TELEPHONY

Legacy Hybrid and IP Telephony Systems

Telephone systems have begun the migration from sending voice across dedicated circuit
switched lines using time division multiplexing to capturing voice and using IP packets
to send the voice across a shared data network to the receiver.
Hybrid telephony systems integrate key-systems and wide area connections to allow voice
calls to move across traditional phone systems for local calls. If the call is destined for
long distance, the voice is encapsulated and sent across the WAN link in packet form.
The Internet Protocol (IP) is an OSI layer three protocol. This protocol uses an address to
uniquely identify every host connect- ed directly to the Internet. The speaker’s voice is
captured and segmented into separate blocks called packets.
There are various reasons to migrate to an IP telephone system. First, the phone devices
now have universal access. Wherever there is Internet access an IP phone may make calls to
anywhere in the world.

IP phones contain additional features not found on traditional phones. Cost reductions are
made when companies migrate to a single infrastructure running both voice and data over
the same wire. The number of technical experts required to operate a dual telephone/data
structure will be reduced.

Key Systems
The smallest businesses usually begin with the same sort of single line telephone installed
in most homes. However, as a business grows and adds staff, it needs the flexibility of
multiple lines. For a business too big for a single telephone, but much too small for a large-
scale office switching system, key systems are the answer.
Key systems are fairly simple on-site telephone systems geared to organizations with fewer
than 100 telephones. Like a PBX, they switch calls to and from the public network and
within users’ premises. However, key systems are simpler than a PBX, reducing the
administrative workload for small businesses.
Key System Components
The first multiline business telephone system was called the 1A key telephone system. It
consisted of a red hold button, four telephone line buttons, and an office intercom button.
This system became the workhorse of small businesses, and many of these systems are
still installed today.
A key system provides multiple telephone extensions access to a group of single telephone
lines. For example, if a small office has six single lines, it can use a key system to access
any of those lines from each of its telephones. Each telephone extension would have six
buttons (one for each line); this is known as a squared line configuration. To connect a
telephone extension to a line, a caller simply presses one of the unlit line buttons and if a
line is free the caller will hear dial tone. The concept of key systems is illustrated on the
Key Telephone System Diagram

Key Telephone System

All telephone sets in a key system were connected to a central device called a Key Service
Unit (KSU), which connected each telephone set to a group of outside business lines.
Today, new KSU-less systems offer all the functionality of KSU within each telephone set.
The main point to remember about a key system is that it can sup- port only as many
incoming or outgoing telephone calls, or “call paths,” as there are lines installed. In other
words, if a customer has 100 telephone extensions in an office, but only 40 lines
installed, the maximum number of simultaneous calls, coming in or going out, is limited to
40. If the 40 lines are all in use, outgoing callers must wait for a free line, while incoming
callers receive a busy signal.
In many business settings, such as large retail centers or factory floors, cordless key
systems provide employees telephone service while allowing them freedom of movement.
Wireless transmission is used to connect these mobile extensions to the main business lines,
and to each other by means of intercom features. This type of technology is presented on
the Cordless Key System Diagram
Cordless Key System
The use of wireless telephones inside buildings requires special base stations with antennae
located on every floor. There are gen- erally also special outside base stations with antennae
for nearby outdoor areas between buildings on a campus. The base stations must be wired
with twisted pair to specialized circuit packs within the telephone system cabinet.
Specialized wireless telephones associated with key systems and PBXs are high profit
margin peripherals. These telephones operate at higher frequencies than home telephones
and have specialized features associated with particular key and PBX telephone systems.
On-site wireless telephone systems use a cellular digital switching technology similar to
Personal Communications Service (PCS). Calls are transferred between base stations when
a user walks out of the range of a particular antenna. Some mobile telephone units can
function both inside and outside of the business campus. They sense when they are out of
the range of the base system, and automatically switch calls to a cellular telephone
network.

Limitations of Key Systems

A key system provides a cost-effective way for a small business to share a moderate
number of telephone lines. However, key systems offer fairly unsophisticated functionality
and features. In addition, their main advantage, simplicity, becomes a liability as a business
adds telephone lines past a certain point.
As we have seen, each telephone in a key system has a button to access each telephone line,
plus a hold button, CO telephone lines, and intercom lines. Therefore, if a business
needs 18 business lines, its telephone sets would have at least 20 buttons. By the time a
business requires 20 or more lines, each telephone has become quite complex, hard to use,
and expensive. Can you imagine an extension telephone with 50 or more buttons on it?
Therefore, we can upgrade a true key system only so far before we need to try a different
approach.

Hybrid Systems
With the integration of computer technology inside telephone systems, key telephone
systems became more and more advanced. Gradually, they began to include features
previously found on only full PBX systems. Thus, the term hybrid describes a telephone
system that includes features of both a key system and PBX.
A characteristic of a hybrid key system is the grouping of outside trunks into pools, by
function or organization. For example, certain trunks are allocated to a particular
department.
Electronic Key Telephone Systems (EKTS) often cross the line into the PBX world,
providing switching capabilities, as well as impres- sive functionality and feature content.
EKTS is a key telephone system in which electromechanical relays and switches have
been replaced by electronic devices, often in the telephone sets and central cabinet. The
inner workings of the central cabinet of an EKTS more resemble a computer than a
conventional key system.

IP Telephony Systems
“IP Telephony (Internet Protocol) is a means for handling your phone calls and faxes
over the Internet as opposed to a traditional phone line. It is becoming the preferred
technology for large organizations because it saves money, is easy to maintain, and
produces a superior ROI compared to PBX systems.
IP Telephony is less expensive to install than a PBX phone system. Less structured cabling
is required. Once a drop is wired, it can be used for data and voice.

Maintenance costs are lower compared to a PBX system. Technicians trained in

converged networks are able to maintain both data and voice systems. In fact, you can
handle routine maintenance in house, such as add-ons, moves and changes.
Monthly operating costs are less because the system does not require dedicated lease lines
for voice and data.
Employees favor IP Telephony as it offers better tools to archive voice mail and keep track
of faxes. In addition, faxes and voice mail can be retrieved off the Internet anywhere in
the world. Features are visible on your computer making it relatively simple to operate.
The system provides call accounting, giving you documentation on employee performance,
carrier billing and call trends.
Call NIC for a total solution. We are a single source for all of your technology
requirements. Services include consulting, design, project management, system
installation, maintenance, and support for all network systems”
http://www.nicweb.com/en/ services/network_systems/ip_telephony.html

Voice Transmission Fundamentals

When a caller lifts the handset off hook the PBX signals the router to seize a trunk. The
PBX then forwards the dialed digits to the router. The router’s dial plan maps these digits to
an IP address and initiates a call establish request to the remote router. The end nodes are
responsible, on a VoIP call, for call connection and signaling.
The ITU-T Q.931 recommendation manages the call setup and teardown. Steps to initialize
the call include:
SETUP of a connection,
CALL PROCESSING determines the remote terminal received the call,
ALERTING informs the calling party the remote terminal is ringing,
CONNECT tells the calling party the remote terminal is now off hook,
RELEASE COMPLETE happens when either end of the conversation hangs up the call
The call control sequence may use RTP – Real-Time Transport Protocol in conjunction
with RTCP – Real-Time Transport Control Protocol to manage the audio and/or video
streams as requested. RTP running atop UDP carries the voice and/or video stream. RTCP
controls the connection and runs atop TCP for tracking and control.
H.245 control signaling negotiates channel usage and may negotiate agreement
between all the endpoints of a conference call on technologies such as codecs, speeds, and
parameters.
The call may also use various protocols to set a quality of service for the voice packets.
Running on the transport layer is the RSVP – Resource Reservation Protocol for QoS. The
packets may have quality of service set on layer three with DSCP – Differentiated Service
Code Points. And, on layer two the IEEE 802.1Q for quality of service/precedence levels
for the frames themselves.

Encoding, Decoding, and Compression

It takes time to convert a voice signal from analog to digital. A similar delay, or latency,
occurs when the remote end converts the digital signal back to analog.
Voice compression reduces the number of bits in a transmission by removing redundant
character strings in the digital character stream. However, compression algorithms increase
latency by requiring large voice stream samples before they can compress and packetize
voice signals

Digitizing the Voice

As the benefits of a digital telecommunications infrastructure became apparent, it was
necessary to take the analog voice and convert it to a digital format. The purpose for
digitizing analog voice signals is so they are compatible with a digital
telecommunications network.
Analog to Digital
The first part of the Analog-to-Digital Conversion Diagram (A) represents the original
analog waveform. Part (B) represents digital pulses that control the sampling rate of the
analog waveform. The digital pulses open a “gate” for the duration of their pulse widths,
reading the amplitude of the analog waveform for this period of time. The sampled analog
waveform appears as pulses (C) that are each correlated to a specific number (D). This
number represents one sample of the voice signal. The binary representation of this number
(E) is transmitted digitally across a circuit. At the receiving end, the reverse process takes
place to convert the digital signal back to the original analog waveform
A typical sampling rate (number of times a byte is generated) is 8,000 times per second,
approximately twice the bandwidth required for an analog voice signal. Research has
determined that a sampling rate of at least two times the highest frequency compnent of the
original signal results in accurate representation of the original intelligence. This is called
the Nyquist Theorem.
A coder/decoder (codec) is the device that takes the analog voice signal and converts it to
digital (binary) format for transmission over a digital circuit. The Analog-to-Digital
Conversion Diagram illustrates this concept.
Analog-to-digital conversion is also called “A-to-D conversion” or “ADC.” The most
common example of this is found in a codec. This device takes the analog voice signal and
converts it to digital (binary) format for transmission over a digital path, such as a T1. The
output of a codec is combined with other outputs and multiplexed onto a high-speed
digital network
DTMF Signaling
As you saw earlier, the first step-by-step switches were designed to work with rotary-
dialed telephones. Those telephones used “dial pulse” signaling, which produced short,
regular interruptions of the direct current flowing between a telephone and switch. The
number of interruptions, or pulses, corresponded to the value of the digit. In other words,
when you dial the number 5, you hear five clicks
As CO switching went digital, telephone sets also improved the way they transmitted
telephone numbers. The dual tone multifrequency (DTMF) system, commonly called
Touch Tone, uses a pad of 12 buttons. When pressed, each button sends out a combination
of two pure tones not found in nature: one high- frequency and one low-frequency. The
DTMF Touchpad and Tones Diagram illustrates this concept

DTMF Touchpad and Tones

By assigning one tone to each row and column, only seven unique tones are needed to
identify each of the 12 buttons. These tones can easily be detected by a telephone switching
system.

How a Call is Made

When you pick up a telephone handset, a sequence of predefined operations occurs that
provides you the ability to use the telephone network. Now that you understand the basic
components of the telephone system, let us see how they work together to complete a
typical telephone call.
Dial Tone
When you lift the receiver, placing the telephone in the off-hook position, the telephone’s
internal switch closes the local loop circuit with the CO switch. This allows electrical direct
current to flow through the circuit; the presence of this current signals the CO switch that
you need a telephone connection. In telephony terms, we say the CO switch has detected
the off-hook condition.
The switching module of the CO switch then tests the line and determines its suitability for
call processing. If the line tests good, the switch provides dial tone to the caller’s telephone.
The off-hook signal also alerts the switch to receive incoming touch tones. If the switch
does not receive these tones in a timely manner, it sends a recorded message that reminds
the customer that the telephone is off the hook.
Entering a Telephone Number
As soon as the CO switch detects the tones that represent the first digit, it removes dial tone
from the line. The switch continues to detect tones and record the corresponding digits,
while checking that the number of digits is correct. If the caller enters too few or too many
digits, the switch sends the caller error tones or a recorded message.
Call Routing
The switching module of the CO switch then checks with its administrative module to
determine the physical transmission path, or routing, the call must take to reach its
destination.
If the called party is connected to the same CO switch, the call is connected by that switch.
However, the administrative module is advised that those connections are in use, and notes
are made for billing purposes.

If the called party is connected to a different CO, the call goes through the caller’s CO,
through a tandem switch, into the called party’s CO, then to the called party.
What if a particular telephone call is not originated and terminated within the same
geographic region? How do we call another city, state, or country? The answer, of course, is
to connect the caller’s CO to a higher-echelon CO.
Therefore, if a call is not local, it goes through the caller’s CO, up to a Class 4 CO (or “toll
switch”), into the receiver’s local CO, then to the called subscriber.
If the path is blocked at the Class 4 CO, the call is rerouted to another toll switch, into the
receiver’s local CO, then to the called party (if necessary, the call may be routed up to a
Class 1 office).

Ringing
After a call has been routed to the destination CO switch, the switch tests the line to the
called party, to determine whether the line is capable of processing a call. If the line
tests good, the switch sends a ringing signal to the destination telephone.
After the destination telephone answers, by going off-hook, the CO switch removes
the ringing signal from the destination telephone. At the same time, the destination CO
switch signals the calling CO switch to remove the ringing signal the caller hears. Each CO
switch also records that the call was completed, so that the proper party may be billed for
the call.
Ending the Call
When either caller hangs up, putting one telephone in the on-hook condition that breaks
the local loop circuit, the absence of electrical current sends a signal to the nearest CO
switch that the call is finished. Both CO switches then perform a series of tests, advise their
administrative modules that the call is ended, and label the communications connections
as idle and ready for another connection.

Long Distance Voice Routing

This combination of digital switching and touch tone signaling made it simple to introduce
direct dialing of long distance and international calls. And, telephone competition is made
practical by powerful computers that can track and record the changing relationships
between telephone companies and their customers. The typical sequence of steps to switch
a long distance call is as follows:
1.- The caller lifts the handset and receives dial tone from the lo- cal CO switch.

2- The caller enters the called party’s telephone number.

3- The local CO switch identifies the call as long distance, based on the number and pattern
of the digits.
4.- The local CO switch looks up the customer’s record to deter- mine which long distance
company the customer uses, then routes the call to that company’s long distance switch
(prob- ably in a Class 4 office).
5.- The long distance switch looks up the called party’s number to locate the CO switch
nearest the called party, and connects to that switch.
6.- The destination CO switch tests the line and rings the destina- tion telephone.

7.- The called party picks up the handset and begins the conversa- tion.

8.- The source and destination CO switches record the comple- tion of the call, and begin to
track the duration of the call.
9.- Either telephone goes on-hook and the circuit is disconnect- ed.

10.- The source and destination CO switches record the final dura- tion of the call for
billing purposes, perform testing, and label their connections as idle and ready for another
call

Signaling
As you can see, an important part of the call routing process is the private communications,
or signaling, that CO switches use to coordinate the work of setting up and tearing down
telephone connections. In general, signaling is the exchange of information between call
components required to provide and maintain service.
Signaling means that service-related information is sent between a telephone company and
its customers, between components of the same telephone company, and between one
telephone compa- ny and another. For example, your local CO sends ringing or busy
signals to your telephone. When you dial a number, you send an addressing signal to that
CO, which then passes the number on to other COs across the country. When you end a
call to a distant state, the CO switches that participated in the connection exchange
duration information for billing.
In-Band vs. Out-of-Band Signaling
it is important to distinguish between “in-band” and “out-of- band” signaling. In-band
signaling shares a single transmission channel with the voice conversation; voice and
signaling must take turns using the same transmission path. Analog (POTS) lines use in-
band signaling. Therefore, on a POTS line, you can either talk or signal, but you cannot do
both simultaneously.
Out-of-band signaling is carried over a separate channel from voice. In other words, it
does not take place over the same trans- mission path as a conversation. For example,
Integrated Services Digital Network (ISDN) - Basic Rate Interface (BRI) a popular digital
service, uses one 16 kbps digital channel for signaling and two 64 kbps digital channel, for
voice or data, all carried over the same pair of copper wires at the same time. Sophisticated
electronic hardware treats the three channels as if they were carried over different wires

Prefixes
The first couple of numbers dialed is the telephone number prefix. Within the North
American Numbering Plan (NANP) the first three digits after the country code is the
prefix and is mapped to geographic calling area. These three numbers are often called the
area code

Telephone Numbering System

As we have seen thus far, today’s heavily used telephone system depends on the ability of
callers to place calls without the help of a human operator. That ability, in turn, relies on a
system that assigns a unique numbered address to each telephone customer.
However, there is no global standard for telephone numbers. There is a North American
standard, called the North American Numbering Plan, which is used to assign telephone
numbers in the United States, Canada, Puerto Rico, and U.S. Virgin Islands, as shown in
the North American Numbering Plan Table

In this table, the symbols “N” and “X” indicate the type of number that may appear in
a particular position:
N: any digit from 2 to 9
X: any digit from 0 to 9
Therefore, as you can see in the table above, an NPA (area code) or NXX (local exchange
prefix) may begin with any number from 2 to 9.
However, area codes and local exchange prefixes may not begin with 0 or 1, because these
numbers have special meaning to the telephone switch. If the first number the switch
receives is a 0, regardless of what number follows, the switch immediately connects the
call to the operator. A number 1 in the first position identifies the call as long distance. If
a switch receives a leading number 1, it immediately transfers the call to the customer’s
preferred IXC.
Each Class 5 CO is assigned blocks of NPA-NXXs to distribute to all customers who want
telephone service within that wire center. Therefore, all subscribers of the same CO share
the same three- digit area code and three-digit local exchange prefix.
The Dwindling Supply of Numbers
Each NPA-NXX block can identify 10,000 unique telephone subscribers, because the
four digits of the subscriber line identifier include unique numbers from 0000 to 9999.
Following a similar principle, each area code can support approximately 8,000,000
numbers. (Some area codes are set aside for special uses, as we will see later.)
Although this may sound like a lot of numbers, the supply of unique telephone numbers
is being exhausted. Urban areas continue to add population, and each individual
subscriber now wants multiple lines for fax machines, additional voice services, and
Internet access.
Telephone number management in the United States is presently conducted by NeuStar, a
company selected by the FCC to serve a five-year term, beginning July, 2003, as the
North American Numbering Plan Administration (NANPA). As the world consumes more
and more telephone numbers, this task becomes increasingly more complicated and
difficult.
One solution, now being used in large metropolitan areas, is to use multiple area codes,
called overlay codes, in the same geographic area. For example, a city’s dense downtown
district may have a different area code than its outlying suburbs. Or, in heavily populat- ed
cities, several area codes may serve the same area. This means residents of those cities must
routinely enter 10-digit numbers to make local calls. In addition, the person next door, or
even in the apartment below, may have a different area code.
This situation is further complicated by the presence of different telephone companies, such
as CLECs and wireless carriers, who have their own NXXs that differ from the LECs. It is
even possible that a business subscriber could use one LEC for inbound service, another for
outbound service, and still another for Internet access or other services.
Currently, most telephone companies assign telephone numbers in three ways:
Random assignment, or “what you get is what you get,” is the most common method of
assigning numbers. The telephone company simply assigns the next number from a
pool of available numbers in the customer’s local exchange.
Special-request numbers are also available for an extra fee, providing easy-to-remember
business numbers such as 444-9000 or 444-TAXI.
Numbers may also be reserved for future use. However, no LEC guarantees a number
assignment until it is actually installed

Special Area Codes

Digital switching made it possible to use the telephone numbering system to access special
services instead of geographical areas. A brief overview of some of the most popular
services available through special-purpose NPA (area) codes is presented below.
Special NXX Codes
NXX codes usually identify CO; however, some NXXs, with or without a special NPA, are
set side to access special services as described below.
Special Information: 555
The 555 numbers access special information services, such as long distance directory
assistance. The line number (XXXX) identifies each individual service.
Hearing-Impaired Services: 800-855
The 800-855 numbers, in the format 800-855-XXXX, provide free access to statewide relay
services, such as Telecommunications Relay Service (TRS) and Message Relay Service,
which provide trained assistants that translate calls between the voice telephones of
hearing customers and the teletypewriters used by hearing- impaired customers.
Service Codes, or N11 Numbers
Like speed-dial numbers, service codes are three-digit numbers that directly connect
customers to local exchange special services. They are commonly called “N11” numbers
because of their num- bering format, which follows the same rules as NPAs and NXXs. In
the United States, the Federal Communications Commission (FCC) administers N11
numbers, which include:
211—Community Information and Referral Services (United States)
311—Nonemergency Police and other Governmental Services (United States)
411—Local Directory Assistance (sometimes 1411)
511—Traffic and Transportation Information (United States), Reserved (Canada)
611—Repair Service
711—TRS
811—Impending U.S. nationwide One-Call service for advanced notice of excavation
activities. This allows contractors and others to dial a single number and notify utilities of
their intent to excavate.
911—Emergency
Toll-Free: 800, 888, 877, etc
Toll-free calls (the called company, not the caller, pays for the call) have been available for
more than 20 years, and consumers have come to expect companies to provide them as a
customer service feature. With such a great demand for these calls, the 800 NPA code has
run out of available numbers. Therefore, additional NPA codes, such as 888, 877, and 866,
are now used for toll-free calls.
Some companies use toll-free numbers to dial into their PBX systems, which then gives
them access to special outgoing long distance lines. This PBX system feature is called
Direct Inward System Access (DISA). Although DISA can often be a cost- effective system
for providing long distance service for traveling employees, hackers have attacked some
companies and used these lines to steal long distance service.
Premium: 900
Unlike 800 numbers, which companies provide free as marketing and customer service
tools, a 900 number is often used as a revenue-generating product. When calling a 900
number, the customer not only pays for the long distance charge, but is also charged a
premium by the called company. The extra fee can be as high as $50 per minute.
Companies are using 900 numbers for customer support, fund raising, and pay-as-you-go
services. By using a 900 number, a company can simplify its billing procedure. Because the
customer’s telephone number is billed, the company does not need to create credit card
transactions or issue a bill.
The Federal Trade Commission (FTC) has established rules that dictate how vendors
advertise their 900 number services. For example, they must include in their print, radio,
and television advertisements the total call cost, if it is a flat fee call, the per- minute rate
if so billed, the fee ranges if they provide different call options, the costs of any other 900
number to which you may be transferred, and any other applicable fees. Other rules apply,
and there are exceptions. See http://www.ftc.gov for more information
700 Services
IXCs can use the 700 area code to implement new services. These numbers’
destinations are carrier dependent, and some premium services use 700 area codes.
Follow-Me: 500
The 500 area code was originally reserved so that carriers to provide personal “follow-
me” services. Some “telesleaze” vendors use 500 numbers to redirect callers to
international numbers, and then bill the caller for the call at rates exceeding $2.00 a minute.

Number Formats
Currently, telephone numbers are decimal digits dialed via the pressing of buttons. Each
button press sends two tones down the phone line to the central office. These two tones are
called DTMF – dual tone multifrequency.
The phone numbers dialed are used to dial local, long distance, or international numbers.
The format of the numbers is determined by ITU-T standards. These standards are listed
in the E.164 recommendation. According to the standard, the telephone number must be
15 or fewer digits and begins with an international country code. Each country is
responsible for defining the numbering plan within its own telephone network.
Telephone numbers adhere to the following structure:
1.- If necessary, an access code may be dialed. This access code is required for
international and non-domestic calls.
2.- The country code is dialed just after the access code. The coun- try code for the United
States and Canada is 0. International numbers often are dialed with a + sign preceding the
country code.
3.- The area code points to the called geographical area. Many locations currently
require 10-digit dialing. When the geographical area “ran out of numbers” an overlay plan
was implemented and the area code is dialed even within the local calling area.
4.- The local number is seven digits long. The first three select a local exchange or central
office. The last four digits dialed select a port within that central office and represent the
local loop for the subscriber called.

Number Blocking
Use Call Blocking to prevent the called party from viewing your direct phone number when
you make a phone call. This can be done on a per-call basis by dialing “195” before placing
your call. The person you are calling will see a “blocked call” or “private” message on
caller ID. The actual message that they see will depend on the telephone company that
they are using.
Anonymous Call Blocking
The anonymous call blocking feature of caller ID prevents a caller’s name and number
from being sent with a telephone call. Telemar- keters, of course, may take advantage of
this concept; however, a person who receives an anonymous call may simply choose to not
answer it.

Digit Translation
Digit translation rules may add or remove digits to/from the dialed number, before a call is
routed, so the call will reach its destination. Digit translation changes the dialed number to
a different number. The dialed number may not be the number used by the system. The
number may not be known on the PSTN – public switched telephone network. Area codes
for local calls may be removed.
A digit translation may be set in a transformation mask value in a Called Party
Transform Mask Field. Valid (Cisco example) entries include the numbers 0 through 9 a
wild card character and a blank. If no configuration is set the number will be sent without a
transformation, i.e. the dialed digits are sent exactly as dialed.
Digit translation may be used manipulate the caller’s automatic number identification
(ANI), who is calling you, or to manipulate the dialed number identification service (DNIS)
digits, the number the caller actually dialed, for a voice call. DNIS captures the dialed
DTMF - dual tone multifrequency digits.

Toll Fraud
Hackers try to use enterprise telecommunications systems to gain “free” access to outside
facilities. Though free to them, toll fraud annually costs companies millions of dollars in
unauthorized toll charges. Potentially more severe is the operational impact; once in,
hackers can block outbound and inbound line access
Once they have located a weakness, hackers attack relentlessly, often sharing this
information with others. They attack in a number of ways: through maintenance ports,
voice mail, automated attendants, and remote access services. Hackers may gain system
access by shoulder surfing (observing and intercepting dialed digits), dumpster diving
(acquiring telephone records from a company’s trash), diverting calls, and placing agents
inside the company.
We can protect our voice systems against toll fraud in a number of ways:
Remote access/Direct Inward System Access (DISA)— To enter customer premise-
based PBX systems, avoiding inbound call charges, hackers frequently first call toll-
free numbers. Once connected, these hackers use random number generators and
password-cracking programs to locate a number combination that provides them outside
facility access.
We can protect our voice systems from this type of toll fraud by first evaluating our remote
access needs. If unnecessary, we can turn off this feature and close a system backdoor. If we
need this service, we can begin our protection efforts by using unpublished inbound
numbers. We can configure the system with barrier and authorization codes of the
maximum length, and administer the system so that it does not provide dial tone while
waiting for barrier or authorization code entry.
We can set the system to disconnect after a preset number of invalid remote access
attempts. We may restrict remote access outbound area codes and access hours. We may set
authoriza- tion codes to raise Class of Restrictions (COR) for specific users or user groups.
We can protect our remote maintenance ports by changing these ports’ login IDs and
passwords, as toll defrauders are well aware of the vendor-supplied default IDs and
passwords. If using PC-based emulation programs for administrative access, we can ensure
that we do not store dial-up numbers, logins, or passwords as part of an automatically
executed script.
We can install port security devices on each end of the main- tenance link. Avaya markets a
Remote Port Security Device (RPSD) that consists of a modem-sized lock and key. We
place the lock on the PBX-end serial port, while we place the key on the maintenance
terminal port. The lock and key must match before the devices will open a communications
link
Automated attendants—Automated attendants are vulnerable as well. Hackers try
to find a menu choice, even one unannounced, which would lead to an outside facility.
The following auto attendant security tips apply:
1.- Never allow a menu choice to transfer to an outgoing trunk without defining a specific
destination.
2.- When any of the digits zero through nine are not menu options, program them to
transfer to an attendant, an announcement, a disconnect, or other intercept treatment. If
the numbers eight and nine are PBX feature access codes, translate these menus to an
extension.
3.- To prevent specific call types or calls to other CORs, assign specific CORs and
Facility Restriction Levels (FRLs) to each port. Since the PBX treats the auto attendant
ports as stations, we can configure these ports as we do stations. FRLs work with call
permissions and route patterns to determine where calls may be placed. The higher the
FRL, the greater the calling privileges. We would want to set auto attendant ports to the
lowest possible FRL.
4.- Assign the auto attendant ports a class of service (CoS) restricting outward call access.

5.- Restrict our auto attendant menu options to transfer only to internal extensions or
announcements.
Voice messaging—Voice messaging systems are also toll fraud targets. Criminals
attempt to transfer to automatic route selection (ARS) dial access codes, trunk access codes,
trunk verification codes, facility test call access codes, or data origination codes
through the voice messaging system. A criminal needs to have only a touch-tone
telephone to break into an inadequately secured voice messaging system.
The following security tips apply:
1.- Protect voice messaging systems by restricting transfers back to the host PBX. Instead,
disallow transfers, use enhanced call transfer features, or allow transfer to subscribers
only.
2.- Use maximum length passwords where feasible

3.- Deactivate unassigned voice mailboxes, creating voice mailboxes only when needed.
Upon new extension activation, require users to immediately change their voice mail
password.
4.- Never announce that the called individual will accept third-party billed calls. This
allows unauthorized individuals to charge calls to the company.
5.- Never use obvious and trivial passwords, such as the telephone extension, room
number, employee ID, social security number, or easily guessed number/letter
combinations.
6.- Change adjunct default passwords immediately.

7.- Lock out consecutive unsuccessful voice mailbox entry attempts.

8.- Discourage users from writing down passwords, storing them, or sharing them with
others. Secure passwords that must be documented.
9.- Never program passwords into auto dial buttons.

10.- Ensure that the carrier provides reliable disconnect to the PBX. Reliable disconnect
prevents the CO from returning dial tone after the called party disconnects.
IP PBXs—Since VoIP systems are fundamentally data networks carrying voice
traffic, not only are they vulnerable to toll fraud, but also to the many security threats
typical data networks confront. VoIP systems commonly tie into the PSTN. This means
that a hacker who gains access to the VoIP network can potentially call anywhere in the
world by means of the network’s PSTN gateway.
These security measures are only as effective as those who exercise them. We must
educate users on their implementation, and establish a written toll fraud security policy.
Additionally, we must exercise effective physical security, so that only authorized
personnel may access administrative and attendant consoles, PBX and messaging systems,
and wiring closets

ENUM
ENUM stands for Electronic Number. ENUM is described in RFC 2916. ENUM is based
on Domain Name Services (DNS). ENUM maps telephone numbers to IP addresses and
domain names. The telephone numbers are defined by ITU-T E.164 recommendation.
1.- ITU-T E.164 defines the structure, format, and hierarchy of telephone numbers
2.- A fully qualified E.164 number has a country code, an area code or city code and a
subscriber or station number.
3.- The IP addresses are defined by the RFCs of the Internet by the IETF

Naming Authority Pointer (NAPTR) is defined in RFC 2915 and is a DNS Resource
Record (RR). When given a telephone number the DNS server, using NAPTR will return
a populated Uniform Resource Identifier (URI).
Examples of URIs include:
1.- http - hypertext transfer protocol
2.- https - hypertext transfer protocol secure

3.- ftp - file transfer protocol

4.- mailto - email address

5.- tel - telephone number

6.- sip - session initiation protocol

7.- ldap - lightweight directory access protocol
URI’s are pointers to land line phones, mobile phones, faxes, SIP Servers, voicemail,
email addresses including VPIM (Voice Protocol for Internet Mail), instant messenger
and IRC aliases, web pages, global call forwarding, and others.
The Réseaux IP Européens (RIPE) is responsible for administration and coordination of
WAN IP networks in their area of authority. The RIPE operational instructions for an
E.164 domain are provided here: www.ripe.net/enum/instructions.html
To build an ENUM to domain translation,
1.- Take the initial phone number: +1-800-555-1212
2.- Remove all characters but keep the numbers: 18005551212

3.- Separate the numbers with dots/periods: 1.8.0.0.5.5.5.1.2.1.2

4.- Reverse the numbers, this is to map the number to DNS reverse number lookup:
2.1.2.1.5.5.5.0.0.8.1
5.- Append the Tier-0 DNS zone of e164.arpa, this domain has not been agreed upon
by all nation states in the world: 2.1.2.1.5.5.5.0.0.8.1.e164.arpa
Thus, when the telephone number of +1-800-555-1212 enters the network; a resolver on the
client will query a DNS server. The DNS server will find the phone number 1-800-555-
1212 in the domain e164.arpa and return a URL.
An ITU-T E.164 phone number of (07) 3224 8444 (Queensland, Australia, Disability
Information) becomes in ENUM format: 4.4.4.8.4.2.2.3.7.0.e164.arpa (Advanced
Research Projects Agency).
Starting from the right:
1.- e164.arpa is the top level (Tier-0) DNS domain name for ENUM

2.- the 7.0 is the reversed country code zone number

3.- the first digits 4.4.4.8.4.2.2.3 are the local, within the nation, phone number
(For a list of country code telephone zone numbers go to http://www.wtng.info/wtng-
cod.html)
1.- United Kingdom +44
2.- France +33

3.- Australia +61

4.- United States +1

5.- Canada +1

Each member state is responsible for the final decisions concerning usage and adoption of
the ENUM within their sovereign nation's zones.
It is planned that all public phone numbers will enter the domain e164.arpa. The domain
structure from e164.arpa on down will be the authoritative 'root' for E.164 telephone
numbers. Thus a search from a phone number to a URL will only traverse one branch of the
DNS tree. In the global dialing plan the domain is: e164.arpa. Private phone numbers may
be attached to any needed domain. In a private dialing plan the domain could be your
company's domain: e164.example.com
Electronic numbers supports all IP-based communications. This in- cludes voice, video,
fax, voice mail, instant messaging, SMS, MMS, paging, etc. After passing a telephone
number to DNS, the user could be contacted at their phone, email address, web site, IRC
identity, SIP gateway, etc. The phone companies are considering using the ENUM number
as each individual's one and only phone number since it may be converted via DNS to
nearly any URL

When an endpoint starts a VoIP call using an IP address, the ENUM system will, if
necessary, translate that phone number into an IP address. The ENUM system will first
determine if there is a registered IP address for the called party. If that IP address exists the
call is made IP to IP. If that IP address is not registered, the request is sent to the PSTN
- public switched telephone network to complete the call. SIP connections will map the
PSTN telephone number to sip:bob@example.com via a DNS request.

Electronic Number – ENUM Using DNS for Translation

Each telephony product should ultimately include a DNS resolver to initiate the requests
from that handset, or endstation.
Countries may decide for themselves whether to join the ENUM system. The control of
assigning E.164 phone numbers is the responsibility of each sovereign state. Each
DNS zone administrator is responsible for adding their zone's phone numbers into their
e164.arpa domain.
ENUM is managed by the ITU - International Telecommunications Union but is operated
by IAB - Internet Architecture Board

Local Number Portability

As we saw earlier, the Federal Communications Commission (FCC) has mandated that a
long-term solution to local number portability (LNP) be implemented by the
telecommunications industry. In other words, the FCC wants customers to be able to
switch service from a LEC to a CLEC (or back again) without losing their existing
telephone numbers.
As of November, 2003, both wireline and wireless telephone service providers must
support LNP in the same local geographic area. In other words, if you choose to change
carriers, whether from wireline to wireline, wireline to wireless, or wireless to wireline,
in most cases you can keep the same telephone number. The FCC has granted certain
smaller carriers temporary stays from this requirement, and litigation is still ongoing in
many regions. Additionally, in some areas you can now port an existing number to a Voice
over Internet Protocol (VoIP) carrier, such as Vonage or AT&T’s Callvantage service.
The Advanced Intelligent Network (AIN) architecture supports LNP. The AIN uses the SS7
network to enable carrier switches to share information such as Location Routing Number
(LRN). An LRN identifies a switching port (the carrier) for a particular telephone number.
When a caller dials a number, the local CO switch uses SS7 mes- sages to query a number
database. This database provides the LRN assigned to the dialed number. Using the LRN,
the CO switch can route the call to the called number’s current LEC. If the subscriber
changes carriers, only the LRN changes, not the telephone number. AIN also allows
cellular telephone users to roam between networks. The AIN Support for LNP Diagram
shows how the AIN supports LNP
Network Equipment Building Standards (NEBS)— Originally developed by Bell
Labs, the NEBS requirements enable telcos to build networks that can survive and continue
operating under the most severe conditions. The two documents describing NEBS
requirements are:
GR-63—Physical equipment protection
GR-1089—Electromagnetic compatibility and electrical safety
Local Number Portability (LNP)—The two Telcordia GRs addressing local number
portability services and operations are:
GR-2936—Switching and signaling requirements to support portability between service
providers located on the same or different rate centers
GR-2982—Specific provisioning, call processing, network management, signaling, and
other requirements involved in supporting portability across rate center boundaries
Voice over Packet Technologies—These GRs outline performance and operational
requirements for interfacing voice over packet networks to legacy telecommunications
technologies. Some important requirements include:
GR-3051—Voice over packet call connection agents (CCAs) (gatekeeper functions)
including call flows (call setup and release), CCA functional architecture, network access,
interfaces to other network elements, call connec- tion and processing procedures, gateway
operations, call routing, and network management and operation
GR-3053—Signaling interfaces between voice over packet and the SS7 networks
(signaling gateway)
GR-3054—Interfacing voice over packet networks to the PSTN (trunk gateway)
GR-3055—Interfacing PSTN line-side devices (analog telephones, ISDN equipment,
PBXs, and other equipment) to a voice over packet core network (access gateway)
GR-3060—Transporting legacy telecommunications services across voice over packet
networks

Emergency Service
E911 is Enhanced 911 and based on FCC guidelines that are designed for public safety and
emergency preparedness. It is required that “interconnected” VoIP providers supply
E911/911 service. Both the origination and termination call locations must supply E911
access via wireline, wireless, and broadband network connections. If the
“interconnected” provider supplies phone service, then 911 must also be supplied.
Interconnected VoIP service is defined as a broadband Internet connection over which
packet-based telephone calls and/or standard PSTN telephone calls are made. (DSL,
cable networks or broadband wireless networks)
The telephone networks of most countries support an emergency services telephone
number. This phone number allows a caller to contact emergency services like police, fire
department, medical, or emergency rescue services. Although services and service phone
numbers differ by country, most emergency numbers are short, typically three digits, to
help make them memorable.
Emergency numbers like 911 in the United States are intended to be used in emergencies
only. For routine inquiries or non-emer- gency services, traditional 7 or 10 digit numbers
should be used. Routine calls, prank calls, and other non-emergency calls should not be
made to the emergency services numbers. Persons making inappropriate calls to emergency
services are often prosecuted in a court of law. Traditional phone numbers are assigned to a
local loop, a specific house or business - a specific geographic location. This makes it easy
for emergency response teams to pinpoint exactly where their services are needed. The
location of the number remains fairly static. Thus, emergency service operators can, when
an emergency call is disconnected, call back to the location of the emergency, With packet-
based telephony, mobility is a strong benefit, except in cases of emergency. The call made
in an emergency on a cable access network could have been made from anywhere. When
using VoIP E911 services. The consumer must register their physical with their VoIP
service provider and keep that information up to date

The 9-1-1 system was initiated by AT&T in 1965. “The National Emergency Number
Association (NENA) estimates that as of February 2005, some form of 911 service was
available to nearly 99 percent of the population in 96 percent of the counties in the United
States” As referenced in See National Emergency Number Association, 911 Fast Facts
(visited Apr. 25, 2005) http://www. nena.org/911_facts/911fastfacts.htm (NENA 911 Fast
Facts).
NENA also states approximately 200 million calls are made within the United States to the
911 emergency services each year. The cost of building and maintaining the 911
infrastructure is borne by the state and local governments across the nation. In August of
1999 the United States adopted 911 services for wired as well as wireless calls, thus there is
a required end-to-end emergency system for wireline calls, wireless calls and VoIP calls

Voice Terminals
Today’s telephone technologies offer a variety of ways to com- municate using voice, video
or both. Customers have the choice of communicating via a computer, a standard analog
handset, a USB to computer connection, and more. These virtual or physical phones
support multiple protocols and codecs, including H.323, SIP, G.711, G.729 and many others

IP Phones
A computing device with embedded telephone VoIP software. No computer is required only
Internet access. Instead of a standard RJ11 interface to connect to an analog POTS line, the
phones con- tain an RJ45 to Ethernet connector. These IP phones are available for a price of
$70 for a basic model up to around $700 for multi- featured models that run additional
applications and have a color LCD interface. These IP phones may be powered by standard
AC transformers or can receive their power via the new IEEE 802.3af Power over Ethernet
standard. Cisco PoE phones currently use a proprietary Cisco standard for transmitting
power. To enable Power over Ethernet on a non-PoE phone an additional converter will be
required.

TDM Phones
Time division multiplexing (TDM) phones sample the speaker’s voice in blocks, but these
blocks of voice payload are sent across the TDM bus (a separate Ethernet segment) with a
small header prepended to the payload. These blocks are then sent, in order, across the bus
based on time – thus you have a virtual circuit running Ethernet packets.
Standard phones operate using TDM. When MACs (moves, adds, and changes) are
required, a phone technician must be called and a change must be scheduled. When the
phone is IP-based, the phone merely is unplugged from the Ethernet jack and moved to a
new Ethernet jack. The phone will work with no changes required in the closet, punch
down block, or PBX

Analog Phones
The most common method used to connect an analog phone to VoIP is through an ATA
an Analog Telephone Adapter. This device communicates directly with the VoIP server
using the configured protocol. Possible protocols include: H.323, SIP, MGCP, IAX, etc.
The ATA and not the analog phone will process the coding and encoding of the voice.
ATA boxes do not require a PC
Analog Telephone Adapter Connecting Analog Phones to IP networks
Dialup Hard Phone
A dialup hard phone is an IP phone with a built-in modem instead of a built-in Ethernet
NIC. The device dials a remote VoIP server and a call is made. In areas without broadband
access, a dialup hard phone, a phone line, and an Internet Service Provider (ISP) are the
only requirements to make a VoIP call.

PC-Based Soft Phones

A soft phone is a virtual phone created in software. Soft phones are installed on computers
to emulate a hard phone. The functionality of hard phones and more may be emulated
in the soft phone. Many soft phones will support both voice and video streams. A soft
phone requires an audio card, microphone, and headset or speakers. Or, the phone may
be a USB connected handset. Soft phones are cheaper than their hardware counterparts and
may often be downloaded for free. Soft phones may support H.323, SIP or both. Versions
are available for Apple Macintosh OS X, Linux, Microsoft Windows operating systems,
mobile PCs and PDAs

Microphones and Headsets or Speakers

The local computer’s audio card captures the voice stream from the local microphone and
delivers the audio from the remote end via the local headset or speakers. VoIP speakers
accept a digitized audio stream from IP phones, whether hard or soft phones. This audio
stream is the audio from the far end playing locally through a USB phone, a pair of
speakers, or an overhead paging system

USB Hand Sets

USB (Universal Serial Bus) phones are remote control devices for the soft phone running
on the computer. The USB device provides microphone, speakers, and a dial interface. The
soft phone itself does the voice encoding/decoding and connection management. Be
aware before buying a USB hand set, the USB software/ hardware device drivers are
operating system specific
SIP Phones
Phones designed to communicate using Session Initiation Protocol (SIP) may be a hard
phone, soft phone or an adapter allowing the caller to use their ‘legacy’ analog phone.
The hardware SIP phone has an RJ45 connector to directly connect the phone to an
Ethernet network. Two or more parties may converse when using SIP phones. To make a
call from SIP phone to SIP phone, the following pieces are required: a soft phone or a
hardware phone adapter on both end stations, for quality digital voice call, a broadband
connection to the Internet is required, to dial from a SIP phone to a phone on the PSTN –
Public Switched Telephone Network, a virtual number is assigned to your SIP phone.

PDA Soft Phones

PDA soft phones have the same functionality as PC-based soft phones but instead run on a
personal digital assistant on a mobile computing software platform like Windows Pocket
PC, Windows Mobile, or Palm OS.

WiFi Phones
Wireless Fidelity phones are hard phones with an integrated WiFi transceiver. There
must be a wireless base station to allow the WiFi phone to contact the VoIP server. WiFi
phones often include support for the cellular network as well. Thus if wireless is not
available the phone will switch over to a GSM network. GSM stands for Global System
for Mobile communications

NETWORK ENGINEERING
Network Requirements for Convergence
If a network is to carry a wide variety of traffic, it must have the following capabilities:
• Identification—The network must be able to tell the difference between frames that
contain video, audio, file transfers, or interactive commands.
• Prioritization—The network must detect whether some frames are more urgent than
others.
• QoS or class of service (CoS)—The network must be able to provide varying types of
service, according to the type and urgency of each frame. For example, the network must
know that a high-capacity, long-delay link is better for file transfers, while a low-delay link
(even with less capacity) is better for streaming multimedia

Converged Network Architecture

There are many ways to implement a converged network. We might assume that
convergence requires a homogeneous infrastructure, so that a network is either
completely packet based and connectionless (such as shared and switched LANs, or packet-
service WANs), or completely connection-oriented (such as ATM to the desktop and long-
distance ATM clouds).

A Hybrid Approach to Convergence

In practice, neither type of homogeneous architecture is viable, due to the different
economic and performance requirements for LANs and WANs. A converged network that
spans large distances, shown in the Wide Area Converged Network Diagram, has a WAN
core network surrounded by LAN edge networks.

In general, the edge networks will use different technologies than the core. Furthermore, for
many reasons, each edge network may be based on a different technology than the
others. One edge network may be based on a switched Ethernet fabric (one without Layer
3 routing), another on routed Ethernet segments, and a third on ATM LAN technology.

The WAN core may consist of a single technology network, such as frame relay, ATM, or
the Internet. Alternatively, it may consist of multiple parallel networks, some connection-
oriented and some packet-switched, as shown in the WAN Core Technologies Diagram.
The WAN core may consist of a single technology network, such as frame relay, ATM, or
the Internet. Alternatively, it may consist of multiple parallel networks, some connection-
oriented and some packet-switched, as shown in the WAN Core Technologies Diagram.

Parallel WAN Paths for QoS

An architecture that uses multiple parallel paths offers significant advantages to a
converged network. It is possible to solve many QoS problems in a LAN simply by
radically oversupplying network capacity (in other words, by throwing bandwidth at the
problem). However, this is not economically feasible in a wide area network (WAN)
because WANs are engineered to optimize their resource use for a particular class of traffic.
This means that a single WAN technology cannot provide good service for all the types of
traffic that cross a converged network.
Connectionless packet-based networks, which make up a large portion of the Internet,
provide good service to bursty, non-time- critical traffic. They do not deliver good service
to traffic with tight bandwidth, delay, and jitter requirements. On the other hand,
connection-oriented networks, such as ATM, provide good service to traffic with tight
bandwidth, delay, and jitter requirements. However, it is costly to use ATM networks for
bursty traffic.
Consequently, a converged network is likely to have a core that consists of multiple WAN
networks. The edge LANs carry voice, data, and video traffic over a common physical
infrastructure. However, at the LAN/WAN boundary, traffic is classified by QoS and
routed over the WAN network that provides the most appro- priate QoS. For example,
bursty, non-time-critical traffic will be routed over a packet-switched WAN. Multimedia
data, however, will probably be routed over a connection-oriented network that provides
QoS guarantees

Application-Level QoS
Application-Level QoS Converged networks may be able to use the application-level QoS
principle to optimize application performance by customiz- ing network devices on an
application-by-application basis. For example, a network could filter traffic according to
the appli- cation, then handle the traffic according to each application’s unique processing
requirements. Active networking, in which applications download small programs or
configuration data into network devices, is another example of this principle.
Before networks can guarantee QoS on a per-application basis, some important issues
must be addressed, such as security, resource management, and inter-device
coordination. However, an organization could enjoy a significant competitive advantage
from a network that could optimize services for important applications.

Voice Quality
In a converged network, changing network conditions have dif- ferent effects on network
performance and voice quality. “Voice quality” is a subjective term that describes how
accurately a digitized and transmitted signal represents the original sound of a human
voice. The perception of voice quality is generally a combination of several different
factors:
• Clarity describes how much of an original sound is recorded by a digital signal, and how
much outside noise is included. Clarity can be affected by many factors, such as
silence suppression, voice coding and decoding, jitter, loss, and noise.
• Echo occurs when some of a transmitted signal returns to the sender. As network delay
increases, so does echo.
• Delay occurs when packets are not received when they are expected. If packets do not
arrive promptly and at a constant rate, the illusion of a continuous voice signal cannot
be maintained. Delays can cause annoying gaps in a conversation. The effect of delay is
not usually noticeable until the sum of all delays exceeds 500 ms for a single end-to-end
transmission (one way). Thus, network engineers work to limit these combined voice
network component delays to no more than 200 ms. We will discuss delay in more detail
shortly

The QoS Parameters

All discussions concerning QoS in data networks focus on some or all of the following
parameters:
• Bandwidth—The raw measure of the network’s physical or logical data handling
capacity. This is measured as an absolute value (10 Mbps Ethernet), or a minimum value (a
frame relay circuit’s Committed Information Rate [CIR] of 56 kbps).
• Throughput—Throughput is the actual data carrying capacity of a network.
Throughput is calculated by subtracting delay, overhead, and other components of
normal network operation from the raw bandwidth. On a 10 Mbps Ethernet segment, once
overhead, collisions, device latency, and other factors are considered, actual throughput
may only approach 2 Mbps.
• Delay, or Latency—Delay is the time it takes packets to cross a network. Any device
that manipulates a packet can introduce delay. The measure is a maximum value, such as a
maximum of 200 ms round trip delay, or 110 ms end-to-end delay.
• Jitter—Jitter is variable delay. Jitter is measured in a number of ways, such as a
percentage of the maximum network delay (+/- 10 percent), or as a variation above or
below the average network delay (+/- 10 ms of the average network delay over a period of
time).
• Wander—Wander is the variation of a signal from its timing reference. Synchronous
circuits use a clock reference to ensure that each device sending or receiving a digital
data stream knows where the information begins and ends. If a clock ref- erence degrades
or becomes unavailable, the digital signal will eventually wander from the reference. Other
network devices will lose track of where data is located in the data stream.
• Packet Loss—Also known as information loss or just loss, packet loss measures the
number of packets lost across the network as a ratio of the total sent. For example, packet
loss between network nodes could measure 1 packet in 10,000 undelivered (lost).
• Availability—Availability measures the amount of time the network is available for
use, as a percentage of the total time in a day, week, month, or year. Much is mentioned
about achieving five 9s (99.999 percent) availability on a network.
• Security—Security is not a measured value, but nonetheless is an important
consideration when determining the QoS on a network. We would want only authorized
calls on the packet voice network, and we may want to encrypt voice triffic traversing the
public Internet.

Bandwidth
Bandwidth refers to the raw data carrying capacity of a particular carrier technology.
For example, a T1 circuit carrying several frame relay permanent virtual circuits (PVCs)
provides a bandwidth of 1.544 Mbps. The individual PVCs provide some bandwidth up to
the T1 port’s maximum physical bandwidth.
In any network, whether voice or data, bandwidth is a primary QoS concern. As network
traffic grows, so does bandwidth utiliza- tion. As bandwidth utilization increases,
throughput decreases. At some point, even the common practice of “throwing bandwidth at
the problem” reaches its practical limits, and so we are forced to address bandwidth
limitations in our network designs.
In converged networks, voice traffic must often contend with bursty data for scarce
network bandwidth. Bursty traffic, if uncontrolled, can monopolize the network’s
bandwidth. Hence, we must use QoS techniques such as admission control and traffic
shaping to control and buffer bursty traffic entering and traversing our networks.
Voice codecs require a minimum amount of bandwidth to operate. The G.711 codec defines
64 kbps PCM voice encoding and requires at least 64 kbps of bandwidth. If we try to push
PCM encoded voice calls across a link with insufficient bandwidth, the call will fail.
Data applications will generally perform better if given more bandwidth; they are said to
be bound by the network’s bandwidth, or bandwidth bound. Voice applications, on the
other hand, do not perform any better if given more bandwidth than the application
requires. Voice application performance is bound to the network’s delay; that is, once given
enough band- width to enter the network, the network delay decides how well they
perform. Delay is not determined by network bandwidth alone, but also by network
component and link performance.

Throughput
Throughput measures the actual network performance, that is, the network’s actual ability
to transfer data. Bandwidth describes the ideal condition, while throughput is a more
practical measurement of the network’s capacity. Many factors can effect network
throughput:
• Collision rates on contention-based networks
• Traffic volumes on network segments • Network device performance (switches, routers,
firewalls, gateways)
• Maximum transmission unit (MTU)
• Fragmentation rates
• Delay
As you might imagine, calculating actual throughput can be quite daunting, as the list of
variables indicates. However, we can calculate the instantaneous throughput packets
experience on the network if we know the packet size and how much time elapses as they
travel from the sender to the receiver.
For example, assume you send a 500 byte packet across a network segment. Using a packet
sniffer, you capture the time the packet leaves the sending node. You are also able to
capture the time the packet arrives at the recipient node. Since you already know the packet
size, you can calculate the throughput the packet experi- enced by dividing the packet size
by the end-to-end transmission time. If the packet took 90 ms to reach the recipient, then
the net- work throughput provided the packet equals (500 bytes * 8 bits/ byte) / 90 ms =
44,440 bits / second.

Delay
Delay, also known as latency, is the time a circuit requires to carry bits from one point in
the network to another. Bandwidth-bound applications realize a lower delay when
provided with more bandwidth; the greater the bandwidth, the lower the delay.
Delay-bound (voice) applications, also known as latency-bound applications, specify the
maximum allowable delay voice packets may experience as they traverse the network. For
example, many VoIP applications dictate that voice packets must not experience more than
200 ms delay end-to-end.
We can calculate a packet’s delay at any point on the network by comparing the time the
packet arrived at a point to the time it leaves that point. For example, if an IP packet arrives
at a router’s ingress port at time 14:25:00.000 and it leaves the egress port at time
14:25:00.090, we can subtract the departure time from the arrival time. The difference is
14:25:00.090 - 14:25:00.000 = 90 ms, or 90 ms delay.
Delay can be measured at many points in the network. The TCP/ IP traceroute utility allows
us to measure delay at each hop in a packet’s path. We can use packet sniffers and protocol
analyzers to evaluate end-to-end and round trip delay by monitoring out- bound and
inbound TCP and RTP messages, and calculating the time it takes for the sender to receive
TCP acknowledgments, or by comparing the RTP send time to the received time. Important
to remember is that delay will vary at each hop depending on net- work bandwidth,
congestion, and the QoS mechanisms in place
In a real-time, delay-sensitive application, we won’t necessarily decrease delay if we only
throw more bandwidth at the problem. This is because bandwidth alone does not determine
the delay packets will experience across a network. Additional processing delay, also called
“serial delay,” is added by devices that encode and decode signals, compress data, or
assemble data into packets.
Encoding, Decoding, and Compression
It takes time to convert a voice signal from analog to digital. A similar delay, or latency,
occurs when the remote end converts the digital signal back to analog.
Voice compression reduces the number of bits in a transmission by removing redundant
character strings in the digital character stream. However, compression algorithms increase
latency by requiring large voice stream samples before they can compress and packetize
voice signals.

Packetization
It also takes time for a device to accumulate enough voice samples to fill a packet. For
example, codecs sample an analog voice signal once every 1/8000th of a second, or every
.125 ms, and represent each sample with eight binary bits. To fill the data portion of a
default IP packet (576 bytes), we would need 556 bytes x .125 ms/byte = 69.5 ms.
Delay also occurs when a large packet is fragmented to cross a link that has a smaller
MTU. To reduce or eliminate this delay, we can adjust network devices and endpoints to
use the smallest MTU on the path.
Thus, by reducing packet size, we can eliminate fragmentation, and reduce the time needed
to build packets. However, too short a packet results in high packet overhead. Hence, we
need to weigh packetization delay against packet overhead to come to an agreeable
compromise.
Achieving this balance can be a challenge on high-speed LANs that are optimized for data
transfers. For example, some Gigabit Ethernet networks use a proprietary approach, known
as “jumbo frames,” to provide a better ratio of data payload to packet overhead. The
MTU of a jumbo frame is larger than the Ethernet standard MTU of 1,518 bytes; some
jumbo frames can be as large as 9 Kb. Although jumbo frames can improve overall
network performance, they can increase the problem of packetization delay by requiring
more time to fill each frame.

Jitter
Delay creates problems even when it is consistent and predictable. But there are also
many sources of variable delay. Varying packet sizes, varying levels of network
segment congestion, network device performance, QoS techniques that queue packets
based on network conditions (DiffServ), etc., all cause packets to experience varying delay
conditions.
For example, a sending node may transmit some packets immedi- ately, but queue other
packets while waiting for free bandwidth. This is common on shared-media networks,
when collisions cause the sending device to back off and attempt retransmission.
Intermediate devices can also create queuing delays. For example, if a switch or router
treats all packets with the same priority, a voice packet can get stuck in the queue behind
other, less time- critical packets; however, the voice packet right behind it might not incur
the same delay.
When a signal is subjected to variable delays, several packets may arrive over a large time
interval, or conversely, a clump may arrive all at once. We call this effect “jitter.”
Jitter Buffers
A jitter buffer, in the receiving endpoint’s audio codec, can reduce the perceived delay by
accumulating packets and releasing them at a constant rate. However, jitter buffers
introduce additional delay because of the time needed to fill them. The length of this delay
depends on the network’s expected maximum jitter.
For example, assume that voice packets will experience a maximum of 100 ms delay
between the sending and receiving endpoints (actual packet-by-packet delay could vary
from some value less than 100 ms to the maximum, and possibly beyond). In that case,
we can configure the receiving codec’s jitter buffer to hold 100 ms of audio samples before
releasing them for playback.
If the sending codec creates voice samples every 10 ms, those samples should (ideally)
reach the receiver at 10 ms intervals. However, we know that the end-to-end network
delay is variable, so the second sample might arrive 20 ms after the first, the third 15ms
after the second, and so on.
The receiving buffer queues up 100 ms of samples before playing them out to the listener.
The receiving codec plays out a sample every 10 ms. If the packets come every 10 ms, the
buffer will remain full. If they come slower, the buffer queue will shorten, but will still play
back a steady audio stream to the listener, as long as packets continue to arrive in time to
keep the buffer full. If delayed packets arrive in a clump, they refill the buffer queue
Playback problems develop, however, if network conditions vary too much. If packets
arrive too slow, the buffer can underrun (empty too fast), causing gaps, or “clipping,” in the
playback audio. If the packets come too quickly, the buffer may overrun and drop packets.
A static jitter buffer, one set to a specific value, is vulnerable to overruns and underruns.
Additionally, the static buffer always introduces a fixed delay, regardless of network
performance.
Dynamic jitter buffers adjust to the varying rates at which packets are received, so they
can reduce or increase their latency as network performance changes. The result is a
reduced likelihood of buffer overruns and underruns.
Measuring Jitter
Jitter can be measured in a number of ways. If a VoIP application specifies acceptable jitter
as a relative value, jitter can be measured as a percentage deviation relative to a maximum
allowable delay value. If the application states an absolute jitter value, this means that the
stated jitter value is the absolute allowable range. As a deviation from the average jitter, the
application could specify an acceptable jitter range that references an average value over
time. No matter how jitter is specified, jitter outside the stated range will cause poor voice
quality.
As you may have surmised, non-real time traffic is less sensitive to jitter than is real-time
traffic. Hence, we need not spend a great deal of effort chasing down jitter sources for non-
real-time traffic.
However, when we combine real-time and non-real-time traffic, we must consider jitter if
we wish to play back voice messages, send faxes, and push other jitter-sensitive traffic
across the same network segments over which our bandwidth bound traffic travels

Wander
Wander occurs when synchronous data deviates from its timing source. Since IP networks
are asynchronous, wander is not an issue. However, we need to consider wander whenever
voice traffic requires an associated clock to ensure accurate timing, such as on a
synchronous WAN link.
WAN data circuits use buffers to minimize wander. These buffers store a certain amount of
the received signal, and may retime the signal for transmission to upstream devices.

Packet Loss
Packet loss, to a certain extent, is a normal occurrence on best- effort networks. TCP
provides loss recovery mechanisms, such as message acknowledgments and sequence
numbers. Thus, non- real-time traffic is generally more forgiving of lost packets than is
real-time traffic.
However, the human ear is not so tolerant. Unless the network employs specific
countermeasures, such as forward error correc- tion or error concealment, users will hear
annoying gaps and clicks. Whether a user can perceive this effect depends on the packet
loss rate and compression algorithm used. The higher compression schemes are less
forgiving.
There are many reasons why networks lose packets. Some QoS architectures and
techniques deliberately discard packets as part of their traffic control protocols. Routers,
switches, and other network devices may drop packets due to network congestion or device
malfunctions. Even redundant network links can drop in-transit packets as the network
recovers from an outage.
VoIP applications will commonly specify the amount of packet loss for which they can
compensate. The application can also specify whether it can utilize packet retransmission as
a recovery method. Note that if a real-time application allows for lost packet
retransmission, this will probably be implemented through the use of acknowledgments and
buffers in the sending node, which will add latency to the network

Availability
If a network is not available for users, it is just an expensive conglomeration of wires and
devices. To some businesses, occasional network downtime is only a minor nuisance. To
others, such situations can cause serious damage, including:
• Lost productivity because of idle workers
• Lost revenue when customers go elsewhere
• The direct support expense of returning the local area network (LAN) to service
Some network downtime cannot be avoided; equipment failures and link outages do occur
from time to time. A key to maintaining high network availability is preventive
maintenance. However, pre- ventive maintenance at times requires network downtime, as
well.
To recognize the effect varying availability rates can have on a network, consider the
following:
There are 31,536,000 seconds in a year (excluding leap years). With a network availability
rate of 99%, the network would be available for use 31,220,640 seconds per year, or 23.76
hours per day. This means that the network is available for use 361.35 days per year. This
also means that it is unavailable for 3.65 days per year. If a company makes $1,000,000 per
day on the Internet, this means a revenue loss of $3.65 million a year due to network
downtime.
However, if the network provides a 99.9% availability rate, then the network is offline only
.365 days per year. This reduces their network downtime losses to just $365,000 per year.
Network device vendors target the elusive “five 9s” (99.999%) availability rate as the
ultimate level of availability. Additionally, service providers may promise a service
restoration time in a number of hours from the failure time; this limits the risk that multiple
failures will affect service.
Service level agreements (SLAs) often outline provider penalties for failing to meet these
availability targets. Availability often varies by link, as carriers may supply multiple links
as components of an overall service contract. Since entire networks rarely fail, one WAN
link could fail more frequently than others. Though this link may have a lower availability
rate, the provider could still meet their contract obligations, their availability numbers
bolstered by better performing links. Hence, SLAs should be written on a link by link
basis, rather than as an aggregate performance specification

Security
Though previously not considered a QoS parameter, the ever- increasing incidence of
network break-ins and virus attacks has brought security into light as another important
network QoS factor.
Several concerns comprise network security issues. Enterprise users want to protect
proprietary and business critical data while at the same time allow network users remote
access to voice and data applications. Internet call centers must expose corporate
resources to everyday security threats while at the same time protecting these same
resources from theft or destruction.
Some methods used to protect network data include encryption, either public-key or
private-key. User authentication methods such as strong passwords, digital signatures,
and biometric authentication, used individually or combined, serve to ensure only
authorized users access protected resources.
Various software vendors, working groups, and professional organizations have devised
architectures for insuring data privacy, confidentiality, and validation. One such
architecture is IPsec, a standards-based secure IP protocol used to support secure Internet
transactions. IPSec can be used in VoIP applications as well. IP packets are marked to
identify their security requirements, and all IPSec aware devices recognize and support this
header marking.
As a part of an overall QoS policy, VoIP network devices can specify that a traffic
stream’s packets receive a certain secure treatment across the network. This security policy
can carry across both private and public networks
IP Header Features
Even though IP is a best-effort protocol, its header can carry information that other
protocols can use to provide QoS features.

ToS Field
The IP header type of service (ToS) field indicates the QoS desired by a packet’s original
source. There is no guarantee that other devices on the network will honor this request.

IntServ
The Integrated Services (IntServ) architecture is defined in the informational RFC 1633.
IntServ aims to provide predictable and guaranteed services to specific traffic flows, called
streams.
Before a stream of traffic can flow, the sender and receiver must set up and maintain a path
that can support that stream. Each router along the path must provide the requested
resources to each defined stream. If a router cannot provide the resources the stream
requires, it informs the reservation requester of this fact with an error message.
The IntServ network nodes include traffic control functions implemented with traffic
classifier, admission control, and sched- uler elements. The traffic classifier maps
inbound traffic into classes, based on IP header contents or some other classification
value. The admission control element decides if a router can provide the stream its
guaranteed QoS. The packet scheduler manages stream queues.

RSVP
Resource Reservation Protocol (RSVP), defined in RFC 2205, is used to set up and
maintain stream reservations for IntServ archi- tecture networks. When a host needs to
reserve network resources for a stream, it uses RSVP messages to request a
reservation for those resources
RSVP requests resources in one direction, working backward from the destination. When
the receiving node requests resources for a stream, those RSVP messages travel from node
to node along the stream’s desired path. Each router responds with either an
acknowledgment or error message, then passes the resource request to the next-hop
upstream router. Once the reservations are in place, each router maintains the stream’s state
information for the duration of the connection. An RSVP request may be initiated as the
result of an H.323 call’s setup procedure, where the endpoints negotiate the call resources
needed to complete the connection.

CBQ
Class Based Queuing (CBQ) is a queuing algorithm developed by the Lawrence Berkeley
National Laboratory. CBQ divides the available network bandwidth among different traffic
classes. Each class is assigned a queue, and each queue is assigned a portion of the link’s
bandwidth. CBQ allows us to classify traffic flows into hierarchies. Each class can be
divided up into sub-classes, and each sub-class is given a specific treatment within its
parent class.
You will recall that we previously discussed DiffServ access control and traffic shaping
functions. In our DiffServ architecture’s ingress routers, we classified, metered, and marked
inbound traffic flows as in- or out-of-profile according to their class, and provided
differentiated services to each flow based on packet markings. CBQ enables us the ability
to classify traffic by IP or port addresses, application, or priority (ToS or DSCP).
A unique aspect of CBQ is that it shares unused bandwidth between traffic classes. A flow
that needs to burst above its assigned flow rate can “borrow” unused bandwidth from other
classes. This “bandwidth borrowing” capability would support the traffic burst shaping
function previously discussed

COPS
As we have seen, many QoS methods assign priorities to traffic flows, but don’t provide a
mechanism to manage and enforce those priorities across the enterprise. Common Open
Policy Service (COPS) provides this capability. IETF RFC 2748 describes COPS, a
client/server model for supporting policy control over QoS signaling protocols, such as
RSVP for IntServ and DiffServ PHBs:
• The policy repository contains a central database that describes how to handle each
inbound flow. This device could be an LDAP server, though this is not specifically defined.
• The COPS server is called the Policy Decision Point (PDP), a server where policy
decisions are made based on information provided by the central database. The PDP can
be a policy management server or workstation.
• A COPS client is a device that must enforce policies. The client is called the Policy
Enforcement Point (PEP) because it acts on the server’s instructions to apply and enforce
policies on the network. The COPS client decides how to handle each flow by requesting
information from the COPS server. More than one PDP may query the repository
simultaneously.
The PEP can be a router, PSTN gateway, firewall, or some other network edge device
capable of sending COPS messages to the PDP. For example, on a DiffServ network, the
client is the ingress router that performs the admission control and traffic shaping
functions.
The COPS Network Diagram illustrates a COPS network.
Though specified separately, the PEP, PDP, and policy repository can be located on the
same device. A Local Policy Decision Point (LPDP) can also be used, but all policy
decisions must reference a single PDP as the final decision authority.
The COPS protocol also addresses fault tolerance, by requiring that the PEP and PDP
exchange keep-alive messages to verify the connection. If the connection between the PDP
and PEP fails, and the PEP can find no backup or alternative PDP, then the PEP can make
local decisions. The PEP is responsible for notifying the PDP of any policy changes
made under local control while the connection is down.

MPLS
Multiprotocol Label Switching (MPLS) aims to speed packet flows across a routed network
by assigning each packet a small label tag. This tag represents the packet’s destination IP
address, so that interior routers can route packets by the label tag rather than the destination
IP address. When an MPLS tagged packet arrives at an MPLS-compatible router, the router
reads the tag value and forwards the packet quickly to the next hop.
MPLS can interoperate with such QoS architectures as DiffServ. The label tag, attached
ahead of the packet header, can represent not just the destination address, but additional
packet information such as:
• Precedence
• VPN membership
• RSVP QoS information
• The packet’s route, as chosen by traffic engineering (TE)
A set of routers within an MPLS network composes an MPLS domain. The MPLS
domain routers are called Label Switch Routers (LSRs). On the edges of the MPLS
domain are ingress and egress nodes. The ingress node is responsible for assigning a packet
to a certain forwarding equivalence class (FEC). An FEC defines a group of packets to
which the domain provides a speci- fied treatment. Each subsequent router acts upon the
packet’s label rather than the IP header. Labels are locally significant, and change at each
hop.
The downstream LSRs inform upstream LSRs of label mappings using a label distribution
protocol (LDP). Each LSR maintains these mappings in a Label Forwarding Information
Base (LFIB). LFIBs serve as packet label routing tables, replacing traditional IP routing
tables. The MPLS Domain Diagram illustrates an MPLS network
MPLS can be used in traditional frame-based LANs, such as Ethernet or Token Ring
networks, or in cell-switching networks, such as ATM networks. When used in an ATM
network, MPLS enables the edge switches to map inbound packets to MPLS labels, which
are in turn mapped to ATM cell Virtual Channel Identifier (VCI) or Virtual Path Identifier
(VPI) fields. Once mapped, the core ATM switches assign paths to the cells based on the
cell label to VCI/VPI mappings.
Packets entering an ATM network through the same physical port could potentially be
assigned to the same VCI. These packets would carry different types of data, such as
routing table updates, network management traffic, e-mail, and voice traffic. The ingress
switch would interleave these inbound packets with no regard to their precedence.
However, if the ATM switch assigns these packets MPLS labels based on their
designated QoS requirements, and in turn maps these labels to different VCIs, the ATM
network can carry the QoS requirements of these packets into the cell-switched
network

Policy Routing
Policy-based routing allows network administrators to specify additional information
sources for the routing table and network model. These sources may include information
imported from other protocols or information that network administrators statically
configure. Such policies can be defined on a router- by-router basis and control routing
information advertisements. They define who can talk to whom, who can listen to whom,
and what types of information are transmitted and received.
Policy-based routing is often part of network security procedures. For example, a network
administrator might specify that network information imported from other protocols be
included in the routing table and network model, and subsequently shared with outside
routers as part of update messages. However, routers with custom security settings and
other private configuration information would share the information only with other routers
that share the same security settings.

RED
In times of network congestion, Random Early Discard (RED) attempts to maintain the
integrity of each traffic flow. It actively manages output queues by randomly dropping
inbound packets once the queue reaches a preset level. This forces underlying protocols
(TCP, RTP) to initiate lost-packet recovery procedures, which slows the inbound data rate
of each flow

WFQ
Weighted Fair Queuing (WFQ) algorithms attempt to give each inbound traffic flow fair
access (fair queuing) to the outbound port’s available bandwidth. This access can be
determined by each flow’s precedence (weighted) as set by the packet header ToS bits or
RSVP reservations. Since WFQ assigns a weight to each flow, it is often used to support
QoS architectures, such as IntServ and DiffServ.
We weight the queues by assigning each one a priority. A higher priority queue receives
more of the available bandwidth, while a lower priority queue receives less. However, each
queue receives some level of predictable service on the outbound port. This differs from
the first-in, first-out queuing that is the default for many network devices. It also
contrasts favorably with PQ, that gives high-priority packets absolute network access at the
expense of lower priority flows.
WFQ does not discriminate based on packet size. In other words, queue A may have three
200-byte packets, while queue B could have two 300-byte packets. If the device gives
600 bytes bandwidth to each queue in turn, then queue A will empty before queue B
forwards its packets.

WRED
Just as WFQ provides a queue weighting mechanism, Weighted Random Early Discard
(WRED) adds weighting to the RED algorithm. WRED attempts to improve on RED by
randomly dropping packets from low-priority flows first. If congestion increases, packets
are then dropped from higher-priority flows

DiffServ
Internet Engineering Task Force (IETF) Request for Comments (RFCs) 2474 and 2475
define basic ways of treating different subsets of a network’s traffic in different ways
at OSI Layer 3. For example, some packets might be routed in ways to expedite
delivery and minimize delay, while others are routed to minimize loss.
DSCP Code Points
The differentiation of these services is provided by a redefinition of the IPv4 Type of
Service (ToS) field (called the Traffic Class field in IPv6). Differentiated Services
(DiffServ) uses the ToS octet’s bits 0-5 to identify a Differentiated Services Code Point
(DSCP), a procedure used to handle packets on a per-hop basis. The DiffServ Modified ToS
Field Diagram illustrates the DiffServ octet.
The first three bits of the field (bits 0-2) should be standardized across networks. RFC 2474
uses these three bits to define eight class selector codepoints. These 3 bits prioritize the
traffic, with larger numerical values having a higher relative order or priority.
Bits 3-5 can be used to define specific types of local services. However, these non-standard
definitions may not be recognized by devices outside the local network.
Bits 6 and 7 are currently unused.
As you have learned, 802.1p also defines eight levels of priority. Thus, it is possible to map
802.1p traffic classes to DiffServ DSCPs to match Layer 3 traffic flows

PHB
PHB Key DiffServ operational features are Per-Hop Behaviors (PHB). A PHB is a
forwarding behavior a node applies to a packet based on that packet’s condition. The
packet’s DSCP indicates the particular PHB a packet should receive as it passes from hop
to hop.

Standard PHBs
The DiffServ architecture standards define several standard PHBs to help assure
predictable behavior across DiffServ domains (described later). These are:
• Default PHB—Defined in RFC 2474, the default PHB represents no special handling,
or the network’s default best- effort service. All DiffServ nodes must support the default
PHB, which sets all six bits to zero: 000000.
• Class-Selector PHB—Also defined in RFC 2474, the class-selector PHB sets the first
three bits of the DSCP field to match the IP packet header ToS bits. This assures backward
compatibility in networks where ToS bits are used to represent service classes. DiffServ
nodes must support these PHBs where IP precedence bits are used.
• Assured Forwarding (AF) PHB—Defined in RFC 2597, the assured forwarding PHB
aims to provide assured packet forwarding services across networks. Traffic is assigned to
one of four traffic classes.
When using the AF PHBs, packets within each class are marked to one of three drop
precedence levels. AF assigns resources to each class, and allocates those resources
according to a packet’s drop precedence. AF provides for a total of 12 class-to-precedence
pairings.
A DiffServ domain’s use of the AF PHB is optional. See RFC 2497 at
http://www.ietf.org/rfc/rfc2497.txt for more information on the AF PHBs.

• Expedited Forwarding (EF) PHB—Defined in RFC 2498, the EF PHB sets a specific
PHB for assignment to a single pre- ferred traffic flow within the DiffServ domain. This
preferred flow would be one that absolutely must receive low jitter, low delay, and low loss
treatment across the network. By setting the DSCP to ‘101110’, we guarantee that this one
flow receives at least the EF PHB-defined bandwidth at each departure point. The EF PHB
is frequently used in DiffServ domains with two traffic flow classes, such as real-time voice
traffic carried over the same network as non-real-time data.
A DiffServ node does not have to support the EF PHB. See RFC 2498 at
http://www.ietf.org/rfc/rfc2498.txt for more information on the AF PHBs

Custom PHBs
A network administrator may use bits 3-5 to define custom DSCPs. However, routers
outside of the local network will not necessarily recognize these custom DSCP endcodings
that do not terminate in 000 (xxxyyy).

DiffServ Domains
In DiffServ terminology, the local network, whether one subnet, an entire Autonomous
System, or a collection of Autonomous Systems, composes a DiffServ domain. In the
DiffServ domain, all network devices, both on the network edges and intermediate nodes,
are configured to recognize and act upon the packets’ DSCPs.
A PHB defines the services each node will provide the different traffic flows. PHBs can
vary from hop-to-hop, depending on many variables. Each network segment can experience
differing conges- tion levels, bandwidth, delay, and jitter conditions, and DiffServ allows
us to define per-segment PHBs for each traffic class.

IP Precedence
IP provides the capability to assign packets one of eight precedence levels, according
to the traffic’s importance. RFC 791 defines the different precedence levels, and how they
apply across network boundaries. The RFC leaves it up to the network architec- ture as to
how IP precendence is handled. As we have learned, we can map IP precedences to
DiffServ DSCPs, and identify flows and streams by this IP header component

Traffic Prioritization
As we have discussed previously, a converged network must be able to provide varying
types of service, according to the type and urgency of each frame. Thus, it must first be
able to identify the type of traffic each frame contains, and determine the priority of each
type of frame.
Two new standards work together to identify and prioritize traffic on an Etnernet LAN.
First, the 802.1Q standard identifies each frame according to its VLAN membership.
Then, the 802.1p standard uses these VLAN identifiers to prioritize real-time traffic over
other types of frames.

802.1Q VLAN Standard

The 802.1Q specification, published in December 1998, provides a standard definition of
Ethernet VLANs and their use in switched networks. The 802.1Q standard strictly defines
procedures and protocols for establishing and maintaining VLANs. The uniform rules of
the standard simplify, and, in some instances, automate VLAN configuration and
management, regardless of which company’s switches and end-station interfaces are
used.

The VLAN Tag

Each virtually defined workgroup of a VLAN may include individual members scattered
across a large, extended LAN or WAN. The 802.1Q specification associates physical
devices and ports to each defined VLAN in the network, then maps and shares those
associations with other LAN stations

802.1Q does this by adding a 2-byte VLAN tag, or identifier, to each frame. The tag
identifies the virtual workgroup to which the frame belongs, and includes priority and QoS
information. With its 12-bit VLAN identifier, 802.1Q can support thousands of VLANs
across switch trunks and 802.1Q-capable routers.
Tagging provides the necessary information for switches to com- municate and create the
VLAN. Tagging also enables a more com- prehensive set of control functions than has been
possible through proprietary VLAN frameworks. With an identifier in each frame, VLAN
membership, priority, and QoS are highly manageable. The 802.1Q VLAN Tag Format
Diagram illustrates this concept.
802.1Q defines two tagged frame types: a VLAN-tagged frame and a priority-tagged frame.
A priority-tagged frame sets the first three tag bits to identify the frame’s priority. A VLAN-
tagged frame sets the tag’s last 12 bits to represent VLAN membership information. The
three tag priority bits allow any one of eight priorities to be assigned to a specific
packet. The 802.1p standard defines the eight priorities from highest to lowest (note that
priority 0 is higher than priority 1):
• 7—Network management traffic
• 6—Voice traffic with less than 10 milliseconds (ms) latency
• 5—Voice traffic with less than 100 ms latency
• 4—Controlled load traffic (mission critical data applications)
• 3—Traffic meriting extra effort by the network for prompt delivery (such as an
executive’s electronic mail [e-mail])
• 2—Reserved
• 0—Traffic meriting the network’s best effort for prompt delivery (the default priority)
• 1—Background traffic such as bulk data transfers and backups

802.1Q as an Architecture
VLAN operation now includes workable guidelines for multivendor networks, allowing
consistency in membership assignment, activity, and administration. The architecture of
802.1Q specifies three levels of operation:
• Relay, or forwarding of frames, based on the two-byte VLAN tag. This smaller 802.1Q
“footprint” compares favorably to such vendor-specific VLAN tagging techniques as Cisco
System’s (Cisco) Inter-Switch Link (ISL) protocol, which increases the original frame’s
size by 30 bytes by encapsulating the frame with an ISL header and a 4-byte frame check
sequence (FCS). The ISL protocol frame encapsulation causes non-ISL-aware devices to
reject these frames as invalid.
• Explicit sharing of VLAN information and exchange of topology information.
• Uniform VLAN management and flexible VLAN configuration.

802.1Q Protocols
802.1Q frame tagging is key to uniform sharing of VLAN information among
switches in the network. The standard uses several specialized protocols to do this,
enabling creation of VLAN configurations by propagating information between switches
and end stations throughout an Ethernet network. Other protocols provide information
about multicast traffic for traffic containment and efficiency:
• Generic Attribute Registration Protocol (GARP) uses tags to propagate
topology information among switches and end stations.
• GARP VLAN Registration Protocol (GVRP) is the means by which VLANs
themselves are configured, in some cases automatically. Using this protocol, stations
request admission to specific VLANs. Membership in a VLAN is determined by a network
management or policy system. GVRP helps simplify the administration of VLANs by
handling registration of end stations with Ethernet switches and maintaining current
information about membership
GVRP may be used in end stations and switches. When the protocol is used between end
stations across a large network, some switches may not be GVRP-aware; therefore, GVRP
information exchanged between end stations is transparent to the intermediary device. In
other cases, the intermediary switch recognizes GVRP. In this context, GVRP embedded in
VLAN-aware switches may be integrated with a network management console and policy
server. This simplifies tracking VLAN additions and departures.
• GARP Multicast Registration Protocol (GMRP) is used to create and change
multicast groups dynamically.
• Internet Group Management Protocol (IGMP) broadcasting is used with
Distance Vector Multicast Routing Protocol (DVMRP) to build routes for
delivery of multicast messages.

802.1p Traffic Prioritization Standard

With more and more networks moving to the speed and simplicity of Layer 2 switching,
the IEEE 802.1p standard provides an easy and effective method for prioritizing LAN
traffic. Developed by IEEE, 802.1p supports priority transmission of time-critical
information in a LAN environment.

Priority Tags and Traffic Classes

While Token Ring and FDDI frames have defined priority fields, Ethernet does not.
Therefore, the 802.1p standard recommends use of 802.1Q VLAN tags to prioritize
Ethernet frames.
As we just discussed, VLAN tags are two-byte headers that identify each frame’s VLAN,
type of traffic, and priority. As we can see in the 802.1Q VLAN Tag Diagram, three bits of
the tag identify the priority level of each frame
Because three bits can define eight values, 802.1p defines eight traffic classes. These traffic
classes and their associated traffic types are listed in the 802.1p Traffic Classes Table.
Traffic Class (Priority) Tag Value (Binary) Traffic Types
7 111 Network control
6 110 Interactive voice
 5 101 Interactive multimedia
4 100 Controlled load app
3 011 Excellent effort
2 010 Spare
1 001 Backgroud
0 000 Best effort

How 802.1p Prioritizes Traffic

The first step in prioritizing traffic is to assign a traffic class to each type of frame. Traffic
prioritization policies are centrally configured and administered through management
software. After a tagged frame is transmitted onto a network, 802.1p-compliant switches
recognize the traffic class value and forward the frame according to its priority.
To do this, the switches must have multiple queues implemented in hardware. Lower-
priority traffic is buffered in a lower-priority queue, while higher-priority traffic passes
through the higher- priority queue. Therefore, switches with only one queue cannot
effectively implement prioritization.
Given the increasing speed of networks, two queues (one for business-critical and time-
sensitive traffic, and the other for best- effort and background traffic) are generally
sufficient to ensure high QoS for applications that need it

Mapping 802.1p Traffic Prioritization to IP and ATM Networks

By definition, 802.1p is intended for packet-based Layer 2 LANs. In WANs and the
Internet, IP has a defined Type of Service (ToS) priority field. Originally intended for
network administration traffic, this field has been relatively unused.
ATM, with its connection-oriented technology, offers the ultimate in traffic prioritization
and guaranteed QoS. In most instances, however, ATM is used as a backbone technology
with Ethernet, Fast Ethernet, or Gigabit Ethernet deployed at the edge for connectivity to
desktops and servers.
To prioritize mission-critical and time-sensitive traffic across these backbone networks and
WANs, 802.1p traffic classes must be converted to the corresponding IP or ATM CoS. For
example, the IETF Integrated Services (IntServ) working group is defining the cross-
classification mapping of DiffServ codepoints to 802.1p traffic classes. Meanwhile, other
technical working groups are developing techniques for mapping 802.1p to ATM
connection services.

Using QoS to Optimize Voice Quality in VoIP Networks

Quality of Service (QoS) is the ability of a network to provide better service to selected
network traffic using various technologies. You must plan for QoS by deploying features
that apply these technologies throughout your network. One of the most important things is
QoS must be configured throughout the entire network to improve your network’s
performance.
Using QoS with Voice over IP (VoIP) will allow you to grant priority service to voice as
well as servicing the data side with the priority that is specified. By utilizing QoS for the
Voice you can implement reliability, predictability and eliminate poor quality voice
transmissions.
Through the use of packet classification you can mark specific traffic which effectively
partitions your network traffic into different levels. This classification is accomplished
when you add a tag to the IP Precedence/ Differentiated Services Code (DSCP), source
and destination IP addresses and you can classify packets using access control lists,
policy- maps, and similar techniques
Any network carrying voice traffic also carries data which shares a path through the
network. This interaction will have an affect the application performance which can lead in
possible congestion and packet loss. Congestion is the direct result of a sustained overload
of traffic which requires you to finds methods that will control congestion once it
occurs, and then allow you employ strategies that will use some sort of queuing features
such as those using the CISCO IOS as follows:
• Weighted Fair Queuing—This applies priority to identified traffic to classify traffic into
conversations and determine how much bandwidth each conversation is allowed relative to
other conversations. WFQ classifies traffic into different flows based on such
characteristics as source and destination address, protocol, and port and socket of the
session.
• Class-Based WFQ (CBWFQ)—CBWFQ extends the standard WFQ functionality to
provide support for user-defined traffic classes. It can specify the exact amount of
bandwidth to be allocated for a specific class of traffic. Taking into account available
bandwidth on the interface, it can configure up to 64 classes and control distribution among
them.
• Priority Queuing - WFQ (IP RTP Priority Queuing) (PQWFQ)The IP RTP Priority
feature provides a strict priority queuing scheme. This allows delay-sensitive data such as
voice to be dequeued and sent first, before packets in other queues are dequeued. This
feature can be used on serial interfaces and Frame Relay permanent virtual circuits (PVCs)
in conjunction with either WFQ or CBWFQ on the same outgoing interface. In either case,
traffic matching the range of UDP ports specified for the priority queue is guaranteed
strict priority over other CBWFQ classes or WFQ flows; packets in the priority queue are
always serviced first.
The Frame Relay IP RTP Priority feature provides a strict priority queuing scheme on a
Frame Relay PVC for delay- sensitive traffic such as voice.
Voice traffic can be identified by its Real-Time Transport Protocol (RTP) port numbers
and classified into a priority queue configured by the frame-relay ip rtp priority command.
The result of using this feature is that voice is serviced as strict priority in preference to
other non-voice traffic
• Low Latency Queuing (LLQ)—LLQ provides strict priority queuing on ATM virtual
circuits (VCs) and serial interfaces. This feature is able to configure the priority status for
a class within CBWFQ, and is not limited to UDP port numbers as well as IP RTP
Priority. LLQ and IP RTP Priority can be configured at the same time, but IP RTP Priority
takes precedence

Network Performance Issues

An intimate knowledge of network design issues can increase the quality of voice calls over
a packet-based network. There is a multitude of issues that can affect throughput on a
network.
When packets are delayed by congestion or slow routing protocols, delay or latency will
reduce the quality of the voice call. Propaga- tion delay describes the time taken by a signal
to pass through the media whether that is copper, fiber, or wireless. Each device along the
path from speaker to listener introduces handling delay. Han- dling delay may be caused by
the encoding/decoding of analog speech to a digital stream, or by the size of each created
packet. Queuing delay is based on how long it takes for a packet to leave the device that
created that packet. Packets may sit in the queue due to network congestion.
Jitter is a variation in the delay of packets. Say one packet is sent every 20 milliseconds;
these packets which were sent together arrive at different times. The delta time between
when a packet is expected to arrive and when the packet actually arrives is called jitter.
Pulse Code Modulation (PCM) converts analog sounds, like your voice, into a digital
stream. This stream is created by sampling your voice 8,000 times each second. By
applying the Nyquist theorem, and sampling at twice the rate of the highest frequency a
voice quality sample will be created. Since the human voice range is 300 to 3,400 – about
twice 3,400 is 8,000 samples per second.
Voice compression is applied to a voice stream in North America by applying the u-law
logarithmic compression algorithm. Other countries use the a-law algorithm. The u-law
algorithm works slightly better for low-level signal-to-noise reduction. If making an
international call from u-law territory to a-law territory, it is the job of the u-law country to
make the conversion.
Echo is when the speaker hears their own voice delayed on the phone line. Delays of more
than 25 milliseconds are intrusive and should be avoided by setting echo cancellation. Echo
is removed by the local router which stores an inverse image of the speaker’s speech
pattern to lay over and cancel the sounds coming back from the remote speaker’s phone.
Packet loss is expected and part of the original design of Ethernet networks. Packet loss can
be mitigated by giving precedence to time sensitive traffic over standard data packets
Voice activity detection
Digital-to-analog conversion
Tandem encoding
Transport protocols
Dial-plan design

Voice Quality
Packet telephony is a lot like a motion picture: the illusion of a continuous voice signal can
be maintained only so long as voice packets arrive promptly and at a constant rate, just as a
movie’s individual frames roll off a projector reel.
Although cheap Internet telephones have unfairly given packet telephony a bad name, it is
true that transmission delays across the packet-switched network can hurt voice quality.
These delays cause annoying gaps in a conversation, and may be introduced at a number of
points.
It takes time to convert a voice signal from analog to digital. Voice compression algorithms
increase this delay, requiring large voice stream samples before they can compress and
packetize voice signals. A similar delay occurs when the remote end converts the digital
signal back to analog.
A packet needs time to move through the network, especially if it is relayed through
multiple router hops. This propagation delay remains minimal as long as the packet remains
on a LAN equipped with wire-speed switches. However, speed disparities at the LAN/
WAN edge interfaces can create considerable queuing delays.
It also takes time for a device to accumulate enough voice samples to efficiently fill a
packet. RFC 879 defines a default IP packet size of 576 bytes. Codecs sample voice
intelligence once every 1/8000th of a second, or every .125 ms, and represent each
sample with 8 binary bits. To fill the data portion of this default IP packet, we would need
556 bytes x .125 ms/byte = 69.5 ms.The shorter the packet, the shorter the packetization
delay. However, too short a packet results in high packet overhead. Hence, we need to
weigh packetization delay against packet overhead to come to an agreeable
compromise.
Jitter
The variability of delay, also called jitter, creates a more trouble- some problem than
packetization delay. Traffic conditions on the backbone network, such as head-of-line
blocking or serializa- tion delay, primarily cause jitter delays. For example, if we treat all
packets arriving in a switch (or router) with the same priority, a voice packet can get
stuck in the queue behind other, less timecritical packets; the next voice packet traversing
the network might not incur the same delay. The result is an accordion effect; several
packets may arrive over a large time interval, or conversely, a clump may arrive all at once.
Without appropriate design, jitter can wreak havoc on a telephone conversation. Jitter
buffers, which store a string of packets, can smooth out the packets’ arrival rate;
however, jitter buffers introduce additional delay.
Voice Compression
The default voice digitization rate is the Pulse Code Modulation (PCM) voice rate of 64
Kbps. The simplest way to reduce the bandwidth required to transmit digitized voice is to
use voice compression. Voice compression does not actually work on the voice signal but
compresses the digitized voice signal by removing redundant character strings in the digital
character stream.

Latency
Network latency becomes obvious to the callers on a VoIP con- nection when the round trip
delay is more than 250 milliseconds. The ITU-T recommends unidirectional, end-to-end
latency never exceed 150 milliseconds, from caller to listener. If latency is too excessive,
one caller will sense the pause created by the network as a pause created by the other caller
and both callers will begin to speak.

Latency is a delay in packet delivery. Latency may be caused by many factors: length of
the media, number of routers between callers, encryption delays, voice
encoding/decoding, or any other delays on the transmission network.
To reduce latency, each endpoint and all intermediate network devices should be optimized
for throughput in the jitter buffers, packet sizing, and configured with appropriate QoS
levels.

Packet Loss
Most network end stations can accept or recover from an occa- sional lost packet. The
human ear is not so tolerant, and unless the network employs specific countermeasures,
such as forward error correction or error concealment, users will hear annoying gaps and
clicks. Whether a user can perceive this effect depends on the packet loss rate and
compression algorithm used. The higher compression schemes are less forgiving.
The effect of delays on a voice conversation is not noticeable until it exceeds 500 ms. At
that point, the user will perceive that there is a delay occurring. In IP telephony, the use of
jitter buffers as a part of the communication link can store and forward the message one
delivery packet at a time, and reduce the perceived delay. Packet delays cause gaps in the
conversation, and may require the listener to request that the sender repeat information
previously sent.
Because voice traffic is real-time traffic, network engineers must work to limit these
combined voice network component delays to the maximum acceptable end-to-end (one-
way) delay of under 200 ms

Port Settings
Firewalls may block specific ports or a range of ports to disallow traffic in or out of the
network. By default network administrators want to block as many ports as possible to
reduce the risk of intrusion. For VoIP to operate, a pair of UDP or TCP ports must be
opened. The first even number is opened for the voice traffic; the very next odd numbered
port is opened for control of that voice traffic. Enabling ports to allow VoIP to pass
through the firewall opens a huge range of port numbers starting with 1024 and moving, if
given the chance, two at a time all the way to 65,535. Each call opens another set of ports.
Several firewall vendors offer a dynamic firewall solution. This solution only opens ports
on demand and closes the ports back down when the voice call is terminated.
Example ports that must be opened on the firewall for some VoIP applications include:
For Microsoft Netmeeting and others using H.323
TCP port 1720 (H.225 call signaling for hosts)
TCP ports 11000 to 65535 (H.245 capability exchange)
UDP ports 16384 to 32767 RTP audio stream)
For http://www.callserve.com over H.323
UDP port 1719 for signaling
TCP port 1720 for signaling
UDP ports 5000 to 65535 for the RTP audio stream For Session Initiation Protocol (SIP)
UDP port 5060 for SIP signaling TCP port 5060 for SIP signaling
UDP ports 16384 to 32767 for the RTP audio stream
For http://www.skype.com
“Ideally, outgoing TCP connections to all ports (1 to 65535) should be opened.
” Or, “open up outgoing TCP connections to port 443.
” Or, “open up outgoing TCP connections to port 80.”

Bandwidth
Bandwidth refers to the raw data carrying capacity of a particular carrier technology. For
example, a T1 circuit carrying several frame relay permanent virtual circuits (PVCs)
provides a bandwidth of 1.544 Mbps. The individual PVCs provide some bandwidth up to
the T1 port’s maximum physical bandwidth.
In any network, whether voice or data, bandwidth is a primary QoS concern. As network
traffic grows, so does bandwidth utiliza- tion. As bandwidth utilization increases,
throughput decreases. At some point, even the common practice of “throwing bandwidth
at the problem” reaches its practical limits, and so we are forced to address bandwidth
limitations in our network designs.
In converged networks, voice traffic must often contend with bursty data for scarce
network bandwidth. Bursty traffic, if uncontrolled, can monopolize the network’s
bandwidth. Hence, we must use QoS techniques such as admission control and traffic
shaping to control and buffer bursty traffic entering and traversing our networks.
Voice codecs require a minimum amount of bandwidth to operate. The G.711 Codec
defines 64 Kbps PCM voice encoding and requires at least 64 Kbps of bandwidth. If we try
to push PCM encoded voice calls across a link with insufficient bandwidth, the call will
fail.
Data applications will generally perform better if given more band- width; they are said to
be bound by the network’s bandwidth, or bandwidth bound. Voice applications, on the other
hand, do not perform any better if given more bandwidth than the application requires.
Voice application performance is bound to the network’s delay; that is, once given enough
bandwidth to enter the network, the network delay decides how well they perform. Delay is
not determined by network bandwidth alone, but also by network component and link
performance.

Network Capacity Baselining

Traffic baseline measurements serve as a rough guide for the more exact process called
baselining.
Baselining (also called benchmarking) documents the performance of a network by
measuring its capacity and standard operating efficiency. These measurements can identify
long-term trends in network operations and their impact on network performance.
Baselining can be used with traffic estimation numbers or as an alternative to estimates
since you are capturing what is really happening on the network. Taking baseline
measurements requires special monitoring equipment and applications. Because both of
these are expensive, many small companies skip this step and rely on estimates alone.
However, whenever possible, it is best to use both estimating and baselining
Tools for Testing Activity
If you have an existing LAN, you can probably get detailed reports from the network
operating system (NOS) vendor as to the theoretical capacity of the NOS. Many NOSs
run these reports as Value Added Processes (VAPs).
Another traffic measurement tool is a protocol analyzer or packet capture program such as
Network General Sniffer®, Hewlett-Pack- ard’s LAN Advisor, Novell’s LANalyzer or the
free WireShark/ Ethereal package. Each software package records traffic over a given
period of time. You can also purchase LAN software emulation packages that monitor
networks from a PC. These packages provide tools for:
• Network mapping
• Physical network management
• Network design
• Network planning and simulation
Design and Modeling Tools
Design tools model the behavior of a LAN under a given load. They provide an accurate
picture of a LAN’s performance, given a certain number of users, applications, and
telecommunications links. Some tools include application profiles that estimate traffic
generated by specific applications. They may also have user librar- ies that contain
performance profiles for various pieces of equip- ment, such as bridges and routers. These
profiles can be plugged into the model without doing a lot of research, and can provide a
reasonable estimate of the device’s throughput and latency. Many networking products also
have built-in capabilities to determine CPU utilization against network traffic. Purchasing
or renting sepa- rate design tools is expensive. However, if you need an engineered network
with high reliability, the cost of failure far outweighs that of the tool.
Simulation and Testing Tools
LAN traffic simulation packages (as well as Network General’s Sniffer® and Hewlett-
Packard’s LAN Advisor) can generate actual LAN test traffic. By varying the size and
frequency of the traffic, the effect on the LAN is measured. Progressive degradation of
LAN performance can be gauged as a function of client activity using just a few PCs.
Activity of each LAN device (server, bridges, routers, etc.) can be monitored to determine
the delay within each component. One client can simulate many workstations.

Network Capacity Baselining

A network baseline is a snapshot of activity and performance that can provide proactive
insight about the performance of a network. It is a measurement that can be taken
periodically over time, or while interesting network activity is observed, such as high
bandwidth utilization. A separate baseline should be run on each individual subnet, WAN
link, and the network backbone, forming a collection of baselines for the entire network.
A baseline should not be taken at any specified regular interval. A baseline taken at the
same specified interval or time of day has the potential of lending the same results over
time. It is better to baseline each subnet of a network at random times throughout the
normal business day.
The following pages describe steps necessary to baseline a network. The examples use
Network General’s Sniffer®, an anlaysis tool used in the management of local and
wide area networks. Examples include baseline screen shots for reference.
Packet Capture Functions
NG Sniffer® is a popular tool for measuring LAN activity. It is available in various forms,
from a freestanding hardware unit to a software only tool that can be installed on a PC
(laptop, other portable, or client/server platform). A device that runs Sniffer® software
(dedicated hardware or PC) must be purchased with a proprietary NIC that is compatible
with the network topology being analyzed.