HP ProCurve and Avaya Aura Application Integration Guide VoIP Interoperability with Avaya Aura Communication Manager
Introduction... 3 Solution architecture... 3 Description... 3 Typical topologies... 3 Solution components... 6 Solution Test Results... 8 Test objectives... 8 Test configuration... 9 Test cases... 10 Test results... 10 Design considerations...11 References...11 Solution information...11 Product documentation...11 HP ProCurve technical training courses...11 Support...11 Appendix A detailed configuration script samples... 12 Configure switches... 12 Configure DHCP server... 13 Configure HTTP server to support and upgrade Avaya IP phone firmware... 13 Configure Microsoft IAS Radius Server for AAA security... 13 Configure WAN router... 14 Configure Avaya gateway and server... 14 2
Introduction HP ProCurve Networking and Avaya Unified Communications Solutions provide compelling value for companies seeking best-in-class Branch to Enterprise IP Telephony and Unified Communications solutions. Avaya and HP ProCurve deliver a number of unparalleled and flexible solutions for enterprises with small to large remote sites. Customers are looking for communication solutions that lower costs, accelerate business growth and mitigate risks. Improving employee productivity and customer service are important elements to achieve these business objectives. Avaya and ProCurve have certified a joint IP Telephony solution consisting of HP ProCurve switches and Avaya Aura Communication Manager, Media Gateways and IP Phones to serve as the key foundational elements of a powerful Unified Communications portfolio. This document describes a typical Enterprise VoIP use model using ProCurve and Avaya products. Results are documented from a series of tests designed to verify interoperability and system functionality such as enterprise grade voice quality, configuration and network authentication. Solution architecture Description HP ProCurve and Avaya bring together the best-in-class communication products from Avaya, the market leader in Unified Communications and the worldwide leader in Total PBX, which includes IP telephony, TDM and hybrid systems, with highly reliable and secure Adaptive Networking products from HP ProCurve. This solution provides for a feature rich and consistent communication experience across the entire enterprise organization allowing for improved worker productivity, simplified system management and reduced total cost of ownership. Local survivability is maintained in this sample topology configuration that continues to provide telephony service in the event of any WAN connectivity failures. These VoIP solutions leverage lower cost WAN connectivity compared to standard PSTN given the shared voice and data infrastructure. They also enable Unified Communication applications to seamlessly integrate voice, video and data traffic over a common converged IP network to unify all forms of voice, video, instant messaging and presence to transform businesses communications, reduce costs and improve productivity. Several industry standard protocols are leveraged to improve interoperability such as 802.1X authentication, LLDP-MED for IP phone auto-configuration and 802.1p/DSCP for QoS packet prioritization to ensure enterprise grade voice quality. Typical topologies The topology shown in figure 1 represents an Enterprise deployment with a consolidated Data Center serving multiple campuses and branch offices. The communication features and user data would be managed centrally with survivable gateway s each in critical site. The amount of survivability could be scaled from full functionality to basic call plan features depending on the need of the remote site. 3
Figure 1: Typical Large Multi-site Campus Topology Another typical topology is for mid-sized companies with just a few smaller separate sites. In this case it makes less sense to have a centrally managed calling plan but rather each site is managed independently as shown below. In this case VoIP could only be used intra-site and all voice inter-site traffic could utilize the PSTN or SIP Service Provider trunks. 4
Figure 2: Typical Mid-sized company configuration 5
Solution components ProCurve products The table below describes the various ProCurve switch series tested in these solutions, along with their primary application. Each of these switches are fully managed and support the key industry standard protocols including 802.1X, LLDP-MED, 802.1p, DSCP, sflow and other L2 & L3 features essential for delivering secure and reliable multimedia services on a converged network. Series Description Application 2610 Cost-effective10/100 PoE and non PoE light L3 Branch Edge fixed port switches 2910 10/100/1000 PoE/PoE+ and non-poe light L3 Branch Edge fixed port switches 3500 Advanced intelligent 10/100/1000 PoE Full L3 fixed port switches w/optional 10GbE Campus Edge 5400 Advanced intelligent modular chassis switch supporting 10/100/1000 PoE & 10GbE modules Branch Core, Campus Distribution, Data Center End of Row Aggregation 6200 Advanced intelligent 24 port mini-gbic switch Campus Distribution 6600 Advanced Data Center Top of Rack Data Center Top of Rack 10/100/1000 and 10GbE switches 7000 Edge Routers supporting ISDN, ADSL, T1, E1, J1 and 10/100 interfaces Branch & Campus WAN Router 8200 High Performance and High Availability modular chassis switch supporting 10/100/1000 PoE & 10GbE modules Campus Core, Enterprise HA Edge, Data Center Aggregation In addition to the switching products a number of other ProCurve products could be used to enhance the solution functionality such as the ProCurve Threat Management System and a wide range of wireless and management products. These offerings are not specifically discussed as part of this solution since they are not critical to the basic functionality, though could be added for additional capabilities. Avaya products Avaya products fall into the following general categories: Phones, Media Gateways & Servers and Application Software. Phones: Avaya offers a wide range of IP enabled hard and soft phones, all of which can be used in the above solution. Hard phones include 1600, 2400 and 9600. Media gateways & servers: Several choices for Media gateway are available which provide connection to the server running application software as well as various LAN, WAN, or PSTN connections. The call volume and supported interfaces would determine which gateways to deploy. Series include G250, G350, G430, G450, G650 & G860. Four server series are available to run the Avaya Aura Communication Manager Software including S8300, S8400, S8500 and S8700. The S8300 is a modular server which can fit into Media Gateways (G250, G350, G430 and G450) and is ideal for branch office survivable deployments. Application software: Avaya offers a wide range of Communication management applications on the Avaya Aura Communication Platform. The following applications are included in the Avaya Aura platform. 6
Avaya Aura Application Communication Manager Communication Manager Branch Session Manager SIP Enablement Services System Manager Communication Manager Messaging Description Premier communications application available for local or centralized call control. Communication Manager Standard Edition 5.2 provides full converged telephony features, QSIG/DCS networking to interface with existing systems and to centralize voice mail systems and standard survivability at remote locations. Communication Manager Enterprise 5.2: includes everything in Communication Manager Standard Edition plus multinational gateway support and high availability with 100% feature transparency at remote locations in survivable mode. Version of Communication Manager with features optimized for enterprise branch locations. This centrally managed, SIP-based communications platform easily scales to meet the needs of large enterprises with distributed sites. It is a low-tco, centrally managed, branch solution for hundreds or thousands of customer-facing branch offices and retail stores. Customers have evolutionary deployment options, from standalone to fully networked with shared applications at the core. Example deployments include retailers, financial services & banking (banks with branches, insurance companies), government branches, health care clinics, K-12 schools and others. Session Manager enables a distributed SIP-based system solution featuring multivendor integration, centralized dial plans and user profiles, easier centralized SIP trunking, much easier on-net call routing, and greatly enhanced SIP scalability and security. SIP Enablement Services delivers rich communications, collaboration, mobility, and application integration capabilities to the enterprise. This centrally managed application provides customers with a smooth migration path into SIP-based communications with support for SIP trunking, SIP stations, Presence and Instant Messaging, and SIP-based applications such as Avaya Modular Messaging, Avaya Meeting Exchange, and Avaya Voice Portal. With the introduction of Session Manager and the Avaya Aura architecture, System Manager is being added to provide a solution level approach to network administration that enables the incorporation of new components and applications under a common management umbrella over time. It provides a common management framework that optimizes centralized management functions for provisioning, operations and fault/performance monitoring to simplify and reduce management complexity and solution servicing. System Manager also supports central administration of dial plans and network routing policy. Communication Manager Messaging is a powerful application embedded with Avaya Aura Communication Manager. Communication Manager Messaging delivers voice and text messaging to help improve communications and simplify information exchange within enterprises. Communication Manager Messaging provides call answering and messaging capabilities on the Avaya Media Servers running Communication Manager software. It enables users to manage messages on their PCs, add a voice mail component to a text message, and listen to text messages via telephone 7
Avaya Aura Application Application Enablement Services Presence Services Integrated Management Description (continued) Application Enablement Services provides developer interfaces for accessing a broad set of call processing, media, and administrative features enabling both off-the-shelf and custom integration with hundreds of communications and business applications such as Microsoft Office Communicator and IBM Lotus Sametime, as well as a broad range of Call Center, Call Recording and Click-to- Dial applications Presence Services provides a scalable, high performance presence aggregation service that collects and disseminates rich presence between Avaya and other third-party endpoints. Using rich presence, users gain the ability to more effectively reach the people they need, leveraging the multiple channels of communications available to them. Avaya Integrated Management provides a comprehensive set of applications designed to simplify system administration, provisioning and network management, and fault and performance management operations. These applications help enterprises more effectively manage converged voice and data infrastructures, improve network uptime, increase staff productivity and reduce operating costs. Other products Other products required to enable this solution include Enterprise-quality Data Center servers such HP ProLiant Servers, to run the various network and business applications or Avaya one-x Unified Communications Solutions for telephony, conferencing, email, voice mail, instant messaging, video, and collaboration that can be used across a variety of interfaces be it PC or web-based clients, telephones and mobile devices, or speech. Management clients are also required for the various system configuration and management functions. Solution test results Test objectives The objective of the various certification tests was to demonstrate seamless interoperability between the specified set of ProCurve switching products and Avaya communication equipment. Testing included basic telephony features of the Avaya applications running across a ProCurve network, and not an exhaustive test of all possible use cases. The scope of the solution certification included the following: LLDP-MED for auto-configuration of Avaya IP phones Enterprise grade voice quality across a LAN and WAN interface with background traffic to simulate an oversubscribed network Multi-user 802.1X authentication and policy deployment for IP phones with PCs connected on the same port MAC authentication of end-point devices 8
Test configuration Equipment tested The HP ProCurve and Avaya components used, including both software and firmware, are as follows Equipment Software/Firmware Version Model Number HP ProCurve Switch 5406zl K14.15 J8697A HP ProCurve Switch 8212zl K14.15 J9091A HP ProCurve Switch 3500yl-48G K14.15 J8693A HP ProCurve Switch 2610 48-PWR R11.31 J9098A HP ProCurve Switch 6600-48G-4XG K14.23 J9452A HP ProCurve Switch 2610al-24-PoE W14.26 J9146A HP ProCurve Switch 7203 J08.01 J8753A Avaya G450 w/ S8300 Release 5.0 G450 Avaya 4621SW IP Phone A20d01b2_9_1.bin 4612SW Avaya 9620 IP Phone hb96xxua3_00.bin 9620 Avaya 9630 IP Phone hb96xxua3_00.bin 9630 Avaya 1616 IP Phone hal1616b1024vs.bin 1616 Avaya IP Softphones Release 6 SP 1 700431604 Configuration steps The following steps were necessary to configure the test configuration. Sample CLI scripts are included in the Appendix. Configure Switches Create VLANs and assign ports to appropriate VLAN Setup IP Helper Address to support forwarding IP address requests to off-net DHCP server Configure switch priority queues Assign 802.1p layer 2 QoS priority to the appropriate queues Assign layer 3 DSCP priority to the appropriate queues Configure network access control (NAC) authentication Mac authentication or 802.1X authentication Enable LLDP-MED auto configuration Enable routing features where required Configure DHCP server to support addressing on both VLANs Configure HTTP server to support and upgrade Avaya IP phone firmware Configure Microsoft IAS Radius Server for AAA security Configure WAN router Configure Avaya Gateway 9
Test topology Test cases The following Test Cases where run to verify security authentication, auto configuration via LLDP-MED, Voice Quality over a WAN link Verified Mac Authentication for phone and PC Verified 802.1X authentication for phone and PC Verified LLDP-MED auto configuration of phones. Verified phone placed in proper VLAN Verified Edge Switch correctly provisioned Power over Ethernet (PoE) to IP phones Verified Radius server attributes were correctly passed to edge switches and IP phones Verified proper QoS behavior in the switches Tested voice quality over a fully subscribed WAN link. Test results All configuration tests successfully passed their objectives For the Voice Quality Test, the following test results were achieved with background traffic to simulate an oversubscribed network. The test equipment used measured actual analog voice quality from phone endpoint to phone endpoint and truly validated the codec (encoding and decoding the analog voice to/from digital IP data) as well as the entire network path between the endpoint devices. 10
Voice pair MOS PESQ PSQM Delay (ms) Theoretical Best 5* 5 0 0 Theoretical Worst 0 0 10 n/a Actual Results 4.32 3.60.74 67.63 * maximum unpaired G.711 codec MOS is 4.4 MOS: Mean Opinion Score provides a numerical indication of the perceived quality of received media after compression and/or transmission. Values above 4.0 are considered toll-grade voice quality. PESQ: Perceptual Evaluation of Speech Quality is a family of standards comprising a test methodology for automated assessment of the speech quality as experienced by a user of a telephony system. It is standardized as ITU-T recommendation P.862 (02/01). PSQM: Perceptual Speech Quality Measurement is a computational and modeling algorithm defined in ITU Recommendation ITU-T P.861 that objectively evaluates and quantifies voice quality of voice-band (300-3400 Hz) speech codecs. Delay: Represents the total delay from initiating Phone to receiving Phone. Accounts for Gateway jitter buffer/ decoding and network delays. A maximum end to end delay of less than 150ms is recommended to achieve toll-grade voice quality. Design considerations The following best practices were followed, in order for voice and data traffic to behave optimally on a shared network: Separate voice and data traffic The use of a voice VLAN segregates voice from data traffic to protect IP phones from data broadcasts and provides an easy to deploy mechanism to prioritized voice traffic higher than the data traffic, throughout the network topology Enforced consistent QoS (Quality of Service) policies end-to-end All switches and routers within the environment must participate in the QoS infrastructure, to ensure voice is properly prioritized ahead of data traffic throughout the network topology WAN links configured for voice traffic Sufficient bandwidth for the required number of concurrent VoIP calls needs to be provisioned on the WAN links in order to establish and ensure an appropriate SLA (Service Level Agreement) with the service provider Open standards features were used to ensure seamless interoperability and provide future proofing of an adaptive network infrastructure AAA authentication ensured that both IP phone and connected PC are properly secured within in a enterprise environment LLDP-MED (Link Layer Discovery Protocol Media Endpoint Devices) This facilitated IP phone autoconfiguration, simplified device management and network topology discovery References Please refer to the following tools for additional information on the joint HP ProCurve and Avaya solution. Solution information Solution brief: http://procurve.com/docs/one/avaya_alliance_solution_brief_jan_09_ww_eng_ltr.pdf ProCurve ONE: www.procurve.com/one Product documentation HP ProCurve product documentation can be found at: http://www.hp.com/rnd/support/manuals Avaya s production documentation can be found at: http://www.avaya.com/usa/products Avaya DevConnect application notes: https://devconnect.avaya.com/public/search/d_cprofile. jsp?search=1&i=2918 11
HP ProCurve technical training courses Please refer to the following link for more information on the ProCurve technical certification programs: http://www.procurve.com/network-training/certifications/technical.htm Support For technical support on HP products, consult the support pages at http://www.procurve.com/customercare/ index.htm For technical support on Avaya products, please visit http://support.avaya.com Appendix A detailed configuration script samples Configure switches Data VLAN configuration for Edge Switch DataEdge(3500)(config)# vlan 50 DataEdge(3500)(vlan-50)# name Data DataEdge(3500)(vlan-50)# ip addr 10.50.8.75/21 DataEdge(3500)(vlan-50)# untag 2-47 DataEdge(3500)(vlan-50)# tag 48 IP helper configuration for Edge Switch DataEdge(3500)(vlan-50)# ip helper-address 10.54.12.1 Assign 802.1p layer 2 QoS priority DataEdge(3500)(vlan-54)# voice DataEdge(3500)(vlan-54)# qos priority 6 Assign layer 3 DSCP priority 6600(config)# qos dscp 101110 priority 6 Mac authentication DataEdge(3500)(config)#aaa port-access mac-based 4 DataEdge(3500)(config)#aaa port-access mac-based addr-format no-delimiter (aabbccddeeff) DataEdge(3500)(config)#aaa port-access mac-based 4 addr-limit 3 802.1x authentication DataEdge(3500)(config)#radius-server host 10.54.12.1 key secret DataEdge(3500)(config)#aaa port-access authenticator 2 DataEdge(3500)(config)#aaa port-access authenticator 2 auth-vid 50 DataEdge(3500)(config)#aaa port-access authenticator 2 client-limit 3 DataEdge(3500)(config)#aaa port-access authenticator active DataEdge(3500)(config)#aaa authentication port-access eap-radius DataEdge(3500) (config)#aaa accounting network start-stop radius Configure LLDP-MED DataEdge(3500) vlan-<vid>)# voice DataEdge(3500) (config)# lldp run (enabled by default) Enable routing features 8200core(config)# router ospf 8200core(ospf)# area 10.0.0.0 8200core(ospf)# redistribution connected 8200core(ospf)# redistribution static 8200core(ospf)# ip ospf 10.50.8.200 area 10.0.0.0 8200core(ospf)# ip routing 12
Configure DHCP server For the Avaya IP phones to support tagged VLANs and connect automatically to the call manager, modification was made to the DHCP server s scope and global options DHCP global scope options Option ID Name Format Value 176 OPTION4600 String MCIPADD=10.54.14.1.MCPORT=1719,HTTPSRVR=10.54.12.1, DNSSRVR=10.54.12.1,FILESERVER=10.54.12.1,L2Q=1, 242 9600OPTION String MCIPADD=10.54.14.1.MCPORT=1719,HTTPSRVR=10.54.12.1, DNSSRVR=10.54.12.1,FILESERVER=10.54.12.1,L2Q=1, DHCP Local Scope Properties for VLAN 50 (Data VLAN) Option ID Name Format Value 3 Router IP Address 10.50.8.200 6 DNS Server IP Address 10.54.12.1 15 DNS Domain Name ASCII String Avaya.com 44 WINS/NBNS Server IP Address 10.54.12.1 46 WINS/NBT Node Type byte 0x6 After the DHCP scope options were configured, the DHCP scope parameters were set: DHCP Scope ID: VLAN 50 IP Range: 10.50.8.100 to 10.50.18.150 Subnet Mask: 255.255.248.0 Exclusions: None Lease Time: Default Configure HTTP server to support and upgrade Avaya IP phone firmware Option ID Name Format Value Apache 2.0.55 IP Address 10.54.12.1 Configure Microsoft IAS Radius Server for AAA security Radius Server (External) Option ID Name Format Value IAS IP Address 10.54.12.1 ACM Server Option ID Name Format Value G450 IP Address 10.54.14.1 13
Configure WAN router Configuring the Ethernet Interfaces 7203main(config)# int eth 0/1 7203main(config-eth 0/1)# encapsulation 802.1q 7203main(config-eth 0/1)# no shutdown 7203main(config-eth 0/1)# int eth 0/1.50 7203main(config-eth 0/1.50)# vlan-id 50 7203main(config-eth 0/1.50)# ip addr 10.50.8.8 /21 7203main(config-eth 0/1.54)# ip helper-address 10.54.12.1 7203main(config-eth 0/1.50)# no shutdown 7203main(config-eth 0/1.50)# int eth 0/1.54 7203main(config-eth 0/1.54)# vlan-id 54 7203main(config-eth 0/1.54)# ip addr 10.54.8.8/21 7203main(config-eth 0/1.54)# ip helper-address 10.54.12.1 7203main(config-eth 0/1.54)# no shutdown Configuring the WAN interface In this example, the link between the main office router and the remote office router was a PPP connection. 7302main (config)# int t1 3/1 7302main(config-t1 1/1)# tdm-group 1 timeslots 1-24 speed 64 7302main(config-t1 1/1)# no shutdown 7302main(config-t1 1/1)# interface ppp 1 7302main(config-ppp 1)# ip address 10.10.2.251 255.255.248.0 7302main(config-ppp 1)# bind 1 t1 3/1 1 ppp 1 Configuring QOS and ACLs To provide priority to the voice traffic, the main office router had a QoS policy defined to affect only the voice traffic. First, an ACL (access control list) was used to identify the voice traffic between the two voice VLANs UDP for call traffic and TCP for control traffic. 7302main(config)# ip access-list extended Avaya 7302main(config-ext-nacl)# permit udp 10.54.8.0 0.0.7.255 10.84.8.0 0.0.7.255 7302main(config-ext-nacl)# permit tcp 10.54.8.0 0.0.7.255 10.84.8.0 0.0.7.255 Next, a QoS map was used to apply the QoS policy to the traffic identified by the ACL. 7302main(config-ext-nacl)# qos map AvayaQoSMap 1 7302main(config-qos-map)# match list Avaya 7302main(config-qos-map)# priority 256 7302main(config-qos-map)# set dscp 46 With the QoS map defined, it was applied to the frame interface. 7302main(config-qos-map)# interface ppp 1 7302main(config-fr 1)# qos-policy out AvayaQoSMap 7302main(config-fr 1)# no shutdown Configure Avaya gateway & server The G450/8300 was configured to handle voice traffic for VoIP phones on the network. Defining the setup and configuration for the G450/8300 is beyond the scope of this document. For further information see section 5.2 14
Technology for better business outcomes To learn more, visit: www.hp.com/go/procurve www.avaya.com Copyright 2009 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. 4AA2-7999ENW, September 2009