Switchvox Technical Application Notes
Table of Contents About Broadvox... 1 About Switchvox... 1 Purpose, Scope and Audience... 2 Switchvox Deployment Information... 3 Switchvox External IP Address... 3 Sending Calls to Broadvox... 4 SRV Records... 6 Testing SRV Records... 6 Preferred and Alternate Codecs... 8 Is Switchvox NATd... 8 Is Switchvox Behind a Firewall... 8 Configuring Switchvox... 9 List of Figures... 21 Confidential and Proprietary ii
About Broadvox Founded in 2001, Broadvox is a worldwide leader in providing integrated managed VoIP services to SMB, enterprise, and carrier customers. It has deployed one of the largest full-featured global VoIP networks and is trusted by more than 200 telecommunications carriers, ASPs, ISPs and over 3,000 businesses to transport over 10 billion minutes annually. The Broadvox Network Operations Center, operating 24x7, provides the reliability, security, and quality of service required by the world s most discriminating customers. The Broadvox SIP Trunking product line includes GO!Anywhere, GO!Local and GO!Domestic. Connectivity is offered with GO!Broadband, ranging from DSL to T1s and DS3s as well as bonded T1s. For more information, visit www.broadvox.com. About Switchvox Switchvox is more than an IP PBX, it's Digium's proven family of Business Phone Systems for small and medium businesses. Switchvox systems are designed to be easy to use, and easy to manage while bringing affordable Unified Communications solutions to SMBs. Digium, Inc., the Asterisk Company, created, owns and is the innovative force behind Asterisk, the most widely used open source telephony software. Since its founding in 1999, Digium has become the open source alternative to proprietary communication providers, with offerings that cost as much as 80 percent less. Digium offers Asterisk software free to the open source community and offers Switchvox IP PBX Software to power a broad family of products for small, medium and large businesses. The company's product line includes a wide range of hardware to enable resellers and customers to implement turnkey solutions or to design their own voice over IP (VoIP) systems. More information is available at www.digium.com. The Digium logo, Digium, Asterisk, Asterisk Business Edition, AsteriskNOW, Asterisk Appliance, Switchvox and the Asterisk logo are trademarks of Digium, Inc. All other trademarks are property of their respective owners. Confidential and Proprietary 1
Purpose, Scope and Audience This technical application note describes the configuration of Switchvox for the Broadvox GO! SIP Trunking service. This document is suitable for use by anyone deploying the Broadvox GO! SIP Trunking service in conjunction with Switchvox. This document has a technical audience in mind specifically IT professionals skilled in Linux with some experience in PBX administration and familiarity with VoIP technologies. This document is not for business administrators or people in other non-technical careers. In order to successfully use this document to deploy Broadvox GO! SIP Trunking service, you will need to possess the following skills, or have access to professionals or consultants with the following skills: Understanding of UNIX or Linux operating systems, including: Understanding of file and directory structure on target OS Understanding of firewall configuration on target OS Understanding of network configuration on target OS Understanding of service configuration on target OS Familiarity with network troubleshooting tools, including: Wireshark/Ethereal dig/nslookup ping traceroute Familiarity with PBX systems, including: Trunk configuration Calling plan configuration Extension configuration Mailbox configuration Familiarity with Session Initiation Protocol (SIP) An understanding of all seven layers of the Open System Interconnection (OSI) model A complete understanding of your internal network structure, Network Address Translation (NAT) setup, and firewall setup A complete understanding of your public Internet connectivity Broadvox can only provide support for Switchvox to the extent covered in this Technical Application Note and the included reference configuration, so if your level of technical expertise does not include the above skills, it is recommended that you obtain the services of a Switchvox professional. Confidential and Proprietary 2
Switchvox Deployment Information Before you begin deploying Switchvox, please locate the following information. If you have questions about any item, refer to the descriptions and additional details provided on the pages that follow. Switchvox External IP Address or DNS: Preferred Codec: µlaw Alternate Codec: µlaw Is Switchvox NATd: Yes Is Switchvox Behind a Firewall: Yes Is There a Local Firewall: Yes g711 g711 none No No No Switchvox External IP Address Your Switchvox server will either use a public IP address or a private IP address. If the IP address on your Switchvox server is of the form 192.168.x.x, 172.16.x.x 172.31.x.x, or 10.x.x.x, then your Switchvox server uses an internal, private IP address. This internal address is not routable on the public Internet. In order for your Switchvox server to connect to the Broadvox Session Border Controller, you must either have a public IP address on your Switchvox server or you must translate your private IP address into a public IP address using a Network Address Translator (NAT). If your Switchvox server is behind a NAT, your public IP address will typically be the public IP address of your NAT. You may also have a static, one-to-one mapping of a public IP address to your private IP address. In this case, your public IP address will not match the IP address of your NAT, but you can look up the correct public IP address in your NAT configuration. If in doubt, you can perform a network packet capture using Wireshark (previously called Ethereal) on the public side of your NAT while simultaneously issuing some form of Internet request on your Switchvox server. Confidential and Proprietary 3
Sending Calls to Broadvox In your Welcome letter, Broadvox provides DNS records to which you may send calls, and from which you should be prepared to receive calls. Switchvox supports DNS A records, DNS SRV records, and IP addresses. Please note, however, that Switchvox only resolves the DNS records during startup and will only utilize the first IP address in any multiple-ip record. At the top of your technical welcome letter, you will see a table like this one which shows your account number, turn-up ticket number, and trunk number. This information should be provided to Broadvox when you call for assistance to expedite support. Figure 1: Welcome Letter Account Information The fourth page of the welcome letter contains a table of the IP addresses and ports you need to allow through your firewall. Note that the table included here is just an example and may not match the table in the letter. Figure 2: Firewall Configuration Information The fourth page also contains the IP address and DNS information you should use for configuring your trunk. We recommend you utilize the DNS A record entries for Switchvox unless you have specific reasons not to. Confidential and Proprietary 4
Figure 3: Trunk Destination Information Also on the fourth page, you will find a section containing information about how your trunk is configured on the Broadvox side. You should carefully review this information to ensure it is configured properly. Figure 4: Configuration of Broadvox Side The 'Admin E-mail ' is the E-mail address that will receive alerts from the Broadvox SIP Trunking platform when various recognizable events occur. These events include things such as calls being blocked because they would cause you to exceed the simultaneous call sessions you purchased. Finally, on the last page, you will find two sections that specify how Broadvox is configured to send calls to your Switchvox box and how Broadvox is configured to receive calls from your Switchvox box. These two sections are only utilized if you provided static IP address information or DNS information. Broadvox can send calls to entirely separate systems from the ones it is configured to receive calls from. This allows you to split your inbound and outbound traffic for any reason you may have, including but not limited to load distribution over several systems or multiple Internet connections. In addition, Broadvox can randomly load-balance calls across several systems using an identical priority for the Send-To records. These options should allow you to engineer your traffic flow to suite your particular needs. Confidential and Proprietary 5
Figure 5: Signaling Configuration SRV Records Service records (SRV) are a form of Domain Name System (DNS) record. They contain information about where to send requests for a particular service offered at a specific domain. In the case of Broadvox GO! SIP Trunking, they provide the IP addresses, port numbers, and preferences to use for sending SIP calls over UDP, TCP, and TLS to Broadvox. The SRV location to use for sending calls to Broadvox for each of your trunk groups is in your Welcome letter. Testing SRV Records Most Broadvox GO! SIP Trunking customers like to ensure the DNS entries are functioning or they like to look up the actual IP addresses, however, performing a standard DNS query on the SRV records will fail. In a Windows environment, you can perform the query using the nslookup command at a command prompt, as shown in Figure 6. Confidential and Proprietary 6
Figure 6: SRV Lookup in Windows XP As you can see, a SRV consists of a service type definition (_sip), a transport definition (_udp), and the domain (nyc01-01.fs.broadvox.net). Asterisk will automatically add the service and transport definitions as a prefix to the domain before performing the query. The query returns a priority, weight, port and hostname for each entry. The query also returns the A record entries for each hostname, which provides the IP address for each host. In a UNIX or Linux environment, you can perform a query on our SRVs using the dig command: $ dig srv _sip._udp.nyc01-01.fs.broadvox.net ; <<>> DiG 9.3.4-P1 <<>> srv _sip._udp.nyc01-01.fs.broadvox.net ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26443 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;_sip._udp.nyc01-01.fs.broadvox.net. IN SRV ;; ANSWER SECTION: _sip._udp.nyc01-01.fs.broadvox.net. 600 IN SRV 10 0 5060 nyc01-01.fs.broadvox.net. ;; AUTHORITY SECTION: fs.broadvox.net. 600 IN NS ns03.broadvox.net. fs.broadvox.net. 600 IN NS ns04.broadvox.net. ;; ADDITIONAL SECTION: nyc01-01.fs.broadvox.net. 600 IN A 208.93.226.212 ;; Query time: 95 msec ;; SERVER: 10.128.6.4#53(10.128.6.4) ;; WHEN: Thu Jul 30 13:59:26 2009 ;; MSG SIZE rcvd: 150 Confidential and Proprietary 7
Preferred and Alternate Codecs Broadvox allows you to select preferred and alternate codecs to simultaneously meet your bandwidth requirements and provide greater end-to-end support. In the event that your destination party or your destination party s carrier cannot support your preferred codec or alternate codecs, Broadvox will automatically transcode your call to a supported codec. When configuring codecs, please keep in mind that G.711 μlaw (ulaw) consumes approximately 87.2 Kbps of bandwidth per simultaneous call over Ethernet. G.729 Annex A (g729) will consume approximately 31.2 Kbps of bandwidth per simultaneous call over Ethernet. Also, keep in mind that G.711 offers superior call quality when compared to G.729, but only if you have enough bandwidth to support all of your simultaneous calls. Is Switchvox NATd If your Switchvox server uses an Internet-facing IP address of the form 192.168.x.x, 172.16.x.x 172.31.x.x, or 10.x.x.x, then it is almost certainly behind a Network Address Translation (NAT) device. If your server uses an address of that form and is not behind a NAT, then it has no connectivity to the Internet. Even if your server uses an IP address that does not match the forms above, it is still possible (though very unlikely) that it is behind a NAT. If Switchvox is behind a NAT, you may need to perform port forwarding, set up a DMZ host or configure a one-to-one static IP map. Is Switchvox Behind a Firewall If Switchvox is behind a NAT, then it is almost certainly behind a firewall. It is also possible that Switchvox uses a public IP address but is still behind a firewall. If you use a Cisco PIX, SonicWALL, Shorewall, Firebox, or any other brand of firewall, you may need to perform additional configuration steps on the firewall device to allow Switchvox to function properly. Additionally, you may be using an Application Gateway such as an Ingate SIParator. These devices will also need additional configuration to allow Switchvox to function properly. Configuring your firewall or application gateway is beyond the scope of this document. In general, you will need to allow UDP port 5060 in both directions, as well as UDP ports 1024 to 65535 for RTP. However, you may need a larger range of ports for RTP. Confidential and Proprietary 8
Configuring Switchvox Broadvox GO! SIP Trunking with the Fusion platform is based around the idea of having redundancy by providing multiple locations (hosts) to send/receive calls. There are currently three major cities which are in use. The following entails configuring both outbound and inbound routes for calls to and from Broadvox to utilize all three of these hosts to create redundancy. Inbound routes control how DIDs provided by Broadvox are routed to your IVR and/or phones. Outbound routes determine how calls from your phones are routed out toward Broadvox. To begin configuring Switchvox, first log in as the administrator which takes you to the home screen of the Switchvox tool suite seen below in Figure 7. Figure 7: Switchvox Tool Suite Home Screen Once you have logged into the Switchvox, select the System Setup from the list of options. This is where most of the PBX configuration is going to be done. The System Setup screen can be seen below (Figure 8). Confidential and Proprietary 9
Figure 8: Switchvox System Setup Screen First, go to the VOIP Providers page, seen below. On this page you will be setting up the actual trunks that communicate with Broadvox. On the VOIP Providers screen, you will be setting up 3 separate SIP providers, corresponding with each of the three Broadvox sites: Dallas, Los Angeles and New York City. Figure 9: Switchvox VOIP Providers Screen Confidential and Proprietary 10
Begin by selecting SIP Provider from the drop down menu under Manage VOIP Providers and click Go. Fill in the information as listed below. NOTE: Actual IP/Hostname information may vary, so please consult your technical letter for the most accurate information. Dallas Peer: Figure 10: VoIP Provider Information Screen SIP Provider Name: Broadvox DFW Your Account ID: BTN Password: Provided in technical letter Hostname/IP Address: dfw01-01.fs.broadvox.net Callback extension: customer choice (800 is default IVR) Default Fax Extension: DTMF Mode: RFC2833 Confidential and Proprietary 11
Click on the Click to show advanced options button which will allow you to make some additional configuration selections. No information needs to be changed under sections 1 or 2. All of these settings can be left as defaulted; however, if changing the caller ID is necessary, this would be done under section 2: Caller ID Settings. As seen below, there are a few changes required in section 3. Figure 11: Switchvox Connections Settings Screen SIP Port: 5060 SIP Expiry: 120 Proxy Host: dfw01-01.fs.broadvox.net Authentication User: BTN Always Trust this Provider: Yes Qualify Hosts: No Include user=phone in SIP: No Use Local Address in From Header: Yes SIP Provider Host List: nyc01-01.fs.broadvox.net lax01-01.fs.broadvox.net dfw01-01.fs.broadvox.net NOTE: Adding all of the servers to the SIP Provider Host List will ensure that each trunk will allow calls to DIDs from each of the Broadvox hosts. Confidential and Proprietary 12
Currently, Broadvox only supports the ULAW audio codec from the selections in section 4; Call Settings. It is recommended that you unselect ALAW from the default list. Also, at this time Broadvox does not support video. All other Defaults will remain the same. Figure 12: Switchvox Call Settings Screen At the bottom of the page, save the settings by clicking on the Add SIP Provider button. This will take you back to the VOIP Providers screen, where you will need to repeat these steps twice more for the other two cities, LAX and NYC. Use the following settings to add a new provider for each city. Los Angeles Peer: SIP Provider Name: Broadvox LAX Your Account ID: BTN Password: Provided in technical letter Hostname/IP Address: lax01-01.fs.broadvox.net Callback extension: customer choice (800 is default IVR) Default Fax Extension: DTMF Mode: RFC2833 Confidential and Proprietary 13
New York City Peer: SIP Provider Name: Broadvox NYC Your Account ID: BTN Password: Provided in technical letter Hostname/IP Address: nyc01-01.fs.broadvox.net Callback extension: customer choice (800 is default IVR) Default Fax Extension: DTMF Mode: RFC2833 Under Advanced Options all of the settings will be identical to the settings for Dallas. Please follow the settings/screenshots from above. Now that the trunks have been built, and should now be registered with Broadvox, you will now be able to build outbound routes to send calls to Broadvox. To do so, select System Setup from the menu bar located at the top and choose Outgoing Calls. You should see the following screen. Figure 13: Switchvox System Setup Screen Broadvox utilizes 10-digits in all routing. All digits including the area code must be present in any outgoing calls to Broadvox for the call to complete properly. To create redundancy, 3 outgoing rules will need to be created. Each rule will have the same pattern, which creates a round robin effect for those routes. You are welcome to curtail the outbound routing rules to your own business needs. The following is just an example. Confidential and Proprietary 14
Click the Add New Outgoing Rule Button, which will take you to the screens below. You will be doing this three times (one route for each city). By default Is this a final rule will be marked YES. You want to change this to NO on the first two routes you build. On the third you will want to leave it marked YES. By keeping two of them at NO, if one of the cities cannot handle the call at that time, it will have the ability to hunt over to the next route. Once it reaches the trunk with YES, it will stop hunting, and it will be assumed that the call cannot be completed at that time. You will also want to make sure each Pattern to Match is the same (9 in this example), and that the rest of the number is 10 digits in length. Figure 14: LAX Outbound Route Confidential and Proprietary 15
Figure 15: NYC Outbound Route Figure 16: DFW Outbound Route (Final Route) Confidential and Proprietary 16
After creating and saving all 3 outbound rules, you should see something similar to the following screen, showing your three new outgoing rules. By clicking and dragging the green arrow in the move column, you will be able to move the rules up and down. This will allow you to choose which route will take priority. Suggestion: Place the city geographically closest to you as first in route. This will give you the least latency to that host, which will help prevent audio issues. Make the farthest city away the one that is third and last, and make it the final route. Figure 17: Switchvox Outgoing Routes Screen Confidential and Proprietary 17
You will now want to create inbound routes to route DIDs to extensions. Creating inbound routes will mostly depend on how you would like to set up DIDs to route. Below is a basic example of having individual DIDs route to specific extensions. This is another instance where this should be curtailed to meet your specific business needs. Figure 18: Incoming Call Routes Confidential and Proprietary 18
NOTE: There is a 30 second default interval before Switchvox will reroute a call that it doesn t get a response to. This can cause some extended wait time or post-dial-delay if the first host is down for some reason. This is extremely rare. Generally when this happens you will see the host become unregistered. To verify this, choose Diagnostics > System Status, seen below. Figure 19: Switchvox Diagnostics System Status Screen If the screen looks similar to the following, the peer is unreachable for some reason. You can actively move this peer down in routing order by going to Outgoing Calls and moving that Outgoing Rule down on the list. The lower the priority of the rule the higher priority it has in routing. Confidential and Proprietary 19
Figure 20: Unregistered Trunk Figure 21: Moving Unregistered Trunk down in routing Confidential and Proprietary 20
List of Figures Figure 1: Welcome Letter Account Information... 4 Figure 2: Firewall Configuration Information... 4 Figure 3: Trunk Destination Information... 5 Figure 4: Configuration of Broadvox Side... 5 Figure 5: Signaling Configuration... 6 Figure 6: SRV Lookup in Windows XP... 7 Figure 7: Switchvox Tool Suite Home Screen... 9 Figure 8: Switchvox System Setup Screen... 10 Figure 9: Switchvox VOIP Providers Screen... 10 Figure 10: VoIP Provider Information Screen... 11 Figure 11: Switchvox Connections Settings Screen... 12 Figure 12: Switchvox Call Settings Screen... 13 Figure 13: Switchvox System Setup Screen... 14 Figure 14: LAX Outbound Route... 15 Figure 15: NYC Outbound Route... 16 Figure 16: DFW Outbound Route (Final Route)... 16 Figure 17: Switchvox Outgoing Routes Screen... 17 Figure 18: Incoming Call Routes... 18 Figure 19: Switchvox Diagnostics System Status Screen... 19 Figure 20: Unregistered Trunk... 20 Figure 21: Moving Unregistered Trunk down in routing... 20 Confidential and Proprietary 21