Cisco Business Edition 4000 Partner Guide

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Book Contents
Find Matches in This Book
Available Languages
Download Options

Book Title

Cisco Business Edition 4000 Partner Guide

Chapter Title

BE4000 Architecture and Design Considerations

Results

Updated:
March 1, 2018

Chapter: BE4000 Architecture and Design Considerations

BE4000 Architecture and Design Considerations

BE4000 Customer Network Requirements

BE4000 requires certain network specifications for its deployment. Ensure that the customer network meets all the requirements before adding a site in the Cisco Business Edition 4000 Management Portal.

BE4000 Management Tunnel

Cisco Business Edition 4000 requires permanent access to the internet to communicate with the cloud portal, receive NTP time updates, receive software upgrades, and if configured, for carrying SIP traffic.

If the internet connection is lost, the BE4000 still handles the calls that do not involve calls over the internet.

The following DMVPN Ports and Protocols are required to be open outbound on the connection used to connect to the Cisco Business Edition 4000 Management cloud:

  • UDP Port 500

    • Internet Security Association and Key Management Protocol (ISAKMP). Used in IKE

  • UDP Port 4500

    • NAT Traversal (NAT-T). When the BE4000 is behind NAT, NAT-T encapsulates ESP in UDP port 4500 to allow ESP to communicate in and out of the network

  • HTTP (port 80) and HTTPS (port 443) access from the BE4000 to the internet

  • Outbound access to Domain Naming System (DNS): DNS port 53 must be open

  • ICMP (Internet Control Message Protocol) access to SEA (208.115.101.160/27) and DFW (4.16.236.64/27) servers


Note

Each BE4000 appliance needs to be connected behind a NAT device behind a public IP address for management connectivity. Multiple BE4000 appliances cannot be configured behind the same public IP address.

DHCP Server

  • By default the BE4000 uses a DHCP address for initial deployment. A static address may be configured locally if a DHCP server is not available. Connection can be via console, or Ethernet to the MGMT port. For information on console and Ethernet based connection, see Local Administration.

  • When deploying Cisco Unified IP Phones, it is necessary for the phones to automatically discover the BE4000 to download phone configuration files. DHCP Option 66 and/or DHCP Option 150 is required to provide the TFTP address of the BE4000 for connecting the IP phones. If neither DHCP option 66 nor DHCP Option 150 is available, you must manually configure each IP phone's TFTP configuration with the IP address of the BE4000.


    Note

    The following IP Networks are not supported:

    • 10.0.1.x/24

    • 10.0.2.x/24

    • 10.0.3.x/24

    • 10.1.1.x/24

    • 10.1.2.x/24

    • 10.1.3.x/24

    • 10.2.x.x/16

    • 10.3.x.x/16

BE4000 in Voice VLANs

Before the phone has its IP address, the phone determines which VLAN it should be in by the Cisco Discovery Protocol (CDP) negotiation that takes place between the phone and the switch. This negotiation allows the phone to send packets with 802.1Q tags to the switch in a "voice VLAN" so that the voice data and all other data coming from the computer behind the phone are separated from each other at Layer 2. Voice VLANs are not required for the phones to operate, but they provide additional separation from other data on the network.

Voice VLANs can be assigned automatically from the switch to the phone, thus allowing for providing Layer 2 and Layer 3 separation between voice data and all other data on a network. A voice VLAN also allows for a different IP addressing scheme because the separate VLAN can have a separate IP scope at the Dynamic Host Configuration Protocol (DHCP) server.

The BE4000 can be deployed on the voice VLAN or on a different IP subnet. In both the ways, the BE4000 needs to have directed routed access to all phones, and be able to access the internet.


Note

The BE4000 proxies the media. Phones only need signaling and media connectivity to the BE4000. They do not need signaling nor media connectivity to other phones.

BE4000 Deployment Overview

BE4000 must be deployed in the customer LAN. Usually, the BE4000 only needs to establish outbound connections to internet services, so there is no need to deploy in a DMZ (demilitarized zone) or to forward all traffic to the BE4000. In the case of certain SIP trunk configurations, it may be necessary to forward inbound VoIP traffic (signaling and media) to the BE4000 LAN address. In these cases, the customer edge device needs to be configured accordingly for port forwarding. The BE4000 accepts traffic from trusted Cisco cloud management servers and additional partner or customer defined servers as defined in the device configuration. It is the customer's responsibility to ensure the blocking of traffic from other sources at their firewall to prevent common toll fraud and other attacks.


Note

Port Address Translation (PAT) without port forwarding is not supported in BE4000.

When deploying the BE4000 solution, ensure that IP phones are deployed on the same network as the BE4000. This ensures certain features such as IP phone Paging, Intercom, and Music On Hold (MOH) work without the need for additional changes to the network infrastructure. If IP phones are deployed on a different network, ensure that any Layer 3 devices in between the IP phones and the BE4000 support multicast multicast IP address 239.1.1.99 and are configured to forward the traffic. See the documentation provided by the network equipment vendor to determine how to enable multicast routing.

BE4000 Single-Site Deployment

BE4000 supports one appliance per site, with up to 200 device registrations (a phone is 1 registration; an ATA acts as 2 devices and so uses 2 device registrations). It is a standalone appliance with no option for clustering and cannot join or be used with an existing Cisco Unified Communications Manager or Cisco Unified Communications Manager Express.

When using the Setup Assistant wizard in the BE4000 Partner Portal, Region Settings selection for Country is used for language selection (phone localization and voicemail). Country is also used for dial plan. Only one language is supported per appliance.


Note

A minimum internet download speed of 2 Mbps is required.
Figure 1. Single Site Deployment

BE4000 Intersite Dialing

BE4000 supports a BE4000 site to call other BE4000 sites or to a central call control system without using a PSTN network. Intersite Dialing is useful in a business with multiple locations such as regional branch offices.

A thorough understanding of Intersite Dialing feature, network design, best practices, and careful planning are required before deploying a BE4000 site with Intersite Dialing capabilities.


Note

  • Intersite Dialing capability is supported only on the main interface (GE 0/0/0).

  • You can configure Intersite Dialing only for the sites that are in the "Online" state. A customer must have a minimum of 2 sites in the "Online" state for configuring Intersite Dialing.

  • While configuring Intersite Dialing, if the IP address of the BE4000 is not in the following IP address range, then add them manually on the Private IP Range page before deploying:

    • 10.0.0.0 /8

    • 172.16.0.0 /12

    • 192.168.0.0 /16

  • When an end user from one BE4000 site calls an end user in another BE4000 site by dialing the site ID followed by the extension, on the caller phone, the called phone number is displayed without the site code.

    Example

    An end user with extension 2001 belonging to site 1 having site ID 21 calls an end user with extension 3001 in site 2 having site ID 31 by dialing the site 313001. In this scenario, the phone belonging to the extension 3001 displays the incoming call number as 212001. But, the phone belonging to the end user with extension 2001, displays the outgoing called number as 3001 instead of 313001.

BE4000 Sites in Mesh Topology

A mesh topology allows you to connect up to six BE4000 sites directly for Intersite Dialing. A mesh topology does not require a central call control platform. Selecting mesh topology leads to guided configuration where administrators can select from a list of best practice options to ensure ease of management and reliable deployment.


Note

In a mesh topology, only BE4000 sites can be connected. To connect to other call control devices, you must use star topology. For more information on star topology, see BE4000 Sites in Star Topology.

In a mesh topology, calls are routed directly from one BE4000 to the other over an IP network using SIP. Calls can be made between sites using a shorter number than dialing the whole Direct Inward Dial (DID) extension number. For example, dial 4503 rather than +1 555 123 4503. There are two dial plan options available to end users.

  • Dial using Site ID and Extension Number

  • Dial using Extension Number

Call an Extension in Another BE4000 Site Using Site Identification Number and Extension Number

Each site has 3, 4, or 5-digit extension numbers and 2-digit site identification number (also known as site ID). When calling an extension within the same site, end users dial the extension number. When calling between sites, the end users dial the site ID of the remote site and then the extension number. Key advantage of using a site ID is that you can have the extension numbers overlapping between sites and the dial plan requires less planning. Using site ID is beneficial while retrofitting Intersite Dialing to an existing deployment where the dial plan cannot natively avoid overlaps between sites.

Call an Extension in Another BE4000 Site Using Extension Number Only

Note

BE4000 does not support calling an extension in another BE4000 site by using extension number only.

Each site can have 3, 4, or 5-digit extension number which has to be unique across all the BE4000 sites in the deployment. When dialing either within the BE4000 site or across multiple BE4000 sites, an end user simply dials the extension number. There is no need to dial the site identification number.

Key advantage of using a flat dial plan is that extension numbers are kept short (minimum 3-digit dialing) and the organization appears to be one large deployment. A flat dial plan needs up front planning. To ensure that extensions do not overlap, reserve an extension range for each site.

BE4000 Sites in Star Topology

A star topology allows you to connect any number of BE4000 sites to a centralized call control system (such as Cisco Unified SIP Proxy, Cisco Unified Communications Manager, third-party SIP provider) for site-to-site dialing. Selecting star topology leads to an advanced configuration, where administrators enter dial plan rules to route calls to the centralized call control.

There is no limit to the number of BE4000 sites that can be used in a star topology. A system can have only one BE4000 site communicating with an existing non-BE4000 call control system, or thousands of BE4000 sites connected to a Cisco Unified SIP Proxy in a retail branch scenario.

In a star topology, calls are routed directly from each BE4000 to the centralized call control over an IP network using SIP. Star topology is only recommended for administrators with a strong knowledge of SIP configuration in Intersite Dialing deployment scenarios.

Remote User in a BE4000 Network

Remote users are supported either via VPN or direct connection, if they have directed routed access to the BE4000.


Note

  • The BE4000 does not include a VPN server.

  • The BE4000 proxies the media. Phones only need signaling and media connectivity to the BE4000. They do not need signaling nor media connectivity to other phones.

PSTN Connectivity in BE4000

Using up to two of the network interface modules in the BE4000, you can directly connect to your PSTN provider using analog or digital trunks.

BE4000 supports the following trunk types:

  • FXO/DID

  • Basic Rate ISDN

  • Primary Rate ISDN (T1 or E1)


Note

  • T1 CAS and E1 R2 are not supported.

  • Each NIM ISDN card (PRI or BRI) supports only one service provider. If your network has multiple service providers, you require multiple NIM PRI or BRI cards.

  • You cannot configure a combination of BRI (NIM-2BRI-NT/TE, NIM-4BRI-NT/TE) and PRI (NIM-1MFT-T1/E1, NIM-2MFT-T1/E1, NIM-4MFT-T1/E1) cards on the BE4000 appliance.

Figure 2. PSTN Connectivity

BE4000 SIP Trunk Connectivity


Note

SIP trunk supports up to 100 sessions.

The BE4000 also allows calling via an IP trunk to a single service providers using single SIP trunk.

A variety of options are provided that allow services to be delivered via dedicated service connections, or over the top of a customer's internet access. To simplify configuration, a number of preconfigured templates for certain service providers are also offered through the management portal.

SIP Service Provider—Due to diverse SIP implementations by service providers, new service providers must be brought on board and validated before attempted use. Contact the service provider on boarding team by sending an email to be4000-siptrunk@external.cisco.com to begin the on boarding process. Depending on the complexity of the service provider's SIP service specification, we recommend beginning the service provider on boarding process as early as possible.

To expedite the on boarding process, provide the following information about your deployment:

  • Partner name

  • Deployment address

  • Serial number of the BE4000

  • SIP service provider name

  • Technical information provided by the service provider


Note

The following IP Networks are not supported:

  • 10.0.1.x/24

  • 10.0.2.x/24

  • 10.0.3.x/24

  • 10.1.1.x/24

  • 10.1.2.x/24

  • 10.1.3.x/24

  • 10.2.x.x/16

  • 10.3.x.x/16

The BE4000 offers two primary options for connecting to a SIP VoIP trunking service:

  1. Using the main interface (GE 0/0/0) of the BE4000 for the SIP trunk, media and cloud management connection

  2. Using the BE4000 secondary interface (GE 0/0/1) connected to a dedicated internet connection for your VoIP service

Using the BE4000 Main Interface for SIP Trunk Connectivity

Figure 3. SIP Trunk Connectivity Using Main Interface

In this scenario, the BE4000 is connected as a privately addressed host in your local area network, so it is assumed that all traffic sent to the internet is subject to Network Address Translation (NAT). As such, the following is required to reliably exchange VoIP traffic:

  1. Secure a static public internet address from your ISP. The BE4000 uses this address to ensure that signaling is properly formatted as it is sent.

  2. It may also be necessary to forward inbound traffic to the BE4000, especially if your SIP provider does not require registration. Depending on the capabilities of your WAN router, this may be accomplished in a number of ways:

    1. Add port forwarding rules for SIP signaling and media traffic.

    2. Use static NAT rules.

    3. Configure the BE4000 IP address as a DMZ host.

Using the BE4000 Secondary Interface for SIP Trunk and External Media

Figure 4. SIP Trunk Connectivity Using Secondary Interface

The secondary interface may be configured with an IP address either manually or dynamically through DHCP. If a manual address is configured and traffic is passed through NAT, then an external IP address may be configured in the portal to fix up signaling traffic. This option is not currently offered where an address is assigned dynamically. In this case, it is assumed that the assigned address is either publically routable, or if NAT is used, then the VoIP provider offers transparent hosted NAT traversal.

When using the secondary interface, the BE4000 must be assigned an address in a different subnet to that used for the primary interface.

To ensure that traffic is correctly routed and accepted, all IP addresses used by your provider must be included in the portal trusted address list for the trunk.

Wireless Local Area Network Requirements

A BE4000 customer site requires Wireless Local Area Network (WLAN) configurations for provisioning the wireless IP phones. We recommend that a Cisco certified partner with advanced wireless LAN specialization performs a customer site survey. During the survey, the Cisco certified partner should analyze the following:

  • RF spectrum to determine which channels are usable in the desired band (5 or 2.4 GHz)

  • Heat maps showing the intended coverage plan for the location

  • The access point platform type, antenna type, access point configuration (channel and transmit power). We recommend you to select an access point with integrated antennas for non-rugged environments (for example, office, healthcare, education, hospitality) and an access point platform requiring external antennas for rugged environments (for example, manufacturing, warehouse, retail)

Signal

The cell edge should be designed to -67 dBm where there is a 20-30% overlap of adjacent access points at that signal level. This ensures that the wireless IP phones always have adequate signal and can hold a signal long enough in order to roam seamlessly where signal based triggers are utilized verses packet loss triggers.

Also, ensure that the upstream signal from the wireless IP phones meet the access point’s receiver sensitivity for the transmitted data rate. Ensure that the received signal at the access point is -67 dBm or higher.

We recommend you to design the cell size to ensure that the wireless IP phones can hold a signal for at least 5 seconds.

Chanel Utilization

Channel Utilization levels should be kept under 40%.

Noise

Noise levels should not exceed -92 dBm, which allows for a Signal to Noise Ratio (SNR) of 25 dB where a -67 dBm signal should be maintained.

Also ensure that the upstream signal from the wireless phone meets the access point’s signal to noise ratio for the transmitted data rate.

Packet Loss or Delay

As per voice guidelines, packet loss should not exceed 1% packet loss; otherwise voice quality can be degraded significantly. Jitter should be kept minimal (< 100 ms).

Retries

802.11 retransmissions should be less than 20%.

Multipath

Multipath should be kept minimal as it can create nulls and reduce signal levels.

Pre-Staging BE4000

It is not normally necessary and we do not recommend that you pre-stage the BE4000. If you do want to pre-stage the BE4000, you must fully simulate the customer’s network environment including internal and external IP addresses because certain system parameters cannot be modified after they have been initially configured.


Note

The IP address of the BE4000 and certain other parameters cannot be changed after the BE4000 has been initially configured. If you need to change any of these values, you must follow the directions to factory reset your appliance and start a new deployment. If you need to do this, remember that you can save template configurations to avoid typing everything in a second time.

Subnets Not Supported by BE4000


Note

The following IP Networks are not supported:

  • 10.0.1.x/24

  • 10.0.2.x/24

  • 10.0.3.x/24

  • 10.1.1.x/24

  • 10.1.2.x/24

  • 10.1.3.x/24

  • 10.2.x.x/16

  • 10.3.x.x/16

Was this Document Helpful?

FeedbackFeedback

Contact Cisco