TechWise TV episode 26
Essentials of Successful VoIP Migration
www.cisco.com/go/interact/techwise
Original Air Date: December 6, 2007

Synopsis
Understanding the basics and the possibilities of voice over IP
Understand the basics of enterprise and public telephony networking, IP networking, and how voice is transported over IP networks
Learn the various caveats of converging voice and data networks

Examine the basic VoIP signaling protocols (H.323, SIP, Skinny).

Explore how VoIP redefines extensibility and scalability through 3rd party software companies committed to expanding functionality.

Delve into such VoIP topics as jitter, latency, packet loss, codecs, QoS tools, and security


Voice over IP (VoIP) has become an important factor in network communications, promising lower operational costs, greater flexibility, and a variety of enhanced applications. To help you understand VoIP networks, the TechWiseTV team is going back to the basics.

TechWiseTV will explain how a basic IP telephony infrastructure is built and works today, major concepts concerning voice and data networking, and transmission of voice over data networks. You’ll learn how voice is signaled through legacy telephone networks, how IP signaling protocols are used to interoperate with current telephony systems, and how to ensure good voice quality using quality of service (QoS).

This show is for anyone seeking to understand how to use IP to transport voice, with a target audience comprising both voice and data networking professionals. In the past, professionals working in voice and data networking did not have to understand each other’s roles. However, in this world of time-division multiplexing (TDM) and IP convergence, it is important to understand how these technologies work together. We have designed this show to help you get started so that voice experts can understand data networking and data experts can understand voice networking.



Segment 1: VoIP Fundamentals
When I started doing networking that is what I wanted to do. I love data and when I am feeling blue, all I need is more data. I love knowing how to make it go faster, how to secure it, how to write my own data manipulators, how to manage and store it and find out how little I really know about data. I love it! Who is my favorite person on Star Trek NG; well actually it is Worf, but my second favorite is well that would be Picard…OK bad example, but be that as it may, I L-O-V-E data. I had no interest in boring phones. Dial tone, phraking, CoDECs, so what. Data folks like me have seen our job split three ways and it is to our career benefit to understand voice and power delivery. This show is a show for data folks. Robb and I try to clear all of the fog that not only comes with learning any new thing, with voice, the terminology used is from 100 years ago up to present. For example E&M signaling stands for Earth and Magneto. I do not think my lawnmower has a magneto any longer. So understanding some of there more common voice terms in a data world is a great place to start.

Jimmy Ray Purser

QoS: Most of us know about QoS. Understand that in a voice world, keeping your voice packets in sequence and arriving ahead of other non critical traffic is the key to a successful deployment. QoS ensures that end to end, switch to switch my time sensitive voice traffic gets though. Remember, QoS must be configured at each switch and/or router hop.

Codecs: A Codec is a Coder-Decoder. I know, that is kind of a punk answer. In short, a codec will encode and decode a voice waveform. They are a ton of codecs out there today for different use. The big voice ones are G7.11 and G7.29a. G7.11 is a wide codec that sounds great, but it takes up 64K of bandwidth per call. So it is great for LAN use. G7.29a is a narrow codec. It takes only 8K of bandwidth per call and is therefore great for WAN use.

VLAN: Same old school stuff we have always done. Since Ethernet is a shared medium, it is up to us to separate our traffic based on need. Voice should have it’s own VLAN so it is easier to manage, easier to secure and easier to troubleshoot.

PSTN: Good ole Public Switched Telephone Network. This is where we plug in and get to the outside world via the telephone.

Gateway: This is the box that makes the connection between out local VOIP network and the PSTN and back. If you decide to leave your PBX in, the gateway can also connect up to the PBX. Normally this is a router.

Gatekeeper: This is the stop-go light in the world of VOIP. Mainly used to keep track of bandwidth left on the WAN and allows calls to connect as long as there is bandwidth to service the call.

H.323. As a data dude, H.323, SIP and MGCP confused me as to what they do. This has to be thought of as a protocol suite like TCP/IP. H.323 is the most popular and most mature of the gateway protocols. H.323 is used to set up the call and tear it back down. Think of TCP. Sending an off hook message, dialing the phone, sending each digit, hanging up (on hook) are part of H.323.

RTP. Real Time Transport Protocol is the protocol that actually sends your voice.

So a very basic call flow would be: H.323→RTP→H.323

Myth’Phrackers’ – Worms and Voice
This demo was based upon a custom worm that randomly transmits UDP and ICMP traffic at different sizes. VLANs are a big key is keeping people off of my voice VLAN. Most worms have to be a small code base to propagate, so they mainly hit the data (or untagged) vlan.


Segment 2: VoIP Call Control

PBX vs. VoIP – mapping the functional differences
Besides watching home videos of Robb Boyd learning how to play the trumpet, nothing is more boring then dial tone. VOIP can really extend the communications we have and offer so many choices as to the way we communicate that a PBX just could never keep up with. A PBX does not need to be replaced if you do not want to, just front end it with a gateway and when it does go away, reconfig that same Gateway to now connect to the PSTN. How cool is that! PBX’s are much more expensive and for most of us, require outside consultants to config/modify policy and features. With VOIP, it is already feature rich and maintaining, troubleshooting, billing/accounting and adding new stuff is all under our autonomous control.

Protocol Choices
SIP, H.323 or MGCP? Which is right for you? A number of signaling protocols have been developed in different camps to address the need for real-time session signaling over Ethernet. Each of these protocols has different origins and different supporters with differing priorities.
H.323 was developed in the Enterprise LAN community as a video-conferencing technique and has much in common with ISDN signaling protocols such as Q.931.
MGCP/Megaco comes from the telco engineering world and is closely associated with intra-domain control of soft-switches and media gateways etc.
The IETF developed SIP, reusing many familiar Internet elements: SMTP, HTTP, URLs, MIME, DNS.
In the end, H.323 is the oldest and most widely used. SIP is a true data based VOIP protocol that is really picking up steam. SIP is the future no doubt.

3rd Party Value – SolarWinds and the Orion Framework
The engineers best friend (beside Star Trek) is Solarwinds. Seeing is believing and I strongly recommend going over to their site www.solarwinds.com and download a copy. Great stuff that is really like seeing into your network for the first time.



Segment 3: Security Concerns

Some security concerns and solutions, such as toll fraud, remain the same in the VOIP world as in traditional telephone networks. Of course as Network Admins we, however, also face increased regulatory requirements for conversation privacy, message confidentiality, and user and device authentication. Therefore, strong VOIP security strategies must address the security aspects of Sarbanes-Oxley, Gramm-Leach-Bliley (GLB), Health Insurance Portability and Accountability Act (HIPAA), Payment Card Industry Data Security Standard, European Basel II, and other mandates affecting global organizations directly within your VOIP architecture. Integrating security within the underlying infrastructure also thwarts denial-of-service (DoS) attacks, worms, and other malicious activity that is usually aimed at the data network, but, if successful, could have ramifications for the voice network, too. It all can be basically boiled down to this: protect your phones firmware integrity with features like Control File Protection to pass signed certificates bidirectional, Dynamic ARP protection, DHCP spoofing and where possible, encrypt the traffic on high value targets like the CEO’s phone.

Myth’Phrackers’ – Eavesdropping
This is a big fear for many folks looking to go to VOIP. It certainly should be. This type of attack can be very easily defended against with many of the things we discussed from above but also with features like TCP-Intercept, Microflow policing, etc. Your VOIP network can easily be much more secure then your traditional network ever was. Remember, a simple 100 dollar butt set can listen in to a traditional network in seconds. Solid security features and even a IPS would shred this type of attack in milliseconds on a VOIP network.


Segment 4: Beyond the Dial Tone

Having the awesome third party add on applications to extend your VOIP network into a full fledged Unified Communication package takes the Network Admin from zero to hero in under 150mS. LiteScape has some of the coolest ideas for turning a dial tone into to much more then 350-440Hz Goertzel encoded DTMF. OK, I am showing off, but it is to really show that your VOIP system can be so much more than a boring old telephone. Check out the brilliant minds at LiteScape over at www.litescape.com

Five Keys to a Successful VoIP Deployment

The entire show kinda sum up to this doesn’t it? VOIP really demonstrates the power the network really has. We can add on very time sensitive traffic and guarantee its arrival at the other end without starving out our other applications. We can even run power across those same lines. Amazing isn’t it? In the VOIP deployments I have done, they all boil down to five things the you must REALLY think thru and get right for a successful deployment. Drum roll please….

1. Audit your network. Know what you have from switches, routers, cabling, etc... Document and upgrade if needed. George Fuechsel said it best, “Garbage In, Garbage out” Poor cabling really rises it ugly head the faster speeds your network runs and the more time sensitive your applications are.

2. IT staff training BEFORE the system is deployed. Many IT managers feel it is best to train the staff after a deployment so they can ask questions on their network. I do not like this approach and have seen it fail and de-moralize a staff very quickly. Train your staff first, then when the gear comes in, designate a config room they can use to stage and set up the gear and play with BEFORE it is deployed. This increase their confidence in the solution by leap and bounds.

3. Set up Voice VLANs to separate your Voice traffic from your data traffic. This is so very important in setting up your VOIP network. Separate the VOIP traffic from the rest of your traffic for so many reasons. Config this before the first phone is plugged into your network.

4. QoS can make or break a successful VOIP rollout. Please resist the dark side of the VOIP Force and do NOT make voice the highest priority. Your routing updates must get thru before anything else.

5. Determine the best Codec for your network. (g711/g729). I love using NBAR and Netflow to determine how my network is currently being used for data and then establish a benchmark. Then I start my VOIP codec calculations based upon my network usage, my busy hour call time based upon my current phone bill. Remember, no guessing! Use the Erlang calculator at www.erlang.com and the Codec calculator at www.cisco.com to determine the nest Codec for your needs.

Isn’t networking just great!

Jimmy Ray Purser, Robb Boyd