Network guidelines
From Zenitel Wiki
This article describes the network guidelines of the ICX-AlphaCom and AlphaCom XE platforms.
Contents
- 1 The ICX-AlphaCom and AlphaCom XE servers
- 2 Network guidelines
- 2.1 Network Conditions
- 2.2 Network Layout
- 2.3 Bandwidth usage
- 2.4 Unicast/Multicast
- 2.5 VLAN
- 2.6 802.1X Authentication
- 2.7 Quality of Service
- 2.8 Power over Ethernet (PoE)
- 2.9 Port use
- 2.9.1 Zenitel IP Devices
- 2.9.2 AlphaNet (interconnecting ICX-AlphaCom and/or AlphaCom XE servers)
- 2.9.3 MultiModule (interconnecting AlphaCom servers in Master-Slave, available only for AlphaCom XE servers)
- 2.9.4 SIP communication
- 2.9.5 AlphaPro PC configuration tool
- 2.9.6 AlphaWeb - Integrated web server
- 3 ICX-AlphaCom firewall and port usage
The ICX-AlphaCom and AlphaCom XE servers
ICX-AlphaCom and AlphaCom XE offer advanced communication and control capabilities. They provide the voice of security. This article includes descriptions of setup and configuration, operation, and any limitations and/or notes surrounding the solution. The network guidelines of ICX-AlphaCom and AlphaCom XE are very similar, as ICX-AlphaCom is built on the AlphaCom XE application software. Where this does not cause any confusion, the only reference will be made to the ICX-AlphaCom.
Separate management interface
The ICX-500 Gateway comes with two Ethernet interfaces. A separate Ethernet interface which can be dedicated to management. This allows the administrator to build a separate administration VLAN that is dedicated only to administrators.
Network guidelines
Network Conditions
- Maximum one way latency 150ms
- Maximum one way jitter <30ms
- Maximum Loss <1%
Network Layout
- End to End connectivity via private LAN or WAN
- Full routing between subnets
- All ports required available across routers
- No Network Address Translation (NAT) allowed at routers
- Use VPN or MPLS to bridge disparate networks across the internet
Bandwidth usage
A VoIP audio stream is using:
- On a LAN network: 85.6 kbps
- On a WAN network (IPSec encrypted): 106.4 kbps
Examples:
- A conversation between to IP stations is using 2 VoIP streams, one to each station. Bandwidth usage: 2 x 85,6 = 171,2 kbps
- A group call (unicast) from one IP station to 10 receiving devices (IP stations, IP Speakers), is using one VoIP stream to each of the stations. Bandwidth usage: 11 x 85,6 kbps = 941,6 kbps
- A group call (multicast) from one IP station to 10 receiving devices (IP stations, IP Speakers), is using one VoIP stream from the calling station, and one VoIP stream to the group. Bandwidth usage: 2 x 85,6 kbps = 171,2 kbps
The bandwidth usage is the same for all codecs G.722, G.711u and G.711a.
Here is a link to the bandwidth usage for video stream from TCIV+ stations.
Unicast/Multicast
The network should support Multicast (IGMP Snooping). ICX is by default using Unicast for Group audio (group calls, alarm messages etc), sending one VoIP stream to each receiving device. The maximum number of receivers is 200 (50 in AlphaCom) when using Unicast. If more than 200 receiving devices, multicast must be used. Multicast is also recommended with less devices to lower the bandwidth usage.
A group call with Muliticast is using 2 VoIP channels, regardless of the number of receivers.
VLAN
It is recommended to use a dedicated VLAN for the intercom system. Grouping users into logical networks will increase performance by limiting broadcast traffic to users performing similar functions or within individual workgroups. Additionally, less traffic will need to be routed, and the latency added by routers will be reduced.
802.1X Authentication
IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC)
- All station and device types
- In ICX-AlphaCom (software v. 1.1.3.0 and later)
802.1X is not supported in the AlphaCom series of servers.
Quality of Service
The ICX uses the UDP ports 61000 to 62000 for VoIP audio. Quality of Service (QoS) is by default set on all VoIP audio packages, using Diffserv bit class EF.
Power over Ethernet (PoE)
All INCA devices and Turbine devices from Zenitel supports PoE (IEEE 802.3af standard, Class 0). Most stations (except the desktop models) can alternatively be powered from a local 24VDC power supply.
The ICX-500 and AlphaCom XE servers do not support PoE.
Port use
All devices (servers and stations) are using port 80 (http) or 443 (https) for web services.
VoIP communication is using the following ports:
Zenitel IP Devices
- Signaling: TCP port 50001
- Voice:
- UDP port 61000 – 62000 for ICX-AlphaCom
- UDP port 61000 – 61150 for AlphaCom XE
- Video
- HTTP MJPG: TCP port 80. Optionally TCP port 8090 are used
- RTSP MJPG and RTSP H264: port 554
AlphaNet (interconnecting ICX-AlphaCom and/or AlphaCom XE servers)
- Signaling: TCP port 50000
- Voice:
- UDP port 61000 – 62000 for ICX-AlphaCom
- UDP port 61000 – 61150 for AlphaCom XE
MultiModule (interconnecting AlphaCom servers in Master-Slave, available only for AlphaCom XE servers)
- Signaling: TCP port 50010
- Voice: UDP port 61000 – 61150
SIP communication
- Signaling: UDP port 5060
- Voice:
- UDP port 61000 – 62000 for ICX-AlphaCom
- UDP port 61000 – 61150 for AlphaCom XE
Management Tools are using the following ports:
AlphaPro PC configuration tool
- TCP Port 80 (or 443) for AlphaPro 12.0 and later
- TCP port 60001 for AlphaPro 11.7 and earlier
See also TCP ports used by AlphaPro
AlphaWeb - Integrated web server
- TCP port 80 (http) or TCP port 443 (https)
ICX-AlphaCom firewall and port usage
The ICX-AlphaCom has an internal firewall allowing the network administrator to open and close IP services that should be able to access the ICX-AlphaCom from the different networks.