Introduction Non-Stop VoIP 4 Examples of VoIP/SIP Survivability in the Small-to-Medium Enterprise According to Gartner, voice/data convergence based on IP telephony and VoIP will be underway in 95% of major companies by 2010. This mass migration represents a profound change in the networking technology landscape for companies of all sizes and across most industries. And while implementation challenges will vary from company to company, a common denominator has emerged. The IP WAN infrastructure is now a business lifeline. Future success will be dependent on a reliable, fault tolerant and high performance WAN, whether for VoIP and instant messaging today, or video and unified communications tomorrow. This need not be a daunting prospect. Remember that the Internet Protocol (IP) was originally devised for the military for the purpose of building highly survivable, selfhealing networks based on heterogeneous network links. Even voice over the Internet was envisioned as far back as 1977: The major objective of ARPA s Network Secure Communications (NSC) project is to develop and demonstrate the feasibility of secure, high-quality, lowbandwidth, real-time, full-duplex (two-way) digital voice communications over packet-switched computer communications networks. RFC 741 [1] Packet-switched voice technology has matured considerably since then. VoIP is no longer just the purview of early adopters; its promise has been borne out by the millions of business and residential customers who have switched their voice services. But for VoIP to move further and faster into the mainstream small-to-medium enterprise (SME) market, several key questions need to be addressed: 1. How can VoIP vendors counter persistent concerns from SME s regarding VoIP s reliability, survivability and voice quality? 2. How can a typical SME make the IP infrastructure changes necessary to achieve VoIP reliability, performance and QoS and still achieve overall cost reductions for their voice services? This White Paper describes how the Aspen 365 family of network appliances can help SME s ensure that their IP networks and VoIP deployments will meet the demands of real-time communications. By using multiple, diverse broadband links, the Aspen 365- VOIP eliminates the WAN as a single point of failure and does away with back-up PSTN lines. This all-ip solution ensures that VoIP service is never compromised, by providing built-in fault tolerance and continuous access to enhanced IP telephony features. In addition, bandwidth can be right-sized to meet the actual traffic demands of voice and data, resulting in more efficient and economical networks. 1
The following case studies represent four typical SME VoIP deployment scenarios and illustrate how network appliances from Aspen Networks can be used to bolster reliability and performance: 1. Outsourcing VoIP to a hosted IP PBX provider 2. Deploying and managing an Asterisk/TrixBox IP PBX 3. Using a proprietary IP PBX solution in a multi-site environment requiring SIP survivability 4. Running encrypted VoIP over VPN in a multi-location business Case Study 1: Business Using Hosted IP PBX Service Many small businesses are finding that outsourcing their VoIP service to a hosted provider is an attractive option. The VoIP provider hosts a server that delivers all of the IP PBX functionality and provides management, customer support, maintenance and other services. The small business simply connects a number of IP phones to their premises LAN and pays the provider a monthly usage fee per phone. Nearly every business today that considers VoIP already has an existing Internet connection. Too frequently, a small company will implement VoIP using this single Internet link. Alternatively, some may add a second WAN link, often one provisioned by a VoIP provider, and dedicate the second link to VoIP traffic only. Both of these approaches are inherently flawed; they leave phone service vulnerable to a single point of failure. If there is a WAN outage or serious Internet degradation of service, their telephony service suffers. Some vendors recommend maintaining multiple PSTN lines as back-up for VoIP in case of WAN outages. But PSTN back-up is cumbersome, costly and defeats the purpose of the move to VoIP in the first place (i.e. increased functionality, offloading telephony management, and saving money). There is also the problem of concurrent usage. For example, if 10 IP phones may be active on a T1 Internet link at any given time, how many PSTN lines should be maintained for back-up? A more elegant solution employs the use of multiple Internet links to solve this problem. This approach is cheaper, simpler and, when implemented with the Aspen 365-VOIP, guarantees high availability for both voice and data services. The Aspen 365 manages the network traffic across the redundant links and servers and resolves any reliability or quality issues stemming from Internet instabilities. See Fig 1 below for an example. 2
Internet VoIP Service Provider (SIP) T1 ISP WISP or Cable Wire this to WAN port 2 for VoIP Aspen 365-VOIP Wire this to WAN port 1 for Data Voice VLAN Switch DATA VLAN In the event the T1 link fails, VoIP would be recovered to the Cable or Wireless ISP link, with a higher priority over the data traffic. T1 Example Backup using Alternate Last Mile for Maximum Survivability Fig 1 Business with Significant IP Phone Usage In this example, the design goal is for the T1 to function as the preferred Internet link for accessing the hosted IP PBX. However in the event of fail-over, sufficient bandwidth must be available on the backup link to handle voice calls at the busiest hour of the day. In this case, if a large number of IP phones (e.g. 100) are installed, a T1 for VoIP is probably justified. At the busiest hour of the day, perhaps as many as 30 phones are concurrently active. With G.729 encoding, the 30 phones will consume about 1 Mbps of bandwidth; hence a good backup requires either a high-speed cable ISP with at 1 Mbps of uplink speed, or a fixed wireless ISP with 1 Mbps of symmetric bandwidth. Last Mile Path Diversity For maximum survivability, diverse last mile links should be used. In the U.S., fixed wireless ISPs typically offer high speed Internet at lower rates than the cost of a T1. Since many of these offerings are based on low-latency point-to-point antennas, they are generally well-suited for VoIP traffic. If fixed wireless is not an option, another good choice for VoIP backup is a cable Internet provider. Business-quality cable MSO s offer speeds of 6 Mbps downlink and 1 Mbps uplink for below $200 a month in many localities. Last mile path diversity is depicted in Fig 1 above. Capacity Planning and Cost Benefits Redundant links can often be costly, so right sizing [4] is important. Are T1 links always needed for VoIP? Dual T1 links can cost $800 per month, totaling $10,000 a year. The next example shows a case of a smaller business with 50 phones installed and up to 15 phones active in the busiest hour. For many such businesses, 2 or 3 inexpensive broadband links (mix of DSL and cable) are more than adequate. Here in Fig 2 below, 3 such inexpensive broadband links are shown. 3
VOICE DSL ISP DSL ISP Cable Internet VOICE Aspen 365-VOIP VoIP Service Provider (SIP) DATA DSL 1 $70 per month DSL 2 $70 per month Cable $160 per month Voice VLAN Switch DATA VLAN Total cost $300 per month Savings over dual T1 approach = $500 per month Saving Costs with Cable and DSL Right-size the WAN based on the Busy Hour Call Volume Fig 2 Minimize Costs, Risk with Adequate Performance Typically, a DSL link for business (in the U.S.) has a guaranteed uplink bandwidth of 300 kbps. Therefore up to 8 voice calls using G.729 can be placed comfortably on each link. Hence 2 links will support up to 16 concurrent calls as long as this is less than the busy hour call volume [4] the capacity is adequate. The Aspen 365 is configured to place voice calls on the dual DSL links, and data traffic on the cable ISP, which has a provisioned uplink speed of at least 1 Mbps. Key Cost Benefit: This approach utilizing a mix of path diverse and low-cost broadband links - results in a cost savings of $500 per month over a dual T1 approach. Traffic Management Benefits Note also that voice is intelligently load balanced on the 2 DSL links shown above, while data is placed on the cable ISP to prevent the bursty data flows from introducing jitter into the voice stream. The dual DSL links can be terminated at 2 different ISPs for even more robust redundancy. If one of the DSL links fails, then the Aspen 365 will place VoIP traffic on the remaining DSL on an available bandwidth basis. Since the 365 can decipher the type of voice codec being used (G.729, GSM, G.711 etc), it will calculate the amount of bandwidth required by each voice stream. As call volume grows or during busy peaks, any overflow VoIP traffic will be placed on the cable link where the Aspen 365 will also ensures that VoIP traffic is given a higher priority over data traffic. 4
Secure VoIP Firewall The Aspen 365 also provides a SIP aware, stateful firewall for protecting the IP phones from Internet attacks, while co-existing with any existing data firewall. Aspen s VoIP firewall is optional. If a SIP aware firewall for the IP phones is already installed, the firewall portion of Aspen s SIP ALG can be disabled while retaining the benefits of its fail-over capability and voice traffic management controls. Link Degrades The Aspen 365 can also be configured to rapidly detect ISP link degrades (e.g. if the packet loss becomes high enough to adversely affect voice quality) and to automatically switch over to a backup link when such degradation is detected. Case Study 2: Business Hosting Own Asterisk IP PBX Remote Tele-workers Use web browser to connect with and retrieve Asterisk Voice Mail Inbound 1-800 ITSP 1 Inbound 1-877 ITSP 2 Internet T1 WISP Cable Aspen N2000 Firewall/VPN Gateway Remote Tele-workers IP Phones with built-in IPSEC VPN clients Asterisk IP PBX Dial plans using ITSP 1 and ITSP 2 LAN DNS Server Email Server Fig 3 Asterisk IP PBX Case Study Standalone HQ Some businesses and IT managers want to migrate to VoIP while retaining more control over their voice services in terms of reliability, quality and security. Thus, many decide to host their own IP PBX. Larger enterprises often deploy expensive, feature-rich, vendor-proprietary IP PBX solutions. But for many smaller and mid-size businesses, the open source Asterisk (or Trixbox) IP PBX is an attractive solution particularly given its low cost of ownership. The Asterisk movement is gaining in market acceptance with a 5
growing number of Internet Telephone Service Providers (ITSPs) interfacing with and formally supporting an Asterisk IP PBX on customer premises. The Aspen 365 supports Internet traffic management with both SIP as well as Asterisk s own IAX protocol. While greater functionality is attained with SIP, the basic traffic management functions (fail-over, quality of service across multiple links) are available for IAX as well. Fig 3 above depicts a number of powerful features an end user can control voice mail, inbound 1-800 and 1-877 toll free dial numbers from different providers, and unified messaging (i.e. integration of voice mail with email). Several points are worth noting: 1. Remote home-office or small office workers can use IP phones with built in IPSEC clients to connect to the Asterisk IP PBX at the company HQ. The Aspen N2000 will correctly handle any ISP failure for inbound and outbound phone calls. 2. Employees may remotely connect to Asterisk s web server interface using their web browsers to retrieve voicemail or to an email portal where both voicemail and email can be retrieved. Again, the Aspen N2000 HQ class appliance handles any failures of ISP links transparently. 3. Note that this is an all IP implementation of VoIP. External ITSPs are used to terminate and convert PSTN calls; the end user does not have to operate and manage PSTN trunks. 4. It is also possible to use multiple ITSP trunks in order to optimize costs and for supplier diversity. Sales and support lines (toll free) for example could be published as 1-800-XXX-YYYY (attached to ITSP 1) and 1-877-XXX-YYYY (attached to ITSP 2). Fig 3 also depicts 3 completely path-diverse last mile technologies T1, Fixed Wireless and Cable. Policies for intelligent voice and data traffic placement on each of these 3 ISP links can be configured on the Aspen N2000. Superior Disaster Proofing with Asterisk A second example where superior fault tolerance and disaster proofing is obtained is shown in Fig 4. Here, no outside ITSP is used to terminate trunks. Instead, the enterprise terminates dual sets of PSTN trunks in two different data center facilities which are located at sufficient distance from each other (the distance should be far enough so that disasters in one location are known not to affect the other, for example between San Francisco and Boston). 6
Data Center 1 Data Center 2 Seattle Asterisk IP PBX Aspen N2000 T1 Aspen 365 Branch 1 Inbound 1-800 for Sales Internet WISP Backup Inbound 1-800 for Sales Cable DSL Aspen 365 Branch 2 Asterisk IP PBX Aspen N2000 New York Branch Office 1 Branch Office 2 Fig 4 Superior Disaster Proofing with Aspen 365 Branch Today s data centers are equipped with standby power generators and state-of-the-art telecommunications facilities that are less prone to failure. A business can choose to colocate their Asterisk IP PBX with PSTN trunk termination in these facilities. Each branch office location can then have an all IP connection to the Internet using path diverse last mile links as depicted. There are numerous benefits to this approach: 1. The IP PBX is not a single point of failure. Indeed, if one were to fail, the Aspen 365 Branch can be configured to seamlessly fail over the IP phones to the second IP PBX for outbound dialing. 2. For Direct Inward Dialing (DID) dual PSTN trunks are terminated at the 2 different data centers, 1-800 numbers and backup 1-800 numbers can be used, so that again there is no single point of failure. If a single data center was down (due to a major disaster) the alternate 1-800 DID can be used. 3. Broadcast groups can be configured for simultaneous phone ringing in multiple branch office locations; the first person to pick up the phone handles the call. For certain business functions (such as an initial sales enquiry) this improves responsiveness and avoids lost revenues. Sales staff could be geographically dispersed but belong to the same broadcast group. 4. There is no need for PSTN trunks at the branch offices. This saves costs, of course, reduces complexity and most importantly relies on all IP resiliency and fail-over leveraging the features of the Aspen N2000 and Aspen 365- BRANCH. 7
5. The voice network at each branch is managed just like a normal data LAN. Also worth pointing out: the Aspen 365 s SIP trace and protocol analyzer features facilitate remote manageability; the Aspen 365 can always be accessed from any remote location as long as at least one ISP link is up. 6. Back up calling to individual user s cell phones can be programmed on the IP PBX in the event that both ISP links fail at a branch office, or if the branch office were to suffer some kind of disaster (total power failure in building, natural disaster). 7. Home workers and telecommuters can use soft phone clients installed on their laptops, or IP phones with built in IPsec clients, to access the Asterisk IP PBX. If multiple ISP links are needed at the data center, an Aspen N2000 appliance can be co-located with the IP PBX at the data center (as depicted in Fig 3 earlier). 8. Link degradations at any branch can be handled automatically by the Aspen 365; it will switch the call to a superior link seamlessly, and without dropping the call. Many users are flocking to Asterisk and Trixbox because it gives them tremendous control over their IP Telephony. The Aspen N2000 and Aspen 365-BRANCH solutions further cement that control in the areas that matter the most quality, reliability and survivability. A Note about Asterisk Capable ITSPs Prospective users need to be aware that, though many ITSPs claim to support Asterisk, it is a rapidly evolving technical scene. The technical specifications for interfacing one s own Asterisk IP PBX to an external ITSP can vary from ITSP to ITSP. Some will support IAX, most will support SIP, and some will support both. Some will require SIP registrations to be based on a single static IP address, some will allow dynamic IP addresses, and some may allow multiple static IP addresses. For inbound calls, some may interface to a customer s Asterisk simply by doing a DNS lookup on the customers Fully Qualified Domain Name (example sipbox.customername.com). Case Study 3: SIP Survivability and MPLS Backup in a Proprietary IP PBX Environment Here we consider an application of the Aspen 365 SIP ALG in medium-to-large enterprises, where proprietary IP PBX equipment is installed. Specifically, this case considers a number of geographically disparate offices with IP phones installed. Dual remote data centers are used to house replicated IP PBX servers, each one backing up the other. The IP PBX servers only need to support SIP. In addition, Internet-based backup, MPLS, or Frame Relay is provided. Typically a company designs this solution using MPLS primary circuits to connect all the locations, with groomed quality-of-service for VoIP on the carrier s MPLS backbone. In this environment, the Aspen 365-BRANCH can be deployed for (a) Internet backup of links and (b) IP PBX survivability as depicted in Fig 5 below. 8
Data Center 1 Primary IP PBX VPN T1 Data Center 2 Backup IP PBX VPN T1 MPLS Internet Aspen 365 IP Phones DSL VPN MPLS SIP ALG for IP Phones DHCP/BOOTP Server Link and IP PBX Quality Monitoring Auto-recovery if Link degrades or IP PBX fails IP PBX recovery is transparent to IP Phones DSL Aspen 365 VPN IP Phones Fig 5 SIP Survivability and MPLS Backup The Aspen 365-BRANCH provides several key benefits in this configuration: 1. IP PBX servers can fail or be brought down for maintenance without IP phones having to re-boot; the Aspen SIP ALG maintains dual registrations for each phone and allows a seamless fail over of the IP phones from one PBX to another, even though both PBX servers are in distinct remote locations. 2. It enables inexpensive and right-sized backup of the MPLS T1 circuits using vanilla Internet feeds. Link quality degrades are also auto-detected and corrected. 3. It allows deployment of IP phones and PBX servers, using simple and inexpensive configurations, while maintaining advanced survivability features. 4. A stateful SIP aware firewall is also provided, which provides DHCP and network admission control for the LAN based IP phones. In addition, the SIP Application Layer Gateway (ALG) allows seamless fail over and voice traffic management across multiple links and servers. 5. The Aspen 365 also becomes a management point for remote diagnosis of problems at each branch office. It contains a built-in SIP protocol analyzer and call trace utility. It can be accessed over the MPLS network or alternatively via the backup Internet VPN if there are network problems. 9
Case Study 4: Optimizing 4-Digit Dialing - Encrypted VoIP over VPN for Multiple Branch Offices For multi-location businesses, IP telephony often includes running VoIP over existing VPN s. Branch offices that are interconnected over the Internet via IPsec VPN routers can transport 4-digit extension interoffice calls over these IPsec VPN tunnels. The VPN router at each branch typically acts as both security firewall and router. The conventional wisdom is that (1) redundant IPsec tunnels and/or (2) use of advanced routing protocols (such as OSPF, RIP) are sufficient to correctly recover from the various instabilities that are found on the Internet. Nothing could be further from the truth. Internet paths are subject to numerous instabilities, most caused by intermediate router incidents that create transient problems such as routing loops while routing tables converge. A study by MERIT/University of Michigan [2] documented over 45,000 routing incidents over a 16-month study period, an average of 4 incidents every hour! Transient problems can cause packet loss, latency and jitter that may be acceptable for data traffic but are fatal for voice quality. Unfortunately the routing algorithms in VPN routers do not detect and respond to these conditions and in a timely enough fashion the call either breaks or quality deteriorates. Another complicating factor is the unpredictable nature of data traffic on the VPN. The customer s own data flows across the VPN tunnels can also be subject to unpredictable bursts that adversely affect voice on the last mile links. In summary, routers and routing protocols are not sensitive enough to voice path degradation or unpredictable data flows. To preserve voice quality, a different solution is required. Aspen N2000 and 365 Branch Solution Application switching as defined and implemented by Aspen Networks has 2 components (a) awareness of the conditions on each ISP path by taking real-time, detailed measurements and (b) awareness of the nature of the application, in this case 4-digit dialed voice traffic encrypted in IPsec. Real time measurements of all ISP paths are continuously sampled packet loss, delay, jitter, hop-count, bi-directional linkloading and available bit rate. ISP path selection is determined based on these real time measurements. Recovery in Milliseconds - Voice Calls Never Break Aspen s real-time path measurements are configurable at millisecond units of granularity. So existing voice over IP calls managed by an Aspen switch do not break when there are transient routing failures or path degrades on the Internet, unlike VoIP calls routed using protocols such as RIP, OSPF and BGP. Typical Aspen recovery times are in the range of 200 to 500 milliseconds, depending on configuration. In the presence of transient failures and micro-burst outages on the BGP-protocol dominated Internet, the Aspen switch corrects so quickly that users never experience a VoIP call break. 10
Voice and Data Flow Separation When voice activity is not present, the Aspen switch can load balance data traffic over each of the possible VPN tunnel paths configured. This is the normal operation as voice calls do not happen all the time. However, when voice is detected, the Aspen switch ensures that voice flows take the best path, while data flows are shunted to a different path to avoid colliding (and thereby causing jitter) with the voice flows. When the voice flows cease, the data flows are re-optimized and allowed to take any path again, until such time when new voice flows detected. This is depicted in Fig 5 below: IP PBX HQ LAN Aspen N2000 San Francisco HQ ISP 3 ISP 1 ISP 2 ISP 2 ISP 1 Los Angeles (IP Phones only) Aspen 365 Branch PROBLEM!!! IPSEC VPN tunnels 1 through 4 1. Voice initially on Green tunnel 2. Data initially on Black tunnel 3. Aspen detects transient Internet degrade in milliseconds 4. Voice moved to Blue tunnel in milliseconds no call disruption Branch LAN Fig 6 Auto Correct Internet Instabilities (4 Digit Dialing) Converged Network Quality of Service (QOS) The above VPN site-to-site voice/data convergence is accomplished as follows. In the Aspen appliance, the user first configures the values used for the DiffServ Code Point (DSCP value) in the IP header of streaming voice packets emanating from the manufacturer s IP phones, PBX servers, etc. Different manufacturers, such as Avaya and Cisco, may use different DSCP values, so it is important to check documentation. In addition, the links to be designated by the Aspen appliance as preferred links for voice traffic must be configured. With those steps configured, each ISP link becomes a parallel queue for outbound traffic. When voice traffic exists, the voice and data go on different outbound links. In the normal case, when voice traffic is absent, the data flows get to load balance across ALL links. Such an arrangement maximizes the performance of all available links. 11
Another important point to note: the Aspen software provides user-controlled knobs for other Internet traffic (web surfing, email, file transfers to and from the general Internet, inbound traffic to a hosted web server) to be steered towards specific Internet links as a matter of policy. These should be used in conjunction with the site-to-site VPN knobs. Conclusion VoIP has arrived and is here to stay. Your organization s migration to VoIP is an ideal time to reassess your IP/WAN infrastructure. Traditional telephony has set the bar high in terms of user expectations of availability and quality, and VoIP is unforgiving of WAN outages or instabilities. This paper has presented 4 different scenarios ranging from fully-outsourced VoIP to technically sophisticated, multi-location, multi-ip PBX deployments. In all 4 examples, the business becomes dependent on Internet links for both voice quality and reliability. Aspen s converged network appliances solve the common problem the ability to insulate VoIP services from the outages, degrades and other instabilities that occur every day on the Internet. References [1] RFC 741 Specifications for the Network Voice Protocol by Danny Cohen, ISI, 22 Nov 1977 [2] Delayed Internet Routing Convergence, Craig Labovitz et al www.nanog.org/mtg- 9910/ppt/labovit1/powerpoint.ppt [3] The Coming Era of Absolute Availability, Shing Yin and Ken Twist, RHK Advisory Services May 2003 download at http://www.chiaro.com/proof_points/index.jsp [4] VoIP bandwidth -- Right size your WAN for Voice Traffic Robbie Harrell http://searchvoip.techtarget.com Date April 2007 Contact Daniel W. Berger President and CEO (408) 246-4059 x108 dan@aspen-networks.com 12