From Old to New
When I got my first Voice certification a Nortel NNCS back in 2003 I found myself using Cisco documentation and the Cisco Press “Voice Over IP Fundamentals” to prepare to take the Nortel test on VOIP as Nortel did not have any decent organized documentation.
Over the years I have noticed that Cisco has best documentation website not only for routers and data networking but also voice networking, This is a grudgingly slow admission for me as started in 1996 first learning Cisco routers, switches and the Nortel PBX at the same while working for Williams Field Services.The network field services team I worked had two divisions Voice and data and I was able to straddle both groups. Nortel was voice and Cisco was data and everything is great! All of us old voice guys hated it when Cisco started getting into Voice and we had no respect for Cisco Call Manager or the Idea of using a Cisco gateway. Unfortunately today you will find two camps the old guys who do Avaya Communication Manager who hate both Cisco and are forced to Call the Nortel PBX “Avaya Blue (which they also hate)”.
On the other hand is the young guy probably started in the Cisco Router and data switch world and then got a CCNA voice CCNP or the CCIE and now feels he knows everything about voice and thinks that Avaya and Nortel sucks. I am agnostic in all this I just like work on it all, You should never make any technology your religion.
The CS-1000 release 7.7 ends Avaya’s development of the CS-1000 and the support will end in 2020. But as of this date there are still quite a few of these systems around probably will still be around even after 2020. Likely it is the cost of replacement that keeps the old TDM PBX around, plus it is the 5 9;s. So I think there is still some worth to write about it.
H323 trunks between Avaya CS-1000 and Avaya Communication Manager (ACM)
In this Post I want to discuss H.323 and use the Cisco press book “Cisco Voice Gateway and Gatekeepers” (written by 3 CCIE’s Denise Donahue, David Mallory and Ken Salhoff) as past of my source material even though it is written around how it works with Cisco Call Manager. The rest of my resource material is the use of wire shark to analyze the call which was made on a real network and the data was captured using Network Instruments Observer tool. I have changed all of the IP addressing and Call info into bogus addresses and Call info. And in addition traces that I can do on CS-1000 signal servers
I will do an analysis of a H.323 call between an Avaya CS-1000 (formerly Nortel) and the Avaya CM (the original Avaya PBX) and use concepts mentioned in chapter 3 of “Cisco Voice Gateway and Gatekeepers” to demonstrate how Avaya meets the H.323 specification. Of course the bigger question is why visit H.323 when SIP is the big thing now? I say we should know how it works because there is still a tremendous of Inter-networking between SIP and ISDN based networks. Besides I need to take a break from SIP and its many hours of looking wireshark traces to figure out one call.
The “Cisco Voice Gateway and Gatekeepers” authors state in chapter 3 that “The H323 standard is actually a suite of specifications that controls voice and video transmission over IP networks”
So in my own words H323 is actually several sub protocols that make up the H.323 umbrella specification. I look at H.323 as ISDN signaling leaving the D Channel and continuing over a IP network.
If you are familiar with SIP you know that SIP is the signalling piece coupled with the Session Description Protocol providing information on Media negotiation and capabilities. Likewise we can say the H.225 is the SIP signalling method equal and H245 is the equal to SDP.
H225 has two parts:
- H225 RAS Registration Admission and Status on UDP port 1719 for Gatekeeper controlled H.323 endpoints and trunks
- H225 CS (Call signalling) between gateways and endpoints which typically use the ISDN Q.931 messages which uses TCP port 1720
- “H.245 Protocol Controls traffic flow, performs DTMF relay, limits media transmission rates, negotiates capability, and controls opening and closing of channels for media streams. Uses TCP”
There are more protocols but I will not list here you can google or read the book I referenced here.
NRS is an H.323 Gatekeeper using the Direct Call Model
The Nortel (Avaya now) Network Routing Service (NRS) provides RAS signalling to CS-1000 networked PBX’s. The Nortel NRS can be both a H323 Gatekeeper and SIP Proxy server, in this example will see how it works as H.323 gatekeeper.
The NRS uses the Direct Call mode, which means the gateway (the CS-1000) will do the following:
- H225 RAS in the Nortel PBX (via the signal server) will make a Admission Request (ARQ) to the NRS Gatekeeper. The query will use port 1719 UDP for the IP connection information of dialed number’s location
- The NRS via 1719 UDP responds with a Admission Request Confirm (ACF) supplying the information IP connection information of the other gateway and authorizes the call to proceed
- Upon receipt of the ACF from NRS Gatekeeper, Gateway to Gateway H225 Call Signalling and H,245 message begins which at this point the call is Direct signalling on port 1720 TCP and Gatekeeper is no longer involved until the Call disconnects.
Note: indirect mode the Gatekeeper is involved in Call Signalling and media negotiation
Setup information to analyze the ladder diagram in figure 1 take note of the following:
At this point you will scrolling up and down this page to view figure 1 at the bottom of this page, Observe in the left column is the CS-1000 Node IP address 220.127.116.11.
The node address
- is virtual address but it is actually second address on the TLAN Ethernet interface of the signal server set as the Leader in the NODE.
- Node IP address on TLAN ethernet interface used for signaling and is not the TLAN IP address of the CS-1000.
So what is a Node in a CS-1000?
- Basically a Node is collection of 1 to 2 signal servers and Voice Media Gateway Cards (commonly called the ITG card). Unlike Avaya Red that uses a C-LAN or CM Server IP address for signalling and a Medpro (Media Processor board) for RTP media, the CS-1000 ITG card can handle both signalling and Media, but it is preferred that a Signal server handle the signalling. In the Node arrangement there is a Leader and follower arrangement
- the Node IP address can be taken over by a follower and when a election to become the Leader (typically this would be the second signal server)
The NRS database (gateway entries and configuration) and the Avaya CM
- In the middle column is NRS server with an IP Address of 18.104.22.168.
- in the very right column is the Avaya CM with an IP address of 22.214.171.124 (this CM is using processor Ethernet and not a CLAN, which a is like like setting up h323 trunks on a Cisco Call Manager). This address is used to setup a Signal group using port 1720 TCP on its side and then IP address
- The NRS has database gateway entry for the Avaya CM 126.96.36.199 setup as Non-RAS. The Non-RAS means that the Avaya CM does not actually register with NRS gatekeeper but is a static IP address entry that route entries of digits that can be dialed, along with defining what kind of call type (i.e. E.164 National, local) and a route cost (used if duplicate dial patterns are entered with same call type then a priority has to be established as to which gateway gets chosen first ,
What I setup to see the output displayed in Figure 1
To see the H225 RAS message on UDP port 1719
I logged into NRS and issued the gkCallTrace num 15132896444 (This is bogus number I made up do not call it) to replace the real number I called.
To see the H225 CS and H.245 messages on TCP port 1720
On CS-1000 signal server I issued the command H323CallTrace num 15132896444 (This is were the call will originate.
I also had access to Network Instruments Observer tool and I was able to find the call and then download and pull into wireshark to confirm and add some more detail to figure 1
What you see will see in
- H.255 RAS message that you see at beginning of the call is created when a phone on the CS-1000 dials 915132896444 which presents the call to the NARS/BARS table where the 9 is stripped and 15132896444 is a NPA with a route list index pointed to the CS-1000 IP H323 trunks that causes a query to the Gatekeeper ARQ and a Gatekeeper response ACF
- H.225 handles the call setup typically using ISDN q.931 signal messages and this signalling we now see between the Avaya Blue CS-1000 to the RED CM on TCP Port 1720.
- From the CS-1000 Q.931 Call Setup contains Q.931 Information Elements for Call-Caller display/and H225 Open Logical Channel Fast Start with source and destination IP addresses- port (1720) . Fast Start allows media transmission to begin quicker, instead of having to wait for an H.245 capabilities exchange. Fast Start is the default for Avaya Red. Blue and Cisco gateways and is useful when connecting to trunks and other connections that use in band audio signalling.
- Q.931 Call Proceeding from the Avaya Red PBX acknowledging Setup
- Q.931 Call Connect from the Avaya Red PBX contains the IP connection information for H.245 messages that will follow
H.245 Terminal Capabilities Exchange
- after the CS-1000 receives the connection info via Q.931 message from the ACM, the CS-1000 starts H.245 by sending it’s terminal capabilities set. In this case it is most of it was already taken care of the fast start negotiation during H.225 setup and Call Proceeding messages. If could look in wire shark trace of this message you see that the CS-1000 offered G.711 Ulaw, Alaw , at 10, 20 and 30 ms was offered and the DTMF type was null. looking down 3 lines you will see the terminal capabilities set from the ACM it offered back G.711 ulaw and G.729 at 10 ms.
H.245 Master/Slave Determination
Master/Slave Determination is used to resolve possible conflicts when either endpoint is requesting the same feature or resource like controlling a conference call at the same time.
- In this trace the CS-1000 ends up becoming the Master and the ACM the slave. Each side has a Master/Slave determination number value that they exchange through convoluted calculation the master and slave are determined.
H.245 Conference Indication
Since is call into an Avaya Conference bridge the conference capability and controlled from ACM side
Not shown at this point the RTP stream is up between the endpoints
Call Tear down
Finally we see the call tear down process after I pressed the release button on the 2050pc soft phone I called from.
- The Disconnect request is sent to the NRS (DRQ)
- The NRS authorizes the Disconnect with Disconnect Confirm (DCF)
H.225/ Q.31 and H.245 close messages
I will talk about these in another post along H.245 tunneling in he Q.931 signalling