Documente Academic
Documente Profesional
Documente Cultură
Abstract
These Application Notes describe the steps for configuring the Juniper Networks ISM
200 to support an Avaya IP Telephony consisting of Avaya Communication Manager
running on an Avaya S8500 Server, Avaya G650 Media Gateway and Avaya IP
Telephones. The ISM 200 provides an integrated means for the Juniper J-series router to
enhance the efficient use of WAN bandwidth through the use of compression and
protocol acceleration.
AL; Reviewed:
SPOC 10/3/2008
1 of 33
JNPR_ISM200
1. Introduction
These Application Notes describe a solution for configuring the Juniper Networks WXC
Integrated Services Module (ISM) 200 to interoperate with Avaya IP Telephony. As part
of Juniper Networks WAN acceleration platform, the ISM 200 provides an integrated
WAN acceleration function to the Juniper J-series router platform. The ISM 200 is a dual
height module that fits directly into the J-series router running the Enhanced Services
version of the JUNOS operating system.
Similar to other Juniper Networks WAN acceleration platform, the ISM 200 works as a
pair with other Juniper Networks WAN acceleration devices such as the WXC-250 as
shown in these Application Notes. The ISM 200 can compress, accelerate, cache, and
provide Forward Error Correction for network traffic destined to other networks.
Although Avaya VoIP packets are compressed by nature based on the audio codec
selected and does not directly benefit from further compression, the ISM 200 helps
provide increased bandwidth availability for Avaya VoIP traffic by compressing
competing data traffic. By minimizing the bandwidth requirement for competing data
traffic, more bandwidth becomes available for Avaya VoIP traffic or, stated another way,
a lower bandwidth WAN link can accommodate the same amount of traffic, therefore
helping lower cost and deferring costly WAN upgrades.
2. Overview
The sample network outlined in these Application Notes consists of two separate
locations connected by a T1 circuit. Each location supports at least 2 VLANs, one for
voice and the other for data. A Juniper Networks WXC-250 is located at one of the
locations and a J6350 router with integrated ISM 200 module is located at the other
location. The WXC-250 and J6350 with ISM 200 module provide data compression for
their respectively LAN traffic before packets are forwarded out the T1 connection.
Avaya VoIP traffic is already compressed by the audio codec; therefore it does not need
to be recompressed. As a result, Avaya VoIP traffic is specifically excluded from being
compression in the ISM 200 and the WXC-250. There are two methods to exclude
Avaya VoIP traffic from being compressed. One is to create firewall policies to exclude
Avaya VoIP traffic from being re-directed to the ISM 200, the other is setting policies
within the ISM 200 to exclude compressing Avaya VoIP traffic. The later option is
configured in these Application Notes. Quality of Service is provided by traffic shaping
parameters configured in each of the acceleration devices. Acceleration and Forward
Error Correction (FEC) is not configured beyond the default values as part of these
Application Notes
AL; Reviewed:
SPOC 10/3/2008
2 of 33
JNPR_ISM200
3. Configuration
Figure 1 illustrates the configuration used in these Application Notes. All Avaya IP
Telephones are registered with Avaya Communication Manager connected to the
Enterprise IP Network. All Avaya IP Telephones are assigned to the same IP network
region within Avaya Communication Manager.
AL; Reviewed:
SPOC 10/3/2008
3 of 33
JNPR_ISM200
VERSION TESTED
R015x.00.0.825.4
1.5
1.5
1.8.3
WXOS 5.6.1.0
JUNOS 9.1R2
JUNOS 9.1R1.8
AL; Reviewed:
SPOC 10/3/2008
interfaces
interfaces
interfaces
interfaces
interfaces
interfaces
interfaces
interfaces
interfaces
ge-0/0/2
ge-0/0/2
ge-0/0/2
ge-0/0/2
ge-0/0/2
ge-0/0/2
ge-0/0/2
ge-0/0/3
wx-3/0/0
vlan-tagging
unit 0 description
unit 0 vlan-id 240
unit 0 family inet
unit 1 description
unit 1 vlan-id 241
unit 1 family inet
unit 0 family inet
unit 0 family inet
voice_vlan
address 172.28.240.1/24
data_vlan
address 172.28.241.1/24
address 172.16.254.113/24
address 10.1.1.2/32
4 of 33
JNPR_ISM200
set
set
set
set
destination
interfaces
interfaces
interfaces
interfaces
172.28.240.10
t1-6/0/0 clocking external
t1-6/0/0 encapsulation ppp
t1-6/0/0 t1-options timeslots 1-24
t1-6/0/0 unit 0 family inet address 10.10.240.2/30
4. Enable and configure routing. The Branch location is assigned to OSPF area
0.0.0.240.
set
set
set
set
set
set
set
set
set
5. Assign the various interfaces to the different security zone. Three different
security zones are used in the sample network. Their assignment are as follow:
Security zone
trust
untrust
wx-zone
set security zones
services telnet
set security zones
services ssh
set security zones
services http
set security zones
services ping
set security zones
set security zones
set security zones
set security zones
set security zones
services ping
set security zones
all
set security zones
set security zones
inbound-traffic
set security zones
inbound-traffic
AL; Reviewed:
SPOC 10/3/2008
Interface - description
ge-0/0/2.0
local voice VLAN
ge-0/0/2.1
local data VLAN
ge-0/0/3.0
local Ethernet interface for device management
t1-6/0/0.0
t1 connection to the main site
wx-3.0.0.0
virtual interface to ISM 200
security-zone trust host-inbound-traffic systemsecurity-zone trust host-inbound-traffic systemsecurity-zone trust host-inbound-traffic systemsecurity-zone trust host-inbound-traffic systemsecurity-zone
security-zone
security-zone
security-zone
security-zone
5 of 33
JNPR_ISM200
6. Configure security policies for intra/inter security zone traffic. There are a total
of 7 groups of security policies configured for the different combinations of
intra/inter-zone traffic.
The table below illustrates the 7 groups. Since the focus of these Application
Notes is in configuring the ISM 200 to support an Avaya VoIP solution and not in
security, the security policy in each group is configured to allow any traffic to
pass through.
Notice (shown in bold below) security policy from trust to untrust and untrust to
trust are redirected to the wx (which is the ISM 200).
set security policies from-zone trust to-zone trust policy defaultpermit match source-address any
set security policies from-zone trust to-zone trust policy defaultpermit match destination-address any
set security policies from-zone trust to-zone trust policy defaultpermit match application any
set security policies from-zone trust to-zone trust policy defaultpermit then permit
set security policies from-zone trust to-zone untrust policy trust-tountrust match source-address any
set security policies from-zone trust to-zone untrust policy trust-tountrust match destination-address any
set security policies from-zone trust to-zone untrust policy trust-tountrust match application any
set security policies from-zone trust to-zone untrust policy trust-tountrust then permit application-services redirect-wx
set security policies from-zone trust to-zone untrust policy defaultpermit match source-address any
set security policies from-zone trust to-zone untrust policy defaultpermit match destination-address any
set security policies from-zone trust to-zone untrust policy defaultpermit match application any
set security policies from-zone trust to-zone untrust policy defaultpermit then permit
set security policies from-zone untrust to-zone trust policy untrust-totrust match source-address any
set security policies from-zone untrust to-zone trust policy untrust-totrust match destination-address any
set security policies from-zone untrust to-zone trust policy untrust-totrust match application any
set security policies from-zone untrust to-zone trust policy untrust-to-
AL; Reviewed:
SPOC 10/3/2008
6 of 33
JNPR_ISM200
7. Disable ALG.
Set security alg h323 disable
set security alg mgcp disable
AL; Reviewed:
SPOC 10/3/2008
7 of 33
JNPR_ISM200
AL; Reviewed:
SPOC 10/3/2008
8 of 33
JNPR_ISM200
3. Select Device Setup from the top menu bar and then select Basic Registration
Server to enter the Registration Server information. The WXC-250 serves as the
Registration server in our sample network. Make sure the password matches that
entered at the registration server.
The following is a screen capture of the application name Avaya_RTP created in the
sample network. The Source Port, Destination Port should matched what is configured in
the ip-network-region form configured in Avaya Communication Manager in Section 9,
Step 1. Click Submit to complete.
AL; Reviewed:
SPOC 10/3/2008
9 of 33
JNPR_ISM200
5. Change the order of the Application Definitions so that H.323 and Avaya_RTP
are listed on the top. H.323 and Avaya_RTP were configured with order 1 and 2
respectively in the sample network. The application order is used by the system
to resolve conflicts should the traffic fit multiple application definitions.
AL; Reviewed:
SPOC 10/3/2008
10 of 33
JNPR_ISM200
6. Select Applications Traffic Classes, and then click Edit Classes to begin
creating a new traffic class to group all the Avaya VoIP traffic together.
The screen capture below shows the traffic class Avaya_VoIP that was
configured in the sample network.
AL; Reviewed:
SPOC 10/3/2008
11 of 33
JNPR_ISM200
8. Enable the ISM 200 to perform compression by selecting Compression from the
top menu bar and then selecting Basic Endpoints.
The screen capture below highlights the parameters that need to be checked or
selected. Click Submit to complete.
AL; Reviewed:
SPOC 10/3/2008
12 of 33
JNPR_ISM200
9. Enabled the local IP sub-network that needs to have traffic compressed. Select
Basic Compression Subnets and check all the local IP sub-networks.
The screen capture below highlights the areas that need to be configured. Select
the Advertise checked subnets ONLY radio button and check the IP Subnetwork that requires compression. Click Submit to complete.
AL; Reviewed:
SPOC 10/3/2008
13 of 33
JNPR_ISM200
11. Configure Quality of Service by selecting QoS from the top menu bar, and then
selecting Setup Wizard. This will initiate the Outbound QoS Setup Wizard
pop-up window.
12. In the Outbound QoS Setup Wizard, the Enabled Outbound QoS check box
should already be check by default. Click Next to continue.
AL; Reviewed:
SPOC 10/3/2008
14 of 33
JNPR_ISM200
13. Since the sample network uses a dedicated T1, select the Dedicated Circuits
radio button and click Next to continue.
14. Select the Endpoint and specify the Circuit Speed. Click Next to continue.
AL; Reviewed:
SPOC 10/3/2008
15 of 33
JNPR_ISM200
15. Check the Enable Bandwidth Detection when sending compressed traffic to:
check box and the IP address of desire WX device. Click Next to continue.
16. Select the Custom radio button for Traffic Classes. Click Next to continue.
AL; Reviewed:
SPOC 10/3/2008
16 of 33
JNPR_ISM200
17. The Avaya VoIP Traffic Class created in Section 6, Step 6 should be listed.
Click Next to continue.
18. The Avaya_RTP, H.323, and H.245 applications should already be assigned to
the Avaya VoIP traffic class as part of Section 6, Step 6. Click Next to continue.
AL; Reviewed:
SPOC 10/3/2008
17 of 33
JNPR_ISM200
19. Specify the desired bandwidth allocation for the Avaya VoIP traffic class. The
sample network assigned a Guaranteed Bandwidth of 50% with a Maximum
Bandwidth of 60% allocation for Avaya VoIP. This allocation is for illustration
and testing purpose only. Actual allocation should be based on the total number
of simultaneous calls that the system needs to support and the audio codec used.
20. Select the queuing model desired. The sample network uses Weighted Fair
Queuing.
AL; Reviewed:
SPOC 10/3/2008
18 of 33
JNPR_ISM200
21. Configure the priority level for Avaya VoIP traffic. Avaya VoIP is assigned a
priority of 6 (second highest). Click Next to continue.
AL; Reviewed:
SPOC 10/3/2008
19 of 33
JNPR_ISM200
1. Access the WebUI of the WXC-250 by entering the https://<IP address of the
WXC-250> into a web browser, and log in using appropriate credential. For the
sample network entered https://192.168.100.31.
AL; Reviewed:
SPOC 10/3/2008
20 of 33
JNPR_ISM200
2. The following screen capture shows the interface configuration for the WXC-250.
3. The WXC-250 is configured as the Hub for topology using these Application
Notes.
AL; Reviewed:
SPOC 10/3/2008
21 of 33
JNPR_ISM200
4. For compression, the Tunnel Mode needs to use UDP. This is the mode the ISM
200 supports.
interfaces
interfaces
interfaces
interfaces
interfaces
interfaces
2. Enable and configure routing. The Core IP is assigned to OSPF area 0.0.0.0 with
the out-going T1 interface assigned to area 0.0.0.240.
set
set
set
set
AL; Reviewed:
SPOC 10/3/2008
22 of 33
JNPR_ISM200
Page
1 of
IP NETWORK REGION
Region: 10
Location:
Authoritative Domain:
Name:
MEDIA PARAMETERS
Intra-region IP-IP Direct Audio: yes
Codec Set: 1
Inter-region IP-IP Direct Audio: yes
UDP Port Min: 2048
IP Audio Hairpinning? y
UDP Port Max: 3329
DIFFSERV/TOS PARAMETERS
RTCP Reporting Enabled? y
Call Control PHB Value: 46
RTCP MONITOR SERVER PARAMETERS
Audio PHB Value: 46
Use Default Server Parameters? y
Video PHB Value: 26
802.1P/Q PARAMETERS
Call Control 802.1p Priority: 6
Audio 802.1p Priority: 6
Video 802.1p Priority: 5
AUDIO RESOURCE RESERVATION PARAMETERS
H.323 IP ENDPOINTS
RSVP Enabled? n
H.323 Link Bounce Recovery? y
Idle Traffic Interval (sec): 20
Keep-Alive Interval (sec): 5
Keep-Alive Count: 5
10. Conclusion
These Application Notes have described the administration steps required to configure
the Juniper Networks WXC ISM 200 and WXC-250 to support an Avaya VoIP solution
depicted in Figure 1. With the ISM 200, the J6350 provides an integrated single box
solution for a branch office location that feature advance routing, and compression
functionality.
AL; Reviewed:
SPOC 10/3/2008
23 of 33
JNPR_ISM200
11. Verification
The following steps may be used to verify the configuration:
1. Select Compression from the top menu bar. Verify that a tunnel has been
successfully established between the ISM 200 and the WXC-250.
2. Select Advanced Remote Routes under the Compression menu. Verify the
local device is receiving the correct destination IP sub-network that required
traffic compression.
AL; Reviewed:
SPOC 10/3/2008
24 of 33
JNPR_ISM200
AL; Reviewed:
SPOC 10/3/2008
25 of 33
JNPR_ISM200
AL; Reviewed:
SPOC 10/3/2008
26 of 33
JNPR_ISM200
AL; Reviewed:
SPOC 10/3/2008
27 of 33
JNPR_ISM200
config application
config application
config application
1024-65535
config application
port 1498
config application
config application
proto 6
config application
proto 6
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
1024-65535
config application
dst-port 3389
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
config application
AL; Reviewed:
SPOC 10/3/2008
28 of 33
JNPR_ISM200
AL; Reviewed:
SPOC 10/3/2008
29 of 33
JNPR_ISM200
AL; Reviewed:
SPOC 10/3/2008
30 of 33
JNPR_ISM200
AL; Reviewed:
SPOC 10/3/2008
31 of 33
JNPR_ISM200
AL; Reviewed:
SPOC 10/3/2008
32 of 33
JNPR_ISM200
Avaya and the Avaya Logo are trademarks of Avaya Inc. All trademarks identified by
and are registered trademarks or trademarks, respectively, of Avaya Inc. All other
trademarks are the property of their respective owners. The information provided in
these Application Notes is subject to change without notice. The configurations,
technical data, and recommendations provided in these Application Notes are believed to
be accurate and dependable, but are presented without express or implied warranty.
Users are responsible for their application of any products specified in these Application
Notes.
Please e-mail any questions or comments pertaining to these Application Notes along
with the full title name and filename, located in the lower right corner, directly to the
Avaya Solution & Interoperability Test Lab at interoplabnotes@list.avaya.com
AL; Reviewed:
SPOC 10/3/2008
33 of 33
JNPR_ISM200