Network guidelines

From exigoWiki
Revision as of 13:19, 7 November 2016 by Gsorensen (talk | contribs) (ACM Network requirements:)
Jump to navigation Jump to search

Exigo / ACM network requirements

For Exigo and ACM integration its recommended to have 1 VLAN for each system, where the VLAN ID should be as low as possible to ensure minimum loss/delay in case of link failure in system (ETC. VLAN ID 1&2), to get optimized structure on both different systems, and limit unnecessary broadcast traffic across systems.

Network should be designed as 0 percentage loss system for Voice traffic, where the only errors is L2 bit errors or failures in network.

Exigo requirements:

IGMP snooping enabled switches

IGMP snooping querier (if flowire is NOT present)

Minimum bandwidth 100 Mbit

Maximum one way jitter <30 ms

Maximum 1 way latency 150 ms

Maximum Loss <1 %

RSTP enabled switches configured with correct priority according to switch position. In Network example under the switches would get RSTP priority 0 for switch 1 and 4096 for switch 2.

Portfast or equivalent on ALL Exigo END devices, like controller, AMPS etc.

Trunk or equivalent to all redundant Call Panels.


ACM Network requirements:

Minimum bandwidth 100 Mbit

Maximum 1 way latency 150 ms

Maximum one way jitter <30 ms

Maximum Loss <1 %

If AUX port on IP phones is used, switches needs to be programmed with 802.1P to prioritize Voice traffic over DATA traffic.

RSTP between switches Portfast or equivalent to ALL devices. Network Integration:

For the integration between the Exigo and ACM system its 2 possibilities:

1. Use ETH0 port on the ACM and patch a LAN cable directly from the ACM in to the Exigo network. This is the easiest and best solution, the ACM will route the voice traffic without any need for external routing and a extra hop in the network.

2. Let the Firewall/ Router do the SIP routing/ integration. If this option is used, the router/ firewall needs to be configured with QoS to ensure prioritization of the Voice traffic.

External/Remote access:

For remote access in to the system its 4 main possibilities:

1. Directly access in to the system to the WEB interface, allow Zenitels IP with access list and packet inspection etc.

2. Configure a VPN user for Zenitel to allow remote access via the customers system.

3. Use a PC with TeamViewer access.

4. Deliver a Router/Firewall pre-configured to automatically start a Encrypted VPN tunnel to Zenitels internal network. This is the best and easiest solution, the setup require only access to the internet. This could be managed by the customers easily to restrict access. Customers IT department could open/close the internet connection, remove a LAN cable on site or just power up/down unit on site.


Firewall Rules:

Depending on the remote access solution, this system needs only access to a NTP server (to synchronize all visual clocks on the phones and amplifiers).