Broadvox SIP Trunking. Frequently Asked Questions (FAQs)

Broadvox SIP Trunking Frequently Asked Questions (FAQs)

Table of Contents Can a Call Center with an automated dialer use Broadvox services? 3 Can I connect to Broadvox services if I have a dynamic IP address? 3 Can I keep my current phone number(s) if I switch to Broadvox services?... 3 Can I send a number in the caller ID that is not provided by Broadvox?... 3 Can I send a 7-digit number for local calling?... 3 Does Broadvox provide a SLA?... 3 Does Broadvox support Caller ID (CID)?... 4 Does Broadvox support Caller Name (CNAM)?... 4 Does Broadvox support E911?... 4 Does Broadvox support faxing?... 4 Does Broadvox support Microsoft OCS 2007?... 4 Does Broadvox support point-to-point connectivity from our network to the Broadvox data center?... 4 Does Broadvox support QoS?... 4 Does Broadvox support registration?... 5 Does Broadvox support SIP over TCP?... 6 Does Broadvox support SIP over TLS?... 6 Does Broadvox support SRTP?... 6 Does Broadvox support VPN connectivity?... 6 How are local calling areas determined?... 6 How does local calling work?... 6 I am using dual/triple/quad T1s for my Internet connection. What protocol should I use to bond them?... 7 Confidential and Proprietary 1

If I forward a call to a number that is local to the calling party, will it be treated as a local call?... 7 If I purchase a GO!Local trunk for my centralized PBX in New York City and an Enhanced Local Number in Chicago at a branch location, can I send a call to Chicago from New York City and have it considered a local call or vice-versa?... 7 Is faxing over VoIP reliable?... 7 Is it possible for someone to spoof caller ID information?... 7 My PBX is behind a NAT, can I still use Broadvox services?... 8 What codecs does Broadvox support?... 8 What PBX/router/switch/IAD/gateway/ISP does Broadvox recommend?... 8 What type of redundancy options do Broadvox SIP Trunks support? 8 What type of security features do Broadvox SIP trunks offer?... 9 When using Broadvox GO!Local, how do we pass a call in a way that indicates it is long distance as opposed to local?... 11 Will calls ever traverse the public Internet?... 12 Confidential and Proprietary 2

Can a Call Center with an automated dialer use Broadvox services? It depends on the dialer. a. If the dialer generates numbers at random, then no. b. If the dialer uses a list of pre-screened numbers to place calls then yes, with certain limits on how quickly a customer tries to set up calls. In general, if the call center is a legitimate business that (for example) performs collections for several different entities and knows that the dialed numbers are associated with specific people, then it is not a problem. If the call center is a company that uses a dialer to generate a list of numbers that might not be associated with a person, then Broadvox services may not be used. Can I connect to Broadvox services if I have a dynamic IP address? Yes, customers can connect to Broadvox services with a dynamic IP address by using registration. Can I keep my current phone number(s) if I switch to Broadvox services? In most cases, yes, Broadvox supports Local Number Portability (LNP). A Broadvox sales associate can determine whether specific numbers are portable. Can I send a number in the caller ID that is not provided by Broadvox? Yes, Broadvox allows customers to send whatever 10-digit number in the caller ID they would like to send. Bear in mind that if a customer sends a 10-digit number that does not represent their business, it may be illegal and a breach of the Broadvox acceptable terms of use. This functionality is primarily for call forwarding applications where it is desirable to know the true calling party. Can I send a 7-digit number for local calling? No. Broadvox supports only 10-digit, 1+10-digit, and 011+CC+TN international dialing. To enable 7-digit dialing, Broadvox recommends that customers add their area code to the outbound dialed number before it leaves their PBX. Does Broadvox provide a SLA? Yes, Broadvox does provide a Service Level Agreement (SLA). A Broadvox sales associate can provide a copy. Confidential and Proprietary 3

Does Broadvox support Caller ID (CID)? Yes, Broadvox supports passing caller ID in the From, Remote-Party-ID, and P- Asserted-Identity headers. The caller ID should be a 10-digit number. Does Broadvox support Caller Name (CNAM)? Yes, Broadvox supports CNAM on both the outbound and inbound directions on the customer s Billing Telephone Number (BTN). Customers must contact the Broadvox LNP department to have their outbound CNAM set to their desired name. Inbound CNAM on their BTN should work automatically. The name will be contained in the Display Name portion of the From header in the SIP signaling. Does Broadvox support E911? Yes. Broadvox supports E911 on customers BTN and Broadvox Enhanced Local Numbers (ELNs). Customers must make sure they send the correct BTN or ELN on any call to 911; otherwise the call center will receive the wrong address because addresses are registered against the calling number. There is a $50 per-call charge for any call to 911 from a calling number that is not a BTN or ELN. Does Broadvox support faxing? Broadvox supports T.38 for faxing, as well as faxing over G.711 µ-law. Does Broadvox support Microsoft OCS 2007? Yes, Broadvox supports Microsoft OCS 2007. Broadvox will continue to support Microsoft OCS 2007 when Release 2 becomes available in 2009. However, if customers do not wish to wait for Release 2, they may use OCS 2007 with Broadvox today. Does Broadvox support point-to-point connectivity from our network to the Broadvox data center? Yes, Broadvox can provide point-to-point connectivity options. A Broadvox sales associate can provide a quote. Does Broadvox support QoS? Short Answer: This question stems from a misunderstanding of QoS (Quality of Service) and is not really a valid question. See the long answer. Long Answer: QoS is typically deployed on a homogeneous network. A homogeneous network is a network under the control of one entity and designed and deployed using a single policy for packet classification and prioritization. Any time a packet crosses a network boundary, it might flow under a different policy Confidential and Proprietary 4

for classification and prioritization which no longer matches the policy of the network that it left. When such policy changes occur, the QoS tag on the packet might be altered from its original state. This is re-classification. Re-classification can occur at any network boundary and depends on the policies of both networks. Thus, any QoS tag placed on packets before they leave a network might never reach the Broadvox network. In addition, any QoS tag Broadvox places on the packet might never reach the destination network. QoS is only useful if there is a bottleneck between the source and destination endpoints and more than one type of traffic traverses that bottleneck. In a case like that, the QoS policy is meant to prioritize one type of traffic over another. Typically, a primary distinction exists between voice/video and data. There are other types, such as network control traffic, but for this discussion, only voice or data traffic is included. Thus, if there is a separate Internet connection for voice (no data is sent over that connection), deploying QoS on that connection will serve no purpose. It makes no sense to try to prioritize one voice connection over another, and more than likely, no routers or switches exist that are capable of doing so. The Broadvox network runs 99.99% voice traffic. Broadvox does not have the capability to prioritize one voice stream over another. While the Broadvox network marks packets accordingly and implements QoS policies, it makes little difference in the flow of packets across the network. Broadvox also keeps adequate available bandwidth on all links to ensure they never become congested. QoS is of benefit if both data and voice traffic use the same Internet connection. In this case, traffic should be classified accordingly and packets prioritized before they go out over the Internet connection. In addition, the ISP should be contacted to classify and prioritize packets before they send traffic back over the Internet connection. A customer s Internet connection is likely the largest (and possibly the only) bottleneck between the customer s PBX and the Broadvox Session Border Controller (SBC) they signal to. Therefore, it is the primary point where QoS should be enabled. Enabling QoS at that point will help reduce or eliminate packet loss of voice traffic, reduce jitter for voice traffic, and reduce latency for voice traffic. All of these affect call quality. In addition, customers should determine the total bits per second of traffic they have allocated to voice after enacting their QoS policy and ensure that it is large enough to accommodate the number of simultaneous calls they anticipate, given the bandwidth requirements of their particular codec. Remember, customers must also count any headers on the codec (RTP, IP, UDP, Ethernet/Frame Relay/MLPPP, etc). For G.711, they should plan for 88 Kbps per call. For G.729, they should plan for 38 Kbps per call. In addition, they should ensure that it is not possible to set up more calls than the allotted voice bandwidth can handle. Does Broadvox support registration? Yes, Broadvox supports registration on Version N SIP trunks. Confidential and Proprietary 5

Does Broadvox support SIP over TCP? Yes, Broadvox supports SIP over TCP (Transmission Control Protocol) on Version N trunks. Does Broadvox support SIP over TLS? No, Broadvox does not support SIP over TLS. The third generation of SIP Trunks (Version O) may support SIP over TLS. At this time, Broadvox does not have an estimated release date for the third generation of SIP Trunking. Does Broadvox support SRTP? No, Broadvox does not support SRTP. At this time it is cost prohibitive. Does Broadvox support VPN connectivity? No, Broadvox does not support VPN connectivity at this time. How are local calling areas determined? Local calling areas are determined by comparing the rate center of the calling party number (CGPN) to the rate center of the called party number (CDPN). Broadvox typically follows the rate center relationships defined by the ILEC servicing the customer s area. Thus, in almost all cases, if the ILEC in the customer s area has defined that two rate centers are local to each other, all calls that fit that relationship definition will be rated as local calls. If a customer needs to know whether specific calls will be treated as local, they may submit a request to the Broadvox Customer Service Department to have their particular calling patterns verified. How does local calling work? Local calling is based on both the called and calling party numbers. Here are the rules, in the order they are applied: 1. If the called party number is local to the calling party number and the calling party number is either a BTN or ELN, then the call is rated as local. 2. If the called party number is not local to the calling party number and the calling party number is either a BTN or ELN, then the call is rated as long distance. Confidential and Proprietary 6

I am using dual/triple/quad T1s for my Internet connection. What protocol should I use to bond them? Broadvox recommends Multilink PPP. MLPPP fragments the packets on the transmitting side and un-fragments the packets on the receiving side. This preserves packet ordering which is very important for VoIP call quality. If I forward a call to a number that is local to the calling party, will it be treated as a local call? No, because the calling party number is not a BTN or ELN. If a customer forwards a call to a number that is local to the BTN or an ELN and they send that BTN or ELN as the calling party number, then yes, the forwarded call is rated as local. Also see How does local calling work? If I purchase a GO!Local trunk for my centralized PBX in New York City and an Enhanced Local Number in Chicago at a branch location, can I send a call to Chicago from New York City and have it considered a local call or vice-versa? Possibly; it depends on how it is done. If a customer sends the Chicago ELN as the calling party number when calling Chicago or the New York BTN as the calling party number when calling New York, the answer is yes. Also see How does local calling work? Is faxing over VoIP reliable? Broadvox has experienced average fax success rates exceeding 95% for customers on both T.38 and G.711. Many customers have seen success rates over 99% for both protocols. Faxing over VoIP has come a long way in the past ten years, and most modern devices have no trouble performing fax over VoIP. However, there are still several devices on the market that have poor VoIP faxing implementations. If a customer is having difficulty faxing over VoIP, they may wish to try an alternate faxing platform. Broadvox device certification plans include testing fax over both T.38 and G.711 for both inbound and outbound directions. Is it possible for someone to spoof caller ID information? Someone who uses a VoIP connection, regardless of whether the phone number is from a PSTN, cellular, satellite or VoIP provider, can spoof phone numbers. Anyone who uses a VoIP connection has the capability of sending a caller ID (CID the calling party phone number that appears on the recipient s phone) that does not belong to them, as long as their service provider does not screen CIDs. In addition, if they send a CID on their outbound call to a recipient who receives calling name service (CNAM), that recipient will see the registered name as the calling name. The reason is simple: when the called party s local exchange carrier (LEC) receives the call, the called party s LEC will dip the CID and lookup Confidential and Proprietary 7

the CNAM information. Since the CID is a valid CID, that dip will return the registered CNAM information. This capability is also present from various TDM service providers, so it has been around and has been a possible threat for far longer than VoIP services have been around. VoIP has simply lowered the cost of entry for this particular type of malicious act. On June 27, 2007, the United States Senate Committee on Commerce, Science and Transportation approved the Truth in Caller ID Act of 2007 which outlaws this practice, both over traditional phone services and over VoIP. As of December 11, 2008, it was not signed into law. My PBX is behind a NAT, can I still use Broadvox services? Yes, unlike some providers who require that customers perform Network Address Translation (NAT) traversal (NAT-T) on their end, the Broadvox Version N SIP Trunks offer provider-side NAT-T. The customer s trunk must be deployed using registration. What codecs does Broadvox support? Broadvox supports G.711 µ-law and G.729 Annex A for voice; RFC 2833, inaudio DTMF, and SIP INFO for DTMF methods; and T.38 or in-audio tone-based signaling over G.711 µ-law for faxing. What PBX/router/switch/IAD/gateway/ISP does Broadvox recommend? Broadvox is not in the practice of recommending 3 rd party equipment or services, with the exception that we do recommend that customers choose their PBX, IAD, or gateway from one of the Broadvox-certified PBX, IAD or gateway vendors. What type of redundancy options do Broadvox SIP Trunks support? Broadvox Version S SIP Trunks provide: Two gateways in two separate cities to signal to/receive traffic from Ability to load balance traffic to multiple IP addresses on customer end Ability to provide a primary/secondary configuration for the customer end The customer must provide a public, static IP address to signal to. Broadvox Version N SIP Trunks provide: One virtual IP address that resides on a single cluster in the Dallas location to signal to/receive traffic from Ability to load balance traffic to multiple IP addresses on customer end o Concurrent call sessions (per trunk) must be split between IP addresses Ability to provide a primary/secondary configuration for the customer end Confidential and Proprietary 8

Ability to perform fallback call forwarding to a PSTN number in the event the customer trunk is not reachable o Fallback forwarding can be performed on a per-trunk basis o Fallback forwarding can also be performed on a per-did basis o Per-DID forwarding is first precedence o Per-trunk forwarding is second precedence o Per-DID and per-trunk can co-exist simultaneously SIP over TCP support (good for Microsoft OCS 2007) The customer may use a public, static IP address or perform REGISTRATION with a dynamic or NAT IP address. What type of security features do Broadvox SIP trunks offer? Short Answer: Broadvox supports VPN connectivity to Broadvox data centers or direct Point-to-Point connectivity. Medium Answer: VoIP is more difficult to intercept or spoof than a PSTN or cellular phone connection. To intercept or spoof a PSTN phone connection, the only requirements are a small amount of Telco knowledge and access to either the PSTN phone box on the building or one of the junction boxes in the neighborhood that the calls pass through. Gaining access to these boxes usually requires nothing more than a screwdriver, torx bit or bolt cutter. To intercept or spoof a cellular call only requires capturing the unique phone identification number of the cellular phone used for placing or receiving the calls. This allows cloning the phone and then calls can be intercepted and placed as if they were from the original phone. With VoIP, in depth technical knowledge is required as well as hacking into one or more networks that have been deployed with ample security precautions. This is considerably more difficult than either of the methods for PSTN or cellular interception. Long Answer: When talking about security features for a SIP Trunk, there are generally two topics of interest. 1. First there is authentication. Authentication makes sure that the calls are sent to Broadvox and that Broadvox sends calls to the customer. This prevents an outside party from sending calls to Broadvox pretending to be the customer and prevents Broadvox from sending calls to the outside party because they were tricked into thinking the calls were being sent to the customer. Circumventing authentication is referred to as a man-in-the-middle attack. On static SIP trunks, Broadvox authenticates based on IP address. Each call has an audio stream in both directions, and signaling must also pass in both directions in order to establish the call. The IP address is statically configured at Broadvox and should be statically configured on the customer side. If someone sends an INVITE to Broadvox from a spoofed IP address (the Confidential and Proprietary 9

customer s IP address), Broadvox sends responses back to the customer s IP address. The attacker would never be able to receive the responses unless they also had control of either the customer s ISP network or one of the Tier 1 Internet providers between the Broadvox network and the customer s ISP s network. If they had such control, the customer s entire Internet connection would be down. This issue can be prevented on a static trunk by utilizing either a VPN connection to Broadvox or a point-to-point connection to the Broadvox data center. In such a configuration, the customer s IP in the Broadvox SBC would be a private IP address on the customer s side of the VPN or point-to-point connection. Broadvox would utilize a static route pointing that IP address to the VPN or point-to-point connection. Such an attack would then only be possible if either the customer s network or the Broadvox network were directly compromised. For a dynamic trunk, Broadvox provides a username and password to use to authenticate customers. As long as the customer s username and password are not compromised, nobody can pretend to be the customer for either sending or receiving calls. If the customer s credentials are compromised and someone uses them to pretend to be the customer, it prevents the customer from making or receiving calls, and the customer will be on the phone with Broadvox in short order to get the issue resolved. The password is never passed in clear text over the connection. Instead, Digest authentication is used, which includes a challenge-handshake based on several MD5 hashes. (An MD5 hash is a 128-bit value used to uniquely identify a file.) 2. Secondly, there is interception of a call. Interception can only occur if the attacker has control of the Broadvox network, the customer s network, the customer s ISP s network or any of the Tier 1 providers between Broadvox and the customer s ISP. Obtaining the access required for such an interception is exceedingly difficult, but not unheard of. Once access has been obtained, the attacker must sift through probably millions of packets per second worth of traffic for a specific call, or they must have the knowledge and capability to redirect traffic from the customer s VoIP IP address(es) to a separate capture server. Assume the attacker is both experienced enough and determined enough and that they specifically want access to the customer s phone calls. In that case, they most likely have obtained the customer s VoIP IP address(es) through some other means and have the knowledge and resources to take the capture. If they have this experience, determination, desire to access the customer s specific phone calls, and the access and resources required to do it, they can most certainly record and replay any phone calls the customer makes. They would have access to the calling number, the called number and the actual conversation. This particular attack can be mitigated by utilizing a VPN or point-to-point connection from the customer s network to the Broadvox network. However, such an attacker would likely find some way into either the customer s network or the Broadvox network, despite implementation of the best security practices by either or both parties. It could be further mitigated by utilizing TLS for signaling information as it would prevent the attacker from obtaining the media ports involved in any particular Confidential and Proprietary 10

call; however Broadvox does not support SIP over TLS. It could also be mitigated much further by utilizing SRTP (secure real-time transport protocol) for the media streams; however Broadvox does not support this as it is too cost prohibitive to deploy at this time. (The extra complexity would reduce the maximum number of calls Broadvox can fit on any SBC by at least an order of magnitude, which would result in an order of magnitude increase in pricing to the customer.) In addition to these points, customers phone calls must pass through at least one other and potentially several other VoIP, PSTN, or cellular networks before the call reaches its intended recipient. Neither Broadvox nor customers have any control over the implementation or transport across those networks or the security measures they employ. The only secure VoIP product customers can purchase that allows them to make and receive normal phone calls is one that guarantees that every network in the call path does VoIP (right up to the end user) and utilizes both TLS and SRTP between every node. Calls across such a network would likely cost several orders of magnitude more than they do today. Nobody offers this kind of VoIP service. Aside from that, customers could do a direct business-to-customer VoIP call from their network to their customer s network using TLS and SRTP or a VPN. However, customers would need to create such connections to each and every one of their customers for this scheme to work. In general, customers are far less likely to be a victim of interception or spoofing by using a VoIP system than they are by using a PSTN or cellular phone system. They can lessen the risk by utilizing a VPN or point-to-point connection directly to the Broadvox network; however it does not provide total, end-to-end protection of their calls. All it does is eliminate their ISP and the Tier 1 providers between Broadvox and their ISP s network from the un-encrypted call path. When using Broadvox GO!Local, how do we pass a call in a way that indicates it is long distance as opposed to local? If a customer has a GO!Local trunk and no GO!Domestic trunk, they should just send all calls to Broadvox in the same way. Broadvox will rate local calls as local and long distance as long distance. See How does local calling work? for more details. If a customer has GO!Local and GO!Domestic, they should direct long distance calls to the GO!Domestic trunk and local calls to the GO!Local trunk. There are different methods to accomplish it. a. One popular method is to have users dial "1" in front of all long distance calls, and just the straight 10 digits on local calls. b. Another popular method is to match the NPANXX of dialed numbers to known local NPANXX codes and route to the appropriate trunk based on long distance status. This is typically referred to as "least cost routing." People who use this method typically refer to www.localcallingguide.com to determine the local calling areas. Confidential and Proprietary 11

Even if calls come in to Broadvox from the same IP address on the customer side, Broadvox can still separate the traffic between the trunks. When they have multiple trunks on one IP address on their side, Broadvox provides multiple IP addresses for them to signal to, one for each trunk. Thus, the traffic they send to Broadvox is separated into the different types of trunks based on which Broadvox IP address they sent the call to. If they send the long distance traffic to the trunk intended for local traffic or the local traffic to the trunk intended for the long distance traffic, it may result in substantial charges to their account as they will be paying long distance on all calls and a higher per-minute rate on long distance calls sent to the GO!Local trunk because it does not contain their bundle of minutes from the GO!Domestic trunk. Customers must make absolutely certain they send calls to the correct IP. Will calls ever traverse the public Internet? That depends on what is considered to be the "public Internet." In reality, there is no such thing as the "public Internet." The Internet is set of private networks that use public IP addresses to interconnect to each other. If customers have a public IP address, they can send traffic toward any other public IP address, and they can receive traffic from any other public IP address. This does not mean, however, that the general public has access to any of their traffic at any point while traversing the private networks that make up the Internet. Typically, when traffic is sent from one public IP address to another, the customer s traffic traverses the private network of their ISP, the private network of their ISP's ISP, and possibly several other private networks before it reaches their intended destination. The number of private networks that it traverses depends on whether they are connected to a Tier 1, Tier 2 or Tier 3 ISP. It also depends on whether the destination is connected to a Tier 1, Tier 2 or Tier 3 ISP. Broadvox connects directly to several Tier 1 ISPs in each city. If customers connect to a Tier 1 ISP, then their calls typically only traverse their network, their ISP's network, and Broadvox s ISP's network before arriving at the edge of the Broadvox network. If they happen to be using one of the same Tier 1 providers that Broadvox uses, then their call only traverses their network to get from their network to the Broadvox network. Even in the worst case of their ISP being a Tier 3 ISP, their traffic does not likely traverse more than four networks to get from their network to the Broadvox network. Once a call reaches the Broadvox network, Broadvox attempts to terminate it directly to the PSTN. If Broadvox does not have direct connectivity to the PSTN in the market of the destination party, they pass the call off to another carrier for termination to the PSTN. In many cases, this alternate carrier is a Regional Bell Operating Company (RBOC) that has direct control over the destination market. In some cases, the alternate carrier is another SIP carrier who passes the call off to another party. When Broadvox does not pass the call directly to the PSTN, they pass the call on to the next entity via SIP over the Internet. In some of those cases, the RBOC and the Broadvox Tier 1 ISP are the same entity, so the call travels from the Broadvox network to their network and then directly to the PSTN. Currently, it is cost prohibitive to purchase direct, point-to-point connectivity between the Broadvox network and the networks of all the carriers used to Confidential and Proprietary 12

terminate calls. To do so, Broadvox would be required to significantly increase rates, at which point VoIP would no longer be cost-competitive with the Plain Old Telephone System (POTS). Typically, customers who ask this question are either concerned about call interception. If that is the case, see "What type of security features do your trunks offer?", or they are concerned about Quality of Service (QoS). For QoS questions, see "Do you support QoS?" If the customer is asking for some other reason, they should feel free to contact Broadvox with their specific questions. Confidential and Proprietary 13