The Cisco Unified Communications system can be deployed in a network virtualization environment. Cisco Unified Communications Manager enables the insertion of trusted relay points (TRPs). The insertion of TRPs into the media path constitutes a first step toward VoIP deployment within a virtual network.
The underlying network infrastructure comprises one of the key shared assets in an overall network design. A number of customer use cases require support for network infrastructure virtualization, such as the following examples:
-Guest internet access
-Partner access
-Departmental or divisional separation
-Subsidiaries/mergers and acquisitions
-Application segregation (data/voice)
All these applications include a requirement to maintain traffic separation on the network device as well as between network devices.
Traffic separation translates into concepts such as Virtual Routing and Forwarding (VRF). VRF allows multiple instances of a routing table to co-exist within the same router at the same time. In a virtualized network, these different routing domains, or VRFs, typically cannot communicate directly without transiting through the data center.
This situation challenges applications such as Cisco Unified Communications, where devices in the data VRF domain, such as software endpoints running on PCs, need to communicate directly with hard phones in the voice VRF domain without hairpinning media in the data center and without directly exposing the voice and data VRFs to each other.
Below a sample configuration off TRP. This sample setup will force softclient RTP streams (voice or video) through the MTP control point in the router. In this router you might want to add additional security settings (FW, ACL, QOS,…). We will focus here on the basic TRP configuration in the Cisco callmanager and ISRG2 router.
Basic Principle:
Setup:
As you can see in this setup we make a direct call between a Cisco EX90 and the CUPC client. Both devices are registered to the Callmanager 8.6.
Configurations:
ISRG2 Configuration:
!
voice-card 0
dspfarm
dsp services dspfarm
!
interface Loopback0
ip address 12.0.0.1 255.255.255.0
no ip redirects
!
interface GigabitEthernet0/0
ip address 10.0.0.10 255.255.255.0
no ip redirects
no ip unreachables
duplex auto
speed auto
no mop enabled
hold-queue 1024 in
!
interface GigabitEthernet0/1
ip address 11.0.0.1 255.255.255.0
duplex auto
speed auto
!
ip route 0.0.0.0 255.255.255.255 10.0.0.11
!
sccp local Loopback0
sccp ccm 10.0.0.3 identifier 1 version 7.0
sccp
!
sccp ccm group 1
description register to callmanager 10.0.0.3
bind interface Loopback0
associate ccm 1 priority 1
associate profile 1 register MTP00254530ab00
keepalive retries 20
!
dspfarm profile 1 mtp
codec g711ulaw
codec pass-through
maximum sessions software 50
associate application SCCP
Cisco CallManager Configuration:
First remark do not forget to look at the following parameter depending on the policy you want to follow:
Cisco Unified Communications Manager uses the following service parameter with trusted relay points:
•Fail Call If Trusted Relay Point Allocation Fails
This service parameter, which is found in the Clusterwide Parameters (System – General) section, determines whether a call that requires a Trusted Relay Point (TRP) is allowed to proceed if no TRP resource is available. Valid values specify True (the call fails if no TRP resource is available) or False (the call proceeds regardless even if a TRP resource is not available).
Step 1: Configure the MTP resource (residing in the ISRG2 router).
Remark that below the MTP definition corresponds with the
associate profile 1 register MTP00254530ab00 line in the Cisco Router.
Step 2: Add the MTP resources to your media resource group and add it to to the media resource group list , so you can activate the resource later on to your soft client definition.
Step 3:
Configure your client device and make sure to activate TRP (on) & add the previously defined media resource group list.
In our case device jderidde3.
Monitoring:
To verify what is happening in the network can use the following IOS commands on the ISRG2:
Start with sho dspfarm profile
It will give you the view wether the MTP resource is associated with the callmanager.
Dspfarm Profile Configuration
Profile ID = 1, Service = MTP, Resource ID = 1
Profile Description :
Profile Service Mode : Non Secure
Profile Admin State : UP
Profile Operation State : ACTIVE
Application : SCCP Status : ASSOCIATED
Resource Provider : NONE Status : NONE
Number of Resource Configured : 50
Number of Resource Available : 50
Hardware Configured Resources : 0
Hardware Available Resources : 0
Software Resources : 50
Codec Configuration: num_of_codecs:2
Codec : g711ulaw, Maximum Packetization Period : 30
Codec : pass-through, Maximum Packetization Period : 0
Note that MTP resource supports sRTP as well, so you might want to activate this to make your TRP even more secure.
For the full statistics output use: show sccp output
You will see in the stats the RTP ports both voice & video streams pass (EX90 – CUPC):
ef sess_id conn_id stype mode codec sport rport ripaddr conn_id_tx
16778249 16777372 mtp sendrecv pass_th 31820 16646 10.0.0.16
16778249 16777371 mtp sendrecv pass_th 28694 16644 10.0.0.16
16778249 16777370 mtp sendrecv pass_th 22942 32596 11.0.0.2
16778249 16777369 mtp sendrecv pass_th 29008 16790 11.0.0.2
Have fun!
Filed under: Collaboration Tagged: | CUCM, medianet, TRP, UC Manager, video
Pol's Blog (fr)
Cisco BeLux Tweets
Cisco BeLux Channel
tblog BeLux feed
Social@Cisco
