4. 1. Chapter one: Introduction
1.1. Project Introduction
One of the main advantages of internet is carrying data as well as voice, and base on voice over IP
technology these days no one worries about the cell phone bill since long distance call are offered in
really low rates everyday by companies, everybody gets calling card and uses it for cost-effective
conversation and saving money.
Where is this calling card coming from?
Basically whenever there is an internet, we can use this feature to run voice over internet, when you
hear about the company you think it’s like huge automobile company while it’s not like that. It’s possible
with just two devices and a few people to run it and of course some basic knowledge! For having this
company we can either have our own equipments specifically for this matter or use the share ISP, which
is better and less maintenance and employee are required. So as a whole sale service provider we rent a
line from ISP (not to mention that this lines connectivity should have redundancy and always be
guaranteed) and sell the minute’s base on reliability, speed and quality of the lines to retail customers.
the device is necessary between source and destination to manage the call, find the best and cheapest
path and finally calculate the price and issue the invoice for retails, in retail part the whole minutes
which are given by whole sale are broken by small companies and are sold to people in cards; so if we
use ISP as a infrastructure we should just stand in the middle and do this job. All these tasks are done by
platform called Softswitch which we are going to explain all details and functions as well as some view of
VoIP protocols that are being used for this purposes. Here deep knowledge of VoIP structure and
configuration is not a must, but base on your need and work load the specific vendor and platform
which fulfills our needs is chosen, and you should just go through the details of that specific Softswitch
or software.
Here we are going to cover the details about this job based on “Keyhan Telecom Company” and specific
devices and vendors which are being used in its structure.
Now you can just sit in your home and run a company! 3
Page
5. 1.2. Infrastructure
First, to establish our prepaid calling card system, a solid infrastructure is developed. Clearly, lacking a
solid infrastructure will result in wasting time worrying about the system’s integrity, a time that could be
possibly devoted to market the product. We will provide everything including a reliable hosted server
with high bandwidth, power services and a Calling Card Platform to administrate the business. Figure 1.1
presents the list of equipment and services that are required to start the business.
Figure 1.1: Required equipment to start calling business [6]
The following describes the process shown in the above topology:
The customer buys our calling card online or from a retail store.
Next, the customer dials the local or 1-800 access numbers (DID) shown on the topology using a
phone (e.g., a cell Phone, a landline or a payphone).
The Calling Card Platform will respond with an IVR message asking the customer to enter the
PIN. If the card is Pin-less the message will prompt the customer to enter the destination
number.
Once the PIN is keyed in, the Calling Card Platform will validate the customer, announce the
balance of the customer’s account and prompt him/her to dial the destination number.
Next, the amount of available time for the destination is announced by the IVR system.
The Calling Card Platform transports the call over internet to the chosen carrier.
4
Page
VoIP provider routes the call to the customer’s intended destination.
6. Once the call is terminated, the corresponding Call Detail Record (CDR) is saved in the system to
issue statements, create reports, and analyze the business.
1.2.1. Internet Services
Internet service is the foundation of a calling card network. A reliable Internet service will enable us to
reliably keep the billing and VoIP servers online. One should place the system in a co-location facility.
Also, one should ask the internet provider about the existing redundancy in case their service
malfunctions. The provider will often take advantage of another internet provider in this case. More
specifically, if an internet provider lacks a failover plan, one may consider a second internet service as
the backup.
1.2.2. Phone Services
Choosing the tight phone service is as important as selecting a reliable internet services. If our phone
lines are not working well, the customers are unable to call into the system. Often, phone services are
more reliable compared to Internet services. Thus, it is unnecessary to be as concerned about
redundancy as internet services. However, we must ensure that the correct phone service is chosen for
our application. For example, if our system supports T1 lines, one should check that the T1 is a PRI.
1.2.3. Power Services
In most places power outage is common, or perhaps a daily event. If the systems are located in a place
where power outages are, common a power generator is crucial. Moreover, regardless of the location,
one must have a UPS battery backup that lasts at least two hours in case of a power outage. Even if the
equipment is placed in a co-location facility, it is still very important to be equipped with UPS battery
backup.
5
Page
7. 2. Chapter two: System Requirements,
Implementation Steps and Protocols
2.1. Requirements and Implementation Steps
2.1.1. Price
It is common to choose the long distance provider simply based on the price (i.e., the lowest long
distance rate). One factor that is important is the fact that some services have a monthly fee. You may
still be better off with a long distance provider that charges a monthly fee if the rate is quite a bit lower,
or if it is slightly lower and you use enough minutes to offset the difference. Another critical factor is
where your customers call the most. Some long distance services have discounted rates for in-state
calls. Some long distance providers have lower rates for state-to-state long distance. Another important
factor is the billing increment. If a service is billed in six second increments and you make a lot of short
calls, it may be a better deal than another long distance provider who offers 60 second increments at a
slightly lower long distance rate. Generally, wholesale billing increments should not be greater than 30
seconds.
2.1.2. Quality
Long distance companies in the VoIP market differ substantially in terms of quality. Before finalizing the
decision, one has to ensure to ask the provider that whether it is possible to test their service.
Legitimate long distance providers, in most cases, possess a test procedure in place for the purpose of
quality assurance. Listen for excessive echoing and delayed response. We should feel that we would be
able to continue a long conversation with this voice quality without getting frustrated or having to
repeat it frequently.
2.1.3. Reliability
The reliability of long distance providers’ systems is very important. If the long-distance provider goes
down, our customers’ calls will not go through. Before making the final decision, one can ask them what
type of equipment they have and what kind of fail-over plans they incorporate. Also, we can ask them
about their Post-Dial-Delay (PDD) to different destinations. PDD is, in fact, the time (in seconds) that it
takes for the destination party’s phone to ring after a customer has dialed that destination.
2.1.4. Capacity of Service
We may think that our long distance provider can accommodate unlimited voice traffic. Before, signing a
deal, one should ask the long distance provider about the capacity of traffic they can handle to a
particular destination. For instance, if we estimate that we will be sending 40,000 minutes of traffic per
6
day to India, we should ensure that our long distance provider will not reject some calls because of lack
Page
of capacity.
8. 2.1.5. Finding VoIP Termination/Long Distance Providers
VoIP Termination Providers sell us traffic to various destinations. When we offer a calling card to call a
destination (e.g. to India), we can easily calculate the cost knowing the exact rate of call to India.
Assuming a cost of $ 0.0246 per minute to call to India, a calling card that contains 30 minutes to India
and is sold for $5, yields a profit of $4.26!
It is usually better to select multiple carriers while choosing long distance providers for our calling card
system. Most calling card companies provide service to almost anywhere in the world, but it is better to
focus on a particular region of the world. Thus, one can create an A-Z list of long distance providers that
can send your calls to anywhere in the world. Also, a regional long-distance provider must be chosen
that focuses only on the region of the world that you are targeting. Although A-Z providers are
convenient, their rates are usually higher than regional providers.
Major decision factors in evaluating a long distance company are price, quality, reliability and capacity
2.1.6. Finding Access number/DID Providers
We need to be looking around for some companies that could provide us with 1-800 numbers or local
DIDs in all the states or countries where we would like our customers to have phone numbers, where
people could call using any PSTN phone line. The best solution for this is on Voxbone - an exchange
platform for different VoIP providers to sell DIDs with a low cost per month.
2.2. VOIP Protocols
VoIP uses RTP for transport, Real-Time Transport Protocol (RTCP) for Quality of Service (QoS) and H.323,
SIP, MGCP (Media Gateway Control Protocol/Megaco) for signaling. These VoIP protocols operate in the
application layer that is, on top of the IP protocol. These protocols that we are using for setting up the
calling card are SIP, H.323, IAX2, PRI/BRI.
2.2.1. H.323
“H.323 is a multimedia standard which accommodate a basis for carry voice, video and data
communications in an IP-based network. The H.323, standards like H.324 (standard for multimedia
transport over switched circuit networks) and H.320 (standard for ISDNs) among others. This standard is
defined by an lTU researcher and approved in 1996. H.323 runs on top of TCP in layer 4, and uses TCP
for call setup. Traffic is transmitted on Real Time Protocol (RTP) which runs on top of User Datagram
Protocol (UDP).” [17]
H.323 defines some clear integral; such as terminals, gateways, gatekeepers and multipoint control units
7
Page
(MCU).
9. Terminals are used for real-time bi-directional multimedia communications, and can be an IP-phone or a
personal computer IP-phone. All H.323 terminals should support H.245 (control channel), Q.931
(required for call signaling and setting up the call), Registration Admission Status (RAS is used for
interacting with the gatekeeper) and to support the Real Time Transport Protocol (RTP).
Besides, The H.323 terminals can be used to support video or data communications to holding up audio
communications. Its role for this service (audio communication) in IP-telephony is vital.
As we mentioned, the gateway is the interface between the PSTN and the Internet. It can arrange
translation of protocols for call setup and release, conversion of media formats between different
networks, and the transfer of information between H.323 and non-H.323 networks. Also a gateway is
able to supply several simultaneous calls between H.323 terminals on the IP network and other ITU
terminals on a switched-based network Gatekeepers provide call-control services for H.323 endpoints,
such as address translation, admission control, bandwidth management, zone-management, and call-
routing services.
To allow all the end-users for registering on the VOIP network, they will supply authentication services.
The Gatekeepers are the main place for calls in the H.323 network, even though they are an option in
this network.
An MCU can be used for multi-conferencing between many H.323 terminals. It controls conference
resources, and arrangement between terminals for intention of determining the audio or video
coder/decoder to use, and also handle the media stream.
A class diagram for VoIP components is shown in figure 2.1. The layer 2 QoS enabled switch support
connectivity and availability between H.323 components.
As we can see in the figure, IP-PBX server accomplishment such as a call processing and handling call set
up and routing calls.
2.2.1.1. H.323 Security
“The security mechanism in H.323 protects the audio stream as well as the Call Setup (A.931) and Call
Control (H.245). H.235 provides security features such as authentication, integrity, confidentiality and
some non-repudiation support in H.323 communications.”*11+ The architecture of H.323 is shown in
figure 2.1:
8
Page
10. Figure 2.1: Class for a H.323 architecture [18]
The H.323 applies RTP/RTCP (real-time transport protocol) as its transport protocol which excurse over
UDP where encryption is accomplished within the RTP packet by third party hardware or at the network
layer (IPSEC).
H.323 can use either symmetric encryption-based authentication or subscription-based authentication.
Subscription-based authentication is when a communication occur sharing of a secret key or certificate
is mandatory. Certificate-based (symmetric), is password-based (with or without hashing).
2.2.2. The Session Initiation Protocol (SIP)
Session Initiation Protocol (SIP) is the IETF's standard for multimedia conferencing over IP. The session
initiation Protocol (SIP) is an application-layer control (signaling) protocol used for developing, changing
and deciding sessions with one or more assistants.[9]
These sessions contain Internet multimedia conferences, Internet telephone calls and multimedia
sharing.
SIP is a text-based protocol, and it’s similar to HTTP and SMTP, to initiate collective communication
sessions between users such as voice, video, chat, interactive games.
Signaling allows call information to be transmitted among network boundaries. Session management
supports the ability to control the attributes of an end-to-end call.
SIP is transported over the connection-less UDP protocol. Because of the decreasing state management
overheads, UDP is preferred over TCP.
9
Page
11. 2.2.2.1. SIP Architecture
The primary of SIP systems are user agents and servers. User Agents (UAs) are a combination of User
Agent Clients (UAC) and User Agent Servers (UAS). The UAC is responsible for initiating a call by sending
a URL addressed invite to the intended recipient. The UAS receives requests and sends back responses.
Class of servers:
Location servers to get information about a called party’s possible location by a Redirect server or Proxy
server, it will use.
Proxy servers are responsible for routing and delivering messages.
Redirect servers to inform proxy servers of the user location, it keeps a user location in database.
Registrar servers are used to save information about where a party can be found.
Figure 2.2 shows the network components and sample message flows for a SIP based network to make a
call from a regular telephone number to an IP phone by connecting a Proxy server with a VOIP gateway,
and to another Proxy servers. The proxy server is. The proxy server performs on beside of the end users
to ease the call processing. When a call has been set up via the proxy server, the RTP media streams
flow between the end stations.
When a user starts a call, a SIP request will send to a SIP server (a proxy or a redirect server). The
request contains the address of the caller (in the header Field) and the address of the determined callee
(in the two header field). SIP architecture is shown in Figure 2.2 on the next page.
2.2.2.2. SIP Security
The SIP protocol cannot assign any transport layer security mechanisms by itself, but other protocols
such as IP Security (IPSec) or Transport Layer Security (TLS) are to provide the needed security for the
complete message.
10
Page
12. Figure 2.2: SIP Architecture [18]
SIP requests and responses include acute information about the satisfied and designs of communication
of various characters. SIP can support the following methods of encryption to protect confidentiality;
End-to-end encryption: Normally, the message is sent encrypted using Public-Key Crypto systems. SIP
request or response is end-to-end encrypted by breaking up the message to be sent into a part to be
encrypted and a short header that will be clear stay.
Hop-by-hop encryption: Because header fields need to be visible to proxies (to and via), so, not all of the
SIP request and response can be encrypted end to end.
2.2.2.3. SIP Services
The services that SIP provides include:
• User Location: determine end system to use for communication.
• Call Setup: defining and setting up call parameters at both side, called and calling party.
• User Availability: determine the readiness of the called party to use in communications.
• User Capabilities: determine of the media and media parameters to use.
• Call handling: the transfer and termination of calls.
Voice gateways usually consist of two parts: the signaling gateway and the media gateway. The signaling
gateway uses MGCP (Media Gateway Access Protocol) and Megaco to communicate with the media
11
gateway. Both protocols can interoperate with SIP and H.323. SIP transports real time data by using
RTP/RTCP (Real-time Transport Protocol).
Page
13. 2.2.3. Media Gateway Control Protocol
MGCP is a protocol which is produced by the Media Control Working Group and is used for controlling
VoIP gateways from external call control essential feature. MGCP systems are building of Media
Gateways, Signaling Gateways and Media Gateway Controllers (MGC). MGCP completed the interface
between a Media Gateway and a Media Gateway Controller. A place where the gateways are
anticipated to accomplish commands sent by Call Agents is a master /slave interface.
In this point, control protocol gives the central coordinator authorization to monitor happening in IP
phones and inform them to send media a particular addresses.
MGCP has presented the idea of connections and endpoints, for setting up voice paths between two
parties. The only thing about MGCP is its possibility to capacity with H.323, SIP, and lagancy telephones.
It should be possible for MGCP gateways to do this job with H.323, SIP, and legacy telephones.
MGCP Call Control has been secured with using IPsec (with ESP header). Alternatively, a temporary
Authentication Header (AH) solution should be used. The AH header admit for data source
authentication and connectionless reliability of messages passed between the Media Gateway (MG) and
the MGC (Controller), but it does not supply care against replay advance. MGCP suggest using of IPsec
for encryption and authentication.
2.2.4. Inter-Asterisk Exchange
IAX is the Inter-Asterisk exchange protocol native to Asterisk PBX. it supported by number of other
softswitches and PBXs. It can enable Voip connection between servers beside client–server
communication.
The second version of the IAX is IAX2 which is most commonly.
IAX2 is one of the most important VoIP protocols that carries both signaling and media on the same
port. The commands and parameters are transmitted in binary composition and if any extension should
have a new numeric code allocated.
To communication between endpoints, multiplexing signaling and media flow, IAX2 uses a single UDP
data stream on port 4569. IAX2 covers firewalls and network address translators. This is in contrast to
SIP, H.323 and MGCP that use an out-of-band RTP stream to deliver information.
“AX2 supports trucking, multiplexing channels over a single link. When trucking, data from multiple calls
are merged into a single stream of packets between two endpoints, reducing the IP overhead without
creating additional latency. This is advantageous in VoIP transmissions, in which IP headers use a large
percentage of bandwidth.”
The IAX and IAX2 protocols were setting up interior session that can use whatever codec that they want
for transmission. Actually the Inter-Asterisk Exchange protocol supports control and transportation of
streaming media over IP networks.
IAX is used for any kind of streaming media that contain video because it is flexible and also designed for
12
control of voice over IP.
Page
14. One of the advantages of IAX is minimize bandwidth for using media transmission. “with specific
attention drawn to control and individual voice calls, and to provide native support for NAT (Network
Address Translation) transparency.”
2.2.5. Primary Rate Interface and Basic Rate Interface
“The Integrated Services Digital Network (ISDN) prescribes two levels of service, the Basic Rate Interface
(BRI), intended for the homes and small enterprises, and the Primary Rate Interface (PRI), for larger
applications. Both rates include a number of B-channels and a D-channel. Each B-channel carries data,
voice, and other services. The D-channel carries control and signaling information. The Basic Rate
Interface consists of two 64-kbit/s B-channels and one 16-kbit/s D-channel.
The Primary Rate Interface (PRI) consists of 23 B-channels and one 64-kbit/s D-channel using a T1 line,
often referred to as "23B + D", or 30 B-channels and one D-channel using an E1 line (Europe/rest of
world). A T1 Primary Rate Interface user would have access to a 1.472-Mbit/s data service. An E1
Primary Rate Interface user would have access to a 1.920 Mbit/s data service.
Larger connections are possible using PRI pairing. A dual PRI could have 24+23= 47 B-channels and 1 D-
channel (often called "47B + D"), but more commonly has 46 B-channels and 2 D-channels thus
providing a backup signaling channel. The concept applies to E1s as well and both can include more than
2 PRIs. Normally, no more than 2 D-channels are provisioned as additional PRIs are added to the group.”
13
Page
15. 3. Chapter Three: System Topology
Because of high automation and since internet is the main component and other functions can be done
by one or two devices and servers, typical calling card whole sale business can be handled by 2 or 3
people. Here we are going to demonstrate one wholesale company using Sansay SoftSwitch and
Billbery - VOIPBilling Server.
3.1. Hardware and Devices
Keyhan Telecom Company consists of four main devices: Switch 3750G, Router 3845, Billing Server and
a Softswich. You can see system topology as it has shown below in figure 3.1:
14
Figure 3.1: Keyhan Telecom company Topology
Page
16. On next chapter of the report we will discuss more specifically about Server and Softswitch
Configurations. Also, you can find Switch and Router configuration in the Appendix.
3.2. Software and Application
Softswitch or software switch is an intelligent platform which is used in voice over IP infrastructure for
call routing, transcoding, signaling, billing and management functions …etc., in IP networks such as
phone card companies for cost-effective long distance phone calls.
Basically switch is layer two devices with limited capability but here running software used to improve
switch functionality and efficiency.
And these days they are faster, cheaper and better replacement devices for traditional hardware based
equipment in telecommunication.
Depends on load of work in field of wholesale or retail ,maybe some features of softswitch is handles by
separate specific server and platform like billing servers,
These are typical softwitch features and characteristics:
Not to mention that every vendor has its own unique attributes.
Transcoding protocols:
SIP, H323, RTP/RTCP, RAS signaling, and T.38/T.120
Media Transcoding:
G711, G723, G739
Call routing based on:
- Destination Gateway Priority
- Call arrival time
- Minute cost
- Operator’s tariff priority
- Gateway ability
15
Page
17. Call Authorization:
Available BW
Available gateway
IP address
Available money in the account
Billing features
Monitoring online:
Alarm system
Active calls info
Call number transformation:
Base on incoming, internal and outgoing prefix.
Generally these tasks are handled by softswitch which are divided into two main classes:
Class 4 and class 5
The main difference between this two is class 4 deals with carriers and class 5 deals with end users.
3.3. Prepaid and Postpaid Calling Cards Services
Prepaid and postpaid calling card services are different in their billing systems. A prepaid billing model
works very simple. When a calling card was sold, the service will bill at the time and services are
delivered when the subscriber accesses the retailer’s network. The Cisco prepaid calling card solution is
designed to give Internet telephony service providers a competitive advantage in the prepaid calling
market. By tapping the intelligence embedded in IP network components, it allows service providers to
centralize the service application in a single location at a low cost while bandwidth-intensive call
connections are handled at the network edge in Cisco gatekeepers and gateways. The benefit: lower
costs than traditional debit card applications, which are based on service points in large POPs in circuit-
switched networks. But in a postpaid model, the subscriber is billed after services are delivered. In other
words: a seller sells a card with an access number and a PIN number to a subscriber, who can then
access the long distance service from any telephone. The long distance service can be delivered via a
seller’s own packet voice network, or the seller can partner with a packet-based wholesale terminating
transporter to deliver the service.
16
Prepaid and postpaid calling card services stand for one of the fastest growing types of enhanced voice
Page
services. A selection of consumer segments such as students, business and leisure travelers, expatriates
18. have propelled the growth of those services. They are especially popular between mobile phone users
as an alternative to the disgracefully high mobile operators’ international rates. For carriers who want to
realize more profit from a global long distance network, prepaid and postpaid calling card services
characterize a chance to improve margins, direct minutes to the network, and raise customer retention.
For service providers that are currently offering prepaid and postpaid calling card services over a
switched circuit network, Cisco packet telephony networks provide a more cost-effective alternative for
network expansions or upgrades.
Packet voice technology offers a convincing option to the traditional time-division Multiplexing (TDM)
switched circuit network and it decrease the cost and time-to-market requirements connected with
expanding voice services such as national and international transport, voicemail/unified
communications, text-to-speech, speech detection, and calling card services. TDM-based services use a
leased line and require a long-term financial binder to that exact link, and it (TDM Switch) also presents
major first cash outlay, requiring a lengthy time period to get investment payback. The need to get
faster investment payback has led some providers to add fees for calling card activation or connection to
make up the difference.
Cisco offers a high quality and practical solution for prepaid and postpaid calling card services that is
deployed via packet voice technology. The Cisco Voice Infrastructure and Applications (VIA) solution
includes key features and attributes such as:
A telephony user interface similar to familiar Public Switched Telephone Network (PSTN)
Card services applications
Cost-efficiency in equipment and bandwidth
Card recharging
Balance transfer
Personal identification number (PIN) change.
Support for multiple languages.
Support for multiple-company branding or announcement messages on the same network.
The basic structure of Cisco VIA are the Cisco media gateway, call control (Cisco gatekeeper, Cisco SIP
Proxy Server, Cisco PGW 2200 softswitch, or partner call control), IP-to IP-interconnect (using the Cisco
Directory Gatekeeper or SIP Proxy Server) and operations support systems (OSSs) to manage and
provision the entire network. These allow Cisco VIA to support the following services such as Prepaid
and postpaid calling card services, national and international transport, termination services for
application service providers (ASPs), voice mail and unified and communications and dial access.
Cisco VIA has been deployed in more than 80 countries and by hundreds of service providers which
provide flexibility to use the Media Gateway Control Pro
Proxy Server, or provide the ability to use the Media Gateway Control Protocol (MGCP) to interface to a
17
Cisco softswitch.
Page
19. The Cisco VIA solution offers so many profits, such as lower transportation and operating costs compare
with other industry offerings, and It offers industry-leading voice quality, fixed reliability, and scalability
to suit a variety of network sizes, and protocol flexibility, and it enables service providers of any size and
location anywhere in the world to contend in the calling card services sell.
3.3.1. Prepaid and postpaid Service explanation
A prepaid or postpaid calling card service can be presented in sell or wholesale models. The wholesale
carrier manages the calling card service on its international infrastructure, that the most prepaid calling
card services get benefit from wholesale model. In other hand the retail service provider offering to user
markets and brands the calling card service. For both prepaid a postpaid calling card services also offer
subscribers continuing permit to the long distance network. Similar to prepaid calling cards, the postpaid
calling card service is often hosted by a wholesale bearer to increase advantage. The most difference
between prepaid and postpaid calling card services is that service authorizations in the postpaid model
are not attach to call rating and services do not expire, except in the case of a limited-credit postpaid
service because of the call rating does not happen in real time.
Prepaid and postpaid calling card services provide carriers with an opportunity to improve margins that
the price per minute billed is bigger than residential or dial services and also increased minutes is
minutes to the packet telephony network, and increase customer retention that the prepaid card
services delivered on a VOIP network with offerings speed dial and voice email that has much lower cost
in PSTN services.
3.4. Solutions
3.4.1. Advantage of Cisco VIA Solution in Calling Cards Services
One of the most advantages of Cisco VIA solution to service provider is in the calling card services
market. It also offers the greatest choice for interconnection through its Cisco Service Carrier
Community program. This program helps service provider develop traffic on their networks.
As we know this business is very competitive and price sensitive, with agile customer loyalty. Indefinitely
to achieve the largest volume, service providers should offer lowest prices services. The key to achieve
financial success in industry is to adjust a low price service with a low cost infrastructure and also low
cost operation, and differentiated aspects. These articles can be able to reach with separate equipment,
billing systems and accommodation call paths, that Cisco VIA solution took this advantage. The IP
telephony technology in the Cisco VIA solution perfectly addresses the needs of a service provider
because it is a low cost infrastructure solution. The basic of this service enabling solution include Cisco
18
AS5000 universal gateways using Cisco IOS Software, the Cisco PGW 2200 PSTN Gateway, and Cisco
2600 and 3600 series routers (refer to Figure 2). The Cisco solution offers service providers one more
Page
important advantage. The IVR system, a critical part of any calling card application and normally a
20. significant cost factor in delivering the service, is included in Cisco AS5000 universal gateways. This
integrated feature substantially reduces the costs of providing the service. An overview of a network,
working with Cisco Solution and Gateways are shown in figure 3.2:
Figure 3.2: A network contains Cisco Solutions and Gateways [19]
“In conjunction with these products, Cisco Service Provider Solutions Ecosystem partners provide
accounting and billing applications that complete the Cisco prepaid and postpaid calling card service
solution. These partners include dig quant Systems, Mind CTI, Portal Software, and Primal. The
applications these partners provide enable a rich set of options that enhance revenue, create
Opportunities for service distinction, and mitigate cash flow risk. Setup, recurring, and usage-based
charges may be customized to accommodate a variety of regional, cultural, socioeconomic, service
quality, and market trend shifts. “
Session Initial Protocol (SIP) and H.323 are protocols by Cisco solution VIA.
3.4.2. Cisco SP Voice Solution
The Cisco SP Business Voice Solution offers deliver managed voice service on IP Communication solution
to service provider, and also products to any size of business. With this kind of solution, service provider
can arrange a scalable, reliable, and Voice over IP infrastructure can able them to offer a selection of
managed voice services which can work with several end-customer adding to options that include Cisco
CallManager, Cisco CallManager Express, legacy private branch exchanges (PBXs) with VoIP gateways,
integrated access devices (IADs), and remote Cisco IP phones.
What services are enabled by the Cisco SP Business Voice Solution enable services to its customers in
any small and enterprise size such as (Figure 3.3):
19
Page
21. Figure 3.3: Business Voice Services Description [19]
The flexibility of the Cisco SP Business Voice Solution architecture will also enable service providers to
gain on arriving profits opportunities from managing improved IP applications. These include IP phone
Extensible Markup Language (XML) applications and IP customer contact services, IP conferencing, and
others.
3.4.3. Global Long Distance Solution
Global Long Distance Solution provides the ability to offer wholesale and international transit services.
Based on IOS technology, the solution provides full range of TDM interfaces, such as R2, PRI and SS7.
The solution offers enhance services such as:
Prepaid and Post Paid Calling Card Services
Unified Messaging
Dial Access Services
Seamless AVVID Integration
Voice VPN Services
All of these services can be leverage from the same common voice gateway, running Cisco IOS
technology. As for the value proposition, it is the only solution on market that brings such services in a
cost effective platform. The solution scales from a few E1’s to tens of thousands E1s. The robust carrier
20
class gateways provide support for both H.323 and SIP on a call by call basis using the same load. This
Page
22. means with Cisco technology, service providers can deploy a robust H.323 network and still support SIP
traffic terminating from ASP providers such as Microsoft XP (Shown in Figure3.4).
Figure 3.4: Partnership of Cisco and Microsoft [2]
3.4.4. Integrate Transport Solution
With the integrated transport solution (ITS) we deploy 8850 ATM switches with the Voice Interworking
Services Module (VISM) – without a softswitch. The switches are connected to either an ATM or IP core.
The ITS is typically used by PTTs or Mobile operators to reduce backhaul cost in configurations where
they don’t need or are not ready for Softswitch. The solution give carriers an immediate 4X cost saving
on backhaul costs (using compression) and requires no changes to the carriers existing circuit switches
(its completely transparent to them). The added bonus is that carriers can easily add a softswitch to this
architecture to take advantage of a “switched” transit solution. The 8850/VISM is softswitch ready (can
be controlled with MGCP).
21
Page
23. 3.4.5. Wireless Transit Solution
The wireless transit solution is a slight variant on the wireline transit solution. We position the wireless
transit solution with mobile operators who are looking to offload their inter-MSC circuits from TDM onto
VOIP or VoATM. Given that many mobile operators in AsiaPac are running near or at capacity on their
network, we also see the incorporation of Gateway Mobile switching center functionality into the
softswitch as another major cost saving benefit for the carrier – through offload of their legacy circuit-
switch Serving Mobile Switching Centers. (Gateway MSC functionality - softswitch queries the Home
Location Register on incoming calls and delivers the call to where the mobile subscriber is currently
roaming). In the future, we see the Gateway MSC softswitch evolving to support full “Serving” MSC
capabilities (I.e. actually controlling the radio equipment. Wireless infrastructure is shown in Figure 3.5:
Figure 3.5: Wireless Transit Solution infrastructure [2]
22
Page
24. 4. Chapter Four: Billing Server and Softswich
4.1. Billing Server: Jerasoft VoIP Carrier Suite (VCS)
In whole sale solution when company deals with large number of calls billing task is done by another
server called billing server as you can guess from the name it’s pretty straight forward function: count
the minutes and provide the invoice base on the rates. Jerasoft GUI overview is shown in Figure 4.1.
Like softswitches every vendor has its own features but the main functions are the same:
User management:
Administrator, reseller, group seller, administrator…
Prepaid service:
- Real Time Balance Deduct
- Subscriber/Reseller Recharge
- Effective Date/Expired Date
- PIN Code Generate and Consume
- Recharge Log
Postpaid Service
- CDR Report
- Call Detail Record Storage
- Effective Date/Expired Date
Flexible Rate Plan Support
- Up-to 5 Charge Segments per Rate Prefix
- Effective Date/Expired Date
- Programmable charge unit, amount and cycle
- Call Screening
- Support Per Call , Holiday & Night Time Charge
- Longest Prefix Match
- Free Monthly and Deductible Minutes based on Prefix
- Database support
23
Page
25. Figure 4.1: Jerasoft system GUI overview
Like other vendors BillBery solution supports postpaid and prepaid billing services, including
calling cards, Caller-ID, dynamic call routing base on rate management which means chose the best
rate at the time.
It is used for whole sale, retail and even call shop with capacity of large number calculation each
month. And also it’s compatible with other vendors such a Cisco, Sansay, Asterisk Nextone…
Bilberry VCS package has different modules: Billing, Routing, retail and Rate control.
4.2. Softswitch: Sansay, the VSX-Integrated Multimedia
Subsystem
The VSXi is designed to enhance Sansay’s leadership position in the Access and peering SBC market
place.
By integrating the best of the VSX and SPX products and including important enhancements, the VSXi
expands the addressable applications and provides higher network availability. Although the application
diagrams look very similar to the existing product set, the VSXi uses a very different internal architecture
with a new Data Base format and new SIP stack. A new additional hardware platform might be required
24
to minimize the downtime associated with product migration. Applications include:
Page
26. • Retail subscriber access to feature servers
• Retail SIP trunking applications
• Wholesale peering applications
• Combinations of the above
Monitoring Application
The Sansay Network Session Monitor is used to obtain near real time call performance statistics and
provide historical performance reporting. The NSM is capable of monitoring all network resources and
charting the call activity in real time. This can be used from a NOC workstation or a personal computer,
to keep track of the health of the network or for post analysis for vendor and route performance.
This application is provided on the system documentation CDROM which is packed in the shipping
container with your server.
VSXi
The VSXi builds upon the Sansay product family and will replace the existing products with three new
components. The VSXi is the integrated system, which will operate in a stand-alone or a High
Availability pair (HA). In this configuration, it will address the small to medium single location
application with full media switching support.
VSXr
The VSXr is a subsystem of the VSXi and controls the call routing for the sessions. The VSXr uses a Data
Base to analyze the session parameters and Least Cost Routing tables in order to find the proper
outbound call path. The VSXr is used for larger applications and is roughly analogous to a DRX.
VSXc
The VSXc is the call processing subsystem for the VSXi and controls the interface to all devices with
regard to signaling and media flows. VSXc will write and store all Call Detail Records (CDRs) to be
retrieved by the billing application. The VSXc is used for large or distributed applications and provides
the Virtual IPs for all services.
4.2.1. VSXi Primary Features
Call Routing – The VSXi improves the previous VSX routing allowing routing with respect to
25
FQDNs or IP addresses. This provides easy service partitioning on inbound calls. Calls can arrive
Page
27. on one Virtual IP address and depart on another. This allows consolidation of network
interfaces to be accomplished independent of the routing within the system.
Protocol internetworking – Supports any H.323 fast start to SIP call Inter-networking. Also,
provides Gatekeeper inter-networking to SIP.
Service Ports – Introduces the concept of Service Ports. Service Ports can be thought of as
connection points to carriers, SIP peers or end access devices like phones or small gateways.
Service ports are assigned a specific, unique virtual IP address and UDP port combination which
will be used by the VSXi to provide the services for customers and vendors.
Service Ports are used for signaling and media transmission into and out of the VSXi.
Video Support- VSXi transparently supports video for video phones. This requires direct media
to be set to yes.
High Availability – A fault tolerant, non-stop cluster. System processes, poll each other
constantly. During a failure, the backup system assumes the virtual IP address of the failed
system. Connected calls will not be dropped during failover. When calls are cleared they are
logged in redundant CDR files. MTBF for servers are 36,000 hours.
Local Number Portability- The VSXi provides easy access to LNP services through intelligent
handling of SIP redirect messages. Following a DIP of a ported number, the VSXi will route the
call based on the LRN (location routing number) number returned and write that number in the
CDR for that call.
Cluster License Zones – The VSXi has the ability to use several systems for redundancy, but still
provide accurate Call Admissions Control on Trunk IDs and Gateways. This provides scalability
and geographic redundancy while maintaining complete control over traffic patterns. The CLZ is
configurable in the GUI.
Network License Zones – The VSXi is able to provide license sharing across many different areas
of the network, even when the systems are operating entirely independently in terms of
configuration. This permits the optimization of licenses regardless of traffic patterns or
configuration differences in systems around the world. The NLZ system IP address must be
licensed in order to use this feature.
VSXi uses an enhanced software architecture, improved Data Base and new SIP stack, to combine the
best features of the SPX and VSX in one unit. It can operate in a single, paired or clustered environment.
Many features requested for in the VSX and SPX have been designed into the VSXi.
• It is a carrier class Session Border Controller, controlling routing in VoIP networks
• Provides Denial of Service (DOS) and DDOS protection
26
• Centralizes routing tables
Page
28. • Centralizes CDRs
• Intelligent route hunting
• Real time performance monitoring
• Protects all internal IP addresses
• Reduces load on soft switches and gateways
• Originates media and signaling
• Advertises only one IP address using topology hiding
• Supports H.323 Gatekeeper to H.323 Gateway
• H.245 tunneling conversion
• Full SIP method support
• Any H.323 to SIP conversion
• Can perform Registrar duties to reduce load on feature servers. Subscriber to subscriber calls can be
routed directly via the VSXi
• Provides video transparency for video phone support, when media is direct
4.3. Subscriber Access Application
Retail subscriber access is for Vonage-style applications and hosted PBX networks with high numbers of
subscribers. Key features for this application are:
• 250,000 active subscribers and up to 8000 sessions per pair
• 16 pairs per cluster resulting in a maximum capacity or 4 million subscribers in a cluster with 108,000
sessions.
• DOS and DDOS protection
• FQDN, name based stateful forwarding
• Topology hiding
27
• NAT traversal
Page
• Easy GUI Management
29. • License Sharing Zones providing real time sharing of network resources, lowering capital expenses and
operating expenses.
The VSXi will provide routing to the TIDs if necessary, bringing the Access Application into complete
alignment with the Peering (LCR) application. Network routing can also be accomplished by the feature
servers, which addresses tier one applications with a more generic SBC model. The subscriber access
application can also be supplemented by the SIP trunking application as the carrier grows in one market
or the other. VSX infrastructure is shown in Figure 4.2:
Figure 4.2: VSX infrastructure
4.3.1. SIP Trunking Application
When the VSXi is used in a SIP trunking application, it may also be used as a hosted IP PBX allowing one
deployed platform to perform several functions. Key Features are:
• 100,000 trunk groups and 8000 simultaneous sessions per VSXi pair, with a maximum of 4 million
subscribers and up to 108,000 sessions per 16 pair cluster
• LNP, CNAM, RADIUS, and Teleblock access
28
• TCP and TLS support for connections to Microsoft and other IP PBXs
Page
30. • Ability to have IP PBXs register directly to the VSXi for small business applications, with changeable IP
addresses
• Can route E911 calls to service providers with the advanced PID-IFLO headers and act on the 302
redirect to the appropriate Public Safety Answer Point (PSAP) number.
• A future release of the VSXi will incorporate Datagram Transport Layer Security (DTLS) as an access
protocol which will become more useful as IP Multimedia System (IMS) user endpoints become
available.
It is not necessary to provide feature servers in a pure SIP trunking application, but the use of feature
servers for true retail Class-5 services is a simple configuration change in the VSXi with the use of FQDN
forwarding in the route tables. VSX Functionality is shown in Figure 4.3:
Figure 4.3: VSX Functionality
4.3.2. VSXi Wholesale Application
In a wholesale application, the VSXi provides the ability to have high speed sophisticated routing in a
scalable, manageable, and highly reliable network. The VSXi continues the advanced routing of the VSX
with intelligent DNIS/ANI relational routing and alternate route choices. There are a total of 32
alternate routes using the 8 routes and the route link table. Key features are:
• 100,000 trunk groups and 1000 different route tables
29
• 1000 calls per second and supports 8000 calls with full topology hiding
Page
• Internetworking with SIP and H.323 available on all calls
31. • SIP, TCP/TLS calls are internetworked to normal SIP or H.323 routes
The VSXi allows carrier interconnects which require different IP addresses for different services. It has
the ability to send calls to a particular vendor IP address from different TIDs, using different sending VIP
addresses. Wholesale VSX functionality is shown in Figure 4.4:
Figure 4.4: Wholesale VSX functionality
Note: VSXi does not support H.323 Slow Start Protocol
Note: VSXi will not provide H.245 to RFC2833 conversion, but does use the H.245 to SIP INFO method
4.4. VSXi hardware
• Dual Gigabit and 10/100 baseT Ethernet interfaces with an option for up to 4 extra 10/100/1000
interfaces
• 1U server
o 1000 active calls (H.323 or SIP with media)
30
o Non redundant
Page
o AC only
32. • 2U server
o 8000 active calls (H.323 or SIP with media) per chassis
o Redundancy on fans, power supplies and RAID drives
o AC or DC power
• 2U NEBS for Central Office Applications
o Same performance, but NEBS 3 certified
o Redundant AC or DC power supply option
Server rear view is shown in Figure 4.5: Figure 4.5: Sansay and Billbery Servers
31
Page
33. 4.5. VSXi Configuration
The VSXi features a Graphic User Interface. All configurations can be accomplished using this GUI.
Open a browser and enter the Sansay default private side, IP address or a preconfigured IP address. The
default is https://10.10.10.100:8888/ this is the private side default IP address (Figure 4.6).
Figure 4.6: Login Interface
Once you have logged in, you will see the GUI main screen. You will want to edit your network settings
now to facilitate installation into your network. (Figure 4.7 shows Sansay overview. Also, all the system
tabs are shown in the following Figures of this chapter.)
32
Page
34. Figure 4.7: Sansay GUI overview
4.5.1. Sansay GUI
Major Tab: System (Figure 4.8)
33
Figure 4.8: System Tab
Page
35. o Basic Tab (Editing Network Settings)
Click the system tab to begin to edit the Network Settings. Click the Edit Network Connections tab to set
the initial network configuration for the VSXi. (Figure 4.9)
Figure 4.9: Basic Tab
LAN Interface 1 and 2
Specify the IP address of the VSXi system for both the public and private LAN. This will enable you to
manage the VSXi from any remote system. LAN 1 corresponds to Ethernet 0 on the System Stats page.
Set the subnet mask for both private and public LAN. If you are not sure of these addresses, check with
your network administrator.
Set the IP address of the default gateway for the public and private LAN. If you are not sure what to
enter, contact your network administrator.
Set the Network Mask. This is used to separate the public and private LANs. Commonly the Netmask
value is 8, 16, or 24 and is dependent on the number of networks in used on the private network side.
This value indicates how large the private address network is, based on the length of the network bits
within the address. If you are not sure of these settings, ask your network administrator. This value
determines when the VSXi will transmit a packet onto the private LAN. It can be considered a static
routing option by which packets are checked before being transmitted onto the public interface. If the
destination IP address is not within the Private Address contiguous space, the packet will be sent on the
public interface. Special static routes can be added for VPN tunnels or other customizations.
34
Page
36. Edit System Page
Click this tab to edit system name, CDR information, payload port, SIP port, H.323 information, NTP
information, DNS information and system time, date and time zone configuration.
Alias
Specify the name for the VSXi system. The alias can be up to 40 characters in length and can include
commas, semicolons, spaces, periods, hyphens, underscores, the @ symbol and questions marks. You
may choose any name you want for alias within the guidelines above.
CDR System Name
This name can again be whatever name you wish or can be left default as Sansay. The CDRs can be used
to bill customers and troubleshoot problems with your routing or carrier suite.
CDR File Interval
Specify the number of seconds between file writes. CDR files are constantly written. CDR files will be
automatically purged every 14 days, if not manually deleted.
CDR Password
Add a CDR password. This will be used to retrieve CDRs. The user name is fixed as cdr for retrieval.
Local Payload Port Start
Specify the starting UDP port number to be used by the VSXi for payload. The default UDP port starting
address is 10000.
DNS Server 1 and 2
Set the IP address of your DNS servers. If you are not sure what to add here, ask your network
administrator. Even though all TIDs may be configured with IP addresses, there may be FDNs in the
Contact field of the messages. It is highly recommended to have these DNS fields configured.
Gatekeeper ID
Set the IP or FQDN of the Gatekeeper for H.323. This is the name that the other Gatekeeper will see
when the VSXi signals a call outbound to them. The other Gatekeeper will likely need this address to
accept calls from the VSXi.
NTP Server 1 and 2
Set the IP address for up to two network time protocol servers. These are used for reference to external
35
time standards. Due to internal server clock drift, it is highly recommended that NTP servers be set.
These reference times will affect your CDR information.
Page
37. Current Time, Date, and Time Zone
Set the current time, date and select the time zone for your area. Don’t forget to select the Submit
button to invoke your changes. (Figure 4.8)
Figure 4.10: System Timing
Note: This will cause a system reset due to the need to maintain proper time stamps.
o SNMP Servers Tab
If you would like to send alarm traps to one or more SNMP servers, click the SNMP Servers Tab from the
System Tab on the main screen. Click Edit to add or edit a tab. Input the FQDN or IP address of the
server/servers the version of SNMP, the string and severity level. If the VSXi is configured with SNMP
servers, it will send SNMP traps to the configured servers when there are any system related problems.
36
Please see the appendix for SNMP trap definitions. (Figure 4.11)
Page
38. Figure 4.11: SNMP Tab
o Advanced Tab
From this tab, you can save your configuration and restore it at a later time. This is very helpful in case
of server failure or if someone makes changes to the configuration that cause critical call failures. You
should keep a good copy of your configuration saved for just such possibilities. To save or restore your
configuration, select the System tab, then Advanced, then choose Save Configuration or Restore
Configuration. (Figure 4.12)
Figure 4.12: Advanced Tab
System Offline
System Offline will take the system offline. You will receive a warning: “System will not take any new
calls. Please restart the system to get back to normal operation”. You will then be given an opportunity
to cancel or take the system offline. System offline will cause the system to reject any new inbound
37
calls, but will not affect any in progress calls. No new outbound calls will be allowed, so as in progress
calls are completed the system can then be restarted.
Page
39. Reboot System
Reboot System will allow you to reboot the system. This will terminate all current calls. You will be
given an opportunity to cancel or Reboot Now.
Upgrade Code
To Upgrade Code, select the Upload Code Upgrade button. You can type the file name or Browse to the
file. You will be given the opportunity to cancel or submit. Once the new file is selected, click the
Submit button to begin the upload of new code. After the upload is complete, you will be asked to
restart the system in order to activate the new code. You may restart immediately or choose to restart
at a more convenient time, using the Restart Software button. The new software version will be loaded
during the restart.
Restart Software
The Restart Software button will restart the application software. This will terminate all current calls.
You will be given the option to cancel or Restart Now.
Shutdown System
The Shutdown System tab will allow you to shut down the server. This shuts down all processes and
parks the disks. You will be asked to place the system offline before proceeding to allow all active calls
to be terminated gracefully.
Note: The System Shutdown command will require someone to be onsite to power the server back on.
Clear Log Files
The Clear Log Files tab will immediately clear all the log files from the server. You will not be given a
warning. Once the Clear Log Files Tab is selected, all log files are cleared!
Major Tab: Service Ports
Service ports can be thought of as points of connections to carriers, SIP peers or end access devices like
phones and gateways. They specify a unique LAN interface Virtual IP address and UDP port combination
which will be used by the VSXi in order to provide the services for customers and vendors. Service ports
are used for media and signaling into and out of the VSXi. There should be no services provisioned on
38
the static IP addresses of the system. All trunk ID Resources need to be assigned to a specific Service
Port. Service Ports should be configured prior to TIDs. TIDs are configured on the Resources Add page.
Page
40. Service Ports combined with Routes and Resources, provide intelligent connections between class 5
VoIP switches and VoIP termination partners. This provides the call control softswitch with a safe,
secure connection to partners over the internet. An equally important feature is the protocol
conversion provided by these ports. Each resource using a Service Port can be configured as H.323 or
SIP. In general, SIP ports are configured on UDP port 5060 or TCP port 5061. H.323 is usually
provisioned on TCP port 1720.
There are two types of Service Ports, Access and Peering. Access provides for a connection to a phone,
gateway or IP PBX, which needs to register and may have changeable IP addresses. Peering is for
customer or vendor traffic with fixed FQDNs or IP addresses. This requires calls be routed according to a
route table. Virtual IP addresses are also configured on the Service Ports Tab.
Add a Service Port
To add a Service Port, select the Service Ports tab from the Main GUI page. Then select the Add tab. In
the trunk ID configuration, you will be required to assign the TID to use a specific Service Port. Route
entries will point calls to specific outbound Resources which control the outbound Service Port to be
used. Route configuration will be covered in a later chapter. (Figure 4.13 and 4.14)
Figure 4.13: Service Ports Overview 39
Page
41. Figure 4.14: Service Port Add
Index
Service Port Index is a unique number to identify your Service Port. You may choose any number you
wish for this index. Resources will be assigned to use this number. Valid range is 0 to 1000.
Alias
The Alias is a name you give to your Service Point. This can be important if you make your Alias
descriptive, so you do not have to look up IP addresses, when you are setting up a route.
Ethernet Interface
Ethernet Interface reflects either eth0 or eth1. Ethernet 0 is the public side and 1 is the private side.
Virtual IP
Virtual IP Address is the IP associated with the connection to this port. Select this from the drop down
list. Virtual IP addresses are configured under the Service Port Tab, then select Virtual IP.
Service Type
Service Type is SIP, or H323 and must match the connection to this port.
Port
This is the port that the VSXi will listen for inbound traffic. The TID configuration will identify the far end
40
device port which will be used. SIP default ports are 5060 for UDP and 5061 for TCP. H.323 gateway
default TCP port is 1720 and gatekeeper default TCP port is 1719. Other ports may be used in your
Page
specific network.
42. Port Type
Port Type choices are UDP, TCP, TLS, or DTLS. Again this must match the devices you connect to with
this port.
Resource Type
Resource Type choices are Access, Peering or Dynamic Peering. Access is a connection to a subscriber or
registering Gateway. A Peering connection will cause the calls to be routed according to the Route
Tables assigned to the Resources which use a specific UDP port. Dynamic Peering is for use where IP
addresses may change. For example: behind a firewall or with DHCP. Dynamic Peering requires the
trunking gateways to register to the VSXi and supports SIP only. The gateways need to be configured in
the Subscriber Resource Table. You will need to assign passwords so they may register with the VSXi.
Unlike normal Subscribers, the VSXi does not match the user name to the URI in order to send calls. The
Subscriber User name is only used to validate the gateway.
Note: Any TID using the deleted Service Port will be set to Service Port 0. (no service port) and will stop
processing calls from this Resource Port. The user must delete or change the resource which uses this
service port before deleting the service port itself. An attempt to delete a service port used by any
resource will result in an error message with a list of resources that the user has to edit first.
o Virtual IP Tab
Figure 4.15: Virtual IP
Add a VIP to your system. Press the Add button. Input the IP address and select the appropriate LAN
interface. (Figure 4.15 and 4.16)
41
Note: This will activate a new VIP on your system. Please insure that the VIP is not in use already. If the
VIP is being used already, service on other VIPs may be impacted.
Page
43. Figure 4.16: Virtual IP add
Major Tab: Application Servers
o Radius Servers Tab
Radius Servers are principally used for storage of CDR information, but can also be used for
authentication. The VSXi System Page allows you to configure Radius Servers if they are being used. You
can configure up to 4 Radius servers for redundancy. Each radius message is sent to the 4 servers in
numerical order. Each server will be attempted multiple times set by the Radius Max Resend. The
Radius Server Shared secret has to be coordinated with the radius system, as well as the UDP used for
Authorization and Accounting. Usually the defaults for the UDP ports are fine. The Radius Resend time
can be programmed as well. Depending on the load on the server the resend timer of 3 seconds should
be sufficient. The VSXi has a special Radius Recovery feature which increases the reliability of the radius
feature. If a specific Radius message is not acknowledged by any of the programmed radius severs, the
VSXi will store the message in an error file and will automatically resend the messages to the radius
server when it is available again.
Add a Radius Server
To Add a Radius Server, from the main GUI page, select App Servers, then the Radius tab, then Add.
(Figure 4.17 and 4.18)
42
Page
44. Figure 4.17: Radius Servers
Figure 4.18: Radius Group
Group Index
Enter a Group Index number between 1 and 16. This identifies which Radius Server applies to which
Resource.
43
Page
45. Group Policy
Select a Group Policy from the drop down list. Choices are round_robin or top down. This refers to the
way the VSXi will access the servers. Top Down means VSXi will always start with the top of the list and
work its way down only if the first server is unavailable. Round Robin means the next server to be
accessed will be the one on the list, just below the last one used.
Server Index, FQDN, Server Secret Password, Auth Port, Accounting Port, Resend Period, Max Resends
Enter a Server Index, FQDN, Server Secret Password, Authentication Port, Accounting (CDR) Port, Resend
Period, Max number of resends and Stop Records Only. If stop records only is enabled, the VSXi will
send only the Radius stop record to the server. The call Start Records will not transmitted if stop is
enabled. In most cases the Start records are not needed for call billing.
o CNAM Servers Tab
CNAM is used for outbound call treatment to query a DB server or server that will present the display
name used for advanced Caller-ID. The VSXi will send a SIP Subscribe message with an ANI to the
servers, which will respond with the Display Name of the caller. The VSXi will then add this information
to the Proxy Asserted Identify field and From field of the outbound call. If the CNAM is already present
on the inbound call the VSXi will not query the server. The VSXi uses the PAI or RPID lines to ascertain
inbound CNAM presence. (Figure 4.19)
Figure 4.19: CNAM Servers
Group Index
Enter a Group Index number between 1 and 16. This identifies which CNAM Server applies to which
Resource.
Group Policy
Select a Group Policy from the drop down list. Choices are round_robin or top down. This refers to the
way the VSXi will access the servers. Top Down means VSXi will always start with the top of the list and
44
work its way down only if the first server is unavailable. Round Robin means the next server to be
Page
accessed will be the one on the list, just below the last one used. (Figure 4.20)
46. Figure 4.20: CNAM Group
o Local Number Portability Servers (LNP) Tab
LPN is used to check the dialed number to see if it has been ported. (moved to a new service provider)
This is done using an Invite to the LNP server which will return a 302 Redirect message. This message
includes the Location Record Number (LRN). When the LRN is available from the server, or on an
inbound call, the VSXi will use it for the route lookup instead of the DNIS. Both LRN and DNIS are
forwarded to the next call leg.
o Teleblock Servers Tab
Teleblock servers are used to check if the dialed numbers are on the U.S. Do Not Call List preventing
telemarketing calls. This is applied to inbound calls on specific TIDs and should only be enabled on TIDs
which connect to call centers.
Group Index
Enter a Group Index number between 1 and 16. This identifies which Teleblock Server applies to which
Resource.
Group Policy
Select a Group Policy from the drop down list. Choices are round_robin or top down. This refers to the
way the VSXi will access the servers. Top Down means VSXi will always start with the top of the list and
work its way down only if the first server is unavailable. Round Robin means the next server to be
accessed will be the one on the list, just below the last one used.
45
Page
47. Major Tab: Resources
A Resource is any device that will send or receive calls to/from the VSXi. It could be a small IP gateway
with only one analog port, a PC soft client, or a gateway as large as Cisco 5850 or Sonus GSX9000. If a
device is not configured in the VSXi as a resource it will not be able to generate or receive calls from the
VSXi. A Resource can also be a range of IPs, specified using an IP address and a mask range. It is possible
to allow calls from an entire B-Class network using an IP address such as 69.63.193.187/16. This Trunk ID
would encompass all IPs between 69.63.0.0 - 69.63.254.254. To Add a Resource, select the Resources
Tab from the main GUI page. (Figure 4.21 and 4.22)
Figure 4.21: Resources
46
Page
48. Figure 4.22: Adding Resources
Resource Type
Select the resource type, from the drop down, Peering, Access, or Dynamic Peering. Peering are
connections to a carrier partner. This could be a gateway or IP PBX. Dynamic Peering is the same as
peering, except usually behind a firewall or other device that requires NAT. This device can register for
itself only, not on behalf of subscribers. Access is a single line, like a SIP phone or small gateway. The
difference is each access device registers on its own for a single line. Resource Type fields enable you to
select the resource protocol type and set operational parameters such as Service State, directional
properties, network address translation (NAT) and media handling.
Protocol
Select the protocol you will be using. Drop down choices are SIP, H.323 GK, H.323 GW or ENUM. The
47
protocol selection is used to control the outbound call request protocol. All calls sent to this resource
Page
49. will use the configured protocol. However, inbound calls are accepted with SIP GW, SIP Proxy, H.323
GW, H.323 GK, or ENUM Server protocols.
Port Address
Add the port address you will use. The default is 5060 for SIP. You can leave this default if you wish.
Trunk ID
Specify the desired trunk ID for the resource. This will be the default trunk ID. For numbering purposes,
the TID range for Resources can be 1-99,999. The TID number must be unique and is used in
configuring the route tables to direct calls. If multiple TIDs are configured for the same IP address, on
inbound calls, they must have a Tech Prefix assigned to differentiate between TIDs. For outbound to the
IP address, a Tech Prefix is not necessary since the route entry will determine which TID is to be used.
Name
Use this field to specify the resource's alias name. You can enter a name of up to 40 alphanumeric
characters, including periods and hyphens. This field is optional.
Company Name
Use this field to enter a label to identify the gateway's owner. You can enter a company name of up to
40 alphanumeric characters, including periods and hyphens. This field is mandatory.
Route Table
Select the appropriate Route Table from the drop down list.
Remote Port
This is the SIP port to be used inbound. This is the UDP or TCP port that the remote device uses for
receiving signaling traffic from the VSXi.
Service Port
Use this field to select a Service Port previously configured. The TID will only use this VIP and port to
send or receive traffic. Media will be sent on the same VIP, but a different port.
Aggregate Capacity
Enter the capacity in sessions for this resource. This is the maximum capacity in sessions allowed for this
resource, similar to the effect of CPS limit.
Aggregate CPS limit
48
Use this field to set calls per second allowed on this resource. This works in conjunction with the
Page
Aggregate Capacity to limit Sessions and CPS for a resource. Resources can be controlled on a calls-per-
50. second basis. CPS limiting measures the CPS (inbound and outbound) on the TID and rejects calls that
exceed that value. Any value from 1 to 1000 can be entered. Inbound calls that exceed the CPS range are
rejected, while outbound calls roll over this route selection and are rerouted if an alternate route is
configured. On routes which are commonly over used during peak periods it is beneficial to limit the
CPS to a reasonable number. This will prevent the VSXi from overrunning the terminating resource as
well as wasting resources sending large quantities of calls to devices which cannot accept them.
Group Policy
Drop down choices are round robin or top down. Round Robin means each new call will start at the
next resource after the one used in the previous call. Top down means the call will always start at the
top of the hunt list and work down if necessary.
Digit Mapping Table
Select either, no translation or one of the mapping tables from the list.
Max Call Duration
Set the maximum call duration for any one call. Limits are 10 to 86400 seconds.
Payload Type
RTP payload type for RFC2833 packets usually 101.
RTS/TOS Diffserv
Enter in hex the diffserv bits for flow control. All signaling and media for this TID will use this value.
Direction
Enter whether this resource will be inbound, outbound or both ways from the drop down box.
Determine if the gateway will send calls to the VSXi, receive calls from the VSXi, or both. Select In to
designate the gateway as an ingress gateway to the VSXi. Select Out to designate the gateway as an
egress gateway from the VSXi. Select Both for bidirectional operation.
The VSXi determines inbound calls based on the IP Address and Tech Prefix. If Tech Prefixes are not
used, inbound calls will find the first TID number that matches the IP in ascending order. If you have
inbound TIDs with the same IP as outbound TIDs, they should be numbered lower than the outbound
TIDs.
Service State
Enter in-service, block or trace. Determine the operational state for the gateway. Select In Service to
49
bring the gateway online, Block to disable access to/from the gateway, or Trace to enable the tracing
function.
Page
51. Note: Only trace 1 resource or route at a time. This will ensure that the call being traced will be from
the desired resource. The VSXi will only trace 1 call at a time, so if many resources are being traced, it is
not predictable which call will be traced. The better way to obtain this information is to use the CDR
Trace feature.
NAT
Enable if the Resource is on a private LAN address, behind a NATing firewall. Disable if not. Indicate
whether or not the gateway is located behind NAT (network address translation). When accessing a
network through a firewall, address translation can be necessary. To indicate address translation is
required, select Enable. Select Disable to indicate that no network address translation is necessary. This
feature requires the Firewall to be configured to send to the SIP (UDP 5060) messages to the specified
gateway. Otherwise traffic we send to the gateway may not reach it. To avoid this requirement, the
gateway behind the NAT would have to register on an Access or Dynamic Peering Service Port. The
function of this setting is to ignore the provided SDP and to auto-learn the ports being used on each call.
Allow Direct Media
Use this field to enable and disable a direct payload path from gateway to gateway that effectively
bypasses the VSXi. Select Yes to enable; No to disable direct media support. In order for the media to
bypass the VSXi, this setting has to be set to Yes on both call legs. If one call leg is set to Yes and the
other to No, the media is brought back through the VSXi. For greater control of this parameter you can
set up several TIDs that point to the same resource, but with different media-handling characteristics.
o Registrar Tab
This configuration is only used when registering directly to the VSXi. If a feature server is supplying
registrar functions, this configuration is not required in your VSXi since the feature server will contain
the User information. (Figure 4.23)
50
Page
52. Figure 4.23: Registrar
o Resource Block List Tab
Under this tab, you can input digit patterns you wish to block with respect to certain resources. This is
useful for dealing with temporary outages that may not require full route table updates. You can enter
the specific country code in the digit match and the outbound TIDs you wish to exclude from the route
lookups. You can also assign this to only specific inbound TIDs, not all calls. It can also be used to
prevent calls from looping out to the same carrier the call arrived on.
o SIP Profile List Tab
Modify, Add or load defaults to this profile list. Choices are Load B2BUA Defaults or Proxy Defaults.
Press Add to modify an individual field. The SIP profile allows you to customize the handling of SIP
parameters. These can be assigned to the individual TIDs so that different TIDs are able to handle the
SIP treatment uniquely. Each Profile allows customization for a particular type of device. A feature
server may require different settings than a remote gateway for instance. The Outbound Treatment
controls the outbound messaging for a TID. This means the settings are applied as the call is being sent
to the TID using that profile. (Figure 4.24)
51
Page
53. Figure 4.24: SIP Profile
Major Tab: Routes
A route is designated by an Alias, Digit Match, and the Route Table it applies to. (Figure 4.25 and 4.26)
52
Page