Nortel Networks NN10035-111, MCP 1.1 FP1 User Manual

Download

Succession Multimedia Communications Portfolio

MCP RTP Media Portal

Basics

Standard MCP 1.1 FP1 (02.02) April 2003

NN10035-111

Nortel Networks Confidential

Overview

How this chapter is organized

This chapter is organized as follow s:

• “Functional description” on page 3

• “Hardware ” on p age 4

• “Software update maintenance loads” on page 7

• “OAM&P strategy” on page 7

• “Interfaces” on page 7

Functional description

The Real-time Transport Protocol (RTP) Media Portal is an optional component of the network that performs many media-layer functions. The RTP Medi a Port al addresses me dia specific issues with advanced service delivery, Internet addressing efficiencies, and system security. It functions as a media Network Address and Port Translation (NAPT) point that shields priv ate netwo rk co mp on ents from external exposure through leaks in the media streams. The RTP Media Portal also enables elements in the private network to safely communicate with elements in the public network. The RTP Media Portal provides IP address/port pair mapping between internal and external network components, as well as media anchoring and media pivot abilities for terminals.

Figure 1, “Network Component Interoperability,” on page 4 is a graphical representation of the RTP Media Portal interworking among other components in the Multimedia Communications Portfolio.

4 Overview

Nortel Networks Confidential

Figure 1 Network Component Interoperability

The clouds in the d iagram represe nt two distin ct networks. The Private Network cloud interacts with the Public Network cloud through the different edge components. The RTP Media Portal provides media-layer functionality for Real-time Transport Protocol (RTP), Real-time Transport Control P r otocol (RTCP), and User Datagram Protocol (UDP) transmissions.

Hardware

Description

The RTP Medi a Portal resides on a Motorola CPX8216T pl atform which is a CompactPCI (cPCI) chassis design.

The chassis provides th e basic operatin g environment (su ch as power , backplane, cooling , and mounti ng slot s) requi red to house cPCI-based single-board computers. The CPX8216T partitions the chassis into two separate logical oper ational domains (dividing the chassis sh elf into two half-shelves consisting of 8-slots each).

Nortel Networks Confidential

An RTP Media Portal occupies a single chassis domain (side) on a CPX8216T. Therefore, a single CPX8216T can host two RTP Media Portal components (one in chassis Domain A, the other in chassis Domain B).

Note: Chassis domai ns ar e not internet domains. This is just another terminology intended to identify Side A and Side B of the chassis. Other terms often u sed inte rchange ably are: Doma in A a nd Domain B, as well as Left Domain and Right Domain.

Figure 2 Card slots for the two different domains

Overview 5

Note 1: The Hot Swap Controller in the Left Domain (Domain A) controls the Right Dom ain (Domain B). The Hot Swap Controller in the Right Domain (D o mai n B) contr o ls th e Le ft D om ain ( D omai n A) .

Note 2: If the chassis is viewed from the front, the slots are numbered from left to right (1-16), and if viewed from the rear, the slots are numbered from right to left (1-16).

The CPX8216T dual 8-slot architecture further refines the domain definition so that each chassis domain is dedicated to a Host CPU board (with an associat ed transition module in the r ear), an other slot is

6 Overview

Nortel Networks Confidential

dedicated to the Motorola Hot Swap Controller (HSC), and the remaining six slots can be populated with peripheral resource cards (Input/Output cards with an associated transition module in the rear)).

Each chassis half shelf consists of the following hardware components:

• Intel processor board with 1 GB memory and a SCSI Input/Output (I/O) daughter board (CPV5370 host card)

• Hot Swap Controller and Bridge (HSC) module

• SCSI CD-ROM drive

• SCSI hard drive

• Floppy drive

• Motorola MCPN7 65 card( s) wi th 64 MB RAM

• Available ac or dc power options

Additional hardware (non-Motorola):

• Mouse, keyboard, monitor

Figure 3 Motorola chassis CPX8216T

Nortel Networks Confidential

Software update maintenance loads

Information on updating software loads for the RTP Media Portal are covered in “Upgrades” on page 13.

OAM&P strategy

The OAM&P strategy for the system is to manage operations from a central location. Th e central location for OA M&P manag ement is in the System Management Console. From the System Management Console, you can view and perform operations on the various components in the system.

Interfaces

Protocols

While in service, the RTP Media Portal interfaces with the network through the following protocols:

• MGCP+ is the Enhanced Media Gateway Co ntr o l Pr oto c ol that i s used for messaging between the RTP Media Portal and the SIP Application Module, and controls the making, modification and breaking of media session c onnections.

• RTP is the Real-time Tr an spo rt Pr oto col for tran spo rt of real - ti me media streams (for example, audio and video) across a packet network.

Overview 7

• RTCP is the Real-time Transport Control Protocol that provides a means of sharing session data (for example, performance data) between endpoints.

• UDP is the User Dat agram Protocol that provides data-ba sed media streams (for example, file transfer).

8 Overview

Nortel Networks Confidential

Figure 4 RTP Media Portal interfaces

Network Interfaces

The Host CPU card provides the signaling and OAM data interface to/from the Private Network. Each I/O card (commonly referred to as a blade) provides a media stream interface to the Private Network and a media stream interface to the Public Network.

Nortel Networks Confidential

Figure 5 Signaling and OAM interface - CPV5370 Host CPU

Overview 9

The rear transition module for the CP5370 Host Central Processing Unit (CPU) card contains the following:

• COM2 port for connection to a terminal server and local monitor.

• Two Ethernet ports which provide connectivity to the Private Network. The connection carries signaling and OAM data.

— The Ethernet 1 port is always used to provide an active

connection.

— The Ethernet 2 po rt provides a st andby connection. The sta ndby

ethernet function is enabled by default through the “Activate IP Failover” prope rty when config uring the R TP Media Port al. (See Table 2, “RTP Media Portal tab configurable properties,” on page 33.)

These Ethernet connections carry the following:

• MGCP+ signaling to comm unicate with the SIP Ap plicatio n Mo dule.

• operations, admin i strati on and maintenance (OAM) data to the Management Modu le.

10 Overview

Nortel Networks Confidential

Network interfaces on each of the Input/Output cards (MCPN7 65) in the RTP Media Po rtal pro vide a p ath for media str eams to/from th e Private Network and Public Network.

Figure 6 MCPN765 Media stream interface

Nortel Networks Confidential

The RTP Media Portal uses the following input/output (I/O) cards:

• MCPN765 front card

• TM-PIMC-0101 rear transition module

The transition module contains two, 10/100 BaseT Ethernet connections for RTP/RTCP/UDP media streams. Each pair of MCPN765 and TM-PIMC-0101 cards perform the following functions:

• Provides connectivity for R TP/RTCP/UDP media streams to pa ss between the Private Network and the Public Network, as well as the public to public network.

• Relays media packets between end points.

• Performs Network A ddre ss a nd Po rt Translation (NAPT) functions.

NET ports

• NET1 port = IP address of Public Network

• NET2 port = IP address of Private Network

The RTP Media Portal Host CPU is o nly connected to the private network. The RTP Media Portal is an edge component that is dual-homed on the public network and the Private Network. It is the Peripheral I/O cards that span these two distinct networks.

Overview 11

User interfaces

The System Management Console is used for fault and configuration management of the RTP Media Portal. RTP Media Portal management data is stored on both the Management Module and the Database Module. The Mana gement Module s tores alarm, log, a nd OM data. The Database Mod ule stor es conf iguration data.

12 Overview

Nortel Networks Confidential

Upgrades

How this chapter is organized

This chapter is organized as follow s:

• “OAM&P strategy” on page 13 — “RTP Media Portal software upgr ade” on page 13

• “Task flows” on page 14 — “Shutdown the RTP Media Portal component” on page 14 — “Update a software load” on page 15

OAM&P strategy

RTP Media Portal software upgrade

This section describes the update strategy for the RTP Media Portal. The RTP Media Portal run-time sub-component can be upgraded by deploying the new software to the target node from the System Management Console.

Note: The SIP Application Module m ay try to contact th e RTP Media Portal whi le the upgrade is in p rogress, thus genera ting error logs. To minimize impact to service, the RTP Media Portal should first be SHUTDOWN so that it does not a ccept n ew servi ce re quest s . While shutting down, the RTP Media Portal is still processing established media sessions. These pre-existing media sessions will slowly become inactive as the calls end. The RTP Media Portal will automatically transition into the LOCKED state when there are no active media sessions present. When this occurs, it is safe to proceed with the upgrade without affecting service.

Updating the software of the new ru n- tim e su b- com p onent(s) from the System Management Console can commence.

A reset is then issued to the RTP Media Portal from the System Management Console. This reboots the host CPU, which in turn

14 Upgrades

Task flows

Nortel Networks Confidential

reboots the Peripheral CPUs. When the RTP Media Portal recovers from the reset, it is running (UNLOCKED) with the upgraded software.

Note: It is possible to update one RTP Media Portal and reboot it while the other half shelf is running the load that has not been updated. Once one half shelf is updated, the other half shelf can be locked, updated, and rebooted. Upgrading all RTP Media Portals

concurrently will cause a service outage.

The length of outage due to the reboot is approximately 3-5 minutes.

Note 1: Software loads are encrypted for security reasons. Note 2: If a component upgrade fails, it does not roll back

automatically. A roll back prompt appears. If the upgrade is not successful, note as much of the event as possible and contact your next level of support.

To avoid any problems with the SIP Applicat ion Module, the following procedure describes the steps that must be followed when updating a software load for the RTP Media Portal component.

From the System Management Console:

1 Shutdown the R TP Media Portal compon ent. See “Shutdown the

RTP Media Portal component” on page 14.

2 Update the software load for the RTP Media Portal component.

See “Update a software load” on page 15.

Shutdown the RTP Media Portal component

The following procedure describes how to shutdown the RTP Media Portal component:

From the System Management Console

1 Select the RTP Media Portal Server, select Com ponents and

then select the appropriate RTP Media Portal component .

2 To Shutdown the component, either right-click and select

Shutdown or select Shutdown from the Operations menu.

3 The RTP Media Por t a l com po ne nt w ill shutdown gracefull y and

go into a LOCKED state, as seen in the General Information Area of the System Management Console.

Nortel Networks Confidential

Update a software load

The following procedure describes how to update a load for the RTP Media Portal component:

From the System Management Console

1 Select the RTP Media Portal Server, select Components,

right-click the desired component and select Update.

Figure 7 Updating the RTP Media Portal from the menu tree

Upgrades 15

You can also launch the update from the pull-down Configuration menu, as shown:

16 Upgrades

Nortel Networks Confidential

Figure 8 Updating the RTP Media Portal from the pull-down menu

After selecting Update, the following window appears:

Figure 9 The update window, retrieving the load list

Nortel Networks Confidential

2 You can only do an update from one version to another.

Figure 10 Load list for updating

Upgrades 17

Note: The currently deployed software load will not appear in the load list.

3 Select the load version that should be used to update the RTP

Media Portal. Click on the Apply but ton .

4 The System Management Console displays the four tabs that

can be reconfigured. M odify any configur ation value s you need.

Note 1: Configur a t ion fi el ds ra ng es are detailed in the Configuration section of this doc ument.

Note 2: If an old er ve rs io n of the RTP Media Por tal software is deployed, it may not work with a newer version of the components a lready inst alled. Admini strators should upg rade as per the release notes provided with each release.

5 Click on the Apply button. 6 Once the update is complete, the following window appears:

18 Upgrades

Nortel Networks Confidential

Figure 11 Successful update dialog box

Nortel Networks Confidential

Fault management

How this chapter is organized

This chapter is organized as follow s:

• “Network fault management strategy” on page 19 — “Fault tolerance” on page 19 — “RTP Media Por tal Alarms” on page 22 — “Logs” on page 23

Network fault management strategy

The system handles network fault management through the reporting of alarms and logs. R TP Medi a Port al alarms and logs are viewed from the System Management Console. (See the MCP System Management Console Basics for further details related to alarms and logs.)

Fault tolerance

The RTP Media Portal provides base capabilities that significantly improve the perfor m ance an d r eli ab il it y of the system in the event of a fault. These capabilities include:

• Dynamic Pool Registration — provides the basic mechanism that ensures resource availability

and utilization in the event of a SIP Application Module failure. This function works in tandem with SIP Application Module redundancy to ensure that R TP Media Portal resource s continue to be used in the event o f a SIP Ap plic atio n Modul e failur e. Th e RTP Media Portal is configured to “pre-register” its avai lability with the Standby SIP Application Module. This configuration enables the Standby SIP Application Module to imm ediately begin utilization of the RTP Media Portal for session requests

20 Fault management

• Idle Session Detection

• Media Survivability

• Shared Resource

Nortel Networks Confidential

whenever a failure condition occurs on the Active SIP Applicatio n Mo dule.

— enables the RTP Media Portal to detect and recover media

resources associated with idle media sessions. This basic capability enables the system to maintain capacity and performance in the wake of a SIP Application Module failure that causes the isolation of active media sessi on s.

— enables the RTP Media Po rtal to allow media sessions to survive

(through to se ssion completi on) in the absence of control signaling from the SIP Application Module. This capability enables the system to permit media sessions to continue through to completion in the wake of SIP Application Module failure.

— enables the distribution of RTP Media Portal resources to

multiple SIP Application Modules. The strategy of distributing media sessions over multiple RTP Media Portals strengthens the network's ability to cont inue processing sessions in the event of a failure condition. Failures woul d result in diminished capacity across the entire network, but not necessarily a service outage, since there are many other RTP Media Portals available to many SIP Application Modules.

Fault management procedures

Alarm surveillance

From the System Management Console

1 From the System Management Console, under the RTP Portal

Components fo l der, highlight the appropr ia te RTP Media Port al .

2 The main screen a ppears to the r ight and descri bes R TP Me dia

Portal component details such as general details, CPU usage, Disk Usage, I/O Usage, and Alarms.

3 Below the status details, click the alarm tab to view the service

component and what severity of an alarm is raised against it. For alarm severity classification, refer to the MCP System

Management Console Basics.

Nortel Networks Confidential

Figure 12 Example of viewing alarm information

Fault management 21

Clearing an alarm

From the System Management Console

1 From the System Management Console, under the RTP Portal

Components fo l der, highlight the appropr ia te RTP Media Port al .

2 From the tool bar, select Tools, alarm browser. 3 An alarm table appears disp laying the alarms. 4 Double click the alar m row. Information regard ing the al arm and

necessary steps to clear the alarm appear in the information screen at the bottom of the alarm window.

5 Follow the steps to clear the alarm.

Note: These step s are defin ed in “R TP Media Por tal Alar ms” on page 22.

22 Fault management

RTP Media Portal Alarms

The following section det ails how to clea r cert ain alarms that af fect the RTP Media Portal. RTP Media Portal al arms are discussed in further detail in the MCP System Management Console Basics.

Clearing the RTP101 Alarm (Blade out of service)

1 Verify that you can log in to the blade (card) from the host. If

2 Once you are logged in to the blade, verify the blade can reach

3 Contact your next level of support with the result s of these test s.

Clearing the RTP102 Alarm (RTP Medi a Portal Out of Service)

1 Verify that you can log in to the host. If successful, the private

2 Once you are logged in to the host, verify that each of the

Nortel Networks Confidential

successful, the private network connection is OK.

the default gateway: Ping the gateway IP address from the blade. If successful, the public network connection is OK.

network connection to the host is OK.

available blades is reachable (ping each blade).

3 Log in to a blade. V erify the blade can r each the default gateway:

Ping the gateway IP address from the blade. If successful, the public network connection is OK.

4 Repeat for each blade. 5 Contact your next level of support with the result s of these test s.

Clearing the RTP103 Alarm (Best Blade Selection)

1 Verify that you can log in to the blade (card) from the host. If

successful, the private network connection is OK.

2 Once you are logged in to the blade, verify the blade can reach

the default gateway: ping the gateway IP address from the blade. If successful, the public network connection is OK.

3 Repeat for each blade. 4 Veri fy t hat the correct number of pu bl i c/p ri va te p or ts have been

configured. Use the query tool in the System Management Console.

5 Contact your next level of support with the result of these tests.

Clearing the RTP104 Alar m (Public Port Usag e)

1 Wait for at least two audit cycles to see if the alarm is cleared

automatically. An audit cycle has a duration defined by the “Idle Session Audit Period” property.

Nortel Networks Confidential

2 If the alarm persists, the number of available ports per blade

Clearing the RTP105 Alarm (Private Port Usage)

1 Wait for at least two audit cycles to see if the alarm is cleared

2 If the alarm persists, the number of available ports per blade

3 If it is not possible to increase the numbe r of ports or the number

Logs

System logs are discussed in detail in the MCP Management Module Basics.

Fault management 23

(card) and/or the number of blades (cards) in the system must be increased. To increase the number of ports or the number of blades, contact your next level of support.

automatically. An audit cycle has a duration defined by the “Idle Session Audit Period” property.

(card) and/or the number of blades (cards) in the system must be increased. The recommended ma ximum ports per blade is

300.

of blades, co ntac t your next leve l of support.

24 Fault management

Nortel Networks Confidential

Configuration management

How this chapter is organized

This chapter is organized as follow s:

• “Network strat egy” on page 25 — “Configuration procedures” on page 25 — “Configurat ion tabs and properties” on page 27

Network strategy

The network strategy is to conf ig ur e all of the com pon en ts in a central location. The central location for configuration is the System Management Console.

The following sections provi de info rm ation on configuring the RTP Media Portal.

Configuration procedures

Login to the System Management Console. For detailed procedures on logging into the System Manage m ent Console, refer to the MCP System Management Console Basi cs.

Adding the RTP Media Portal component

This procedure assum es that the server on which the R TP Media Portal will be deployed, has already been configured. For example, Figure 13, “Adding the RTP Media Portal component” on page 26 shows the RTP Media Portal component being deployed onto the previously configured server, “RTP Portal”.

From the System Management Console

1 To add the RTP Media Portal component, right-click on

Component under the Server definition and select Add > Component as shown in Figure 13, “Adding the RTP Media Portal component” on page 26.

26 Configuration management

Figure 13 Adding the RTP Media Portal component

2 You will be prompted to choose a soft ware load. Figure 14 Software load list

Nortel Networks Confidential

3 Select the desired software load version for the RTP Media

Portal and click Apply.

4 You will be prompted to configure the RTP Media Portal. 5 Configure the RTP Media Portal properties as described in

“Configuratio n tabs and propert i es” on page 27. (For configuration property details, place your cursor over the property and a definition help box will pop up.)

Nortel Networks Confidential

6 Enter a label in the Service Componen t Name field at the b ottom

of the window and c l ick Apply.

7 When deployment compl etes, there is a screen showin g that the

component was added successfully.

Figure 15 Add successful dialog box

Configuration tabs and properties

The following figure shows the configurable properties of the System Output Manager tab:

Figure 16 System Output Manager tab

Configuration management 27

28 Configuration management

The following table details the configurable properties of the System Output Manager tab:

Table 1 System Output Manager tab configurable properties

Configuration Property Format Description

Nortel Networks Confidential

Send to File Type: String

Range: Null, 1-500 characters

Name of file that additional detail ed logs should be se nt

to. Default: SystemOutLog

Number of Backup Logfiles

Type: Integer Range: N/A

Number of logfiles

that should be kept. Default: 10

Maximum Size of a Log File

Type: Integer (bytes) Range:

200000-2147483647 Default: 200000

Maximum size of the

log file in bytes.

When this size is

reached, the log file

is rotated.

The following figures show the configurable properties of the RTP Media Portal tab:

Note: The configur able properties of the RTP Media Port al tab span more than one page and so, are shown in the next four figures.

Nortel Networks Confidential

Figure 17 RTP Media Portal tab (1 of 4)

Configuration management 29

30 Configuration management

Figure 18 RTP Media Portal tab (2 of 4)

Nortel Networks Confidential

Figure 19 RTP Media Portal tab (3 of 4)

Configuration management 31

32 Configuration management

Figure 20 RTP Media Portal tab (4 of 4)

Nortel Networks Confidential

The following t able details th e configurable propert ies of the RTP M edia Portal tab:

Table 2 RTP Media Portal tab configurable properties

Configuration management 33

Configuration

Format Description

Property

Call Legs Type: String

Range: 4096-MaxInt Default: 4096

Domain Type: String

Range: 1-20 characters

Default: For future use

RTP Portal IP Type: String

Range: 7-15 characters

Default: 0.0.0.0

AppSvr IP Type: String

Range: 7-15 characters

Controls the number of simultaneous transactions.

Domain in which the RTP Portal will operate.

For future use.

Private IP Address of the RTP Media Portal host. Identifies a specific host.

Note: This value must be unique. Private IP Address of SIP

Application Module to which this portal is assigned.

Default: 0.0.0.0

Note: In a redundant configuration, the value for this property must be set to the private static address of each SIP Application Module in the network.

Port Type: String

Range: 1025-65535 Default: 3903

Port on which the SIP Application Module is listening for MGCP+ messaging from the medi a porta l. It must match the associated setting on the SIP Application Module.

Note: The use of the default value for this property is highly recommended.

34 Configuration management

Table 2 RTP Media Portal tab configurable properties

Nortel Networks Confidential

Discovery Probe Time Period

Type: String Range: 0-3600 000 Default: 60000

Host Receive Port Type: String

Range: 1025-65535 Default: 3904

Polltimer Delay Type: String

Range: 0-6553 5 Default: 20000

milliseconds

Controls the freq uency (in milliseconds) of registration messages (RSIPs) sent from the RTP Media Portal to the SIP Application Module in the absence of MGCP+ messaging from the SIP Applicatio n Mo du le.

Port on which the RTP Media Port al listens for MGCP+ messaging from the SIP Applicat ion Module.

Note: The use of the default value for this property is highly recommended.

Time span (in millise conds) required for startup and initialization of the cards. The host CPU waits this period of time before attempting to contact the cards. (This is how long the host waits to talk to the cards to ask if they are up yet.)

Note: The use of the default value for this property is highly recommended.

Polltimer Interval Type: String

Range: 0-6553 5 Default: 65000

milliseconds

Interval (in milliseconds) at which the host polls the blades to ensure they are still available. (Intermediate checks just to make sure the blade is still up.)

Note: The use of the default value for this property is highly recommended.

Minor Port Usage Alarm Level

Type: Percent Range: 0-100 Default: 50

The percent usage at which the number of ports used on the publ ic or private side of an RTP Media Portal (over all blades) causes a minor alarm.

Nortel Networks Confidential

Table 2 RTP Media Portal tab configurable properties

Configuration management 35

Major Port Usage Alarm Level

Type: Percent Range: 0-100 Default: 80

Critical Port Usage Alarm Level

Type: Percent Range: 0-100 Default: 90

Private Netmask Type: IP address

Range: N/A Default:

255.255.255.0

(Default gateways are for the cards, not for the host.)

Public Netmask Type: IP address

Range: N/A Default:

255.255.255.0

(Default gateways are for the cards, not for the host.)

The percent usage at which the number of ports used on the publ ic or private side of an RTP Media Portal (over all blades) causes a major alarm.

The percent usage at which the number of ports used on the publ ic or private side of an RTP Media Portal (over all blades) causes a critical alarm.

The Private Network Mask is used for routing on the Private network.

The Public Network Mask is used for routing on the Pub lic network.

Default Gateway Type: IP Address

Range: N/A

The Default Gateway is the gateway router to the rest of the world (the default route).

Default: 0.0.0.0

Note: If this value is not filled in, the RTP Media Portal will fail to provide service. The RTP Media Portal will not provide service unless the blades can communicate with the specified Default Gateway.

36 Configuration management

Table 2 RTP Media Portal tab configurable properties

Nortel Networks Confidential

Chassis # Type: String

Range: 0-255 Default: 1

Idle Session Audit Period

Type: String Range: 0-3600 000 Default: 300000 (ms)

Long Idle Duration Type: String

Range: 0-6553 5 Default: 24

Long Call Duration Type: String

Range: 0-6553 5 Default: 576

Chassis identifier used to identify a specific CPX8216T chassis. This information is used by configuration scripts to synchronize RTP Media Portal configuration across multiple CX8216T chassis. Must be unique per chassis. Must match the Chassis # assigned to the blades during the staging of the portal.

The period of the audit that runs to detect idle media sessions on the Peripheral CPU (Bla de).

This represents the maximum amount of time that a RTP Media Portal resource may remain validly idle. This has units of number of IdleSessionAuditPeriods.

This represents the maximum amount of time that an RTP Media Portal resource may remain active in a media session. This has units of number of Idle Session Audi t Periods.

Public Network Detection Period

Type: String Range: 0-3600 000 Default: 15000

The period of the audit that runs to detect the Public network interface on the Peripheral CPU (Blade). This has units of millis econds. If the value is set to zero, then the audit is disabled.

PND Timeout Type: String

Range: 0-1000 0 Default: 250

The amount of time that the Public Network Detection algorithm will wait for a response to a query sent to the default gateway. This has units of milliseconds. If the value is zero, no query will be made to the default gateway.

Nortel Networks Confidential

Table 2 RTP Media Portal tab configurable properties

Configuration management 37

Static RTP Ports T ype: Boolean

Range: true/false Default: false

Activate IP Failover Type: Boolean

Range: true/false Default: true

Boolean indicatin g whether the RTP Media Portal should perform static fixed port allocation/management, or dynamic randomiz ed po rt allocation/management.

Note: When this parameter is selected, the Blade's configuration parameter "Num ber Ports" is disregarded and all ports in the range from “Min Port Value” to “Max Port Value” are all ocated fo r usage. All even-number ed por ts in the specified range are used for RTP streams and the odd-numbered ports are used for RTCP streams.

Enables the RTP Media Po rtal Host CPU to monitor the status of the Private network Interface and react accordingly. This basic capability enables the system to maintain service availability in the wake of Private network failures. Whenever an RTP Media Portal Host CPU detects that it is having problems with its Private network interface, the Host switches to another available Private network interf ace.

Note: There are two tests associated with the activation of Host IP Failover: a carrier sense test and an optional network (ping) test. Upon activation of Host IP failover, the carrier sense test is automatically provided. Enabling of the optional network test is controlled by the “Activate IP Failover NW Test” configuration parameter. Enabling the optional network test will generate a periodic ping to the default gateway on the private network which was configured during installation and commissioning.

38 Configuration management

Table 2 RTP Media Portal tab configurable properties

Nortel Networks Confidential

Activate IP Failover NW Test

Type: Boolean Range: true/false Default: false

Public IP Type: IP Address

Range: 7-15 characters

Default: 0.0.0.0

Private IP Type: IP Add r ess

Range: 7-15 characters

Default: 0.0.0.0

Number Ports Type: Positive

Integer Range: 0-65 535 Default: 20

This configuratio n par ameter is associated with the “Activate IP Failover” configura ti on pa rameter. Please refer to Note in descr iption of the “Activate IP Failover” configuration parameter for details.

The Public IP address of this particular blade. Repeated for each blade.

The Private IP address for this particular Blade. Re peated for each Blade.

Number of ports (this many private and this many public) config ured on this blade. Controls maximum allowable simultaneous media streams permitted o n this particular Blade. Repeated for each Blade.

Blade Name Type: Text

Range: blade1-blade16

Default: blade1, blade 2, etc .

Min Port Value Type: Positive

Integer Range: 0-6553 5 Default: 40000

Max Port Value Type: Positive

Integer Range: 0-6553 5 Default: 60000

String describing this particular Blade. Repeated for each Blade.

Note: This field is no t configurable.

Minimum port range value.

Maximum port value.

Nortel Networks Confidential

Accounting management

Strategy

The RTP Media Po rtal does n ot perform any acco unting manag ement. For more information on accounting, see the MCP Accounting Module

Basics.

40 Accounting management

Nortel Networks Confidential

Performance management

Strategy

RTP Media Portal performance is monitored through the System Management Console GUI by viewing Operational Measurements. Refer to the MCP System Manageme nt Console Basics for info rmation on OMs and viewing OMs.

42 Performance management

Nortel Networks Confidential

Security and Administration

How this chapter is organized

This chapter is organized as follow s:

• “Security strategy overv i ew” on page 43

• “User administration” on page 45

Security strategy overview

One function of the RTP Media Portal is to secure the media interface to the private netw ork. S ecurin g the m edi a layer is ac hiev ed thr ough a combination of methods at the network level and RTP Media Portal component level.

Network level security functions

At the network level, media layer security is achieved by the randomization of the IP addresses/ports used for multimedia sessions and utilization of N APT (Netw ork Address Port T ransla tion) technolog y to obscure the network topology of the private network.

Blade (IP address) randomization

When a multimedia session requests resources, the RTP Media Portal selects an appropriate blade to host the session. Blade selection determines the specific IP address that will be made ava ilable to the media streams for the session.

During the se lection of a blade, the port usa ge of each blade is queried to determine the number of available ports for each. The blade which has the most available ports is selected. This method of selection provides randomization and helps distribute the session load across the blades.

Port randomization

When the RTP M edia Portal is de ployed, each blade is assigned a pool of ports with a specific number of ports in a specific range based on configuration data (Number Ports, Min Port Value, Max Port Value, respectively). For more information on these con figuration properties,

44 Security and Administration

refer to Table 2, “RTP Media Portal tab configurable properties” on page 33.

As multimedia sessi ons are initiated, a por t is chosen from the port po ol associated with the selected blade. When a multimedia session completes, their associated ports are deallocated from the pool and new replacement ports are allocated t o the pool. The deallocation of used ports a nd alloca tion of replace ment port s provid es rand omization in the port pools for the blades.

NAPT function

In order to obscure the private network topology, the RTP Media Portal uses the NAPT functionality to secure the multimedia sessions so that there is no leakage of topology information.

This is achieved by maintaining a list of media ports (NAPT table) which are being used within active multimedia sessions. Only packets which arrive on these active ports are processed. Packets which arrive on non-active ports are rejected and logged as potential problems.

RTP Media Portal component level security functions

The RTP Media Portal component also contributes to system security by opening and clos ing media ports only in response to requests from the SIP Application Module (which has pre-authenticated such requests) and by rejecting any unauthorized packets on an active connection.

Nortel Networks Confidential

Authenticated requests

All requests to manipulate the media resources on the RTP Media Portal originate from the SIP Application Module. The SIP Application Module ensures that all requests are made by, or made to, a valid service subscriber. In this way, the SIP Applicat ion Module effectively authenticates all requests.

In addition, the p ortion of the RTP M edia Port al which pr ocesses these requests to manipulate the media resources resides safely with in the private netw ork.

Packet filter/firewall

As packets a re received fr om the public net work, the RT P Media Port al analyzes each packet to ensure the foll owi ng:

• the data format is RTP/RTCP/UDP (as indicated by the session description). All other packet types are discarded and logged as problems.

• the source/destination addresses match the expected source/destination addresses indicated in the session description.

Nortel Networks Confidential

Packets that do not have a matching source/destination address are discarded and logged as potential problems.

• the source/destina tion ports ma tch the expected sou rce/destination ports indicated in the session de scription. Packet s that do not have a matching source/destination port are discarded and logged as potential prob le m s .

User administration

Basic administrative tasks for the R TP Media Port al ar e cove red in t he Upgrade, Configuration, and Fault sections of this document. Other basic administrative tasks related to t he System Management Console are covered in the MCP System Management Console Basics.

Security and Administration 45

46 Security and Administration

Nortel Networks Confidential

Succession Multimedia Communications Portfolio

MCP RTP Media Portal

Basics

NORTEL NETWORKS CONFIDENTIAL: The information contained in this document is the

property of Nortel Networks. Except as specifically authorized in writing by Nortel Networks, the holder of this document shall keep the information contained herein confidential and shall protect same in whole or in part from disclosure and dissemination to third parties and use same for evaluation, operation, and maintenance purposes only. Changes or modifications to the MCP RTP Media Portal without the express consent of Nortel Networks may void its warranty and void the user’s authority to operate the equipment.

Information is subject to change without notice. Nortel Networks reserves the right to make changes in design or components as progress in engineering and manufacturing may warrant.

*Nortel Networks, the Nortel Networks logo, the Globemark, UNIStim, MCP, Nortel, Northern Telecom, and NT, are trademarks of Nortel Networks.

Publication number: NN10035-111 Product release: MCP 1.1 FP1 Standard Document release: Standard MCP 1.1 FP1 (02.02) Date: April 2003 Printed in the United States of America.

Nortel Networks NN10035-111, MCP 1.1 FP1 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Overview

How this chapter is organized

Functional description

Hardware

Description

Software update maintenance loads

OAM&P strategy

Interfaces

Protocols

Network Interfaces

User interfaces

Upgrades

How this chapter is organized

OAM&P strategy

RTP Media Portal software upgrade

Task flows

From the System Management Console:

Shutdown the RTP Media Portal component

From the System Management Console

Update a software load

From the System Management Console

Fault management

How this chapter is organized

Network fault management strategy

Fault tolerance

Fault management procedures

Alarm surveillance

From the System Management Console

Clearing an alarm

From the System Management Console

RTP Media Portal Alarms

Clearing the RTP101 Alarm (Blade out of service)

Clearing the RTP102 Alarm (RTP Medi a Portal Out of Service)

Clearing the RTP103 Alarm (Best Blade Selection)

Clearing the RTP104 Alar m (Public Port Usag e)

Clearing the RTP105 Alarm (Private Port Usage)

Logs

Configuration management

How this chapter is organized

Network strategy

Configuration procedures

Adding the RTP Media Portal component

From the System Management Console

Configuration tabs and properties

Accounting management

Strategy

Performance management

Strategy

Security and Administration

How this chapter is organized

Security strategy overview

Network level security functions

Blade (IP address) randomization

Port randomization

NAPT function

RTP Media Portal component level security functions

Authenticated requests

Packet filter/firewall

User administration