SfB Voice Lab Part 5 – SIP Trunk Setup
To read other parts in this series, please click the links below:
Part 1: Overview and Architecture
Part 2: Azure Prep Work
Part 3: Skype for Business 2015 On-Prem Deployment
Part 4: AudioCodes Mediant Virtual Edition (VE) Deployment
Part 5: SIP Trunk Setup (IntelePeer – AudioCodes – Skype for Business)
Part 6: Office 365 and Skype for Business Online Deployment (Hybrid)
Part 7: On-Prem PSTN Connectivity with Hybrid (OPCH) setup and Tenant Dial Plans
Part 8: Cloud Connector Edition (CCE) Deployment
Part 9: Legacy PBX Deployment and SfB Integration
We’ve accomplished a lot so far, and we still have quite a way to go. In Part 4 we deployed our AudioCodes Session Border Controller (“SBC”). This will be our gateway between Skype for Business, the PSTN (IntelePeer) and our legacy PBX (3CX). In this part, we will setup our SIP Trunks with Skype for Business and IntelePeer via our AudioCodes SBC.
Before we start let’s cover a few basics.
Terminology: For those new to this, here are a few terms to become familiar with. This is by no means an exhaustive list.
- PSTN – (Public Switched Telephone Network) Aggregate of circuit switched networks that connects the world’s phone systems together
- SIP – (Session Initiation Protocol) A standards based signaling protocol that is used for voice and video communications across a network
- SIP Signaling – Responsible for call setup, maintenance and teardown
- SIP Media – Carries that actual audio and video during the session
- (S)RTP – (Secure)Real-time Transport Protocol – Protocol used for carrying the media stream (audio and video) across a TCP/IP Network.
- Codec – Algorithms used to compress media streams (RTP) on a TCP/IP Network
- SIP Trunk – What is a SIP Trunk? The delivery of SIP based telephony services between IP-PBX’s and ITSP’s. A trunk connects two disparate systems together over a TCP/IP network
- TDM – (Time Division Multiplexing) A method of transmitting and receiving independent signals over a common signal path by means of synchronized switches at each end of the transmission line so that each signal appears on the line only a fraction of time in an alternating pattern
- PRI – (Primary Rate Interface) – The delivery of TDM based telephony services over an ISDN network. Typically delivered via a T1 with 23-B Channels and 1-D Channel. Capable of handling 23 calls.
- PBX – (Private Branch Exchange) A telephony system deployed within an enterprise, that connects it with the PSTN
- IP-PBX – (IP Based PBX) – A PBX capable of using a TCP/IP based network for delivery of service
- SBC – (Session Border Controller) A SIP based firewall
- DSP – (Digital Signal Processor) A specialized microprocessor designed specifically for digital signal processing, generally in real-time computing. Used within an SBC to convert analog voice to digital voice, or transcode between codecs
- ATA – (Analog Telephony Adapter) Used to connect analog devices to a TCP/IP network.
- ICE – (Internet Connectivity Establishment) A collection of protocols including STUN and TURN used to find ways for two endpoints to talk to each other as directly as possible in peer-to-peer networking environments such as VoIP
Tools of the Trade: Here’s a collection of tools that every SfB administrator should be familiar with.
Skype for Business Debugging Tools:
Packet Capturing Tools:
- Syslog Viewer
- ICE Warning Flag Decoder
Skype for Business:
There are two reasons we add an IP/PSTN gateway (SIP Trunk) to the SfB Topology.
- SfB uses this as an authorities list of peers to accept inbound SIP traffic from. If the peer’s IP address is not include in the list of IP/PSTN Gateways, SfB will reject the traffic. This is important to keep in mind for example, if you have a CUCM environment with multiple Publishers and/or Subscribers. You’ll need to add a new gateway for each publisher/subscriber.
- SfB uses the list of peers for outbound routes. These become available in the SfB Control Panel once published.
Adding a SIP Trunk in Skype for business is fairly straight forward. You have to decide upfront whether you are going to require encryption on the trunk. In this case, I have selected to not require encryption as this is a lab, which will require me to enable a TCP port on the Mediation server. SfB uses the G.711U codec with IP/PSTN gateways. Nothing to configure for that, it’s automatic.
Adding the trunk to SfB is a four-step process:
- Enable TCP on the Mediation Server, which is disabled by default. Once enabled, the Mediation service will listen on port TCP 5068 for incoming connections
- Add a new IP/PSTN Gateway. The first trunk that is created is called the “Root Trunk”
- Publish Topology
- Restart Mediation Services on the Front-End server
Enable TCP on the Mediation Server:
Add a new IP/PSTN Gateway:
Adding SIP trunks to the AudioCodes SBC is a bit more challenging. Fortunately, AudioCodes has added a nice Configuration Wizard that pre-configures most everything for us. There are some items that need to be tweaked after the fact, but with the thousands of parameters available in the SBC, it’s good to use this to get started.
Let’s get started with the Configuration Wizard.
On this page, we can choose the type of connections we will be setting up. We can see here that there are several options:
- SIP Trunk (IP-PBX with ITSP)
- SIP Normalization (two IP-PBX’s)
- Hosted IP-PBX (IP-PBX with Users)
- Remote users (IP-PBX with remote Users)
We will be using option 1. We are setting up a SIP trunk between an IP-PBX (Skype for Business) and an ITSP (IntelePeer). There are pre-configured options for many different IP-PBX’s as well as many different ITSP’s. We will select ours from the list available.
IP-PBX: Microsoft Skype for Business 2015
SIP-Trunk: Intelepeer SIP Trunk
When we deployed and configured our AudioCodes SBC in Part 4, I decided to use two interfaces. One for the LAN and one for the WAN.
For network setup we will choose “Two ports: LAN & WAN”
Web Interface: HTTP (Probably want HTTPS in production)
CLI Interface: SSH
Enable Syslog: unchecked
Syslog IP: greyed out
Time and Date:
Time Zone: GMT-5
Primary NTP Server: 10.0.0.4 (This is our Domain Controller/DNS Server)
Secondary NTP Server: blank (You’d want redundancy in a production environment)
Apply local DNS: Unchecked (Used if you need to add local host entries to the SBC)
In this section we will define our LAN and WAN interface.
Physical Port: GROUP_1(GE_1) (This reflects the physical network adapter used)
VLAN ID: 1
IP Address: 10.0.0.6
Subnet Mask: 255.255.255.0
Default Gateway: Leave Blank
Primary DNS: 10.0.0.4 (Domain Controller)
Secondary DNS: Blank
Physical Port: GROUP_2(GE_2) (This reflects the physical network adapter used)
VLAN ID: 2
IP Address: 192.168.1.9
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.1
NAT Public IP: 184.108.40.206
Primary DNS: 220.127.116.11
Secondary DNS: 18.104.22.168
OAM Interface: LAN
Backup Address: Blank
SIP Domain: msuclab.com
Keep Alive: checked (uses Options)
MEDIA PORTS (REALM)
Media Protocol: RTP
Base Port: 6000
Number of Sessions: 100
Transport Type: TCP
Destination Port: 5068
Listening Port: 5060
SIP Trunk Configuration:
Address: ITSP IP Address (This information will need to be updated with information you receive from your ITSP)
Backup Address: Blank
SIP Domain: Blank
Keep Alive: typically checked (I left unchecked as I didn’t have ITSP information at the time of setup and didn’t want to throw a bunch of errors)
Account Type: None (IntelePeer doesn’t require an account username/password)
NAT Public IP: Use the Public IP that will be NAT’d to your SBC
Transport Type: TCP (This will come from your ITSP)
Destination Port: 5060 (This will come from you ITSP)
Listening Port: 5060
Media Ports Realm:
Media Protocol: RTP
Base Port: 7000
Number of sessions: 100
I’m skipping this section as I will be receiving e.164 number formats from the ITSP and I will be sending e.164 to the ITSP. I may come back later and create some number manipulation rules when I interface with the IP-PBX (3CX)
Review the summary and INI file. It’s a good idea to save a copy of the INI at this time.
Click Apply and Reset to burn the configuration and reboot.
Post Wizard Configuration:
As I mentioned, there are a few items that need to be corrected after the wizard completed.
In this section I updated the Name and Network Interface. After applying these, I Applied and Saved the configuration.
Network Interface: #0 [LAN_IF]
Network Interface: #1 [WAN_IF]
Topology Location: Down
IPv4 Interface Name: #0 [LAN_IF]
Topology Location: Up
IPv4 Interface Name: #1 [WAN_IF]
Proxy Set Status:
After completing the wizard and updating a few parameters I checked the status of the Proxy Sets (trunks). We can see that the SfB Proxy set is Online. The IntelePeer Proxy Set shows ONLINE, but you’ll notice the Keep Alive is set to Disabled. This is a false-positive at this point as we don’t really know if the trunk is up or down. We’ll come back in a minute and edit the IntelePeer SIP Trunk with trunk information received from the ITSP (IntelePeer). (I didn’t have this information when I first went through the wizard. Otherwise, I would have configured it at that time)
IP-to-IP Routing Rules:
Here’s a quick review of the IP-to-IP routing rules that were setup via the Configuration Wizard. You’ll see 3 routes:
- Terminate Options – This forces the SBC to respond directly to the requesting peers OPTIONS Ping
- Skype -> Intelepeer – This routes all inbound traffic sourced from the Skype IP Group and routes it to the Intelepeer IP Group
- Intelepeer -> Skype – This routes all inbound traffic sourced from the Intelepeer IP Group and routes it to the Skype IP Group
There are a several ITSP’s that you can use in your lab depending on how much you want to pay and what type of contract you want to sign. I used IntelePeer as I happened to have a Master Services Agreement already in place with them. This allowed me to create a new “usage-based trunk” just for this lab.
Once I reached out to IntelePeer and setup the new package, it took about a week to finalize the new trunk. Once it was complete, they emailed me all the trunk settings necessary to setup the Proxy Set on the AudioCodes SBC.
IntelePeer’s Signaling Information:
Trunk Name: CHIxxxxxxxxxxxxxxxxxx
Signaling IP: xxx.xxx.xxx.xxx
Signaling Port: TCP/5060
RTP IPs: xx.xx.xx.xx
RTP Port Range: UDP/5000 thru 65535
Customer’s Signaling Information:
Trunk Name: Test Trunk
Signaling IP: xx.xx.xx.xx
AudioCodes IntelePeer Proxy Set Update:
Proxy Keep-Alive: Using Options
Proxy Address: x.x.x.x:5060
Updated Proxy Set Status after the IntelePeer trunk was setup and updated. Keep Alive shows Enabled for both Proxy Sets 1 & 2. Skype and IntelePeer respectively.
Both Proxy Sets also show Online with a Success Count that is tallying up for each successful Options ping.
AudioCodes Syslog Viewer
Using the AudioCodes Syslog Viewer we can visualize the SIP Signaling traffic hitting the AudioCodes SBC.
Here’s a view of an OPTIONS ping going from the SBC to Skype for Business, with a 200 OK response coming back from SfB.
Here’s a view of an inbound call from IntelePeer going to Skype for Business. We can see the original SIP INVITE with some information redacted, coming in the WAN_Interface from IntelePeer.
Skype for Business CLS Logging & Snooper:
Launch CLS Logging Tool:
From the Skype for Business server we can launch the Skype for Business Server 2015 Logging Tool. Remember this isn’t installed by default. You’ll need to download the Skype for Business Debugging Tools.
Start the IncomingAndOutgoingCall Scenario for the Skype for Business Front End Pool and servers. Execute the call. Then stop the Scenario.
After the scenario is stopped, go to the Search CLS Logs tab. Work from left to right. Populate the Filter Options on the left. Leave the middle components blank so all components included in the scenario are selected. Then select the Front End Pool and servers under Topology.
Select Search Logs
Would you like to open the log file? No. This will open the file in notepad. We want to open with Snooper.
From the top menu bar, select Logs -> Open Logs with Snooper
From within Snooper, we can see the inbound OPTIONS request from the AudioCodes SBC, and the subsequent 200 OK response sent back.
Inbound Call Logs:
Again, from within Snooper, we can also see the inbound call placed from the PSTN. The call comes in from IntelePeer, routes through the SBC, and is sent over to Skype for Business. We can see the SIP Invite and subsequent dialog.
That’s it for Part 5. In this part we setup our SIP Trunks with IntelePeer and Skype for Business via our AudioCodes SBC.
Continue the series where next we will setup a hybrid deployment with Skype for Business Online. Part 6: Office 365 and Skype for Business Online Deployment (Hybrid)
As always, feel free to post any questions or comments.