Summary of the content on the page No. 1
Avaya Solution & Interoperability Test Lab
Avaya Hosted IP Telephony R3.0 Solution LSP
Configuration with the Juniper VF 3000 SBC – Issue 1.0
Abstract
These Application Notes describe the configuration of Avaya Communication Manager,
Juniper NetScreen Firewall and Juniper VF 3000 Session Border Controller (SBC) and other
network components in an Avaya Hosted IP Telephony R3.0 Local Survivable Processor
(LSP) environment. These Application Notes were written
Summary of the content on the page No. 2
Table of Contents 1. Introduction............................................................................................................................. 3 2. Background............................................................................................................................. 3 2.1. On Demand Solutions..................................................................................................... 3 2.2. Including LSPs in the Solution ............................
Summary of the content on the page No. 3
1. Introduction These Application notes provide instructions on how to configure Local Survivable Processor (LSP) with the Juniper VF 3000 SBC in an Avaya Hosted IP Telephony (HIPT) R3.0 Solution Environment. The solution described in this document requires the addition of an extra network element, a Network Address Translation (NAT) device at the edge of the service provider’s data center if customers with LSPs are to be supported. This document covers the configuration of the NAT de
Summary of the content on the page No. 4
data center edge and at the edge of each enterprise site. Note that the Juniper VF 3000 SBC can provide this NAT function. Figure 1 - Private-Public-Private Architecture Another method for WAN connectivity between the enterprise sites and the data center is via a VPN configuration. Figure 2 illustrates this case. The Juniper VF 3000 SBC here must support private-private NAT functionality, where the data center equipment is in a private IP address space and the customer also us
Summary of the content on the page No. 5
different enterprise customer. The Juniper VF 3000 SBC in the data center can make use of this 1 VLAN information to resolve overlapping IP address issues . The Juniper VF 3000 SBC segregates the access traffic into separate customer streams and routes the traffic to the respective Avaya Communication Managers based on the destination IP address. Figure 2 shows only one enterprise network containing only a single site, but multiple sites (and multiple enterprises using multiple Avaya Com
Summary of the content on the page No. 6
architecture that may occur. This is similar to Figure 1, except that the data center uses public IP addressing. There is no need for a NAT function between the WAN and the data center in this case. 2.2. Including LSPs in the Solution The Juniper VF 3000 SBC proxies the VoIP traffic for the components located at the enterprise sites and presents all the VoIP traffic to the Avaya Communication Manager with the same IP address – that of the Juniper VF 3000 SBC inside interface. The Jun
Summary of the content on the page No. 7
Figure 3 - Supporting LSPs in the Private-Public-Private Architecture Figure 4 shows the architecture for a corresponding solution applied to the architecture of Figure 2. As in Figure 3, an extra NAT/FW device has been placed at the data center edge. This FW device must be VLAN supported in order to support overlapping address spaces for different LSPs in different enterprises. However, unlike Figure 3, no changes are needed to the equipment at the edge of the enterprise site since t
Summary of the content on the page No. 8
Figure 4 - Supporting LSPs in the Private-Private Architecture 3. Configuration Overview This section gives a high-level overview of how to configure enterprise sites and data center networks and how to administer the Avaya Communication Manager servers and LSPs for LSP functionality to work in HIPT R3.0/3.1 and HCC R3.0 solutions. The basic configuration of the solution without LSPs is assumed to already be in place. The remainder of this document will provide the details for wha
Summary of the content on the page No. 9
3.1. Private-Public-Private Architecture In order to build components in Figure 3 use the following: Enterprise site network configuration: • On the FW/NAT device, configure a static 1-to-1 NAT mapping for each LSP. Data center network configuration: • Add a FW/NAT device, if one is not yet present. On the NAT device, configure static 1- 2 to-1 NAT mapping for each C-LAN/PE IP address. • On the Juniper VF 3000 SBC, for each VF 3000 Session Routing Policy (SRP) used by a set of IP ph
Summary of the content on the page No. 10
Avaya Communication Manager server administration: • SA8853 Support of LSPs Behind NAT Green feature must be installed. • Add two IP node names for each LSP, one for the statically mapped NAT IP address in the data center IP address space of each enterprise LSP and the other for its native private IP address. • Administer the “lsp” form with the statically mapped NAT IP address in the data center address space of each LSP. • Administer the LSP list on the “ip-network-region” form, page
Summary of the content on the page No. 11
4. Equipment and Software Validated This application note details one way to set up the LSP solution. The table below provides the versions used in the verification of the described configurations. Equipment Version Avaya S8300B Media Servers (LSPs) HW4 FW 1 Avaya G650 Media Gateway 15 • TN799DP C-LAN 21 • TN2312AP IPSI 93 • TN2302AP Prowler Avaya G700 Media Gateways 4.1.4 MGP 24.21 VoIP 54 DS1 MM710 13 Avaya G350 Media Gateway 24.21 DS1 MM710 13 Avaya 4610SW & 4620
Summary of the content on the page No. 12
5. Avaya HIPT R3.0 Environment The overview of the HIPT R3.0 solution with LSP Support is shown in Figure 5. Figure 5 – Avaya Hosted IP Telephony Release 3.0 LSP Solution TC; Reviewed: Avaya – Proprietary 12 of 61 PV 04/24/2006 Use as authorized only pursuant to your signed agreement or HT3-LSP-VF.doc Avaya policy. No other disclosure is permitted or authorized.
Summary of the content on the page No. 13
5.1. Service Provider Data Center The Data Center simulates two customers, PC-LAN (Private-Private) and C-LAN (Private- Public-Private). These customers each have their own image of Avaya Communication Manager. These Avaya Communication Manager images both run on the same blade (HT1) in the Avaya SBS3000 environment. The Data Center is privately addressed. The PC-LAN based Avaya Communication Manager image has VPN based enterprise sites (A1 and A2). The C-LAN based Avaya Communica
Summary of the content on the page No. 14
Communication Manager in the Data Center is lost. All enterprise Local Survivable Processors (LSPs) will achieve registration and File Sync via the data center NetScreen-25 Firewall device to the appropriate Avaya Communication Manager image in the Data Center. All enterprise site IP telephones register to the Juniper VF 3000 SBC in the Data Center (which forwards the registration requests on to the appropriate Avaya Communication Manager image). 5.3.1. PC-LAN based (Private-Private) Avay
Summary of the content on the page No. 15
6. Avaya Hosted IP Telephony Release 3.0 LSP Configuration 6.1. PC-LAN Configuration (Private-Private) 6.1.1. Configure Avaya Communication Manager The following Avaya Communication Manager provisioning is required to support the LSP Configuration. This provisioning is performed via the SAT interface. In the following example, the Avaya Communication Manager for LSP support is provisioned for site A1. Refer to [3] for additional configuration information for Avaya Communication mana
Summary of the content on the page No. 16
6.1.1.2. Configure Avaya Communication Manager for LSP Support Step 1. Use the “change node-names ip” command to add the name and IP Address of the LSP Native IP Address and static 1-to-1 NAT LSP IP address configured in the NetScreen-25 Firewall (Figure 20) to the node-names form shown in Figure 7. Submit the changes. Figure 7 TC; Reviewed: Avaya – Proprietary 16 of 61 PV 04/24/2006 Use as authorized only pursuant to your signed agreement o
Summary of the content on the page No. 17
Step 2. Use the “change ip-network-region ” command to add the LSP Native IP Address to the appropriate Network Region shown in Figure 8. Submit the changes. Figure 8 Step 3. Use the “change lsp” command to add the static 1-to-1 LSP IP address configured in the NetScreen-25 Firewall (Figure 20) to the LSP form shown in Figure 9. Submit the changes. Figure 9 TC; Reviewed: Avaya – Proprietary 17 of 61 PV 04/24/2006 Use as authorized only pursuant to your signed
Summary of the content on the page No. 18
6.1.2. Configure Avaya Local Survivable Processors (LSP) Local Survivable Processors (LSP) are normally configured to register directly to Avaya Communication Manager. In the Avaya Hosted IP Telephony environment, the LSPs must be provisioned to register to Avaya Communication Manager via the static 1-to-1 NAT IP address of the NetScreen-25 Firewall (Figure 18) serving the VPN enterprise site. This provisioning is performed via the LSP web GUI interface. In the following example, the LSP
Summary of the content on the page No. 19
Figure 10 - LSP Configuration Web Page 7. Select “This is a local survivable processor with a Blade server as the primary controller”. This option was selected for the Avaya SBS3000 shared blade server. 8. In the “CLAN IP address of the primary controller” and “Primary controller’s IP address” fields, enter the IP address of the data center NetScreen-25 Firewall Untrusted side Static 1-to-1 NAT IP address. In this example, the LSP is associated with IP address 101.2.15.101, which is th
Summary of the content on the page No. 20
6.1.3. Configuring the Juniper NetScreen-25 Firewall This Section assumes that Juniper NetScreen-25 Firewall basic provisioning has been performed. Refer to [1] for more information. Step 1. From a PC, connect to the Juniper Networks NetScreen-25 Firewall using a web browser, by typing https://. Login using a user name with administrative credentials. See Figure 11. Figure 11 TC; Reviewed: Avaya – Proprietary 20 of 61 PV 04/24/2006 Use as auth