ITM 330 Telephony Final

advertisement
UW-STOUT ITM
Atlanta Times Co.
Telephony Design
ITM 330 Final Project
Bill Osborne, Eric Berg, Scott Green, Trevor Blankenship
5/1/2013
Contents
Executive Summary:...................................................................................................................................... 2
Goals and Objectives..................................................................................................................................... 3
Proposal: ....................................................................................................................................................... 3
Routing and Switching: ............................................................................................................................. 3
MGCP Gateways: ...................................................................................................................................... 4
Requirements................................................................................................................................................ 5
Technical ................................................................................................................................................... 5
Constraints ................................................................................................................................................ 5
Cisco Unified Communication Management Design .................................................................................... 5
IP Addressing................................................................................................................................................. 6
New Cisco Phones ..................................................................................................................................... 7
Active Directory Design/Windows Server 2008 R2....................................................................................... 8
Basic Server Configuration ........................................................................................................................ 8
Users and Computers................................................................................................................................ 9
Quality of Service (QoS) .............................................................................................................................. 10
WAN ........................................................................................................................................................ 10
Access Layer ............................................................................................................................................ 10
Distribution/Core .................................................................................................................................... 10
Design: .................................................................................................................................................... 10
Budget ......................................................................................................................................................... 11
Appendix ..................................................................................................................................................... 11
ATL_Router2 ............................................................................................................................................... 19
ATL_Switch .................................................................................................................................................. 31
ISP................................................................................................................................................................ 39
WIS_Router2 ............................................................................................................................................... 44
WIS_Switch ................................................................................................................................................. 58
Executive Summary:
The Atlanta Times Company has recently been assigned new data requirements for a more reliable voice
over IP integration. Voice over Internet Protocol or VoIP is the simplest resolution toward a low
maintenance and low cost approach to communication. Because their current PBX system is outdated,
PodD has been assigned to update the equipment while also providing design implementations that will
offer Atlanta Times a solution to voice. For the headquarter location, Atlanta Times employs over 400
staff and news reporters while the companies branch location only staffs roughly 130. Both locations
require their own network virtual local area networks, or VLANS while also support for four-digit dialing
between both sites. To achieve these requirements, QoS will be added to the existing network
providing a streamlined solution to data with voice applications. Atlanta will see no downtime with the
devices selected and full integration with Microsoft Active Directory allowing staff members to login to
any phone. To offer a unified calling console for network engineers, Cisco Unified Communications
Manager or CUCM will be installed at the corporate office allowing full control and visibility of Atlanta’s
voice devices. Along with any new design comes a price. For this design and implementation, the
budget totals to $377,360.00
Keywords: Voice, Cisco, VoIP, Phones, Digital, QoS, Solutions, Design, CUCM, VLANS.
Goals and Objectives
PodD’s goals & Objectives for the Atlanta Times Companies network are as follows:






Add 530 phones to the company
High redundancies and failovers
Cisco Unified Communication Manager
Active Directory Integration for Cisco Mobility
Public Switch Telephone Network Integration
Quality of Service
Proposal:
Atlanta Times Company needs a solution for an IP based voice network in both locations. To do this,
PodD has created a detail proposal that will go over basic design elements to complex data evaluations.
Routing and Switching:
Within any voice network, Cisco devices are needed to run the backbone that routes calls from place to
place. The router chosen for this network implementation has been the Cisco 2911, an integrated
service router with C2911-VSEC/K9 as the voice and security bundle. The routers have been purchased
for $3,644.00 from a trust Cisco retailer, CDW.com. For Atlanta Times, the 2911 is a perfect match that
can route normal data to FTP servers while keeping voice calls moving without any hassle.
The implementation of the test network began with three routers. One for the Atlanta location,
Wisconsin location and ISP. Within these three routers, the Atlanta and Wisconsin location have a GRE
tunnel or Generic Routing Encapsulation tunnel between both locations. This specific tunnel contains an
extended access list that only traffic destined for each location will use. For example, traffic destined for
the web will not use the tunnel because it does not have encapsulated packets for the internal network.
This tunnel allows for private data transfer and voice calls with four digit dialing. With the routers, we
have implemented DHCP servers for both Atlanta and Wisconsin that both point use option 150 to point
to our CUCM server. The CUCM server will be explained in further detail below in the document. Each
computer and phone will pull an IP address that corresponds to the DHCP server. From there, the
router can route traffic to and from the company’s locations.
Each telephony device must either use a dedicated power supply or power over Ethernet or PoE through
a network switch. For Atlanta Times, the best option would be 24 or 48 port PoE gigabit switches. Any
Cisco switch with a PoE module will provide the level of access each user needs. The Cisco VoIP phones,
which will be described in further detail below, can access the switch through a standard Ethernet cable
and provide the user with a PC input as well. This allows better cable management and less stress for
network engineers. For our implementation, we have selected Cisco 3560 PoE switches for normal voice
use. Each port contains one of the two data VLAN’s and one voice VLAN so each device can be on its
dedicated network. The end user data ports will also have spanning tree portfast enabled with
switchport security that can block unwanted attacks or hacks to the network. All switchports will also
use QoS, no matter if a trunk link or end user connection.
The router and switches chosen for Atlanta Times are used to provide the best redundancy and uptime.
We will now discuss MGCP gateways and how they are used within the routers.
MGCP Gateways:
Media Gateway Control Protocol or MGCP gateways are used if any voice network wants to connect to
the outside world. In brief, the MGCP gateway allows user to dial any North American dial plan and be
connected like an analog phone. For our network implementation, it was important that MGCP be
placed on both locations for not only phone calls to the outside world, but redundancy. If the WAN link
to the ISP locations goes down on either router, MGCP can route digital calls through the analog public
switched telephone network. This practice was tested and implemented in the topology. 911 and other
emergency numbers were also formatted in each router for the use fast dialing to local services. CUCM
provides configurations for our gateways while the routers needed to be configured manually for MGCP
to operate. Once this was configured, calling between both sites without a WAN link was successful.
Requirements
The Atlanta Times Co. has set a few requirements but they very important to follow. These
requirements are listed as follows.
Technical







Needs 24/7 technical support
Connectivity between HQ and remote office
Need to have video conferencing
Must have quality of service and little to no downtime
Must implement VoIP and also integrate with active directory and Outlook
Must have Cisco Unity Unified Messaging
WAN connects to HQ and Wisconsin remote office using GRE over IP Sec site to site VPN tunnel
Constraints







New system must reduce cost, improve productivity and increase collaboration
Need to extend the life and the value of the company’s investment with cisco VoIP
Enough IP phones and equipment to support over 500 staff
Voice, data must be on different VLANs
Design should address high volume data traffic
Must provide Music on Hold as a marketing tool
Need to implement in a pilot network before putting into the production network
Cisco Unified Communication Management Design
The Cisco Unified Communications Manager can help Atlanta Times with their phone service in many
ways.




It’s an enterprise-class IP communications processing system for up to 40,000 users
Increased video accessibility allowing multiple users to video conference at once
It can help boost productivity
Allows access to a larger number of applications











Helps accelerate business innovation
Reduces the complexity of IT
Better user mobility allowing single number access to desk phone, mobile phone increasing
reach regardless of your location
Access to company voicemail
Able to check the availability of employees in real time
Supports higher-resolution color displays on Cisco Unified IP Phones
Voice quality is better with support for low bandwidth and high-definition audio codecs
Cisco TelePresence conferencing allows face-to-face communication over the network
Phone designer lets you customize ring tones and background images
Allows you to view, listen and respond to voicemail messages directly from your IP Phone
Networking costs per employee are, on average, almost 50 percent lower
IP Addressing
For the Atlanta Times company we had to provide enough scalability to the corporation
that would allow for future growth. Currently the Atlanta Times corporation has 300 staff
members and 100 news reporters at the headquarters in Atlanta. The company also has 100
staff members and 30 news reporters. Keeping this in mind, we wanted to provide a proper IP
addressing scheme for each location to account for the future expansion. At the headquarter
location in Atlanta, we decided to use IP addresses of 10.60.100.1/24 for news reporters and
10.60.200.1/23 for the staff members. This is essentially the same at the remote office in
Wisconsin using IP addresses of 10.50.100.1/24 for news reporters and 10.50.200.1/23 for staff
members. This IP addressing scheme will allow the Atlanta location to have 254 news reporters
and 512 staff members. The remote site at Wisconsin is also providing scalability for more users
allowing 254 available IP addresses for news reporters and 512 for staff members. Each location
also needed enough available IP addresses to provide for the voice traffic across the network.
The addresses used for this traffic is 10.60.20.0/23 at the Atlanta site and 10.50.20.0 /23 at the
Wisconsin site which will provide for 512 voice IP addresses at each location.
The IP addresses described in the next section pertain to the more technical aspect of setting
up this VoIP network. It will detail all the IP addresses Network Administrators will need to
know to manage the VoIP network with some additional information.

In order to manage the switches we have also set up a management VLAN in the
network with an IP address of 10.60.99.1/24 and 10.50.99.1/24. This will allow Network
Administrators to telnet into switches and gain remote access for any management
needs.

The address of the CUCM server will be 10.60.30.10 which will allow Network
Administrators to navigate to the CUCM administration page by using the Internet
Explorer Web browser which allows CUCM configuration as needed. This address also
had to be specified in the router configurations with a few other commands. The first is
specifying option 150 which defines the TFTP server (CUCM) to download the phone
configuration files. The address for the ccm-manager config server command will specify
the TFTP server which the Media Gateway Control Protocol (MGCP) gateway will use to
download configuration files from the CUCM. The mgcp call-agent address will also be
used to configure the address and protocol of the call agent for the MGCP endpoints to
use on the media gateway.

An IPsec tunnel is also set up to provide a private-to-private network with the need for
the internet for the two sites to be able to communicate. For this to be achieved we set
up a tunnel interface at each location. For the Atlanta Location the tunnel IP address is
10.60.1.1/24 and at the Wisconsin location the tunnel IP address is 10.90.1.2/24. With
this set up the two sites should always be able to route traffic between each other. Each
location of the tunnel also has to specify a source and destination address so it knows
where to route traffic to, once leaving the local network or essentially how to travel
through the IPsec tunnel. To accommodate for these needs the Atlanta time will have a
tunnel source IP address of 99.99.99.1 and a destination of 98.98.98.1. The Wisconsin
site will be vice versa with a source IP address of 98.98.98.1 and a destination IP address
of 99.99.99.1.

A routing protocol will also be needed to permit routing to all the networks specified. To
do this we are going to use EIGRP which is a great routing protocol that is easy to
manage and troubleshoot any issues.
New Cisco Phones
The reason for purchasing new Cisco IP phones is to upgrade any outdated equipment the
Atlanta Times company may still be using and give them the ability to use video conferencing
between the headquarter location in Atlanta and the remote site in Wisconsin. The Atlanta
Times company is growing and we felt their technology should advance with the company,
that’s why we recommend purchasing next generation Cisco 9971 IP phones. Purchasing this
type of Cisco IP phone will ensure that technology doesn’t outdate the phones in the near
future and this phone was also tested in a working prototype network for the Atlanta Times.
This device also supports all the proper specifications and features need for the Atlanta Times
VoIP solution.
The list below provides the specifications and features of the Cisco 9971 IP phone.







LCD Display/Touch Screen
H.264 video codes needed for video conferencing
Support of G.711 and G.729 voice codecs
Has Class 3 Power over Ethernet capability
Runs all the proper Network protocols CDP, DNS, HTTP, LLDP, RTCP, SRTP, TFTP and VoIP
protocols of RTCP, SIP, SRTP
Works with CUCM 7.1 or later
IP addressing can be applied either statically or through DHCP.
The Cisco 9971 IP phone seems like a great option for the Atlanta Times company’s VoIP
solution and we hope they consider our recommendation.
Active Directory Design/Windows Server 2008 R2
Atlanta Times has a Windows Server 2008 R2 running active directory. They have 100 users in
their Atlanta News organizational unit, 300 in Atlanta Staff, and 100 in Wisconsin Staff. Atlanta Times
has requested that the Windows server 2008 should be used to populate phone and voice mail users.
Basic Server Configuration
We decided to use Windows Server 2008 R2 to distribute users, computers, and VoIP phone. We
installed the active directory role, DNS, and opted to leave DHCP up to our main router in Atlanta. We
added users into our network users CSV, implementing all of their attributes at once. Our network
configuration for the server is as follows:
1.
2.
3.
4.
IP Address:
Subnet Mask:
Default Gateway:
DNS Server:
10.60.30.254
255.255.255.0
10.60.30.1
10.60.30.254
Users and Computers
We added users to active directory by using a CSV file and implementing the CSVDE command.
This was a quick and easy way to add all the necessary users in Active Directory without inputting them
all in by hand. The steps we took are as follows:
1. Open Notepad.
2. Use the following syntax to add users into active directory
a. DN,sAMAccountNAme,userPrincipalName,telphoneNumber,objectclass
b. “cn=[name],ou=[organizational unit name], dc=[domain],dc=[com]”
[username],[useremail],[userPhoneNumber], user
i. [name] = user1, (do not use the brackets)
3. Save the document as a .csv file extension (not the save location, I like to save to C:/ )
4. Go to start in type in CMD in the search bar, this opens command prompt
5. Ensure the directory of command prompt is the same as the location of the file.
a. i.e. if it is saved in C:/ make sure command prompt shows C:/ not C:/users/file…
i. you can get to cd by using the cd .. command
6. Type csvde –I –f <File_location_and_name> (example C:/AddUsers.csv)
7. After pressing enter, the file should load the users to active directory
a. Make sure to go into active directory and enable all the accounts you added!
i. Right click on user and select “enable user”
We added computers in a similarly efficient manner using the netdom add command. This command is
a simple command that will add a computer with a specific name to your Computer OU. The process to
accomplish this is as follows.
1. Open notepad.
2. Using the following syntax add computers
a. Netdom add [name of computer]
i. i.e. netdom add computer1
ii. This will add a computer named computer1 to active directory
3. After you have entered all the computers into notepad open command prompt
4. Select start and enter CMD in the search bar, this will open command prompt
5. Go to your notepad file of computers and copy the text.
6. Go into command prompt and paste the text, (you may have to right click)
7. Command prompt will then enter in the computers to active directory.
8. Ensure that the desired computer have been added to active directory
Quality of Service (QoS)
To meet voice quality standards we implemented QoS throughout our network, giving priority to
voice traffic and trusting class of service. This will be deployed through the network to meet and exceed
Atlanta Times VoIP requirements.
WAN
As requested from Atlanta Times we will prioritize voice traffic without starving the other traffic on the
network. We implemented
Access Layer
Access layer ports going straight to phones and computers will be using port fast and trust CoS/Qos for
voice traffic. Following cisco’s recommendations we prioritized voice traffic above regular data traffic
from the computer. This is to illuminate latency in the phone call. We will be using AutoQos specifically
since it will provide a sufficient QoS plan above Atlanta Times requirements.
Distribution/Core
AutoQoS will also be used here due to its high automatic standard. We will also trust CoS/QoS
Design:
Budget
We bought 530 Cisco 9971 IP phones at $712.00 a piece with all licenses. This totaled out to be
$377,360. As explained in the phone section of this document these are the perfect phones for
Atlanta Times.
Appendix
Pic 1
Pic 2
Pic 3
Pic 4
Pic 5
Pic 5
Pic 6
Pic 7
Pic 8
Pic 9
Pic 10
Pic 11
Pic 12
Pic 13
Pic 14
ATL_Router2
ATL_Router#show run
Building configuration...
Current configuration : 5606 bytes
!
! Last configuration change at 15:58:16 CST Sat May 4 2013
! NVRAM config last updated at 15:58:18 CST Sat May 4 2013
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ATL_Router
!
boot-start-marker
boot-end-marker
!
card type t1 0 3
!
no aaa new-model
!
resource policy
!
memory-size iomem 10
clock timezone CST -5
network-clock-participate wic 3
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 10.60.100.1 10.60.100.9
ip dhcp excluded-address 10.60.200.1 10.60.200.9
ip dhcp excluded-address 10.60.30.1 10.60.30.9
ip dhcp excluded-address 10.60.20.1 10.60.20.9
!
ip dhcp pool 100
network 10.60.100.0 255.255.255.0
default-router 10.60.100.1
dns-server 8.8.8.8
!
ip dhcp pool 200
network 10.60.200.0 255.255.254.0
default-router 10.60.200.1
dns-server 8.8.8.8
!
ip dhcp pool 20
network 10.60.20.0 255.255.254.0
default-router 10.60.20.1
option 150 ip 10.60.30.10
!
!
no ip domain lookup
!
!
isdn switch-type primary-ni
!
voice-card 0
no dspfarm
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
controller T1 0/3/0
framing esf
linecode b8zs
cablelength short 133
pri-group timeslots 1-8,24 service mgcp
!
class-map match-any AutoQoS-VoIP-Remark
match ip dscp ef
match ip dscp cs3
match ip dscp af31
class-map match-any AutoQoS-VoIP-Control-UnTrust
match access-group name AutoQoS-VoIP-Control
class-map match-any AutoQoS-VoIP-RTP-UnTrust
match protocol rtp audio
match access-group name AutoQoS-VoIP-RTCP
!
!
policy-map AutoQoS-Policy-UnTrust
class AutoQoS-VoIP-RTP-UnTrust
priority percent 70
set dscp ef
class AutoQoS-VoIP-Control-UnTrust
bandwidth percent 5
set dscp af31
class AutoQoS-VoIP-Remark
set dscp default
class class-default
fair-queue
!
!
!
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 5
lifetime 3600
crypto isakmp key cisco123 address 98.98.98.1
!
crypto ipsec security-association lifetime seconds 1800
!
crypto ipsec transform-set 50 esp-aes 256 esp-sha-hmac
!
crypto map CMAP 10 ipsec-isakmp
set peer 98.98.98.1
set security-association lifetime seconds 900
set transform-set 50
set pfs group5
match address Tunnel
!
!
!
!
!
interface Tunnel0
ip address 10.90.1.1 255.255.255.0
tunnel source 99.99.99.1
tunnel destination 98.98.98.1
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
auto qos voip
service-policy output AutoQoS-Policy-UnTrust
!
interface FastEthernet0/0.20
description ROUTER INTERFACE FOR Voice
encapsulation dot1Q 20
ip address 10.60.20.1 255.255.254.0
!
interface FastEthernet0/0.30
encapsulation dot1Q 30
ip address 10.60.30.1 255.255.255.0
!
interface FastEthernet0/0.99
description ROUTER INTERFACE FOR MANAGEMENT VLAN
encapsulation dot1Q 99
ip address 10.60.99.1 255.255.255.0
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
ip address 10.60.100.1 255.255.255.0
!
interface FastEthernet0/0.200
description ROUTER INTERFACE FOR DATA_Staff
encapsulation dot1Q 200
ip address 10.60.200.1 255.255.254.0
!
interface FastEthernet0/1
ip address 99.99.99.1 255.255.255.0
duplex auto
speed auto
auto qos voip
crypto map CMAP
service-policy output AutoQoS-Policy-UnTrust
!
interface Serial0/0/0
no ip address
shutdown
no fair-queue
clock rate 2000000
!
interface Serial0/0/1
no ip address
shutdown
clock rate 2000000
!
interface Serial0/1/0
no ip address
shutdown
clock rate 2000000
!
interface Serial0/1/1
no ip address
shutdown
clock rate 2000000
!
interface Serial0/3/0:23
no ip address
encapsulation hdlc
isdn switch-type primary-ni
isdn incoming-voice voice
isdn bind-l3 ccm-manager
no cdp enable
!
router eigrp 1
redistribute static
network 10.60.20.0 0.0.1.255
network 10.60.30.0 0.0.0.255
network 10.60.99.0 0.0.0.255
network 10.60.100.0 0.0.0.255
network 10.60.200.0 0.0.1.255
network 99.99.99.0 0.0.0.255
no auto-summary
!
ip route 98.98.98.0 255.255.255.0 FastEthernet0/1
!
!
ip http server
no ip http secure-server
!
ip access-list extended AutoQoS-VoIP-Control
permit tcp any any eq 1720
permit tcp any any range 11000 11999
permit udp any any eq 2427
permit tcp any any eq 2428
permit tcp any any range 2000 2002
permit udp any any eq 1719
permit udp any any eq 5060
ip access-list extended AutoQoS-VoIP-RTCP
permit udp any any range 16384 32767
ip access-list extended Tunnel
permit ip 10.60.20.0 0.0.1.255 10.50.20.0 0.0.1.255
permit ip 10.60.200.0 0.0.1.255 10.50.200.0 0.0.1.255
permit ip 10.60.100.0 0.0.1.255 10.50.100.0 0.0.1.255
!
!
!
!
!
!
!
control-plane
!
rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for Voice Drops" owner AutoQoS
rmon alarm 33333 cbQosCMDropBitRate.34.14175073 30 absolute rising-threshold 1 33333 fallingthreshold 0 owner AutoQoS
!
!
voice-port 0/3/0:23
!
ccm-manager mgcp
ccm-manager music-on-hold
ccm-manager config server 10.60.30.10
ccm-manager config
!
mgcp
mgcp call-agent 10.60.30.10 2427 service-type mgcp version 0.1
mgcp dtmf-relay voip codec all mode out-of-band
mgcp rtp unreachable timeout 1000 action notify
mgcp modem passthrough voip mode nse
mgcp package-capability rtp-package
no mgcp package-capability res-package
mgcp package-capability sst-package
no mgcp package-capability fxr-package
mgcp package-capability pre-package
no mgcp timer receive-rtcp
mgcp sdp simple
mgcp rtp payload-type g726r16 static
!
mgcp profile default
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0
login
length 0
line vty 1 4
login
!
scheduler allocate 20000 1000
ntp master
!
End
ATL_Switch
ATL_Switch#show run
Building configuration...
Current configuration : 4440 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ATL_Switch
!
boot-start-marker
boot-end-marker
!
!
!
!
no aaa new-model
system mtu routing 1500
ip routing
!
!
!
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 70 30
mls qos srr-queue input threshold 1 80 90
mls qos srr-queue input priority-queue 2 bandwidth 30
mls qos srr-queue input cos-map queue 1 threshold 2 3
mls qos srr-queue input cos-map queue 1 threshold 3 6 7
mls qos srr-queue input cos-map queue 2 threshold 1 4
mls qos srr-queue input dscp-map queue 1 threshold 2 24
mls qos srr-queue input dscp-map queue 1 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue input dscp-map queue 1 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue input dscp-map queue 2 threshold 3 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 1
mls qos srr-queue output dscp-map queue 1 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue output dscp-map queue 1 threshold 3 46 47
mls qos srr-queue output dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 2 threshold 1 26 27 28 29 30 31 34 35
mls qos srr-queue output dscp-map queue 2 threshold 1 36 37 38 39
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue output dscp-map queue 4 threshold 1 8 9 11 13 15
mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14
mls qos queue-set output 1 threshold 1 100 100 50 200
mls qos queue-set output 1 threshold 2 125 125 100 400
mls qos queue-set output 1 threshold 3 100 100 100 400
mls qos queue-set output 1 threshold 4 60 150 50 200
mls qos queue-set output 1 buffers 15 25 40 20
mls qos
!
!
auto qos srnd4
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust cos
auto qos trust
!
interface FastEthernet0/2
switchport access vlan 100
switchport mode access
switchport voice vlan 20
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust cos
auto qos trust
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 200
switchport mode access
switchport voice vlan 20
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust cos
auto qos trust
spanning-tree portfast
!
interface FastEthernet0/4
shutdown
!
interface FastEthernet0/5
shutdown
!
interface FastEthernet0/6
shutdown
!
interface FastEthernet0/7
shutdown
!
interface FastEthernet0/8
shutdown
!
interface FastEthernet0/9
shutdown
!
interface FastEthernet0/10
shutdown
!
interface FastEthernet0/11
shutdown
!
interface FastEthernet0/12
shutdown
!
interface FastEthernet0/13
shutdown
!
interface FastEthernet0/14
shutdown
!
interface FastEthernet0/15
shutdown
!
interface FastEthernet0/16
shutdown
!
interface FastEthernet0/17
shutdown
!
interface FastEthernet0/18
shutdown
!
interface FastEthernet0/19
shutdown
!
interface FastEthernet0/20
shutdown
!
interface FastEthernet0/21
shutdown
!
interface FastEthernet0/22
shutdown
!
interface FastEthernet0/23
shutdown
!
interface FastEthernet0/24
description TOP 3 Server with CUCM on it
switchport access vlan 30
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
!
interface Vlan99
ip address 10.60.99.2 255.255.255.0
!
!
router eigrp 1
network 10.60.99.0 0.0.0.255
!
ip classless
ip http server
ip http secure-server
!
!
ip sla enable reaction-alerts
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line vty 0 4
login
length 0
line vty 5 15
login
length 0
!
ntp peer 10.60.99.1
end
ISP
ISP#show run
Building configuration...
Current configuration : 1445 bytes
!
! Last configuration change at 18:25:21 UTC Mon Apr 22 2013
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname ISP
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
memory-size iomem 10
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
!
!
multilink bundle-name authenticated
!
!
crypto pki token default removal timeout 0
!
!
license udi pid CISCO2911/K9 sn FTX1633AJH6
!
!
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
ip address 99.99.99.2 255.255.255.0
duplex auto
speed auto
ip nat in
!
interface GigabitEthernet0/1
ip address 98.98.98.2 255.255.255.0
duplex auto
speed auto
ip nat in
!
interface GigabitEthernet0/2
ip address dhcp
duplex auto
speed auto
ip nat out
!
interface Serial0/0/0
no ip address
shutdown
clock rate 2000000
!
interface Serial0/0/1
no ip address
shutdown
clock rate 2000000
!
!
router eigrp 1
red stat
passive-interface gi0/2
network 98.98.98.0 0.0.0.255
network 99.99.99.0 0.0.0.255
no au
!
ip nat inside source list 100 interface gi0/2 overload
access-list 100 permit ip 10.0.0.0 0.255.255.255 any
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
control-plane
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login
transport input all
!
scheduler allocate 20000 1000
end
WIS_Router2
Wis_Router#show run
Building configuration...
Current configuration : 6533 bytes
!
! Last configuration change at 21:56:31 UTC Sat May 4 2013
! NVRAM config last updated at 21:10:57 UTC Sat May 4 2013
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Wis_Router
!
boot-start-marker
boot-end-marker
!
card type t1 0 3
logging message-counter syslog
!
no aaa new-model
memory-size iomem 10
network-clock-participate wic 3
!
dot11 syslog
ip source-route
!
!
ip cef
ip dhcp excluded-address 10.50.100.1 10.50.100.9
ip dhcp excluded-address 10.50.200.1 10.50.200.9
ip dhcp excluded-address 10.50.30.1 10.50.30.9
ip dhcp excluded-address 10.50.20.1 10.50.20.9
!
ip dhcp pool 100
network 10.50.100.0 255.255.255.0
default-router 10.50.100.1
dns-server 8.8.8.8
!
ip dhcp pool 200
network 10.50.200.0 255.255.254.0
default-router 10.50.200.1
dns-server 8.8.8.8
!
ip dhcp pool 20
network 10.50.20.0 255.255.254.0
default-router 10.50.20.1
option 150 ip 10.60.30.10
!
!
no ip domain lookup
!
no ipv6 cef
multilink bundle-name authenticated
!
!
isdn switch-type primary-ni
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
voice translation-rule 1
rule 1 /^17152324\(...\)/ /3\1/
!
voice translation-rule 2
rule 2 /^4\(...\)/ /14045578\1/
!
!
voice translation-profile comein
translate called 1
!
voice translation-profile exit
translate called 2
!
!
voice-card 0
no dspfarm
!
!
application
global
service alternate default
!
!
!
!
!
!
archive
log config
hidekeys
!
!
crypto isakmp policy 10
encr aes 256
authentication pre-share
group 5
lifetime 3600
crypto isakmp key cisco123 address 99.99.99.1
!
crypto ipsec security-association lifetime seconds 1800
!
crypto ipsec transform-set 50 esp-aes 256 esp-sha-hmac
!
crypto map CMAP 10 ipsec-isakmp
set peer 99.99.99.1
set security-association lifetime seconds 900
set transform-set 50
set pfs group5
match address Tunnel
!
!
!
controller T1 0/3/0
framing esf
linecode b8zs
cablelength short 220
pri-group timeslots 1-8,24 service mgcp
!
!
class-map match-any AutoQoS-VoIP-Remark
match ip dscp ef
match ip dscp cs3
match ip dscp af31
class-map match-any AutoQoS-VoIP-Control-UnTrust
match access-group name AutoQoS-VoIP-Control
class-map match-any AutoQoS-VoIP-RTP-UnTrust
match protocol rtp audio
match access-group name AutoQoS-VoIP-RTCP
!
!
policy-map AutoQoS-Policy-UnTrust
class AutoQoS-VoIP-RTP-UnTrust
priority percent 70
set dscp ef
class AutoQoS-VoIP-Control-UnTrust
bandwidth percent 5
set dscp af31
class AutoQoS-VoIP-Remark
set dscp default
class class-default
fair-queue
!
!
!
!
!
interface Tunnel0
ip address 10.90.1.2 255.255.255.0
tunnel source 98.98.98.1
tunnel destination 99.99.99.1
!
interface FastEthernet0/0
no ip address
duplex auto
speed auto
auto qos voip
service-policy output AutoQoS-Policy-UnTrust
!
interface FastEthernet0/0.20
description ROUTER INTERFACE FOR Voice
encapsulation dot1Q 20
ip address 10.50.20.1 255.255.254.0
!
interface FastEthernet0/0.99
description ROUTER INTERFACE FOR MANAGEMENT VLAN
encapsulation dot1Q 99
ip address 10.50.99.1 255.255.255.0
!
interface FastEthernet0/0.100
encapsulation dot1Q 100
ip address 10.50.100.1 255.255.255.0
!
interface FastEthernet0/0.200
description ROUTER INTERFACE FOR DATA_Staff
encapsulation dot1Q 200
ip address 10.50.200.1 255.255.254.0
!
interface FastEthernet0/1
ip address 98.98.98.1 255.255.255.0
duplex auto
speed auto
auto qos voip
crypto map CMAP
service-policy output AutoQoS-Policy-UnTrust
!
interface Serial0/0/0
no ip address
shutdown
no fair-queue
clock rate 2000000
!
interface Serial0/0/1
no ip address
shutdown
clock rate 2000000
!
interface Serial0/3/0:23
no ip address
encapsulation hdlc
isdn switch-type primary-ni
isdn incoming-voice voice
isdn bind-l3 ccm-manager
no cdp enable
!
router eigrp 1
redistribute static
network 10.50.20.0 0.0.1.255
network 10.50.99.0 0.0.0.255
network 10.50.100.0 0.0.0.255
network 10.50.200.0 0.0.1.255
network 98.98.98.0 0.0.0.255
no auto-summary
!
ip forward-protocol nd
ip route 99.99.99.0 255.255.255.0 FastEthernet0/1
no ip http server
no ip http secure-server
!
!
!
ip access-list extended AutoQoS-VoIP-Control
permit tcp any any eq 1720
permit tcp any any range 11000 11999
permit udp any any eq 2427
permit tcp any any eq 2428
permit tcp any any range 2000 2002
permit udp any any eq 1719
permit udp any any eq 5060
ip access-list extended AutoQoS-VoIP-RTCP
permit udp any any range 16384 32767
ip access-list extended Tunnel
permit ip 10.50.20.0 0.0.1.255 10.60.20.0 0.0.1.255
permit ip 10.50.200.0 0.0.1.255 10.60.200.0 0.0.1.255
permit ip 10.50.100.0 0.0.1.255 10.60.100.0 0.0.1.255
!
!
!
!
!
!
!
!
control-plane
!
rmon event 33333 log trap AutoQoS description "AutoQoS SNMP traps for Voice Drops" owner AutoQoS
rmon alarm 33333 cbQosCMDropBitRate.34.14175073 30 absolute rising-threshold 1 33333 fallingthreshold 0 owner AutoQoS
!
!
voice-port 0/3/0:23
!
ccm-manager fallback-mgcp
ccm-manager mgcp
ccm-manager music-on-hold
ccm-manager config server 10.60.30.10
ccm-manager config
!
mgcp
mgcp call-agent 10.60.30.10 2427 service-type mgcp version 0.1
mgcp rtp unreachable timeout 1000 action notify
mgcp modem passthrough voip mode nse
mgcp package-capability rtp-package
mgcp package-capability sst-package
mgcp package-capability pre-package
no mgcp package-capability res-package
no mgcp timer receive-rtcp
mgcp sdp simple
mgcp rtp payload-type g726r16 static
!
mgcp profile default
!
!
!
dial-peer voice 1 pots
destination-pattern 91[2-9].........
port 0/3/0:23
forward-digits 11
!
dial-peer voice 2 pots
destination-pattern 9[2-9].........
port 0/3/0:23
forward-digits 10
!
dial-peer voice 3 pots
translation-profile incoming comein
incoming called-number .
direct-inward-dial
!
dial-peer voice 4 pots
translation-profile outgoing exit
destination-pattern 4...
port 0/3/0:23
!
dial-peer voice 5 pots
destination-pattern 911
port 0/3/0:23
forward-digits 3
!
dial-peer voice 6 pots
destination-pattern 1[2-9].........
port 0/3/0:23
forward-digits 11
!
!
!
!
call-manager-fallback
max-conferences 8 gain -6
transfer-system full-consult
ip source-address 10.50.20.1 port 2000
max-ephones 10
max-dn 10
system message primary ATL Network is Down!
dialplan-pattern 1 4045778... extension-length 4
!
!
line con 0
exec-timeout 0 0
logging synchronous
line aux 0
line vty 0
password cisco
login
length 0
line vty 1 4
login
!
scheduler allocate 20000 1000
ntp peer 10.60.99.1
end
WIS_Switch
WIS_Switch#show run
Building configuration...
Current configuration : 4376 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname WIS_Switch
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$5oGq$TWCsbYoNAwlTUhiN4WZMK0
!
!
!
no aaa new-model
system mtu routing 1500
ip routing
!
!
!
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input bandwidth 70 30
mls qos srr-queue input threshold 1 80 90
mls qos srr-queue input priority-queue 2 bandwidth 30
mls qos srr-queue input cos-map queue 1 threshold 2 3
mls qos srr-queue input cos-map queue 1 threshold 3 6 7
mls qos srr-queue input cos-map queue 2 threshold 1 4
mls qos srr-queue input dscp-map queue 1 threshold 2 24
mls qos srr-queue input dscp-map queue 1 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue input dscp-map queue 1 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue input dscp-map queue 2 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue input dscp-map queue 2 threshold 3 46 47
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 1
mls qos srr-queue output dscp-map queue 1 threshold 3 32 33 40 41 42 43 44 45
mls qos srr-queue output dscp-map queue 1 threshold 3 46 47
mls qos srr-queue output dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23
mls qos srr-queue output dscp-map queue 2 threshold 1 26 27 28 29 30 31 34 35
mls qos srr-queue output dscp-map queue 2 threshold 1 36 37 38 39
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55
mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63
mls qos srr-queue output dscp-map queue 3 threshold 3 0 1 2 3 4 5 6 7
mls qos srr-queue output dscp-map queue 4 threshold 1 8 9 11 13 15
mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14
mls qos queue-set output 1 threshold 1 100 100 50 200
mls qos queue-set output 1 threshold 2 125 125 100 400
mls qos queue-set output 1 threshold 3 100 100 100 400
mls qos queue-set output 1 threshold 4 60 150 50 200
mls qos queue-set output 1 buffers 15 25 40 20
mls qos
!
!
auto qos srnd4
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
interface FastEthernet0/1
switchport trunk encapsulation dot1q
switchport mode trunk
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust cos
auto qos trust
!
interface FastEthernet0/2
switchport access vlan 100
switchport mode access
switchport voice vlan 20
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust cos
auto qos trust
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 200
switchport mode access
switchport voice vlan 20
srr-queue bandwidth share 1 30 35 5
priority-queue out
mls qos trust cos
auto qos trust
spanning-tree portfast
!
interface FastEthernet0/4
shutdown
!
interface FastEthernet0/5
shutdown
!
interface FastEthernet0/6
shutdown
!
interface FastEthernet0/7
shutdown
!
interface FastEthernet0/8
shutdown
!
interface FastEthernet0/9
shutdown
!
interface FastEthernet0/10
shutdown
!
interface FastEthernet0/11
shutdown
!
interface FastEthernet0/12
shutdown
!
interface FastEthernet0/13
shutdown
!
interface FastEthernet0/14
shutdown
!
interface FastEthernet0/15
shutdown
!
interface FastEthernet0/16
shutdown
!
interface FastEthernet0/17
shutdown
!
interface FastEthernet0/18
shutdown
!
interface FastEthernet0/19
shutdown
!
interface FastEthernet0/20
shutdown
!
interface FastEthernet0/21
shutdown
!
interface FastEthernet0/22
shutdown
!
interface FastEthernet0/23
shutdown
!
interface FastEthernet0/24
shutdown
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan99
ip address 10.50.99.2 255.255.255.0
!
!
router eigrp 1
network 10.50.99.0 0.0.0.255
!
ip classless
ip http server
ip http secure-server
!
!
ip sla enable reaction-alerts
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
line vty 0 4
password cisco
login
length 0
line vty 5 15
login
!
end
Download