Overview of the Cisco IOS Gatekeeper
This chapter describes the main functions of a gatekeeper and includes the following sections:
•Zone and Subnet Configuration
•Terminal Name Registration
•Accounting Using RADIUS/TACACS+
Cisco offers a Voice over IP gatekeeper called the Multimedia Conference Manager, which is an H.323-compliant program implemented as part of the Cisco IOS software. The Multimedia Conference Manager software can run on Cisco 2500 series, Cisco 2600 series, Cisco 3600 series, and Cisco MC3810 Multiservice Access Concentrators.
Zone and Subnet Configuration
A zone is defined as the set of H.323 nodes controlled by a single gatekeeper. Gatekeepers co-existing on a network can be configured so that they register endpoints from different subnets.
Endpoints attempt to discover a gatekeeper, and consequently what zone they are members of, using the RAS message protocol. The protocol supports a discovery message that can be sent multicast or unicast.
If the message is sent multicast, the endpoint registers nondeterministically with the first gatekeeper to respond. Any endpoint on a subnet that is not enabled for the gatekeeper is not accepted as a member of that gatekeeper's zone. If the gatekeeper receives a discovery message from such an endpoint, it sends an explicit reject message.
Terminal Name Registration
Gatekeepers recognize one of the following types of terminal aliases, or terminal names:
•H.323 identifiers (IDs), which are arbitrary, case-sensitive text strings.
•E.164 addresses, which are telephone numbers.
If an H.323 network deploys inter-zone communication, each terminal should at least have a fully-qualified e-mail name as its H.323 ID. For example, firstname.lastname@example.org. The domain name of the e-mail ID should be the same as the configured domain name for the gatekeeper of which it is a member. As in the previous example, the domain name is cisco.com.
To allow endpoints to communicate between zones, gatekeepers must be able to determine which zone an endpoint is in and locate the gatekeeper responsible for that zone. If DNS is available, you can associate a DNS domain name to each gatekeeper.
Accounting Using RADIUS/TACACS+
If you enable AAA on the gatekeeper, the gatekeeper emits an accounting record each time an endpoint registers or unregisters, or each time a call is admitted or disconnected.
There are three types of address destinations used in H.323 calls. The destination can be specified using either an H.323-ID address (a character string), an E.164 address (a string containing telephone keypad characters), or an e-mail ID (a character string). The way inter-zone calls are routed by the Cisco IOS Gatekeeper depends on the type of address being used.
•When using H.323-ID addresses, inter-zone routing is handled through the use of domain names. For example, to resolve the domain name email@example.com, the source endpoint's gatekeeper finds the gatekeeper for cisco.com and sends the location request for target address firstname.lastname@example.org to that gatekeeper. The destination gatekeeper looks in its registration database, sees bob registered, and returns the appropriate IP address to get to bob.
Note Although H.225 does not require the use of a domain name with H.323 IDs, the Cisco IOS Gatekeeper does require a domain name.
•When using E.164 addresses, call routing is handled through means of zone prefixes and gateway type prefixes, also referred to as technology prefixes. The zone prefixes, which are typically area codes, serve the same purpose as domain names in H.323-ID address routing. Unlike domain names, however, more than one zone prefix can be assigned to one gatekeeper, but the same prefix cannot be shared by more than one gatekeeper. With Cisco IOS Release 12.0(3)T and later, you can configure inter-zone routing using E.164 addresses.
•When using e-mail IDs, inter-zone routing is handled through the use of domain names—just as it is with H.323 IDs. Again, the source endpoint's gatekeeper finds the gatekeeper for the specified domain and sends the location request for the target address to that gatekeeper.