NETWORK TROUBLESHOOTING GUIDE

AT&T IP Flex Reach/ IP Toll Free Configuration Guide IC 3.0 with Interaction SIP Proxy

Application Note. Onsight Connect Network Requirements v6.3

MS Skype for Business and Lync. Integration Guide

Internet and Intranet Calling with Polycom PVX 8.0.1

OfficeMaster Gate (Virtual) Enterprise Session Border Controller for Microsoft Lync Server. Quick Start Guide

Network Considerations for IP Video

Yealink VCS Network Deployment Solution

Technical Configuration Notes

SIP Trunking with Microsoft Office Communication Server 2007 R2

Network Connection Considerations for Microsoft Response Point 1.0 Service Pack 2

Alkit Reflex RTP reflector/mixer

ESI SIP Trunking Installation Guide

Application Note. Onsight Connect Network Requirements V6.1

Application Note. Onsight TeamLink And Firewall Detect v6.3

Vega 100G and Vega 200G Gamma Config Guide

Smart Tips. Enabling WAN Load Balancing. Key Features. Network Diagram. Overview. Featured Products. WAN Failover. Enabling WAN Load Balancing Page 1

Technical Configuration Notes

Troubleshooting Tools to Diagnose or Report a Problem February 23, 2012

Polycom Unified Communications Deployment Guide for Cisco Environments

Quick Start The StarLeaf Touch

How To Understand The Purpose Of A Sip Aware Firewall/Alg (Sip) With An Alg (Sip) And An Algen (S Ip) (Alg) (Siph) (Network) (Ip) (Lib

An Examination of the Firewall/NAT Problem, Traversal Methods, and Their Pros and Cons

Cisco TelePresence VCR MSE 8220

BroadCloud PBX Customer Minimum Requirements

nexvortex SIP Trunking

MITEL SIP CoE. Technical. Configuration Notes. Configure MCD 6.X for use with babytel SIP trunks. SIP CoE

Application Notes for Avaya IP Office 7.0 Integration with Skype Connect R2.0 Issue 1.0

Optional VBP-E at the Headquarters Location

Polycom Unified Communications in RealPresence Access Director System Environments

White Paper. Solutions to VoIP (Voice over IP) Recording Deployment

Acano solution. Third Party Call Control Guide. March E

Polycom RealPresence Access Director System

Copyright ZYCOO All Rights Reserved 1 / 8

AVer EVC. Quick Installation Guide. Package Contents. 8. Mini Din 8 pin MIC Cable. 1. Main System. 9. HDMI Cable. 2. Camera. 10.

EarthLink Business SIP Trunking. NEC SV8300 IP PBX Customer Configuration Guide

Configuring a Mediatrix 500 / 600 Enterprise SIP Trunk SBC June 28, 2011

Integrating VoIP Phones and IP PBX s with VidyoGateway

Crossing firewalls. Liane Tarouco Leandro Bertholdo RNP POP/RS. Firewalls block H.323 ports

MULTI WAN TECHNICAL OVERVIEW

PSTN Survivability - Sentinel in the LAN with PBX Registering to Sentinel. Dgw v Revision 01 April 30,

Bridgit Conferencing Software: Security, Firewalls, Bandwidth and Scalability

nexvortex Setup Guide

Setup Reference Guide for KX-NS1000 to SBC SIP Trunking

Configuring SIP Trunking and Networking for the NetVanta 7000 Series

SBC 1000 / SBC 2000 Series Configuration Guide (For Microsoft Lync Server 2013)

Application Note. Onsight Mobile Collaboration Video Endpoint Interoperability v5.0

Need for Signaling and Call Control

Polycom Unified Communications in RealPresence Access Director System Environments

How To. Instreamer to Exstreamer connection. Project Name: Document Type: Document Revision: Instreamer to Exstreamer connection. How To 1.

Quick Installation Card

Encapsulating Voice in IP Packets

Personal Telepresence. Place the VidyoPortal/VidyoRouter on a public Static IP address

EarthLink Business SIP Trunking. NEC SV8100 IP PBX Customer Configuration Guide

Prepare your IP network for HD video conferencing

VoIP CONFIGURATION GUIDE FOR MULTI-LOCATION NETWORKS

Secure VoIP for optimal business communication

Technical Configuration Notes

Ports Reference Guide for Cisco Virtualization Experience Media Engine for SUSE Linux Release 9.0

Source-Connect Network Configuration Last updated May 2009

MITEL SIP CoE Technical. Configuration Note. Configure MCD for use with Thinktel SIP Trunking Service. SIP CoE

Frequently Asked Questions about Integrated Access

Deploying Secure Enterprise Wide IP Videoconferencing Across Virtual Private Networks

Configuring the Synapse SB67070 SIP Gateway from AT&T for Clearfly SIP Trunking. January 2013

SIP Domain/Proxy, Ring Detect Extension or/and Page Audio Extension, (The 8180 needs its own phone extension) Authentication ID, Password,

Global Network. Whitepaper. September Page 1 of 9

nexvortex Setup Template

The MOST Affordable HD Video Conferencing. Conferencing for Enterprises, Conferencing for SMBs

Operation Manual Voice Overview (Voice Volume) Table of Contents

Polycom RealPresence Access Director System

VegaStream Information Note Considerations for a VoIP installation

SIP Trunking Configuration with

NAPT. (SV8100 version 3.0 or higher)

This document explains how to enable the SIP option and adjust the levels for the connected radio(s) using the below network example:

Enabling NAT and Routing in DGW v2.0 June 6, 2012

Setup Reference Guide for KX-TDE/NCP to SBC SIP Trunking

FortiVoice. Version 7.00 VoIP Configuration Guide

MITEL SIP CoE. Technical. Configuration Notes. Configure MCD 4.1 for use with SKYPE SIP Trunking. SIP CoE

Application Notes for Configuring Cablevision Optimum Voice SIP Trunking with Avaya IP Office - Issue 1.1

Application Note Configuring the Synapse SB67070 SIP Gateway for Broadvox GO! SIP Trunking

Cisco TelePresence Video Communication Server Basic Configuration (Control with Expressway)

Transcription:

Network Guide

Contents Introduction------------------------------------------------------------------------------------------------------------------------- 3 Registration to the ------------------------------------------------------------------------------------------ 3 Point-to-point calling within the ----------------------------------------------------------------------- 6 Calling from a endpoint to the public telephone network (PSTN)---------------------------------12 Multipoint conferencing -------------------------------------------------------------------------------------------------------13 Copyright 2014. All rights reserved. This guide may not be copied, photocopied, translated, reproduced, or converted into any electronic or machinereadable form in whole or in part without prior written approval of Limited. Limited reserves the right to revise this documentation and to make changes in content from time to time without obligation on the part of Limited to provide notification of such revision or change. Limited provides this documentation without warranty, term, or condition of any kind, either implied or expressed, including, but not limited to, the implied warranties, terms or conditions of merchantability, satisfactory quality, and fitness for a particular purpose. Limited may make improvements or changes to the product(s) and/or the program(s) described in this documentation at any time. All other product and company names herein may be trademarks of their respective owners. Network Guide

Introduction This guide explains how endpoints register to the and make and receive video calls when connected on a customer s network. It applies to all endpoints hardware and soft clients. An important part of this guide is the distinction between signaling traffic and media traffic. In video conferencing, signaling traffic consists of low-bit-rate messages and commands that are sent between endpoints and infrastructure for the purposes of registration and setting up, managing and disconnecting calls. Media traffic is the high-bit-rate flow of real-time audio, video and data-sharing traffic that constitutes the actual call. From a network administrator s point of view, the media traffic is significant because of the demands it places on bandwidth. All endpoints use a default call bit rate of 1.5mbps, but reduce this automatically when they detect that less bandwidth is available. More details on call bit rates used by endpoints are given in Video bandwidths and resolutions used by Call. Registration to the A endpoint must be registered to the to work. All signaling to and from the endpoint is controlled by the and routed via a single host on the public. This host has a DNS name like, which resolves to the public IP address of a border controller within the. Every endpoint in the customer organization uses the same border controller. The endpoint sends probe packets to the border controller, which sends packets back in reply. A regular flow of packets, which is able to encapsulate any type of payload required, ensures that the customer firewall s NAT pinhole is kept open. This is s firewall traversal mechanism and is called a tunnel. Because all endpoint signaling is controlled and routed via the, it is not possible to call a endpoint by its own IP address. endpoints cannot call thirdparty endpoints that use private IP addresses, but can call public IP addresses. On point-to-point (two-way) calls within an organization, media (video, audio and content) takes the most direct route possible: If the endpoints can route traffic to each other s private IP addresses, the media will be sent that way If the endpoints are on different LANs but can route traffic via each other s public (NAT) addresses, the media will be sent that way If no direct route can be found, the media will be backhauled to the organization s border controller On multipoint calls, or point-to-point calls where the far end is not a endpoint or is in a different organization, the media is backhauled to the border controller. The following diagram shows the principles of registration. Network Guide May 2014 3

Figure 1. Provisioning and Registration Administrator 1 Provisioning and registration Persistent UDP tunnel HTTPS https://portal.starleaf.com Portal Endpoint 2 config.starleaf.com Configuration Server 3 HTTPS UDP Router/Firewall Local data center Customer LAN Data Centers 1 Provisioning The reseller creates the customer organization on the portal. The location of the data center is determined by the geographical location of the organization. The reseller or customer administrator creates users and meeting rooms, assigning soft and hard endpoints as required. This is done on the Portal. The portal generates registration credentials which take the form of a 12-digit quick-connect code (for a hardware endpoint) or a single-sign-on login (for a soft client user). The Portal Tutorial for Resellers gives full details about provisioning. 2 Registration The endpoint is connected to the customer s LAN and acquires IP configuration details using DHCP (alternatively, these details can be statically assigned). The installer enters the registration credentials and the endpoint supplies them to config.starleaf.com using an outbound HTTPS (port 443) connection. The configuration server tells the endpoint which border controller to register with. In this document, the border controller is. 3 Tunneling The endpoint sends outbound UDP packets to its border controller, and receives replies from it. The outbound packets will be sent to one of the UDP ports 24704, 3478, 1194, 500 and 123 (123 is the well-known port for NTP servers, so has a high probability of being allowed through most firewalls). This bi-directional flow of packets is called a tunnel. The tunnel can carry multiple data streams (of signaling and media) between the endpoint and border controller, but as far as the network is concerned, these streams are all just UDP payload. Some firewalls will not allow outbound UDP traffic to be sent. In this case, the endpoint creates a TCP tunnel to port 443 of the border controller this is a good fail-over mechanism, but sending real-time media packets over TCP can result in a lower-quality user experience. If this connection type also fails, the Network Guide May 2014 4

endpoint will display an error message indicating that it cannot connect. In this case, there are two troubleshooting steps: 1. Ensure that the conditions in this article: Firewall configuration: IP ports and addresses used by Call are met. 2. Ask an affected Breeze user to run problem_report.exe, available from http:// downloads.starleaf.com. This will upload debugging information to s development server and allow the Technical Support team to identify the cause of the failed connection. The and the endpoint are now able to communicate with each other, exchanging all the types of registration, directory, signaling and media traffic that are required for a successful user experience. Network Guide May 2014 5

Point-to-point calling within the This section illustrates various different point-to-point calling scenarios. Point-to-point calls within a organization In this scenario, a endpoint calls another endpoint in the same organization and on the same network. An IP route exists between the local IP addresses of the endpoints. Figure 2. Point-to-point calls within a organization Private Direct Media Endpoint A Media (audio, video, and content) Signaling Endpoint B Router/Firewall Customer LAN Data Centers 1. Endpoint A sends a setup request to the call control engine within the, supplying the extension number or email address of the far end. 2. The call controller identifies the relevant destination endpoint to be called, and signals it to ring. If the far-end user has multiple endpoints registered in their name (for example, a Personal Telepresence system and a Breeze client) all of the endpoints will ring. 3. While ringing, the endpoints at both ends work out the most efficient way to route media between themselves. In this scenario, a direct IP route exists. When the far end picks up, signaling is sent back to the calling endpoint via the border controller. The call is now connected. 4. Media is sent directly between the two endpoints (not via the border controller), using the route established in Step 3. The direct route avoids unnecessary usage of the organization s connection. The signaling traffic represents only a tiny amount of data, by comparison. We call this method Private Direct Media. Network Guide May 2014 6

In the next scenario, the company has a single organization with endpoints distributed between different sites that have separate connections. There is no company WAN, so there is no direct IP route between the private IP addresses of the endpoints. Figure 3. Point-to-point calls within a organization Public Direct Media Endpoint A Media (audio, video, and content) Signaling Routers/Firewalls Endpoint B Customer LANS (no private route between LANS) Data Centers In this scenario, the endpoints establish that no direct route exists between them. They perform an Interactive Connectivity Establishment (ICE)-like probing process to see if they are able to route media direct between their NAT addresses, instead. This attempt is likely to be successful if the two NAT gateways do not implement symmetric NAT this is most likely to be the case if at least one of them is a domestic router (as opposed to two enterprise-class firewalls). Symmetric NAT imposes tight restrictions on which external host address/port combinations are able to route packets into the firewall. Your firewall might give you the flexibility to configure this behavior. If the endpoints are able to route media into each other s NAT pinholes, the media path shown by the blue line in Figure 2 on page 6 will be used. This gives the shortest, lowestlatency media path possible between the two endpoints and reduces load on the service. We call this Public Direct Media. If Public Direct Media is not possible, the media is backhauled to the Border controller, as shown in Figure 4 on page 8. Network Guide May 2014 7

Figure 4. Point-to-point call in the same organization (media via border controller) MyCompany Endpoint A Routers/Firewalls Signaling Media (audio, video, and content) via MyCompany Endpoint B Customer LANS (no private route between LANS) Data Centers The advantage of the media via border controller method is that it uses the already-established tunnel routes between the company s firewalls and the border controller, so it is certain to work. The disadvantage is that this might not be the most direct route for the traffic. Network Guide May 2014 8

Point-to-point calls between organizations The first point-to-point scenario between organizations is between endpoints. A user in one company calls a user in another company. The call can be dialed either by email address or directly by URI. Figure 5. Point-to-point call between organizations Media (audio, video, and content) via Signaling MyCompany Endpoint A Router/Firewall London Data Center OtherCompany Endpoint A Router/Firewall othercompany.call.sl New York Data Center Customer LANS Data Centers When dialled by email address, the call control engine performs a lookup within the portal database to check if that email address corresponds to a user and, if so, where within the that user is hosted. When dialed by URI, no such lookup is necessary because the destination information (the far side s border controller) is contained in the URI. The format of a URI is: 8XXXX2YYY@othercompany.call.sl...where 8XXXX is the unique identifier of the othercompany organization, 2YYY is the called user s extension, and othercompany.call.sl resolves to the public IP address of the destination company s border controller. The unique URI of each user is in the Welcome email sent by the to that user when they were first provisioned, and can be found and re-sent to them via the portal web interface. This URI can also be found in the settings of the Phone/Touch or Breeze. The call control engine attached to the calling company organization receives the call setup signaling from the calling endpoint. The call control engine sends a setup message to the destination organization. The destination organization s call control engine signals the destination endpoint(s) to ring, via its established tunnel connections to those endpoints. Signaling is exchanged back and forth along this route in order to connect the call. When the call is connected, media negotiation takes place and media channels are established along the same route that the signaling took. Network Guide May 2014 9

The second point-to-point scenario between organizations is between a endpoint in one organization and an H.323 endpoint in another organization. In Figure 6, a endpoints calls a publicly-accessible H.323 endpoint which is not registered to the. Figure 6. Point-to-point call between a endpoint and a third-party H.323 endpoint Endpoint A at MyCompany Router/Firewall RTP H.323 EVSIP H.323 Endpoint at OtherCompany Customer LANS Data Centers A endpoint will be unable to call an H.323 endpoint which is connected only on a private IP address with no provision made for public connectivity. For example, if a Polycom endpoint is on a customer LAN and has the private IP address 192.168.0.25, dialling 192.168.0.25 from a endpoint, even on the same LAN, will not work, because 192.168.0.25 is not routable from (which is on the public ). Note: When a endpoint calls an H.323 endpoint which is registered to the same organization, that H.323 endpoint is registered to the organization s border controller (which has the ability to behave as an H.323 gatekeeper). Registering an H.323 endpoint with a organization allows its H.460 capabilities to be used for firewall traversal. Network Guide May 2014 10

Calling from a endpoint to the public telephone network (PSTN) PSTN connectivity is a non-standard feature that can be enabled for organizations on a custom basis, in conjunction with a suitable PSTN SIP trunking provider. Your sales contact will be able to give you more information about this, including any setup and monthly recurring costs involved. When this feature is set up, a SIP trunk is actively registered from the organization s call controller to the gateway of the PSTN SIP trunking provider. Calls made from endpoints to telephone numbers are routed from the call controller to the SIP provider, via the border controller and using SIP signaling over the. The provider completes the call to the telephone number and media is routed as shown in the diagram. Calls between endpoints and publicly-accessible SIP video systems work in the same way. The diagram below shows PSTN to connectivity. Figure 7. Endpoint A Audio Call Calling from a endpoint to the public telephone network (PSTN) Router/Firewall RTP SIP EVSIP Customer LAN PSTN SIP Trunk Provider PSTN Data Centers Network Guide May 2014 11

Multipoint conferencing This section illustrates various different multipoint calling scenarios. Multipoint conference between endpoints in the same organization In this calling scenario, the endpoints are in the same organization and have a direct IP route to each other. However, in a multipoint conference, all of the media has to be transcoded, and transcoding is all done by the. Therefore, each endpoint sends and receives all of its signaling and media via the organization s border controller, through which it accesses the call control and media engines that are needed to make the multipoint conference work. Figure 8. Multipoint conference between endpoints in a single organization Endpoint A LAN 1 Router Endpoint B LAN 2 Endpoint C LAN 3 Media (audio, video, and content) Signaling Tunnel Customer Network (WAN/MPLS) Data Centers Clearly, this situation leads to a higher load on the organization s connection. In mitigation, because the video contributed from each endpoint in the conference is shown at a much lower resolution than it would be on a point to point call, the bit rate at which each endpoint transmits media is much lower than on a point to point call typically, 0.5 mb/s instead of 1.5 mb/s. Network Guide May 2014 12

Multipoint conferences between endpoints in different organizations When endpoints outside the conference host organization are included in a conference, their signaling and media are routed via the other organization s border controller (in the case of external endpoints) or via standard H.323 or SIP calls across the to the destination endpoint, as shown in the following diagram. Figure 9. Conference including external endpoints MyCompany LAN 1 Router Media (audio, video, and content) Signaling Tunnel MyCompany LAN 2 OtherCompany LAN Router othercompany.call.sl Customer Networks Data Centers Network Guide May 2014 13

Multipoint conferences including third-party endpoints In the following diagram the conference includes a third-party endpoint outside the organization that has a public IP address. Figure 10. Conference including a third party endpoint tthe is connected to the third-party endpoint using H.323 or SIP MyCompany LAN 1 Router Media (audio, video, and content) Signaling Tunnel MyCompany LAN 2 OtherCompany LAN Company Networks Data Centers Network Guide May 2014 14

Network Guide May 2014 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information