Gatekeeper and Cisco Unified Border Element Implementation: Understanding Gatekeepers

Gatekeeper and Cisco
Unified Border Element

Implementation
Understanding Gatekeepers
© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-1

Outline
 Gatekeeper Overview
 Gatekeeper Signaling
 Gatekeeper Call Routing
 Gatekeeper-Based Call Admission Control
 Configuring Gatekeeper
 Configuring Gatekeeper Zones
 Configuring Zone Prefixes
 Configuring Technology Prefixes
 Adapting H.323 Gateways to Gatekeepers
 Configuring Gatekeeper CAC
 Verifying Basic Gatekeeper Functionality

Gatekeeper Overview

Gatekeeper Overview
Typical gatekeeper functions:

 A gatekeeper is an H.323 entity on the network.
 A gatekeeper provides these services:
– Address translation
– Call Admission Control for H.323 terminals, gateways,
and multipoint control units
 Primary functions are admission control, zone management,
and E.164 address translation.
 Gatekeepers are logically separated from H.323 endpoints
such as terminals and gateways.
 Gatekeepers are optional devices in a network.

Gatekeeper Functions
Mandatory Description
Address Translates H.323 IDs (such as gwy1@domain.com) and E.164
resolution numbers (standard telephone numbers) to endpoint IP addresses
Admission Controls endpoint admission into the H.323 network
control
Zone Provides zone management for all registered endpoints in the zone
management
Optional Description
Call Accesses restrictions for certain terminals or gateways or have time-
authorization of-day policies restrict access
Call Keeps state of active call information and uses it to indicate busy
management endpoints or redirect calls
Bandwidth Rejects admissions when the required bandwidth is not available
management

Gatekeeper Signaling

Gatekeeper Signaling Overview
Gatekeeper
H.225 RAS (UDP) H.225 RAS (UDP)
UDP Port 1719
H.225 Call Setup (TCP)
H.245 Media Control (TCP)

Gateway Gateway
Dual RTP (UDP) Stream

H.225 RAS Messages
Discovery: Location:
 Gatekeeper Request (GRQ)  Location Request (LRQ)
 Gatekeeper Confirmation (GCF)  Location Confirmation (LCF)
 Gatekeeper Reject (GRJ)  Location Reject (LRJ)
Registration: Admission:
 Registration Request (RRQ)
 Admission Request (ARQ)
 Registration Confirmation (RCF)
 Admission Confirmation (ACF)
 Registration Reject (RRJ)
 Admission Reject (ARJ)
Unregistration:
Disengage:
 Unregistration Request (URQ)
 Disengage Request (DRQ)
 Unregistration Confirmation (UCF)
 Unregistration Reject (URJ)
Request in Progress:
Resource availability:  Request in Progress (RIP)
 Resource Availability Indicator (RAI)

Status:
 Resource Availability Confirmation (RAC)
 Information Request (IRQ)
Bandwidth:  Information Request Response (IRR)
 Bandwidth Request (BRQ)  Information Request Acknowledgment (IACK)
 Bandwidth Confirmation (BCF)  Information Request Negative Acknowledgment
 Bandwidth Reject (BRJ) (INACK)

Registration Request
 Registration is the process by which gateways, terminals,

and multipoint control units join a zone and inform the
gatekeeper of their IP and alias addresses.
 Registration occurs after the discovery process.
 Gateway registers with either: Gatekeeper
– H.323 ID
– E.164 address
RRQ RRQ
RCF RCF
Gateway A Terminal

Lightweight Registration
 H.323v1 gateway sent full registration every 30 seconds

 H.323v2 gateway starts with full registration with gatekeeper
– Gateway negotiates timers for lightweight registration
– Gateway sends lightweight registration
 Every negotiated timeout
 Similar to keepalive The gateway sends an
RRQ message with
keepalive = true before the
TTL timer expires.
Gatekeeper sends a TTL
timer in an RCF message. RCF RRQ
RRQ TTL Keepalive

Admission Request
Dial Plan
801555xxxx: Gateway A
Gatekeeper
408555xxxx: Gateway B
ARQ ARQ
ACF ACF

Gateway A Gateway B
Dual RTP (UDP) Stream
8015552001 4085552001

Location Request
 LRQ messages are commonly used between interzone

gatekeepers to obtain the IP of different zone endpoints.
 LRQs forwarded using one of two methods: 1 LRQ
GKA GKB
– Sequential 2 LRQ
 Based on priority and cost ARQ GKC

 Slower routing 3 LRQ
GKD
 Less signaling
– Blast
Gateway
 To all matching gatekeepers LRQ
 Response selected based on GKA GKB
LRQ
priority and cost
ARQ GKC
 Faster routing
LRQ
 More signaling
GKD
Gateway
H.225 RAS Intrazone Call Setup
H.323 Gatekeeper
H.323 H.323
Gateway Gateway
PSTN/ PSTN/
Privat IP Privat
e Network e
1. Voice
Initiate Call Voice
2. ARQ
H.225
3. ACF
RAS
4. Call Setup
H.225 5. ARQ
RAS 6. ACF
H.225/Q.93
1 7. Call Proceeding
8. Ring Called Party
Call Setup 9. Alerting
10. Ringback Tone 11. Answer Call
12. Connect
13. Capabilities Exchange
H.245 14. Master/Slave Determination
Capabilities
15. Open Logical Channel
Negotiation
ARQ = Admission Request
RTP Stream ACF = Admission Confirm
RTP Stream
16. Media
RTCP Stream
(RTP)
H.225 RAS Interzone Call Setup
PSTN/ PSTN/
GK1 IP GK2
Privat Privat
e Network e
Voice
1. Initiate Call Voice
2. ARQ
H.225 3. LRQ
RAS 4. LCF
5. ACF
6. Call Setup
H.225/Q.93
1 7. Call Proceeding
Call Setup 8. ARQ
H.225 RAS
9. ACF 10. Ring Called Party
10. Ringback Tone 11. Alerting
H.225/Q.93 12. Answer Call
1 13. Connect
Call Setup 14. Capabilities Exchange ARQ = Admission Request
H.245 ACF = Admission Confirm
Capabilities 15. Master/Slave Determination
LCF = Location Request
Negotiation 16. Open Logical Channel LCF = Location Confirm
17. RTP/RTCP Stream

Gatekeeper Call Routing

Gatekeeper Zones
 Zones:
– H.323 endpoints are grouped into zones.
– Each zone has one logical gatekeeper that manages all
the endpoints in the zone.
 Zone prefixes:
– A zone prefix is the part of the called number that
identifies the zone to which a call goes.
– Zone prefixes are usually used to associate an area or
country code to a configured zone.

Zone Prefixes
 Identifies the destination zone for the call

 Determines if a call is routed to a remote zone or managed
locally
Zones
200-XXXX 300-XXXX
Zone A
WAN
Zone B

Technology Prefixes
 Technology prefix:
– Optional feature to enable more call routing flexibility
– Groups endpoints of the same type together
– Usually identified by “#” sign, but can be any E.164 string
 Technology prefix with hop-off:
– Calls will be routed to a specified zone, regardless of the
zone prefix in the address.
 Gateways can register using a technology prefix.
– If no technology prefix is included in the dialed number, a
default technology prefix can be used.
 Gatekeeper will only route a call to a gateway with a
matching technology prefix.

Technology Prefix Usage
 Distinguish between gateways that have specific capabilities

within a given zone
– Common to differentiate between gateways that support
terminals, video endpoints, or telephony devices
 For example, 1# for voice calls and 2# for video calls
H.323
Video H.323
2# 2# Video
GWA1 GWB1
H.323 H.323
Terminal IP Terminal
GWA2 GKA GKB GWB2
Voice
200 300 Voice
GWA3 GWB3

Gatekeeper-Based Call
Admission Control

Gatekeeper-Based Call Admission
Control
 Authorizes calls if the network can handle them

– Static configuration of available resources
 Provides CAC to these devices:
– Cisco Unified Communications Manager
– Cisco Unified Communications Manager Express
– H.323 endpoint
Gatekeeper
If too many calls go through the
WAN, voice quality may degrade
for all calls.

Calculating Bandwidth
 Gatekeeper calculates call bandwidth as double codec rate
– Ignoring overhead
– For all codecs
 Formula for zone bandwidth calculation on a gatekeeper
– (Number of calls) * (Codec bandwidth) * 2
 Example: Three G.711 calls:
3 * 64 * 2 = 384 kb/s
Codec kb/s on Gatekeeper
G.711 128 kb/s
G.729 16 kb/s

Configuring Gatekeeper

Gatekeeper Configuration Overview
Gatekeeper:
 Configure local and remote zones.
 Configure zone prefixes.
 Configure technology prefixes.
 Enable the gatekeeper.
Gateway:
 Configure gateways to use H.323 gatekeepers.
 Configure dial peers to use H.225 RAS protocol.

Gatekeeper Basics
router(config)#
gatekeeper
 Enters gatekeeper configuration mode
router(config-gk)#
no shutdown
 Enables the gatekeeper
 Should be done when configuration complete
– Some parameters cannot be modified with active registrations or
calls
 Does not make the gatekeeper operational if:
– No local zones are configured
– Local zones use HSRP address and interface is standby
 Default: disabled

Zones

Configuring Local Gatekeeper Zones
router(config-gk)#
zone local zone-name domain-name [ras-IP-address]
 Defines local zone.

– Identified by zone or gatekeeper name, and domain name
 Only one ras-IP-address argument can be defined for all local
zones.
– Local zones cannot use different RAS IP address.
– When configured in the first zone definition, it can be omitted for
all subsequent zones that automatically pick up this address.

Configuring Remote Gatekeeper Zones
router(config-gk)#
zone remote other-zone-name other-domain-name other-
gatekeeper-ip-address [port-number] [cost cost-value
[priority priority-value]] [foreign-domain]
 Statically defines remote zone

– Identified by zone or gatekeeper name, and domain name
 Optional for DNS-resolvable zones
– DNS is appropriate for H.323 ID-based calls, not E.164
– Gatekeeper resolves address automatically
 When several remote zones are configured, they can be ranked:
– By cost (0–100), default: 50
– By priority (0–100), default: 50
– Zone with lower cost or higher priority is preferred over others
 Default port number: UDP 1719
Gatekeeper Zones Configuration Example
gatekeeper
zone local ZoneA cisco.com 10.1.1.10
zone local ZoneB cisco.com
zone remote ZoneC cisco.com 10.1.1.12
no shutdown
Gatekeeper 1
10.1.1.10
GK1 Zone B
Zone A
WAN
GW-A 3xxx
GW-B
2xxx
Zone C
GK2
Gatekeeper 2
10.1.1.12
Configuring Zone
Prefixes

Configuring Zone Prefixes
router(config-gk)#
zone prefix zone-name e164-prefix [blast | seq] [gw-
priority priority gw-alias]
 Adds a prefix to the gatekeeper zone list
– Identified by name of a local or remote zone or gatekeeper
(defined by using a zone local or zone remote command)
 E.164 prefix can include wildcards:
– Dot (.) matches a single character.
– Asterisk (*) matches any string.
 blast and seq options define the mode for sending LRQs
 gw-priority defines preference for local zone gateways
– For calls to numbers beginning with prefix e164-prefix.
– Range is 0 (lowest, blocks the gateway) to 10 (highest); default
is 5.
– gw-alias name is the H.323 ID of a gateway.
 Set with the h323-gateway voip h.323-id command.
Zone Prefix Configuration Example
gatekeeper
zone local ZoneB cisco.com
zone prefix ZoneA 2... gw-priority 5 GW-A1
zone prefix ZoneB 3...
no shutdown
Gatekeeper
10.1.1.10 Zone B
GK1
Zone A
GW-A1 WAN
2xxx 3xxx
GW-B
GW-A2

Configuring Technology
Prefixes

Configuring Technology Prefixes
router(config-gk)#
gw-type-prefix type-prefix [[hopoff gkid1] [hopoff gkid2]
[hopoff gkidn] [seq | blast]] [default-technology] [[gw
ipaddr ipaddr [port]]]
 Defines a technology prefix
– Recognized and stripped before checking for the zone prefix
 hopoff option specifies the hopoff gatekeeper:
– Regardless of the zone prefix in the destination address
– Multiple occurrences configure redundant gatekeepers
 default-technology specifies that gateways registering with this
prefix are used as default for routing any addresses that are
otherwise unresolved.
 gw ipaddr option indicates that the gateway is incapable of
registering technology prefixes. When the gateway registers, it is
added to the group for this type prefix.
Technology Prefix Configuration
Example
 Calls with no prefix gatekeeper

treated as with 1# zone local ZoneB cisco.com
 Calls to prefix 2# go to zone local ZoneC cisco.com
Zone C without zone zone prefix ZoneA 2... gw-priority 10 GW-A2
prefix routing zone prefix ZoneB 3...
gw-type-prefix 1#* default-technology
 192.168.1.1 does not gw-type-prefix 2#* hopoff ZoneC
register technology gw-type-prefix 99#* gw ipaddr 192.168.1.1
prefix no shutdown
Gatekeeper Zone B
GK1 10.1.1.10
Zone A
GW-A1 WAN GW-B 3xxx
192.168.1.1
2xxx
GW-A2 Zone C
GW-C

Adapting H.323
Gateways to
Gatekeepers

Adapting H.323 Gateways to Gatekeepers
router(config-if)#
h323-gateway voip bind srcaddr ip-address
 Optional, sets the source IP address for outgoing H.323 traffic
 Affects H.225, H.245, and RAS messages
router(config-if)#
h323-gateway voip interface
 Mandatory, configures an interface as an H.323 gateway interface
 Prerequisite for setting gateway ID and referencing gatekeeper
 Only one interface can be selected per gateway
router(config-if)#
h323-gateway voip h323-id interface-id
 Optional, sets the H.323 name of the gateway that identifies this
gateway to its associated gatekeeper
 If not defined, gateway registers E.164 numbers, no H.323 ID

Adapting H.323 Gateways to
Gatekeepers (Cont.)
router(config-if)#
h323-gateway voip id gatekeeper-id {ipaddr ip-addr [port-
number] | multicast} [priority number]
 Mandatory, defines the zone (or gatekeeper ID) to register with
 Gatekeeper ID must match the zone or gatekeeper ID configured on gatekeeper
– Case-sensitive
 Multicast discovery listens on well-known H.323 gatekeeper discovery address
224.0.0.41, port UDP 1718
 Priority defines order of alternate gatekeepers
router(config-if)#
h323-gateway voip tech-prefix prefix
 Optional, defines the technology prefix that the gateway registers with the
gatekeeper
 Affects routing of inbound calls

Adapting H.323 Gateways to
Gatekeepers (Cont.)
router(config)#
gateway
 Mandatory, causes gateway to discover and register, or unregister with
gatekeeper
– GRQ and RRQ or URQ messages. Default: disabled
router(config-dial-peer)#
session target ras
 Mandatory, points the H.323 session at gatekeeper
 RAS signaling protocol
– Gatekeeper consulted to translate E.164 address to IP address
 Signaling sent to RAS UDP port 1719 instead of H.225 UDP port 1720

Managing E.164 Address Registration
router(config-ephone-dn)#
number number [secondary number] [no-reg [both | primary]
 no-reg keyword prevents E.164 number registration of ephone-dns
 Default: Both SCCP endpoints registered, SIP not registered
register e164
 Registers fully qualified E.164 numbers for POTS dial peers with
FXS
– Fully qualified: 2001, not fully qualified: 200….
 Default: Enabled for active dial peers with FXS that is not shut down
router(config-telephony)#
dialplan-pattern tag pattern extension-length extension-
length [extension-pattern extension-pattern | no-reg]
 no-reg keyword prevents expanded number registration
 Default: Expanded numbers are registered at gatekeeper
Gateway Configuration Example
interface Loopback 0
ip address 192.168.1.2 255.255.255.0
h323-gateway voip interface Gatekeeper
h323-gateway voip bind srcaddr 192.168.1.2 10.1.1.10
h323-gateway voip id ZoneA ipaddr 10.1.1.10
h323-gateway voip h323-id GW-A
GK
h323-gateway voip tech-prefix 1#
!
dial-peer voice 1 voip WAN
destination pattern [3-7]...
session target ras
dial-peer voice 2 pots GW-A
destination pattern 2101 FXS 192.168.1.2
no register e164 0/1/0
port 0/1/0
!
20xx
gateway 2101
!
ephone-dn 1 dual-line
number 2001 no-reg ZoneA
CAC

Configuring Gatekeeper CAC
router(config-gk)#
bandwidth {check-destination | interzone | total |
session | remote} {default | zone zone-name} bandwidth
 Defines maximum aggregate bandwidth for H.323 traffic
– interzone: From a specific zone to all other zones together
– total: All calls within one zone
– session: For a single session in a zone
– remote: To all remote zones together
– default: Default value for each zone
 Bandwidth-size defined in kb/s
 check-destination: Destination zone bandwidth check before
responding to ARQ
– Default: only source zone and interzone values checked
 default: Unlimited maximum aggregate bandwidth
Gatekeeper CAC Configuration
Example
gatekeeper
 All calls from Zone A to all other zones: zone local ZoneA cisco.com
1024 kb/s 10.1.1.10
 All calls from any other zone to all zone local ZoneB cisco.com
other zones: 512 kb/s zone local ZoneC cisco.com
 All calls within Zone A : 2048 kb/s zone prefix ZoneA 2...
zone prefix ZoneB 3...
 All calls within every other zone: 1536
kb/s zone prefix ZoneC 4...
bandwidth interzone zone ZoneA 1024
 Max G.729 codec in Zone A bandwidth interzone default 512
 Max G.711 codec in every other zone bandwidth total zone ZoneA 2048
 Destination zone bandwidth check bandwidth total default 1536
enabled bandwidth session zone ZoneA 16
bandwidth session default 128
Zone A bandwidth check-destination
no shutdown
GW-A
2xxx Gatekeeper
10.1.1.10
Zone B
Zone C
GW-C WAN
4xxx GW-B 3xxx

Verifying Basic
Gatekeeper Functionality

Gatekeeper Verification Overview
show commands: debug commands:

 show gatekeeper status  debug h225 {asn1 | events}
 show gatekeeper endpoint  debug h245 {asn1 | events}
 show gatekeeper zone prefix  debug proxy h323 statistics
 show gatekeeper zone status  debug ras
 show gatekeeper calls  debug gatekeeper main [5] [10]
 show gatekeeper gw-type-
prefix

Verifying Gatekeeper Status
gk# show gatekeeper status

Gatekeeper State: UP
Load Balancing: DISABLED
Flow Control: DISABLED
License Status: AVAILABLE
Zone Name: ZoneA
Zone Name: ZoneB
Accounting: DISABLED
Endpoint Throttling: DISABLED
Security: DISABLED
Maximum Remote Bandwidth: unlimited
Current Remote Bandwidth: 0 kbps
Current Remote Bandwidth (w/ Alt GKs): 0 kbps
Hunt Scheme: Random

Verifying Registered Endpoints
gk# show gatekeeper endpoint

GATEKEEPER ENDPOINT REGISTRATION
================================
CallSignalAddr Port RASSignalAddr Port Zone Name Type Flags
--------------- ----- ------------- ----- ---- ---- ---
10.100.100.100 1720 10.100.100.100 56937 ZoneA
VOIP-GW
E164-ID: 2005551212
H323-ID: GW-A
Voice Capacity Max.= Avail.= Current.= 0
10.100.100.101 1720 10.100.100.101 49521 ZoneB
VOIP-GW
E164-ID: 3005551213
H323-ID: GW-B
Voice Capacity Max.= Avail.= Current.= 0
Total number of active registrations = 2

Verifying Zone Prefixes
gk# show gatekeeper zone prefix

ZONE PREFIX TABLE
=================
GK-NAME E164-PREFIX
------- -----------
ZoneA 200*
ZoneB 300*
ZoneC 400*
ZoneD 555....
ZoneD 919*

Verifying Zone Status
gk# show gatekeeper zone status

GATEKEEPER ZONES
================
GK name Domain Name RAS Address PORT FLAGS
------- ----------- ----------- ----- -----
ZoneA cisco.com 10.1.250.102 1719 LS
QOS ATTRIBUTES :
DSCP Option : default
BANDWIDTH INFORMATION (kbps) :
Maximum total bandwidth : unlimited
Current total bandwidth : 0.0
Maximum interzone bandwidth : unlimited
Current interzone bandwidth : 0.0
Maximum session bandwidth : unlimited
...
ZoneB cisco.com 10.1.250.102 1719 LS
…
Verifying Gatekeeper Calls
GK# show gatekeeper calls

Total number of active calls = 1.
GATEKEEPER CALL INFO
====================
LocalCallID Age(secs) BW
2-14476 59 128(kb/s)
Endpt(s): Alias E.164Addr
src EP: A-CUCME 12005553001
CallSignalAddr Port RASSignalAddr Port
192.168.3.254 1720 192.168.3.254 52668
Endpt(s): Alias E.164Addr
dst EP: ipipgw 13005556666
CallSignalAddr Port RASSignalAddr Port
192.168.1.3 1720 192.168.1.3 52060

Summary
 H.323 gatekeepers resolve addresses, provide Call

Admission Control, manage zones, and control bandwidth
utilized by endpoints.
 Some RAS messages are exchanged between gateway and
gatekeeper (GRQ, GCF, GRJ, RRQ, RCF, RRJ, ARQ, ACF,
ARJ, URQ, UCF, URJ, DRQ, DCF, DRJ, RIP), while other
messages are exchanged between gatekeepers (LRQ, LCF,
LRJ).
 Gatekeepers route calls based on the called number, which
may or may not contain a technology prefix.
 A gatekeeper provides CAC by accepting calls that do not
exceed the maximum aggregate throughput.
 A gatekeeper must at least have a local zone configured to
become operational.

Summary (Cont.)
 Local zones define the zones served by the local gatekeeper

while remote zones are zones controlled by other
gatekeepers.
 Zone prefixes establish the call routing table of a gatekeeper.
 Technology prefixes affect gatekeeper call routing and can
be configured on gatekeepers and gateways.
 H.323 gateways must be adapted to interoperability with
gatekeepers by commands in interface and dial peer
configuration mode.
 Gatekeeper CAC is implemented using the bandwidth
command.
 Gatekeepers allow the verification of configured zones,
registered endpoints, and routed calls.

Gatekeeper and Cisco
Implementation
Examining Cisco Unified Border

Element

Outline
 Cisco Unified Border Element Overview

 Protocol Interworking on Cisco Unified Border Element
 Media Flows on Cisco Unified Border Element
 Configuring Media Flow and Transparent Codec
 RSVP-Based CAC on Cisco Unified Border Element
 Cisco Unified Border Element Call Flows
 Configuring H.323-to-H.323 Interworking
 Configuring H.323-to-SIP Interworking
 Verifying Cisco Unified Border Element

Cisco Unified Border
Element Overview

Cisco Unified Border Element Overview
 VoIP network interconnect

 Also called session border controller
 Ability to connect one VoIP dial peer with another VoIP
dial peer
 Powerful protocol interworking toolset:
– H.323-to-SIP
– H.323-to-H.323
– SIP-to-SIP

Cisco Unified Border Element Placement
Cisco Unified Border Element

connects VoIP dial peers.
Inbound Outbound
VoIP Dial Peer VoIP Dial Peer
SIP or H.323 SIP or H.323

Cisco Unified
Border Element

Cisco Unified Border Element Applications
 External connections:
– Interconnect with VoIP carriers
– Interconnect with other voice and video networks
– Integrate Internet VoIP and video-over-IP users
 Internal connections:
– Increase interoperability within a VoIP network
 Relevant features:
– Protocol interworking
– Address hiding
– Security
– Video integration
– CAC

Application Examples
Cisco Unified SIP signaling and

Communications RTP stream to ITSP
Manager
SIP Carrier
Express
Cisco
Unified
Border SIP
Element
IP
H.323
Cisco Unified
Communications
H.323 signaling Manager
and RTP stream Express
between the sites

Protocol Interworking on
Element

Protocol Interworking on Cisco Unified
Border Element
 Solves interoperability issues when using different signaling

protocol or when devices have different capabilities
 Translates between signaling protocols:
– Each call leg terminates on the Cisco Unified Border
Element.
– The Cisco Unified Border Element examines received
information, performs translation, and reoriginates a new
call leg.

Signaling Method Refresher
Method Protocol Characteristics

Slow start H.323 v1 H.245 parameters exchanged after H.225 connect.
Fast start H.323 v2 H.245 parameters exchanged earlier, in H.225 call setup
(Cisco default) and H.225 call proceeding/alerting.
Early media H.323 Early media cut-through after H.245 exchanged.
Delayed offer SIP SDP proposals sent late:
 From terminating gateway: 200 OK
 From originating gateway: ACK
Early offer SIP SDP proposals sent early:
(Cisco default)  From originating gateway: Invite
 From terminating gateway:
– 200 OK
– 183 Session Progress, or
– 180 Ringing
Early media SIP  Early media cut-through after:
– 183 session progress, or
– 180 ringing

Cisco Unified Border Element Protocol
Interworking
Slow Start Slow Start
Fast Start Fast Start
H.323 H.323
Delayed Offer Delayed Offer

Early Offer Early Offer
SIP SIP
Slow Start Delayed Offer

Fast Start Early Offer
H.323 SIP

Media Flows on Cisco

Cisco Unified Border Element Signaling
and Media Flows
 Cisco Unified Border Element can act as a proxy for H.323

and SIP (proxy signaling).
 Media flow-through (default)—All media streams are routed
through the Cisco Unified Border Element:
– Solves IP interworking issues
– Hides IP original addresses
– Enables tighter security policies
 Media flow-around: Media streams flow directly between
endpoints.
– Supported only for H.323-to-H.323 and SIP-to-SIP

Media Flows
Media Flow-Through:
Signaling Signaling
Cisco Unified Cisco Unified

Communications Communications
Manager Express Cisco Unified Manager Express
Border Element
10.1.1.1 10.1.1.1 <> 192.168.1.2 192.168.1.2 192.168.1.2 <> 10.2.1.1 10.2.1.1
Cisco Unified
Media Flow-Around: Border Element
192.168.1.2
Signaling Signaling

Communications 10.1.1.1 <> 10.2.1.1 Communications
Manager Express Manager Express
10.1.1.1 10.2.1.1
Cisco Unified Border Element Codec
Filtering
 VoIP networks support multiple codecs:

– Preferences define which codecs are selected over
others.
 Cisco Unified Border Element can limit codec negotiation to a
single codec:
– Ensures that a specific codec is negotiated
– Simplifies design considerations
 Cisco Unified Border Element transparent codec handling:
– Transparently passes codec capabilities between
endpoints
 Implemented via dial peer configuration

Cisco Unified Border Element Codec
Filtering Examples
 Cisco Unified Border Element codec negotiation:
VoIP 1 VoIP 2

1. G.711a-law 1. G.711a-law
2. G.729A 1. G.729A 2. G.729A
3. G.729B 3. G.729B
 Cisco Unified Border Element with codec transparency:
VoIP 1 VoIP 2

1. G.711a-law 1. G.711a-law
2. G.729A Transparent 2. G.729A
3. G.729B 3. G.729B
Configuring Media Flow
and Transparent Codec

Configuring Media Flow and
Transparent Codec
router(conf-voi-serv)#
router(config-class)#
media [flow-around | flow-through]
 Configures media flow-around or flow-through on a dial peer
 Available in dial-peer, voice service voip, or voice class
 Media flow-around supported only for SIP-to-SIP or H.323-to-
H.323
 Default: flow-through
router(config-class)#
codec transparent
 Configures transparent codec pass-through in dial-peer or
codec class
Media Flow-Around and Transparent
Codec Example
Manager Express H.225 and Manager Express
10.1.1.1 Site code: 81 H.225/H.245 Site code: 82 H.225 and
H.245 H.245
IP WAN
SCCP RTP Cisco Unified RTP Cisco Unified RTP SCCP

Border Element Border Element
192.168.1.1 192.168.2.1
voice service voip
allow-connections h323 to h323
h323
call start interwork
1xxx dial-peer voice 10 voip 1xxx
destination-pattern 1...
media flow-around
codec transparent
session target ipv4:10.1.1.1
dial-peer voice 20 voip
destination-pattern 82....
media flow-around
codec transparent
RSVP-Based CAC on
Element

RSVP-Based CAC on Cisco Unified
Border Element
 Cisco Unified Border Element can use standard Cisco IOS

gateway RSVP call support.
 Enables RSVP-based CAC:
– Support for voice and video calls
 Requirements:
– Two Cisco Unified Border Elements can be used as
RSVP peers
– Media flow-through to ensure that the reserved path is
used

RSVP-Based CAC

Communications H.225/H.245 Communications
H.225 and RSVP H.225 and
H.245 H.245
IP WAN
SCCP RTP Cisco RTP Cisco RTP SCCP

Unified Unified
Border Border
Element Element

RSVP-Based CAC Call Flow
H.323 Fast Start

Border Border
Element Element
1. Initiate Call 2. Call Setup (H.245) 3. RSVP Path

4. RSVP Reservation RSVP
5. Call Setup (H.245) 6. Call Setup (H.245)
9. Call Proceeding 8. Call Proceeding 7. Call Proceeding
14. Ringback 10. Ring
13. Alerting (H.245) 12. Alerting (H.245) 11. Alerting (H.245)
15. Answer
15. RTP/RTCP Streams (flow-through)
H.225
18. Connect 17. Connect 16. Connect

Element Call Flows

Cisco Unified Border Element Call Flows
 SIP carrier interworking

– H.323-to-SIP
 RSVP-based CAC
– Two Cisco Unified Border Elements with H.323-to-H.323
 SIP carrier interworking with gatekeeper-based CAC
– H.323-to-SIP
– H.323 gatekeeper RAS

SIP Carrier Interworking
Cisco Unified
Communications
Manager Express H.225 and
H.245 SIP
SIP
Carrier
RTP RTP
Cisco Unified
Border
SCCP Element

SIP Carrier Interworking Call Flow
H.323 Slow Start-to-SIP Delayed Offer
Cisco Unified
Border
Element
Enterprise SIP
IP Carrier
1. Initiate Call 2. Call Setup 3. Invite 4. Invite
H.225/Q.93 7. Call Proceeding 6. 100 Trying 5. 100 Trying
1 10. Alerting 9. 180 Ringing 8. 180 Ringing
Call Setup 11. Ringback 14. Connect 13. 200 OK (SDP) 12. 200 OK (SDP)
15. TCS
H.245 SIP
16. Master/Slave
Capabilities
Negotiation 17. OLC 18. ACK (SDP) 19. ACK (SDP)
20. RTP/RTCP Streams
TCS = Terminal Capability Set (Only flow-through supported)

OLC = Open Logical Channel
SDP = Session Description Protocol

SIP Carrier Interworking Call Flow (Cont.)
H.323 Fast Start-to-SIP Early Offer
Cisco Unified
Border
Element
Enterprise SIP
IP Carrier
1. Initiate Call 2. Setup (H.245) 3. Invite (SDP) 4. Invite
H.225/Q.93 (SDP)
1 7. Proceeding 6. 100 Trying 5. 100 Trying
Call Setup 11. Ringback 10. Alerting (H.245) 9. 180 Ringing (SDP) 8. 180 Ringing SIP
With H.245
Capabilities 12. RTP/RTCP Streams (flow-through)
Negotiation
15. Connect 14. 200 OK 13. 200 OK
16. ACK 17. ACK
SDP = Session Description Protocol

SIP Carrier Interworking with
Gatekeeper-Based CAC Call Setup
H.323 Slow Start-to-SIP Delayed Offer
Zone A GK ITSP GK Cisco UBE
1. Initiate call 2. ARQ

3. LRQ H.225
4. LCF RAS
5. ACF
6. Call Setup
7. ARQ H.225
H.225/Q.93 8. ACF RAS
1
9. Invite 10. Invite
Call Setup
13. Call Proceeding 12. 100 Trying 11. 100 Trying
17. Ringback 16. Alerting 15. Ringing 14. Ringing
SIP
20. Connect 19. 200 OK (SDP) 18. 200 OK (SDP)
21. H.245 Capability Exchange 22. ACK (SDP) 23. ACK (SDP)
H.245
24. RTP/RTCP Streams (flow-through)
ARQ = Admission Request, ACF = Admission Confirm, LCF = Location Request, LCF = Location Confirm
Configuring H.323-to-
H.323 Interworking

H.323-to-H.323 Configuration Overview
1. Enable H.323-to-H.323 interworking.

2. Enable fast-start-to-slow-start interworking (optional).
3. Configure H.323 dial peers.

Configuring H.323-to-H.323
Interworking
router(config)#
voice service voip
 Enters voice service VoIP configuration mode
 Enables H.323-to-H.323 interworking
 Default: Only POTS-to-any and any-to-POTS connections
are permitted

Configuring H.323-to-H.323 Fast-Start-
to-Slow-Start Interworking
h323
 Enters H.323 mode
router(conf-serv-h323)#
call start {fast | slow | interwork}
 Forces the H.323 gateway to use either fast-start (H.323 v2) or slow-
start (H.323 v1) procedures for the dial peers using H.323
 interwork option allows Cisco Unified Border Element
interoperability between fast-start and slow-start procedures
– Caution: Cisco Unified Border Element with this setting will not
originate any H.323 calls (fast start and slow-start disabled)
 Default: fast start (H.323 v2)

H.323-to-H.323 Interworking Example
10.1.1.1 Site code: 81 H.225 Site code: 82
H.225 H.225
IP WAN
SCCP RTP Cisco Unified RTP Cisco Unified RTP SCCP

Border Element Border Element
192.168.1.1 192.168.2.1
voice service voip
h323
call start interwork
1xxx ! 1xxx
description To Cisco Unified CME
destination-pattern 1...
!
description To Cisco UBE
destination-pattern 82....
Configuring H.323-to-SIP
Interworking

Configuring H.323-to-SIP Interworking
allow-connections h323 to sip
allow-connections sip to h323
 Enables H.323-to-SIP interworking

 In one direction only
– Two mirrored statements required for bidirectional
interworking
 Default: only POTS-to-any and any-to-POTS connections are
allowed
 For SIP-to-SIP interworking:
– allow-connections sip to sip

Configuring H.323-to-SIP DTMF Relay
Interworking
dtmf-relay [cisco-rtp] [h245-alphanumeric] [h245-signal]
[rtp-nte [digit-drop]] [sip-notify]
 Basic DTMF relay interworking
– H.245 alpha/signal and SIP RTP-NTE (RFC 2833)
– H.245 alpha/signal and SIP Notify
 digit-drop drops incoming in-band DTMF digits when H.323 call leg uses
out-of-band relay (H.245 alpha/signal and SIP RTP-NTE)
– Prevents sending DTMF in two channels
– Configured on the SIP call leg dial peer
H.323 SIP
In-band cisco-rtp, rtp-nte (RFC 2833) rtp-nte (RFC 2833)
Out-of-band h245-alphanumeric, h245-signal sip-notify

Verifying Cisco Unified
Border Element

Verification Overview
show commands: debug commands:

 show call active voice  debug voip ipipgw
 show call history voice  debug cch323 all
 show dial-peer voice  debug ccsip messages
 show voip rtp connections  debug h225 asn1
 debug h225 events
 debug h245 asn1
 debug h245 events
 debug voip ccapi inout

Debugging Cisco Unified Border
Element Operations
router# debug voip ipipgw
…/H323/cch323_set_pref_codec_list: First preferred codec(bytes)=16(20)

…/H323/cch323_get_peer_info: Flow Mode set to FLOW_THROUGH
…/H323/cch323_build_local_encoded_fastStartOLCs: srcAddress = 0xA010665,
h245_lport = 0, flow mode = 1,
…/H323/cch323_generic_open_logical_channel: current codec = 16:20:20
…/H323/cch323_receive_fastStart_cap_response: Send cap ind to peer leg
…/H323/cch323_build_olc_for_ccapi: audioFastStartArray=0x49045794
…/H323/cch323_build_olc_for_ccapi: Channel Information:
Logical Channel Number (fwd): 1
Logical Channel Number (rev): 1
Channel address (fwd/rev): 10.1.250.102
RTP Channel (fwd/rev): 16764
RTCP Channel (fwd/rev): 16765
QoS Capability (fwd/rev): 0
Symmetric Audio Codec: 16
Symmetric Audio Codec Bytes: 20
Flow Mode: 0
Silence Suppression: 1
Viewing Cisco Unified Border Element Calls
router# show call active voice brief

...
Telephony call-legs: 0
SIP call-legs: 1
H323 call-legs: 1
Call agent controlled call-legs: 0
SCCP call-legs: 0
Multicast call-legs: 0
Total call-legs: 2
137C : 163 346116800ms.1 +1580 pid:40002 Answer 1010 active
dur 00:00:22 tx:1124/22480 rx:112/2050
IP 10.1.2.28:25850 SRTP: off rtt:0ms pl:0/0ms lost:0/0/0 delay:0/0/0ms
g729r8 TextRelay: off
media inactive detected:n media contrl rcvd:n/a timestamp:n/a
long duration call detected:n long duration call duration:n/a
timestamp:n/a
...

Summary
 Cisco Unified Border Element features include protocol

interworking, address hiding, security, video integration, and
CAC.
 Cisco Unified Border Element supports conversion of fast-
start-to-slow-start signaling methods within the same protocol
(H.323 or SIP).
 The default media flow-through can be changed to flow-
around when interworking within the same protocol.
 Cisco Unified Border Element can be deployed in
combination with RSVP.
 Cisco Unified Border Element call flows differ depending on
the CAC method in use.

Summary (Cont.)
 H.323-to-H.323 interworking allows the configuration of fast-

start-to-slow-start conversion.
 H.323-to-SIP interworking can be combined with gatekeeper
CAC on the H.323 side.
 Cisco Unified Border Element can pass codec negotiation
transparently and allow the media to flow around without
being handled.
 Debug and verification commands display both VoIP call legs
of Cisco Unified Border Element.

Module Summary
 H.323 gatekeepers make H.323 environments more scalable

by providing address resolution, centralized call routing, and
CAC. In addition, H.323 gatekeepers offer optional features,
such as call authorization, call management, and bandwidth
management.
 Cisco Unified Border Element connects two VoIP networks
and can provide protocol interworking, address hiding, and
CAC.


Gatekeeper and Cisco Unified Border Element Implementation: Understanding Gatekeepers

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Gatekeeper and Cisco Unified Border Element Implementation: Understanding Gatekeepers

Uploaded by

Copyright:

Available Formats

Gatekeeper and Cisco

Unified Border Element

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-1

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-2

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-3

Typical gatekeeper functions:

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-4

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-5

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-6

UDP Port 1719

H.225 Call Setup (TCP)

H.245 Media Control (TCP)

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-7

 Resource Availability Indicator (RAI)

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-8

 Registration is the process by which gateways, terminals,

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-9

 H.323v1 gateway sent full registration every 30 seconds

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-10

H.225 Call Setup (TCP)

Dual RTP (UDP) Stream

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-11

 LRQ messages are commonly used between interzone

 Based on priority and cost ARQ GKC

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-14

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-15

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-16

 Identifies the destination zone for the call

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-17

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-18

 Distinguish between gateways that have specific capabilities

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-19

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-20

 Authorizes calls if the network can handle them

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-21

Codec kb/s on Gatekeeper

G.711 128 kb/s

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-22

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-23

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-24

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-25

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-26

 Defines local zone.

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-27

 Statically defines remote zone

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-30

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-32

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-33

 Calls with no prefix gatekeeper

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-35

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-36

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-37

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-38

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-39

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-42

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-44

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-45

show commands: debug commands:

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-46

gk# show gatekeeper status

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-47

gk# show gatekeeper endpoint

© 2010 Cisco Systems, Inc. All rights reserved. CVOICE v8.0—5-48