MiCloud Office Firewall & Bandwidth requirements

Posted by Neil Tennant on 15 April, 2016

These are supported types of connection from the customer’s site to Mitel’s hosted data centre.
It is important that the WAN connectivity being utilised have sufficient guaranteed bandwidth to support the voice traffic that will be carried over it.

The Best Effort SLAs on a typical BT broadband connection (Including Fibre Broadband) often causes issues in voice service delivery, as this 'Best Effort' is usually not good enough. This is particularly important where the WAN connection will be carrying both voice and other data traffic.

For this reason, we should carefully qualify any WAN connection services being used with MiCloud Office.

The customer or reseller may choose to provide a Traffic Prioritisation Device to minimise quality impacts due to a shared broadband network.

The customer or their IT representatives carry out all LAN configuration and support. This section is intended to give an overview of several different implementation scenarios, and what is required at the customer site to fulfil these.

VoIP voice quality depends on two key factors:

  • Available bandwidth
  • Voice priority mechanisms

There are Layer 2 and Layer 3 voice priority mechanisms that can be implemented in most managed switch networks and routers. VLANS may be required, depending on the implementation architecture chosen.

MiCloud Office recommended VoIP configuration settings for customer provided Firewalls

Here we have outlined the recommended VoIP configuration settings for customer provided Firewalls. The firewall should be able to protect the network from malicious Internet threats, prioritise VOIP traffic (via QOS), and allow access rules for MiCloud VoIP services.

NOTE: It should be noted that in the majority of cases there is no need to make any changes to the customer network equipment.

MiCloud Office Firewall Ports

 

Mitel Cloud Phone deployment

The IP sets used with the MiCloud Office Solution are SIP based sets; they can be connected to switch ports running at 10/100/1000. Each phone requires 48v power to function, which can be provided directly from the connected switch port, or from a separate PSU.

If a separate PSU is to be used, it should be ordered with the Mitel IP set. Only use Mitel supplied PSUs as the phone sets must be supplied the correct amount of power to correctly function.

The Mitel IP set supports a PC connected to the second port in the back of the set. The IP phone primary port must be connected directly to the powered port or PSU, not the secondary port

Cable or DSL Modems – Bridge mode required

ISPs providing Cable or DSL modem services must have the modem configured in “bridge mode” when connecting to the premise firewall. In “bridge mode,” the modem functions only as a modem (disabling duplicate NAT & Routing) and forwards all incoming traffic to the directly connected firewall.

Prioritisation of VoIP Traffic (QOS)

All network traffic is subjected to bandwidth limitations, congestion, delay, and packet loss. When Voice over IP (VoIP) traffic travels across these network hazards, voice quality problems can occur. Quality of Service (QOS) is the set of techniques used to avoid the trenches of poor network performance, and ensure prioritisation of Voice traffic.

Best practice is to implement QOS techniques on LAN and WAN connections. We recommend network segmentation of the voice traffic and then configuring priority Voice QOS policies.

Separating the LAN Traffic

There are a number of methods for separating voice and data traffic that might best fit the network environment and cost. The benefit of separating LAN traffic ensures data traffic will not affect voice traffic across the LAN connections.

QoS – DSCP & CoS Values

The Mitel IP phones can be assigned a DSCP & CoS value for voice traffic; these values are defined by the use of the IP set admin menu.

Firewalls and Router can be configured to honour OSI Layer 3 DSCP values. This is how traffic is managed on a shared WAN connection.

Switches are typically configured to honour OSI Layer 2 802.1p/CoS values. Some switches have the enhanced capability to map CoS to DSCP values, and honor Layer 3 values.

Type of Service DSCP

  • SIP = 38
  • RTP = 46
  • RTCP = 46

Examples LAN Switch Configuration parameters

HP-E2620-24-PoEP Switch QOS & VLAN Configuration with Trunk Port#24

! Tags COS to QOS values
qos type-of-service diff-services

! Label the IEEE 802.1Q Trunk to Firewall

interface 24
name "MPLS_Router_TrunkPort" exit

! VLan for the Data network, and assign available IP

vlan 1
name "Data_VLAN"
untagged 1-28
ip address 192.168.1.253 255.255.255.0 exit

! VLan for the Voice network, and assign available IP

vlan 20
name "Voice_VLAN"
tagged 1-28
ip address 172.16.1.253 255.255.255.0 qos dscp 101110
voice
exit

HP-E2620-24-PoEP Switch QOS & VLAN Configuration with Dedicated Firewall Ports ! Maps COS to QOS
qos type-of-service diff-services

! Label the Data Port to Firewall

interface 24
name "Data_Port_Firewall" exit

! Label the Voice Port to Firewall

interface 23
name "Voice_Port_Firewall" exit

! VLan for the Data network, and assign data IP address

vlan 1
name "Data_VLAN"
no untagged 23
untagged 1-22,24-28
ip address 192.168.1.253 255.255.255.0 exit

! VLan for the Voice network, and assign voice IP address

vlan 20
name "Voice_VLAN"
untagged 23
tagged 1-22,24-28
ip address 172.16.1.253 255.255.255.0 qos dscp 101110
voice
exit


If you need help deploying or troubleshooting your MiCloud Office phone system contact our team of experts on 0330 333 7323. We offer UK wide on-site and remote support.