cap 08
Overview
Campus networks carry a variety of data with diverse purposes and impacts on resources. When voice, video and data application are effectively delivered over a single Campus infrastructure, ROI yields are very high for equipment investments. Proper design and configuration efforts will ensure that voice, video and data traffic efficiently coexist on a single Campus Infrastructure.
8.1 Accommodating Voice Traffic on Campus Switches
8.1.1 Voice traffic on a Cisco infrastructure
Ciscos converged end-to-end network solution offers the strengths of the Cisco data networking components such as routers, switches and firewalls which have infrastructure security and reliability as a foundation. An IP Telephony solution can be then be implemented over that network.
The power of this approach is that each new application such as video, Web, or telephony represents just another media type over the same infrastructure medium rather than creating a different communication medium for each media type. Intelligent devices are automatically given rights and priorities and the applications themselves can intelligently communicate with the infrastructure to meet the constantly changing needs of the system as specified by the organization. As the figure indicates, this unity of infrastructure and applications is what distinguishes Cisco IP Telephony solutions from those of its competitors.
Benefits of IP Telephony on a Cisco Infrastructure
Cisco IP phones are able to use the Ethernet switches in the network as the "voice call switch matrix." Calls are managed differently, and the inherent time slot and bandwidth limitations of traditional TDM architectures are removed. Switching of a call is done only between the devices required to switch the call: the IP phones, voice gateways and Ethernet switches. Calls do not have to be routed back to a traditional TDM switching matrix to complete the call.
Cisco IP phones are also able to receive call-processing capability directly from the Cisco IOSฎ Software running on the access router for remote or small office locations. The tight integration with the IP network infrastructure provides customers with the flexibility to design their IP networks to meet their individual voice and data needs.
Beyond network efficiency and scalability, the tight integration of IP telephony and Cisco infrastructure also delivers other benefits including:
Speedier, lower-cost moves, adds, and changes
Automatically updated E911 System
Quicker deployment of quality of service (QoS) settings
Security common to all network devices
Built-in resiliency
Power over Ethernet and intelligent power management to reduce power costs
New planning and management tools to ensure voice quality
A full range of IP Communications solutions
Revenue-generating and productivity-enhancing Extensible Markup Language (XML) applications
8.1.2 What is a voice VLAN?
Some Cisco Catalyst switches offer a "voice VLAN" feature. The voice VLAN, also known as an auxiliary VLAN, provides automatic VLAN association for IP phones. By associating the phones, and therefore the phone traffic, with a specific VLAN, the phone traffic will be on different IP subnets even though voice and data co-exist on the same physical infrastructure.
When a phone is connected to the switch, the switch sends necessary voice VLAN information to the IP phone, placing it into the voice VLAN without end-user intervention. Placing phone traffic onto a distinct VLAN allows the phone traffic to be segmented from the data traffic; this facilitates better network management and troubleshooting. Additionally, QoS or security policies can be enforced specifically for the traffic traversing the phone VLANs without affecting the data traffic. If the phone is moved, the voice VLAN association occurs again. The voice VLAN information may change if the phone is moved.
In an implementation where a PC, or other IP device, is connected to the switch through the IP phone, and the phone is in an Auxiliary VLAN, Layer 2 frame type incompatibility may keep the phone and device from communicating. The IP phone and device cannot communicate if they are in the same VLAN and subnet but each is using a different frame type. Because the traffic between the two takes place on the same subnet, it will not be routed and therefore, the Layer 2 headers will not be altered. Also, switch commands cannot be used to configure the frame type being used by a device on the other side of the phone that is not directly attached to the switch.
In order for the device and the phone to communicate, one of the following must be true:
They both use the same Layer 2 frame type.
The phone uses 802.1p frames and the device uses untagged frames.
The phone uses untagged frames and the device uses 802.1p frames.
The phone uses 802.1Q frames, and the voice VLAN equals the native VLAN.
8.1.3 Voice considerations in campus submodules
Deploying IP telephony in the enterprise campus requires the implementation of various features particular to each submodule.
Building Access Submodule
Within the Building Access submodule, these features support IP telephony:
Voice VLANs
802.1p/Q
Hardware support for multiple output queues
Hardware support for in-line power to IP phones
PortFast
Root Guard
Unidirectional Link Detection (UDLD)
UplinkFast
Building Distribution Submodule
Within the Building Distribution submodule, these features support IP telephony:
Passive interfaces
Layer 3 redundancy with Hot Standby Router Protocol (HSRP), HSRP track, and HSRP preempt
OSPF or Enhanced Interior Gateway Routing Protocol (EIGRP) routing with adjusted timers, summary addresses, and path costs
8.1.4 Network design considerations for voice
IP telephony places strict requirements on the network infrastructure. The network must provide sufficient bandwidth and quick convergence after network failures or network changes. Most IP telephony installations are built on an existing network infrastructure, therefore the infrastructure typically requires enhancement with priority given to voice traffic.
General Design Considerations
To determine if an infrastructure can support the addition of voice, evaluate these considerations:
Features required for each device in the campus network IP phones require power and most enterprises put IP telephony applications on a separate VLAN with priority handling.
Physical plant capable of supporting IP telephony The wiring and cabling plant must be adequate for IP telephony needs. At a minimum, Category 5 cabling is required and consideration should be made for increased wall jacks and switch ports required to support phone and PC connections.
Provision switches with inline power to support IP phones Within a wiring closet, deploy a Catalyst Inline Power Patch Panel or an in-line power from the switch to provide in-line power to the IP phones. This may increase the power requirements of the switch itself.
Network bandwidth adequate for data, voice and call control traffic Along with data traffic, consider both voice and call control traffic loads. Bandwidth provisioning requires careful planning of the LAN infrastructure so that the available bandwidth is always considerably higher than the load. There should be no steady-state congestion or latency over the LAN links. This is critical for voice operations over a LAN infrastructure.
NOTE:
Plan to work with a voice specialist to complete traffic engineering analysis for the network.
Bandwidth Provisioning
Properly provisioning the network bandwidth is a major component of designing a successful IP telephony network. The required bandwidth can be calculated by adding the bandwidth requirements for each major application, including voice, video, and data. This sum then represents the minimum bandwidth requirement for any given link, and it should not exceed approximately 75 percent of the total available bandwidth for the link.
From a traffic standpoint, an IP telephony call consists of two traffic types:
Voice carrier stream This consists of Real-Time Transport Protocol (RTP) packets that contain the actual voice samples.
Call control signaling This consists of packets belonging to one of several protocols; those used to set up, to maintain, to tear down, or to redirect a call depending upon call endpoints. Examples are H.323 or Media Gateway Control Protocol (MGCP).
A Voice over IP (VoIP) packet consists of the voice payload, IP header, UDP header, RTP header, and Layer 2 link header. Coder-decoder (codec) type (G.711, G.729, etc.) is configurable by device. However, G.729 does not support fax or modem traffic. The IP header is 20 bytes, the UDP header is 8 bytes, and the RTP header is 12 bytes. The link header varies in size according to the Layer 2 media used; Ethernet requires 14 bytes of header. The voice payload size and the packetization period are device-dependent.
To calculate the bandwidth that voice streams consume, use this formula:
(Packet payload + all headers in bits) * Packet rate per second; for example, 50 packets per second (pps) when using a 20-ms packet period
Power Considerations
Accurate calculations of power requirements are critical for an effective IP telephony solution. Power can be supplied to the IP phones directly from Catalyst switches with inline power capabilities or by inserting a Catalyst Inline Power Patch Panel. In addition to IP phones, failover power and total load must be considered for all devices in the IP telephony availability definition, including Distribution and Backbone submodules, gateways, CallManager and other servers and devices. Power calculations, therefore, must be network rather than device based.
Providing highly available power protection requires an uninterruptible power supply (UPS) with a minimum battery life to support one hour and a four hour response for power system failures, or a generator with an onsite service contract. This solution must include UPS or generator backup for all devices associated with the IP Telephony network. In addition, consider UPS systems that have auto-restart capability and a service contract for four-hour support response.
IP telephony high-availability power and environment include these recommendations:
UPS and generator backup
UPS systems with auto-restart capability
UPS system monitoring
A 4-hour service response contract for UPS system problems
Maintain recommended equipment operating temperatures 24/7
Intelligent Network Services
Network management, high availability, security, and quality of service (QoS) intelligent network services must extend to incorporate voice-specific attributes.
Network Management The merging of network management tasks associated with both voice and data networks is one of the key benefits of using a converged network as opposed to a voice only network. However, it is still necessary to understand the traditional voice-only management concepts to relate the features available in that technology to the converged network management techniques.
High Availability As with any network capability, plan redundancy for critical voice network components such as the Cisco CallManager and the associated gateway and infrastructure devices.
Security The subject of securing voice communications has received more visibility recently as network convergence becomes an accepted design model. With the advent of IP telephony traffic traversing the LAN infrastructure, the potential exists for malicious attacks on call-processing components and telephony applications. As with all network devices, there should be a predefined security policy for all devices, applications, and users associated with the voice network that is appropriate for the level of caution required. Consider security measures for voice call-processing platforms, applications and telephony traffic.
QoS The goal of QoS is to provide critical applications a higher priority for service so that they are the least likely to be delayed or to be dropped in times of congestion. When a network becomes congested, some traffic will be delayed or lost. Voice traffic has strict requirements concerning delay and delay variation (also known as "jitter") and compared to most data traffic, voice traffic is relatively intolerant of loss. To establish priority processing for voice traffic, a wide range of IP QoS features can be employed, such as classification, queuing, congestion detection, traffic shaping, and compression.
8.1.5 Quality of Service QoS basics
Network managers must be prepared for increasing amounts of traffic, requiring more bandwidth than is currently available. This is especially important when dealing with Voice traffic. Almost any network can take advantage of QoS for optimum efficiency, whether it is a small corporate network, an Internet service provider (ISP), or an enterprise network. QoS is the application of features and functionality required to actively manage and satisfy networking requirements of applications sensitive to loss, delay, and delay variation (jitter). QoS allows preference to be given to critical application flows for the available bandwidth. QoS tools enable manageability and predictable service for a variety of networked applications and traffic types in a complex network.
The Cisco IOS implementation of QoS software provides these benefits:
Priority access to resources QoS allows administrators to control which traffic is allowed to access specific network resources such as bandwidth, equipment and WAN links. Critical traffic may take possession of a resource by dropping low-priority packets.
Efficient management of network resources If network management and accounting tools indicate that specific traffic is experiencing latency, jitter, and packet loss, then QoS tools can be used to adjust how that traffic is handled.
Tailored services The control provided by QoS enables ISPs to offer carefully tailored grades of service differentiation to their customers. For example, a service provider can offer one service level agreements (SLAs) to a customer website that receives 3000 to 4000 hits per day and another to a site that receives only 200 to 300 hits per day.
Coexistence of mission-critical applications QoS technologies ensure that mission-critical business applications receive priority access to network resources while providing adequate processing for applications that are not delay sensitive. Multimedia and voice applications tolerate little latency and require priority access to resources. Other delay-tolerant traffic traversing the same link, such as SMTP over TCP, can still be adequately serviced.
8.1.6 QoS and voice traffic in the campus module
Regardless of the speed of individual switches or links, speed mismatches, many-to-one switching fabrics and aggregation may cause a device to experience congestion which can results in latency. If congestion occurs and congestion management features are not in place, then some packets will be dropped causing retransmissions that inevitably increase overall network load. QoS can mitigate latency caused by congestion on campus devices.
QoS is implemented by classifying and marking traffic at one device while allowing other devices to prioritize or to queue the traffic according to those marks applied to individual frames or packets. The table in figure lists the campus devices involved in QoS marking or prioritizing.
Network Availability Problem Areas
An enterprise network may experience any of these network availability problems:
Delay Delay (or latency) is the amount of time that it takes a packet to reach the receiving endpoint after being transmitted from the sending endpoint. This time period is termed the "end-to-end delay," and can be broken into two areas: fixed network delay and variable network delay. Fixed network delay includes encoding and decoding time (for voice and video), as well as the amount of time required for the electrical and optical pulses to traverse the media en route to their destination. Variable network delay generally refers to network conditions, such as congestion, that may affect the overall time required for transit. In data networks, for example, these types of delay occur:
Packetization delay The amount of time that it takes to segment data (if necessary), sample and encode signals (if necessary), process data, and turn the data into packets
Serialization delay The amount of time that it takes to place the bits of a packet, encapsulated in a frame, onto the physical media
Propagation delay The amount of time that it takes to transmit the bits of a frame across the physical wire
Processing delay The amount of time that it takes for a network device to take the frame from an input interface, place it into a receive queue, and then place it into the output queue of the output interface
Queuing delay The amount of time that a packet resides in the output queue of an interface
Delay variation Delay variation (or jitter) is the difference in the end-to-end delay between packets. For example, if one packet requires 100 ms to traverse the network from the source endpoint to the destination endpoint, and the following packet requires 125 ms to make the same trip, then the delay variation is calculated as 25 ms.
Each end station and Cisco network device in a voice or video conversation has a jitter buffer. Jitter buffers are used to smooth out changes in arrival times of data packets containing voice and video. A jitter buffer is dynamic and can adjust for changes in arrival times of packets. If you have instantaneous changes in arrival times of packets that are outside of the capabilities of a jitter buffer to compensate, you will have one of these situations:
A jitter buffer underrun, when arrival times between packets containing voice or video increase to the point where the jitter buffer has been exhausted and contains no packets to process the signal for the next piece of voice or video.
A jitter buffer overrun, when arrival times between packets containing voice or video decrease to the point where the jitter buffer cannot dynamically resize itself quickly enough to accommodate. When an overrun occurs, packets are dropped and voice quality is degraded.
Packet loss Packet loss is a measurement of packets transmitted and received compared to the total number that were transmitted. Loss is expressed as the percentage of packets that were dropped. Tail drops occur when the output queue is full. These are the most common drops that can occur when a link is congested. Other types of drops (input, ignore, overrun, no buffer) are not as common but may require a hardware upgrade because they are usually a result of network device congestion.
8.1.7 QoS trust boundaries
In a campus QoS implementation, boundaries are defined where the existing QoS values attached to frames and to packets are to be accepted or altered. These "trust boundaries" are established by configuring trust levels on the ports of key peripheral network devices where QoS policies will be enforced as traffic makes its way into the network. At these boundaries, traffic will be allowed to retain its original QoS marking or have new marking ascribed as a result of policies associated with its entry point into the network.
Trust boundaries establish a border for traffic entering the campus network. As traffic traverses the switches of the campus network, it is handled and is prioritized according to the marks received or trusted when the traffic originally entered the network at the trust boundary.
At the trust boundary device, QoS values are trusted if they are considered to accurately represented the type of traffic and precedence processing the traffic should receive as it enters the campus network. If untrusted, the traffic will be marked with a new QoS value appropriate for the policy in place at the point where the traffic entered the campus network. Ideally, the trust boundary exists at the first switch receiving traffic from a device or IP Phone. It is also acceptable to establish the trust boundary as all the traffic from an Access Switch enters a Distribution layer port.
NOTE:
Best Practices suggest classifying and marking traffic as close to the traffic source as possible.
8.1.8 QoS traffic classification and marking
Classification and marking is the process of identifying traffic for proper prioritization as that traffic traverses the campus network. Traffic is classified by examining information at various Layers of the OSI model. All traffic classified in a certain manner will receive an associate mark or QoS value. IP Traffic can be classified according to any values configurable in an ACL or any of the following criteria:
Layer 2 parameters MAC address, Multiprotocol Label Switching (MPLS), ATM cell loss priority (CLP) bit, Frame Relay discard eligible (DE) bit, ingress interface
Layer 3 parameters IP precedence, DSCP, QoS group, IP address, ingress interface
Layer 4 parameters TCP or UDP ports, ingress interface
Layer 7 parameters application signatures, ingress interface
All traffic classified or grouped according to the criteria above, will be marked according to that classification. QoS marks or values establish priority levels or priority classes of service for network traffic as it is processed by each switch. Once traffic is marked with a QoS value, then QoS policies on switches and interfaces will handle traffic according to the QoS values contained in individual frames and packets. As a result of classification and marking, traffic will be prioritized accordingly at each switch to ensure that delay sensitive traffic receives priority processing as the switch manages congestion, delay and bandwidth allocation.
Layer 2 QoS Marking
QoS Layer 2 classification occurs by examining information in the Ethernet or 802.1Q header such as destination MAC address or VLAN ID. QoS Layer 2 marking occurs in the Priority field of 802.1Q header. LAN Layer 2 headers have no means of carrying a QoS value so 802.1Q encapsulation is required if Layer 2 QoS marking is to occur. The Priority field is 3 bits in length and is also known as the 8021.p User Priority or Class of Service (CoS) value.
This 3 bit field hosts CoS values ranging from 1-7; 1 being associated with delay tolerant traffic such as TCP/IP. Voice traffic, which by nature is not delay tolerant, receives higher default CoS values such as 3 for Call Signaling. A CoS value of 5 is given to Voice Bearer traffic which is the phone conversation itself where voice quality is impaired if any packets are dropped or delayed.
As a result of Layer 2 classification and marking, the following QoS operations can occur:
Input queue scheduling When a frame enters a port, it can be assigned to one of a number of port-based queues prior to being scheduled for switching to an egress port. Typically, multiple queues are used where traffic requires different service levels.
Policing Policing is the process of inspecting a frame to see if it has exceeded a predefined rate of traffic within a certain time frame that is typically a fixed number internal to the switch. If a frame is determined to be in excess of the predefined rate limit, it can either be dropped or the CoS value can be marked down.
Output queue scheduling The switch will place the frame into an appropriate outbound (egress) queue for switching. The switch will perform buffer management on this queue by ensuring that the buffer does not overflow.
Layer 3 QoS Marking
QoS Layer 3 classification results from the examination of header values such as Destination IP address or Protocol. QoS Layer 3 marking occurs in the Type of Service (ToS) byte in the IP Header. The first 3 bits of the ToS byte are occupied by IP Precedence, which correlates to the 3 CoS Bits carried in the Layer 2 header.
The ToS Byte can also be used for Differentiated Services Code Point (DSCP) marking. DSCP allows prioritization hop by hop as packets are processed on each switch and interface. The ToS bits are used by DSCP values as shown below. The first 3 DSCP bits, correlating to Precedence and CoS, identify the DSCP Class of Service for the packet.
The next three DS bits establish a drop precedence for the packet. Packets with a high DSCP drop precedence value will be dropped before those with a low value if a device or a queue becomes overloaded and must drop packets. Voice traffic will be marked with a low DSCP drop precedence value to minimize voice packet drop.
Each 6 bit DSCP value is also given a DSCP Codepoint name. DSCP classes 1-4 are Assured Forwarding classes (AF). Therefore, if the DSCP class value was 3 and the Drop Precedence was 1, the DSCP Codepoint would be AF31.
8.1.9 Basic switch commands to support attachment of a Cisco IP phone
These commands are used to configure and verify two basic required functions on a switch port connected to an IP phone with a PC connected to that phone.
8.1.10 How to configure a switch for attachment of a Cisco IP phone
These commands are used to configure and to verify basic features used to manage voice traffic on Catalyst switch ports.
Lab Activity
e-Lab Activity: Classifying, Marketing, and Implementing QoS Using Policy Maps
In this lab, the student will apply a QoS policy to one of the Building Distribution switches.
Lab Activity
e-Lab Activity: Configuring Egress Queues on Gigabit Ethernet Ports
In this lab, the student will identify packets by QoS Class of Service (CoS), assign them to a specific egress queue when leaving a QoS domain, and invoke a strategy to assign bandwidth allocation per queue.
cap 08
Overview
Campus networks carry a variety of data with diverse purposes and impacts on resources. When voice, video and data application are effectively delivered over a single Campus infrastructure, ROI yields are very high for equipment investments. Proper design and configuration efforts will ensure that voice, video and data traffic efficiently coexist on a single Campus Infrastructure.
8.1 Accommodating Voice Traffic on Campus Switches
8.1.1 Voice traffic on a Cisco infrastructure
Ciscos converged end-to-end network solution offers the strengths of the Cisco data networking components such as routers, switches and firewalls which have infrastructure security and reliability as a foundation. An IP Telephony solution can be then be implemented over that network.
The power of this approach is that each new application such as video, Web, or telephony represents just another media type over the same infrastructure medium rather than creating a different communication medium for each media type. Intelligent devices are automatically given rights and priorities and the applications themselves can intelligently communicate with the infrastructure to meet the constantly changing needs of the system as specified by the organization. As the figure indicates, this unity of infrastructure and applications is what distinguishes Cisco IP Telephony solutions from those of its competitors.
Benefits of IP Telephony on a Cisco Infrastructure
Cisco IP phones are able to use the Ethernet switches in the network as the "voice call switch matrix." Calls are managed differently, and the inherent time slot and bandwidth limitations of traditional TDM architectures are removed. Switching of a call is done only between the devices required to switch the call: the IP phones, voice gateways and Ethernet switches. Calls do not have to be routed back to a traditional TDM switching matrix to complete the call.
Cisco IP phones are also able to receive call-processing capability directly from the Cisco IOSฎ Software running on the access router for remote or small office locations. The tight integration with the IP network infrastructure provides customers with the flexibility to design their IP networks to meet their individual voice and data needs.
Beyond network efficiency and scalability, the tight integration of IP telephony and Cisco infrastructure also delivers other benefits including:
Speedier, lower-cost moves, adds, and changes
Automatically updated E911 System
Quicker deployment of quality of service (QoS) settings
Security common to all network devices
Built-in resiliency
Power over Ethernet and intelligent power management to reduce power costs
New planning and management tools to ensure voice quality
A full range of IP Communications solutions
Revenue-generating and productivity-enhancing Extensible Markup Language (XML) applications
8.1.2 What is a voice VLAN?
Some Cisco Catalyst switches offer a "voice VLAN" feature. The voice VLAN, also known as an auxiliary VLAN, provides automatic VLAN association for IP phones. By associating the phones, and therefore the phone traffic, with a specific VLAN, the phone traffic will be on different IP subnets even though voice and data co-exist on the same physical infrastructure.
When a phone is connected to the switch, the switch sends necessary voice VLAN information to the IP phone, placing it into the voice VLAN without end-user intervention. Placing phone traffic onto a distinct VLAN allows the phone traffic to be segmented from the data traffic; this facilitates better network management and troubleshooting. Additionally, QoS or security policies can be enforced specifically for the traffic traversing the phone VLANs without affecting the data traffic. If the phone is moved, the voice VLAN association occurs again. The voice VLAN information may change if the phone is moved.
In an implementation where a PC, or other IP device, is connected to the switch through the IP phone, and the phone is in an Auxiliary VLAN, Layer 2 frame type incompatibility may keep the phone and device from communicating. The IP phone and device cannot communicate if they are in the same VLAN and subnet but each is using a different frame type. Because the traffic between the two takes place on the same subnet, it will not be routed and therefore, the Layer 2 headers will not be altered. Also, switch commands cannot be used to configure the frame type being used by a device on the other side of the phone that is not directly attached to the switch.
In order for the device and the phone to communicate, one of the following must be true:
They both use the same Layer 2 frame type.
The phone uses 802.1p frames and the device uses untagged frames.
The phone uses untagged frames and the device uses 802.1p frames.
The phone uses 802.1Q frames, and the voice VLAN equals the native VLAN.
8.1.3 Voice considerations in campus submodules
Deploying IP telephony in the enterprise campus requires the implementation of various features particular to each submodule.
Building Access Submodule
Within the Building Access submodule, these features support IP telephony:
Voice VLANs
802.1p/Q
Hardware support for multiple output queues
Hardware support for in-line power to IP phones
PortFast
Root Guard
Unidirectional Link Detection (UDLD)
UplinkFast
Building Distribution Submodule
Within the Building Distribution submodule, these features support IP telephony:
Passive interfaces
Layer 3 redundancy with Hot Standby Router Protocol (HSRP), HSRP track, and HSRP preempt
OSPF or Enhanced Interior Gateway Routing Protocol (EIGRP) routing with adjusted timers, summary addresses, and path costs
8.1.4 Network design considerations for voice
IP telephony places strict requirements on the network infrastructure. The network must provide sufficient bandwidth and quick convergence after network failures or network changes. Most IP telephony installations are built on an existing network infrastructure, therefore the infrastructure typically requires enhancement with priority given to voice traffic.
General Design Considerations
To determine if an infrastructure can support the addition of voice, evaluate these considerations:
Features required for each device in the campus network IP phones require power and most enterprises put IP telephony applications on a separate VLAN with priority handling.
Physical plant capable of supporting IP telephony The wiring and cabling plant must be adequate for IP telephony needs. At a minimum, Category 5 cabling is required and consideration should be made for increased wall jacks and switch ports required to support phone and PC connections.
Provision switches with inline power to support IP phones Within a wiring closet, deploy a Catalyst Inline Power Patch Panel or an in-line power from the switch to provide in-line power to the IP phones. This may increase the power requirements of the switch itself.
Network bandwidth adequate for data, voice and call control traffic Along with data traffic, consider both voice and call control traffic loads. Bandwidth provisioning requires careful planning of the LAN infrastructure so that the available bandwidth is always considerably higher than the load. There should be no steady-state congestion or latency over the LAN links. This is critical for voice operations over a LAN infrastructure.
NOTE:
Plan to work with a voice specialist to complete traffic engineering analysis for the network.
Bandwidth Provisioning
Properly provisioning the network bandwidth is a major component of designing a successful IP telephony network. The required bandwidth can be calculated by adding the bandwidth requirements for each major application, including voice, video, and data. This sum then represents the minimum bandwidth requirement for any given link, and it should not exceed approximately 75 percent of the total available bandwidth for the link.
From a traffic standpoint, an IP telephony call consists of two traffic types:
Voice carrier stream This consists of Real-Time Transport Protocol (RTP) packets that contain the actual voice samples.
Call control signaling This consists of packets belonging to one of several protocols; those used to set up, to maintain, to tear down, or to redirect a call depending upon call endpoints. Examples are H.323 or Media Gateway Control Protocol (MGCP).
A Voice over IP (VoIP) packet consists of the voice payload, IP header, UDP header, RTP header, and Layer 2 link header. Coder-decoder (codec) type (G.711, G.729, etc.) is configurable by device. However, G.729 does not support fax or modem traffic. The IP header is 20 bytes, the UDP header is 8 bytes, and the RTP header is 12 bytes. The link header varies in size according to the Layer 2 media used; Ethernet requires 14 bytes of header. The voice payload size and the packetization period are device-dependent.
To calculate the bandwidth that voice streams consume, use this formula:
(Packet payload + all headers in bits) * Packet rate per second; for example, 50 packets per second (pps) when using a 20-ms packet period
Power Considerations
Accurate calculations of power requirements are critical for an effective IP telephony solution. Power can be supplied to the IP phones directly from Catalyst switches with inline power capabilities or by inserting a Catalyst Inline Power Patch Panel. In addition to IP phones, failover power and total load must be considered for all devices in the IP telephony availability definition, including Distribution and Backbone submodules, gateways, CallManager and other servers and devices. Power calculations, therefore, must be network rather than device based.
Providing highly available power protection requires an uninterruptible power supply (UPS) with a minimum battery life to support one hour and a four hour response for power system failures, or a generator with an onsite service contract. This solution must include UPS or generator backup for all devices associated with the IP Telephony network. In addition, consider UPS systems that have auto-restart capability and a service contract for four-hour support response.
IP telephony high-availability power and environment include these recommendations:
UPS and generator backup
UPS systems with auto-restart capability
UPS system monitoring
A 4-hour service response contract for UPS system problems
Maintain recommended equipment operating temperatures 24/7
Intelligent Network Services
Network management, high availability, security, and quality of service (QoS) intelligent network services must extend to incorporate voice-specific attributes.
Network Management The merging of network management tasks associated with both voice and data networks is one of the key benefits of using a converged network as opposed to a voice only network. However, it is still necessary to understand the traditional voice-only management concepts to relate the features available in that technology to the converged network management techniques.
High Availability As with any network capability, plan redundancy for critical voice network components such as the Cisco CallManager and the associated gateway and infrastructure devices.
Security The subject of securing voice communications has received more visibility recently as network convergence becomes an accepted design model. With the advent of IP telephony traffic traversing the LAN infrastructure, the potential exists for malicious attacks on call-processing components and telephony applications. As with all network devices, there should be a predefined security policy for all devices, applications, and users associated with the voice network that is appropriate for the level of caution required. Consider security measures for voice call-processing platforms, applications and telephony traffic.
QoS The goal of QoS is to provide critical applications a higher priority for service so that they are the least likely to be delayed or to be dropped in times of congestion. When a network becomes congested, some traffic will be delayed or lost. Voice traffic has strict requirements concerning delay and delay variation (also known as "jitter") and compared to most data traffic, voice traffic is relatively intolerant of loss. To establish priority processing for voice traffic, a wide range of IP QoS features can be employed, such as classification, queuing, congestion detection, traffic shaping, and compression.
8.1.5 Quality of Service QoS basics
Network managers must be prepared for increasing amounts of traffic, requiring more bandwidth than is currently available. This is especially important when dealing with Voice traffic. Almost any network can take advantage of QoS for optimum efficiency, whether it is a small corporate network, an Internet service provider (ISP), or an enterprise network. QoS is the application of features and functionality required to actively manage and satisfy networking requirements of applications sensitive to loss, delay, and delay variation (jitter). QoS allows preference to be given to critical application flows for the available bandwidth. QoS tools enable manageability and predictable service for a variety of networked applications and traffic types in a complex network.
The Cisco IOS implementation of QoS software provides these benefits:
Priority access to resources QoS allows administrators to control which traffic is allowed to access specific network resources such as bandwidth, equipment and WAN links. Critical traffic may take possession of a resource by dropping low-priority packets.
Efficient management of network resources If network management and accounting tools indicate that specific traffic is experiencing latency, jitter, and packet loss, then QoS tools can be used to adjust how that traffic is handled.
Tailored services The control provided by QoS enables ISPs to offer carefully tailored grades of service differentiation to their customers. For example, a service provider can offer one service level agreements (SLAs) to a customer website that receives 3000 to 4000 hits per day and another to a site that receives only 200 to 300 hits per day.
Coexistence of mission-critical applications QoS technologies ensure that mission-critical business applications receive priority access to network resources while providing adequate processing for applications that are not delay sensitive. Multimedia and voice applications tolerate little latency and require priority access to resources. Other delay-tolerant traffic traversing the same link, such as SMTP over TCP, can still be adequately serviced.
8.1.6 QoS and voice traffic in the campus module
Regardless of the speed of individual switches or links, speed mismatches, many-to-one switching fabrics and aggregation may cause a device to experience congestion which can results in latency. If congestion occurs and congestion management features are not in place, then some packets will be dropped causing retransmissions that inevitably increase overall network load. QoS can mitigate latency caused by congestion on campus devices.
QoS is implemented by classifying and marking traffic at one device while allowing other devices to prioritize or to queue the traffic according to those marks applied to individual frames or packets. The table in figure lists the campus devices involved in QoS marking or prioritizing.
Network Availability Problem Areas
An enterprise network may experience any of these network availability problems:
Delay Delay (or latency) is the amount of time that it takes a packet to reach the receiving endpoint after being transmitted from the sending endpoint. This time period is termed the "end-to-end delay," and can be broken into two areas: fixed network delay and variable network delay. Fixed network delay includes encoding and decoding time (for voice and video), as well as the amount of time required for the electrical and optical pulses to traverse the media en route to their destination. Variable network delay generally refers to network conditions, such as congestion, that may affect the overall time required for transit. In data networks, for example, these types of delay occur:
Packetization delay The amount of time that it takes to segment data (if necessary), sample and encode signals (if necessary), process data, and turn the data into packets
Serialization delay The amount of time that it takes to place the bits of a packet, encapsulated in a frame, onto the physical media
Propagation delay The amount of time that it takes to transmit the bits of a frame across the physical wire
Processing delay The amount of time that it takes for a network device to take the frame from an input interface, place it into a receive queue, and then place it into the output queue of the output interface
Queuing delay The amount of time that a packet resides in the output queue of an interface
Delay variation Delay variation (or jitter) is the difference in the end-to-end delay between packets. For example, if one packet requires 100 ms to traverse the network from the source endpoint to the destination endpoint, and the following packet requires 125 ms to make the same trip, then the delay variation is calculated as 25 ms.
Each end station and Cisco network device in a voice or video conversation has a jitter buffer. Jitter buffers are used to smooth out changes in arrival times of data packets containing voice and video. A jitter buffer is dynamic and can adjust for changes in arrival times of packets. If you have instantaneous changes in arrival times of packets that are outside of the capabilities of a jitter buffer to compensate, you will have one of these situations:
A jitter buffer underrun, when arrival times between packets containing voice or video increase to the point where the jitter buffer has been exhausted and contains no packets to process the signal for the next piece of voice or video.
A jitter buffer overrun, when arrival times between packets containing voice or video decrease to the point where the jitter buffer cannot dynamically resize itself quickly enough to accommodate. When an overrun occurs, packets are dropped and voice quality is degraded.
Packet loss Packet loss is a measurement of packets transmitted and received compared to the total number that were transmitted. Loss is expressed as the percentage of packets that were dropped. Tail drops occur when the output queue is full. These are the most common drops that can occur when a link is congested. Other types of drops (input, ignore, overrun, no buffer) are not as common but may require a hardware upgrade because they are usually a result of network device congestion.
8.1.7 QoS trust boundaries
In a campus QoS implementation, boundaries are defined where the existing QoS values attached to frames and to packets are to be accepted or altered. These "trust boundaries" are established by configuring trust levels on the ports of key peripheral network devices where QoS policies will be enforced as traffic makes its way into the network. At these boundaries, traffic will be allowed to retain its original QoS marking or have new marking ascribed as a result of policies associated with its entry point into the network.
Trust boundaries establish a border for traffic entering the campus network. As traffic traverses the switches of the campus network, it is handled and is prioritized according to the marks received or trusted when the traffic originally entered the network at the trust boundary.
At the trust boundary device, QoS values are trusted if they are considered to accurately represented the type of traffic and precedence processing the traffic should receive as it enters the campus network. If untrusted, the traffic will be marked with a new QoS value appropriate for the policy in place at the point where the traffic entered the campus network. Ideally, the trust boundary exists at the first switch receiving traffic from a device or IP Phone. It is also acceptable to establish the trust boundary as all the traffic from an Access Switch enters a Distribution layer port.
NOTE:
Best Practices suggest classifying and marking traffic as close to the traffic source as possible.
8.1.8 QoS traffic classification and marking
Classification and marking is the process of identifying traffic for proper prioritization as that traffic traverses the campus network. Traffic is classified by examining information at various Layers of the OSI model. All traffic classified in a certain manner will receive an associate mark or QoS value. IP Traffic can be classified according to any values configurable in an ACL or any of the following criteria:
Layer 2 parameters MAC address, Multiprotocol Label Switching (MPLS), ATM cell loss priority (CLP) bit, Frame Relay discard eligible (DE) bit, ingress interface
Layer 3 parameters IP precedence, DSCP, QoS group, IP address, ingress interface
Layer 4 parameters TCP or UDP ports, ingress interface
Layer 7 parameters application signatures, ingress interface
All traffic classified or grouped according to the criteria above, will be marked according to that classification. QoS marks or values establish priority levels or priority classes of service for network traffic as it is processed by each switch. Once traffic is marked with a QoS value, then QoS policies on switches and interfaces will handle traffic according to the QoS values contained in individual frames and packets. As a result of classification and marking, traffic will be prioritized accordingly at each switch to ensure that delay sensitive traffic receives priority processing as the switch manages congestion, delay and bandwidth allocation.
Layer 2 QoS Marking
QoS Layer 2 classification occurs by examining information in the Ethernet or 802.1Q header such as destination MAC address or VLAN ID. QoS Layer 2 marking occurs in the Priority field of 802.1Q header. LAN Layer 2 headers have no means of carrying a QoS value so 802.1Q encapsulation is required if Layer 2 QoS marking is to occur. The Priority field is 3 bits in length and is also known as the 8021.p User Priority or Class of Service (CoS) value.
This 3 bit field hosts CoS values ranging from 1-7; 1 being associated with delay tolerant traffic such as TCP/IP. Voice traffic, which by nature is not delay tolerant, receives higher default CoS values such as 3 for Call Signaling. A CoS value of 5 is given to Voice Bearer traffic which is the phone conversation itself where voice quality is impaired if any packets are dropped or delayed.
As a result of Layer 2 classification and marking, the following QoS operations can occur:
Input queue scheduling When a frame enters a port, it can be assigned to one of a number of port-based queues prior to being scheduled for switching to an egress port. Typically, multiple queues are used where traffic requires different service levels.
Policing Policing is the process of inspecting a frame to see if it has exceeded a predefined rate of traffic within a certain time frame that is typically a fixed number internal to the switch. If a frame is determined to be in excess of the predefined rate limit, it can either be dropped or the CoS value can be marked down.
Output queue scheduling The switch will place the frame into an appropriate outbound (egress) queue for switching. The switch will perform buffer management on this queue by ensuring that the buffer does not overflow.
Layer 3 QoS Marking
QoS Layer 3 classification results from the examination of header values such as Destination IP address or Protocol. QoS Layer 3 marking occurs in the Type of Service (ToS) byte in the IP Header. The first 3 bits of the ToS byte are occupied by IP Precedence, which correlates to the 3 CoS Bits carried in the Layer 2 header.
The ToS Byte can also be used for Differentiated Services Code Point (DSCP) marking. DSCP allows prioritization hop by hop as packets are processed on each switch and interface. The ToS bits are used by DSCP values as shown below. The first 3 DSCP bits, correlating to Precedence and CoS, identify the DSCP Class of Service for the packet.
The next three DS bits establish a drop precedence for the packet. Packets with a high DSCP drop precedence value will be dropped before those with a low value if a device or a queue becomes overloaded and must drop packets. Voice traffic will be marked with a low DSCP drop precedence value to minimize voice packet drop.
Each 6 bit DSCP value is also given a DSCP Codepoint name. DSCP classes 1-4 are Assured Forwarding classes (AF). Therefore, if the DSCP class value was 3 and the Drop Precedence was 1, the DSCP Codepoint would be AF31.
8.1.9 Basic switch commands to support attachment of a Cisco IP phone
These commands are used to configure and verify two basic required functions on a switch port connected to an IP phone with a PC connected to that phone.
8.1.10 How to configure a switch for attachment of a Cisco IP phone
These commands are used to configure and to verify basic features used to manage voice traffic on Catalyst switch ports.
Lab Activity
e-Lab Activity: Classifying, Marketing, and Implementing QoS Using Policy Maps
In this lab, the student will apply a QoS policy to one of the Building Distribution switches.
Lab Activity
e-Lab Activity: Configuring Egress Queues on Gigabit Ethernet Ports
In this lab, the student will identify packets by QoS Class of Service (CoS), assign them to a specific egress queue when leaving a QoS domain, and invoke a strategy to assign bandwidth allocation per queue.