|
TECHtionary Product Explanation - CCM-Cisco Call Manager Processing Explained
TECHtionary Product Explanation - CCM-Cisco Call Manager Processing Explained
By Thomas B. Cross � CEO TECHtionary & Matt Jolly � IT Consultant
The animated TECH-Tip tutorial is available at http://www.techtionary.com
In planning and designing a VoIP network, an indepth understanding of the call processing route patterns and calling types is critical. In addition, since the integration of voice devices into a data network is likely to require an upgrade of the existing data network, careful server/gateway selection and location as well as WAN-Wide Area Network transmission capacity planning is critical. Security planning and testing is also vital. In this article we will look at some examples of VoIP call processes. Once you understand how these processes work, you can go about tightening security for them. For example, new types of security attacks such as SPIT-SPam over Internet Telephony and VOMIT - Voice Over Misconfigured Internet Telephony are emerging daily. As one security expert aptly stated, �I realized how easy it would be to ARP poison a network and block all VoIP packets from passing through. While packet manipulation obviously isn't new, and the root of the problem comes from the ease of ARP poisoning, I was still kind of shocked at how easy an attack like this could be pulled off in a real world scenario.� In other words, if the VoIP network whether Cisco or any others are not installed properly, VOMIT, SPIT and other types of attacks will be likely and frequent. This is an introduction to the problem, only with the guidance of a professional should systems be installed and maintained.
The CCM-Cisco CallManager route (dialing) planning consists of: - Route Pattern (numbers) - matches dialed number or translates (manipulates) to Route Lists - Route Lists (call roadmaps/directions) which can point to the same Route Group - Route Groups - interconnection devices - CCM-Cisco CallManager and Gateways to the PSTN-Public Switched Telephone Number Gateways - individual Gateways can only be in one Route Group Simply, telephone calls or Route Patterns are placed in Route Lists where they are verified and placed via Route Groups.
Here is the process:
- User dials telephone number. - Route Pattern is sent to Route List. - Route List which compares with Route Groups. - Call Pattern is routed (connected) via Route Group device. - If Multiple Route Groups, CCM routes call via First Route Group. - If First Route Group unavailable, then route via Second Route Group or return busy signal.
In the animated explanation, caller dials local exchange (off-net) number such as 303-444-6226. CCM Route Pattern determines the number matches a dialed number for an external call. CCM compares Route Pattern in the Route List and selects Route Group for process call. In other words, LAN switch performs a NAT-Network Address Translation but has no local trunks, so routes call to TG-Trunk Gateway. TEHO-Tail End Hop Off may be in another city, country or corporate location. Connection via WAN-Wide Area Network, WiMax, VLAN-Virtual LAN or VPN-Virtual Private Network to TG-Trunk Gateway. Trunk Gateway has access trunks (ISDN-PRI) to LEC-Local Exchange Carrier network. LEC connects call to analog or digital telephone.
Here are the five types of Cisco CallManager Call-Flows (animated): 1 - IP-Phone to IP Phone 2 - Intracluster Call - different CCM-Cisco CallManager same cluster 3 - Intercluster Call - different CCM different cluster but same LAN 4 - Intercluster Call with GK-GateKeeper - calls via WAN 5 - Intercluster Call with GK to PSTN-Public Switched Telephone Network
1 - IP-Phone to IP Phone
1 - Phone 1 goes off-hook (connect). 2 - CallManager plays dialtone (continuous dual tones at 350+440 Hz). 3 - Caller dials digits, after first digit received, dial tone is removed. 4 - As caller dials SCCP-Skinny Client Control Protocol) sends digits to CCM. 5 - Upon completion of dialing, CCM performs a "digit analysis" in CCM database. 6A - If not found, reorder tone is played (dual tones of 480+620 Hz 300ms on 200ms off). 6B - If found, CCM sends setup information to Phone 2 called. 7 - CCM instructs Phone 2 to generate ringing and Ear Ring (ring back) to Phone 1. 8 - Phone 2 goes off-hook (connect). 9 - CCM sends to each Phone a request for IP address and UDP port. 10 - CCM checks for codec media capabilities supported on each phone. 11 - If different codes starts transcoder device. 12 - After CCM receives IP/UDP, CCM sends IP/UDP to each phone. 13 - Conversation begins with RTP packets. 14 - If either party goes on-hook (disconnect) CCM removes RTP channel and updates call log.
2 - Intracluster Call - different CCM-Cisco CallManager same cluster
Intra-cluster calling uses ICCS-Intra-Cluster Communications Signaling. Members of a cluster automatically know about the phones (devices) that are registered because the database (numbers, etc.) is the same across all servers. Inter-cluster calling uses ICT-Inter-Cluster Trunk (similar to H.323v2) without involvement of the GK-Gatekeeper.
3 - Intercluster Call - different CCM different cluster but same LAN (see animation)
4 - Intercluster Call with GK-GateKeeper - calls via WAN
Here is call flow: (animation shown here)
1 - Phone 1 goes off-hook (connect). 2 - Caller dials digits, after first digit received, dial tone is removed. 3 - CCM1 sends an ARQ-Admission ReQuest to the GK-GateKeeper. 4 - GK-GateKeeper resolves (translates) number dialed into destination CCM. 5 - GK-GateKeeper sends ACF-Admission ConFirmation message to CCM1 with destination IP address of CCM2. 6 - CCM1 sends H.225 call setup message to CCM2 with Phone1 number. 7 - CCM2 sends an ARQ to the GK-GateKeeper for permission to place call via ICT-Intra-Cluster Trunk. 8 - GK-GateKeeper determines traffic load responds with an ACF to CCM2 or ARJ-Admission ReJect if traffic insufficient (bandwidth). 9 - CCM2 initiates call setup (ringing) with Phone2 via SCCP-Skinny Client Control Protocol. 10 - When Phone2 goes off-hook (connect), CCM2 sends an H.225 Connect message to CCM1. 11 - Audio media is provided with RTP packets. 12 - If either party goes on-hook (disconnect) CCM removes RTP channel and updates call log.
5 - Intercluster Call with GK to PSTN-Public Switched Telephone Network
This animation shows the CCM-Cisco CallManager with an internal IP phone call via an H.323 gateway to a PSTN-Public Switched Telephone Number.
1 - Phone 1 goes off-hook (connect) and dials number of phone 2. 2 - CallManager sends an ARQ with number dialed to the GK-GateKeeper. 3 - GK-GateKeeper responds with an ACF-Address ConFirmation with IP address of H.323 gateway. 4 - CallManager sends H.225 Setup Message to H.323 gateway with calling party name/number and number dialed. 5 - CallManager receives H.225 Call Proceeding Message from H.323 gateway. 6 - H.323 gateway sends a Q.931 Setup Message to the PSTN-Public Switched Telephone Network. 7 - H.323 gateway receives a Call Proceeding from the destination CO-Central Office switch. 8 - CO switch sends a Q.931 Alerting Message to the H.323 gateway. 9 - H.323 gateway sends a H.225 Alerting message to the CallManager. 10 - CallManager and H.323 gateway exchange media (codex) capabilities. 11 - CallManager simultaneously sends requests: - to the IP Phone via SCCP-OpenReceiveChannel message for IP address - to the H.323 gateway via H.245 openLogicalChannel message for IP address. 12 - IP phone and H.323 gateway respond with IP address and UDP port numbers. 13 - Progress tones are passed to caller (phone ring) and calling (ear ring) parties. 14 - After the called party goes offhook (connect), the CO switch sends a Q.931 Connect message. 15 - RTP streams are established between IP Phone and H.323 gateway - conversation begins. 16 - Upon onhook (disconnect) by either party, CallManager sends Disengage Request to GK-GateKeeper.
There may be other call processing patterns and types. However, this should give the viewer an overall view of the processes. Next time, we will take a look at SPIT and VOMIT attacks in detail, and how to protect your VoIP network from these deadly attack
About TECHtionary
TECHtionary http://www.techtionary.com is the World's First and Largest Animated (rich media) Library/Magazine on Technology - Web Hosting Magazine�s Editor�s Choice for Technical Help. TECHtionary has more than 2,660+ free tutorials on data, internet, wireless, VoIP-Voice over Internet Protocol (internet telephony), PBX systems, central office switching, protocols, telephony, telecommunications, networking, routing, IPTV, WiMax, power systems, broadband, WiFi-Wireless Fidelity and other technologies. TECHtionary.com provides "just enough � just-in-time" critical success information. TECHtionary produces web infomercials proven to "increase revenues, decrease customer support costs and increase customer satisfaction." Tom Cross CEO of TECHtionary is the Security and Emerging Technology Columnist for TMCnet, Technology Columnist for Telecommunications Magazine and member of the Technical Board of Advisors for the VOIP-Security Alliance. TECHtionary also publishes animated medical tutorials at http://www.msnopedia.com
Corporate Office � Boulder, Colorado � 303-444-6226 � Email � cross@gocross.com
[ Back To TMCnet.com's Homepage ]
|
INDUSTRIES
Activate Email 
Find Solutions for Enterprises, SMBs & Service Providers at the INTERNET TELEPHONY Conference and EXPO East, January 20-22, 2010. Miami, FL.
