Actions

Network guidelines

From Zenitel Wiki

AI.png

This article describes the network guidelines of the ICX-AlphaCom and AlphaCom XE platforms.

The ICX-AlphaCom and AlphaCom XE servers

ICX-AlphaCom and AlphaCom XE offer advanced communication and control capabilities. They provide the voice of security. This article includes descriptions of setup and configuration, operation, and any limitations and/or notes surrounding the solution. The network guidelines of ICX-AlphaCom and AlphaCom XE are very similar, as ICX-AlphaCom is built on the AlphaCom XE application software. Where this does not cause any confusion, the only reference will be made to the ICX-AlphaCom.

Separate management interface

The ICX-500 Gateway comes with two Ethernet interfaces. A separate Ethernet interface which can be dedicated to management. This allows the administrator to build a separate administration VLAN that is dedicated only to administrators.

Network guidelines

Network Conditions

  • Maximum one way latency 150ms
  • Maximum one way jitter <30ms
  • Maximum Loss <1%

Network Layout

  • End to End connectivity via private LAN or WAN
  • Full routing between subnets
  • All ports required available across routers
  • No Network Address Translation (NAT) allowed at routers
  • Use VPN or MPLS to bridge disparate networks across the internet
Bandwidth usage

Bandwidth usage

A VoIP audio stream is using:

  • On a LAN network: 85.6 kbps
  • On a WAN network (IPSec encrypted): 106.4 kbps

Examples:

  • A conversation between to IP stations is using 2 VoIP streams, one to each station. Bandwidth usage: 2 x 85,6 = 171,2 kbps
  • A group call (unicast) from one IP station to 10 receiving devices (IP stations, IP Speakers), is using one VoIP stream to each of the stations. Bandwidth usage: 11 x 85,6 kbps = 941,6 kbps
  • A group call (multicast) from one IP station to 10 receiving devices (IP stations, IP Speakers), is using one VoIP stream from the calling station, and one VoIP stream to the group. Bandwidth usage: 2 x 85,6 kbps = 171,2 kbps

The bandwidth usage is the same for all codecs G.722, G.711u and G.711a.

Here is a link to the bandwidth usage for video stream from TCIV+ stations.

Unicast/Multicast

The network should support Multicast (IGMP Snooping). ICX is by default using Unicast for Group audio (group calls, alarm messages etc), sending one VoIP stream to each receiving device. The maximum number of receivers is 200 (50 in AlphaCom) when using Unicast. If more than 200 receiving devices, multicast must be used. Multicast is also recommended with less devices to lower the bandwidth usage.

A group call with Muliticast is using 2 VoIP channels, regardless of the number of receivers.

VLAN

It is recommended to use a dedicated VLAN for the intercom system. Grouping users into logical networks will increase performance by limiting broadcast traffic to users performing similar functions or within individual workgroups. Additionally, less traffic will need to be routed, and the latency added by routers will be reduced.

802.1X Authentication

IEEE 802.1X is an IEEE Standard for port-based Network Access Control (PNAC)

802.1X is supported in:

  • All station and device types
  • In ICX-AlphaCom (software v. 1.1.3.0 and later)

802.1X is not supported in the AlphaCom series of servers.

Quality of Service

The ICX uses the UDP ports 61000 to 62000 for VoIP audio. Quality of Service (QoS) is by default set on all VoIP audio packages, using Diffserv bit class EF.

Power over Ethernet (PoE)

All INCA devices and Turbine devices from Zenitel supports PoE (IEEE 802.3af standard, Class 0). Most stations (except the desktop models) can alternatively be powered from a local 24VDC power supply.

The ICX-500 and AlphaCom XE servers do not support PoE.

Port use

All devices (servers and stations) are using port 80 (http) or 443 (https) for web services.

VoIP communication is using the following ports:

Zenitel IP Devices

  • Signaling: TCP port 50001
  • Voice:
    • UDP port 61000 – 62000 for ICX-AlphaCom
    • UDP port 61000 – 61150 for AlphaCom XE
  • Video
    • HTTP MJPG: TCP port 80. Optionally TCP port 8090
    • RTSP MJPG and RTSP H264:
      • RTSP Control = TCP port 554
      • Media = ephemeral UDP ports 32768-60999

Note: The video is not going through the ICX-AlphaCom server, but peer to peer from e.g. TCIV+ intercom to ITSV video phone.

AlphaNet (interconnecting ICX-AlphaCom and/or AlphaCom XE servers)

  • Signaling: TCP port 50000
  • Voice:
    • UDP port 61000 – 62000 for ICX-AlphaCom
    • UDP port 61000 – 61150 for AlphaCom XE

MultiModule (interconnecting AlphaCom servers in Master-Slave, available only for AlphaCom XE servers)

  • Signaling: TCP port 50010
  • Voice: UDP port 61000 – 61150

SIP communication

  • Signaling: UDP port 5060
  • Voice:
    • UDP port 61000 – 62000 for ICX-AlphaCom
    • UDP port 61000 – 61150 for AlphaCom XE

Management Tools are using the following ports:

AlphaPro PC configuration tool

  • TCP Port 80 (or 443) for AlphaPro 12.0 and later
  • TCP port 60001 for AlphaPro 11.7 and earlier

See also TCP ports used by AlphaPro

AlphaWeb - Integrated web server

  • TCP port 80 (http) or TCP port 443 (https)

IMT - Intercom Management Tool

The IMT tool is using the following ports in the network:

  • UDP port 69: Used by the embedded TFTP server during the Upgrade process
  • TCP port 80: Use to read/write XML files to/from the devices
  • TCP port 50001: Identification process
  • TCP port 50004: Use to read/write Zenitel Application Protocol (ZAP) data.

HTTPS using UDP port 443 instead of UDP port 80 is supported from IMT version 2.0. HTTPS is automatically used if HTTP is disabled in device firewall.


ICX-AlphaCom firewall and port usage

The ICX-AlphaCom has an internal firewall allowing the network administrator to open and close IP services that should be able to access the ICX-AlphaCom from the different networks.

The ICX-AlphaCom firewall