Many companies are deploying Voice over IP (VoIP) as a cost-saving measure that can significantly reduce capital and ongoing infrastructure expenses, as well as simplifying administration. If the VoIP deployment does not provide toll-quality performance, however, end users can quickly become frustrated, revenues can suffer, and all benefits of the system may be completely erased. Because of the real-time nature of VoIP, performance deteriorates when the application shares a network with other high-demand applications such as file transfers, email and Web browsing. The problem can be divided into two categories: VoIP deployed inside the office (LAN infrastructure) and VoIP deployed outside the office (WAN infrastructure). This article provides a list of best practices for ensuring toll-quality VoIP in both types of environment.
Inside-the-office best practices (LAN)
- Deploy the VoIP gear on a separate VLAN: This keeps the voice traffic protected with respect to the other traffic, such as file sharing, email and Web browsing.
- Deploy full duplex nonblocking switches. Inexpensive hubs will create collision and packet loss.
- Keep the computers clean of viruses, worms and other malware. There is nothing more likely to bring a network (both LAN and WAN) to its knees than an office full of "dirty" computers.
- Deploy only high-quality VoIP phones and gateways with multiple codec support that are capable of interoperating with a variety of IP PBXs and soft switches. Multiple codec support is more cost-effective than using G.711 codecs everywhere -- especially for expensive international links. Phones with adequate echo cancellation capabilities (the longer the better) are recommended.
Outside-the-office best practices (WAN)
- Get an adequate service level agreement (SLA) from the service provider, from provider edge to provider edge (MPLS). The SLA should specify bandwidth, latency and jitter bounds within which the voice packets will be delivered from one service provider edge to the other. Without this, there is no guarantee in the core network. This must be measured continuously.
Provision enterprise class VoIP-aware security at the perimeter. The firewall has to have an application level gateway. The UDP ports used by VoIP packets are dynamic and negotiated between the two phones, so the firewall has no way of knowing what they will be. Without an application level gateway, pin holes -- permanently opened specific ports -- must be created in the firewall These pin holes leave the network open to hacking.
An application level gateway (ALG) tracks the conversation between the phones and dynamically opens the two ports and blocks the others. This increases the level of security in general because there are no open, idle ports in the firewall that can be used for external attacks.
- Perform a network health check.
- Network managers must know what other applications are going to compete with VoIP (file transfer, interactive, etc.), and those applications must be managed. Hire a vendor that can perform deep packet monitoring to identify every application and its usage patterns. From this, a report can be generated to analyze and prioritize applications. This report will determine which applications are critical for the business, which are less important and can be squeezed, and which are non-business and can be given lowest priority. VoIP requirements can then be defined in terms of number of calls and bandwidth needed. This will determine whether VoIP and critical data can be controlled or whether a bandwidth upgrade is required. Consider using compression or caching to control application behavior.
- Perform a test to a remote site with the target number of calls and data traffic. Use a traffic manager to demonstrate that the network can maintain toll quality under a variety of network conditions.
- Deploy accurate and session-aware QoS at the edge. WAN bandwidth at the branch is typically T1 or less. VoIP traffic must compete with other, less important or even non-business traffic. Network managers need to be able to identify precisely the types of traffic at the Application Layer and apply policies on a session-by-session basis. This guarantees that VoIP will receive the required bandwidth and priority at all times. Controlling outbound traffic is not enough. Inbound large file downloads and Web browsing must be identified and throttled to assure VoIP toll quality.
- Continuously monitor performance. Network managers need to ensure that the erlangs are within the traffic engineered parameters. If the demand is increasing, then more bandwidth is needed or the policies must be adjusted.
- Compress where you can; control where you must. This is essential, especially in enterprises that own both ends of the network. Use compression to expand the pipe virtually and get more traffic through.
- Get a next-generation access device with traffic management, QoS, routing, switching, media gateway and security built into a single device and managed under one policy. One of the most important considerations for VoIP deployment is reducing total cost of ownership. Having three or four boxes in the remote location is a nightmare to manage and prohibitively expensive. Traffic management, security policies, number of calls, CODEX used, etc. all have to be coordinated to obtain optimal performance for VoIP.
As you can see, LAN infrastructure challenges can be solved by good design practices, but to get control of the WAN one needs a sophisticated solution that combines traffic management and access functions under a common policy management umbrella to guarantee VoIP quality.
About the author:
Manickam Sridhar brings a rich experience of leading-edge product design from Sitara Networks, Motorola and GTE. While at Motorola, Sri led the product development teams for many of their successful communications products. His creative ingenuity has led to ownership of 19 U.S. patents in high-speed modem, multimedia and networking technologies, with additional patents pending. Sri holds an M.S. in electrical and computer engineering from the University of Iowa and a B.S. from the University of Madras, India.