■ Floor control server: A logical entity that maintains the state of the floor(s)—which floors exists, who the floor chairs are, who holds a floor, and so on
BFCP is designed to rely on the capabilities of the underlying signaling and transport protocols to set up each stream that is being managed, whether it is voice, video, or media content that is being transported in the RTP stream. BFCP supports use of Transport Layer Security (TLS) to provide encryption of floor information concerning each resource that is being controlled and the participants using and viewing each resource.
TLS also provides the capability to support anonymous users for sessions where anonym-ity is desired.
SIP BFCP is an application-sharing mechanism that leverages the BFCP protocol. For instance, a user participating in a Cisco WebEx–enabled TelePresence conference call can share content from his or her desktop. SIP BFCP works with Cisco TelePresence, EX Series endpoints, and Cisco Jabber with video desktop sharing. Example 3-5 shows SDP output from a video conference where one of the participants is sharing PowerPoint slides during the call.
Example 3-5 SDP Output from BFCP-Enabled Call
v=0
o=Sam 2890844526 2890842807 IN IP4 10.10.200.100 s=meeting
c=IN 10.10.200.100 t=0 0
m=video 49680 RTP/AVP 31 a=rtpmap:31 H261/9000 a=content:slides
m=video 49680 RTP/AVP 31 a=rtpmap:31 H261/9000 a=content:main
In Example 3-5 , “slides” is the presentation stream and “main” is the main video stream.
The streams are controlled by both SIP and BFCP, where BFCP is used for “asking per-mission” to send the second stream, and the SIP offer-answer model (i.e., sending SDP messages over INVITE or UPDATE) is used for opening the stream. If a participant wish-es to start sharing a slide with other participants, the sharing participant begins by asking for permission by sending a BFCP “floor request” and then opens the stream by sending a Re-INVITE with a new SDP message adding the second “m=video” line.
H.323 Gateway, Gatekeeper, and RAS
H.323 is an ITU framework developed for interactive multimedia communications. H.323 is a suite of protocols, codecs, and standards that includes
ptg13358382 ■ H.225: H.225 (also known as H.255.0) is a call-control and signaling protocol used
to establish, control, and terminate calls between H.323 endpoints.
■ H.245: H.245 is a control channel protocol to transmit non-telephone signals such as information related to capabilities, jitter management, and flow control, establish logical channels for the transmission of media, and so on. In certain cases, H.245 can be tunneled within H.225.
■ H.225 RAS (Registration, Admission, and Status): RAS is used for communica-tion between H.323 endpoints (such as Cisco Unified IP Phones, CUCM) and the gatekeeper and between the gatekeeper and a peer gatekeeper. RAS has a number of messages for registration, admission, and status, most of which have a response of Confirmation or Reject.
■ H.235: H.235 provides security within the H.323 suite, for both signaling and media.
■ H.239: H.239 is a standard for multiple video channels within a single H.323 session.
H.239 enables dual streams for use in videoconferencing, one for live video and the other for presentation/still images.
■ H.450: The H.450 series of protocols describes various supplementary services such as call transfer, call hold, and so on.
■ H.460: The H.460 series of protocols defines optional extensions that may be imple-mented by an endpoint or a gatekeeper Network Address Translation (NAT)/firewall (FW) traversal.
H.323 endpoints use H.225 RAS UDP port 1718 for gatekeeper discovery and UDP port 1719 for gatekeeper H.225 RAS communication. H.323 endpoints can also use multicast for gatekeeper discovery (the multicast IPv4 address is 224.0.1.41). H.323 voice gateways can send DTMF digits in a number of ways, such as H.245 alphanumeric, RTP-NTE, Cisco-proprietary, or H.245 signaling. In H.245 alphanumeric signaling, alphanumeric digit tones are sent out-of-band via H.245, but H.245 alphanumeric signaling does not include tone duration. H.245 signaling is like H.245 alphanumeric signaling but with tone duration. Both RTP-NTE and Cisco-proprietary methods send DTMF tones within an RTP stream. It’s important to note that H.323 call signaling is based on the ITU-T Recommendation Q.931 protocol.
An H.323 ecosystem has many elements to it:
■ H.323 terminals/endpoints: Devices such as call-control agents (CUCM, CUCME), multipoint control units (MCU), third-party IP Phones, and so on. Cisco Unified IP Phones cannot process H.323 directly and can only work with SCCP or SIP.
■ H.323 gateways: Fundamental units of an H.323 ecosystem that enable the IP and POTS worlds to come together. H.323 gateways can connect to call-control agents, gatekeepers, session border controllers, and so on.
ptg13358382 H.323 Gateway, Gatekeeper, and RAS 75
■ H.323 gatekeeper: Vital element of an H.323 ecosystem as it can provide multiple voice services to endpoints and gateways. A gatekeeper can have a centralized (or decentralized) dial plan, can control bandwidth across WAN links for H.323 voice calls, and can perform user authentication, endpoint registration, admission and request (RAS), and so on.
■ Session border controller (SBC): Known as Cisco Unified Border Element (CUBE) in Cisco terminology, an SBC can process H.323 messages and can help interconnect multiple organizations leveraging the H.323 suite for voice and video calls, either directly or via an IT service provider (ITSP).
H.323 Gateway
An H.323 gateway is a device that can interface with the public switched telephone net-work (PSTN), IP netnet-works, call-control agents, H.323 gatekeepers, H.323 endpoints, and so on. To configure an H.323 gateway to communicate with a call-control agent such as CUCM, the gateway can be configured as shown in Example 3-6 .
Example 3-6 H.323 Gateway Configuration
H323Router(config)# voice service voip H323Router(conf-voi-serv)# h323
H323Router(conf-voi-h323)# ccm-compatible
!
H323Router(config)# interface loopback 0
H323Router(config-if)# ip address 10.10.1.250 255.255.255.0 H323Router(config-if)# h323-gateway voip interface
H323Router(config-if)# h323-gateway voip h323-id H323Router H323Router(config-if)# h323-gateway voip bind srcaddr 10.10.1.250
!
H323router(config)# dial-peer voice 1001 voip
H323router(config-dial-peer)# destination-pattern 1...
H323router(config-dial-peer)# session target ipv4:10.76.108.146 H323router(config-dial-peer)# dtmf-relay h245-alphanumeric H323router(config-dial-peer)# codec g711ulaw
H323router(config-dial-peer)# no vad
In Example 3-6 , under the voice service voip command, the subcommand h323 enters the H.323 submode. The command ccm-compatible enables CUCM-compatible signal-ing. The interface-specific command h323-gateway voip h323-id is used to identify the ID of the gateway. The command h323-gateway voip bind srcaddr is employed to con-figure the IP address used as a source IP address for messages sent to CUCM server(s).
Consecutively, an H.323 gateway must be defined in CUCM so that CUCM servers can communicate with the same. To add an H.323 gateway in CUCM, follow these steps:
ptg13358382 Step 1. Go to the Cisco Unified CM Administration page and choose Device >
Gateway . Step 2. Click Add New .
Step 3. From the Gateway Type drop-down menu, choose H.323 Gateway . Step 4. Enter the Device Name (IP address or DNS name of the gateway),
descrip-tion, CUCM Device Pool, and other parameters.
Step 5. After entering the other mandatory parameters, click Save .
H.323 gateways initiate an H.323 session in two ways: fast start and slow start. Fast-start (also known as fast connect ) is a newer method (available in H.323 version 2) of call setup that allows the media channels to be operational before the CONNECT message is sent.
Essentially, H.245 is still negotiated later. However, the actual media channels can be established by tunneling H.245 within H.225 messages. The following snippet states the fast-start configuration:
H323Router(config)# voice service voip H323Router(conf-voi-serv)# h323
H323Router(conf-serv-h323)# call start fast
Compared to fast start, slow-start implementations require that the media channels wait until after the CONNECT message to negotiate IP addresses, ports, and codecs. In slow start, many H.245 messages are exchanged over a separate TCP connection.
An H.323 gateway can also interface with a gatekeeper using RAS. For configuration of an H.323 gateway, the following configuration is required under the interface, with the remaining configuration being the same as in the earlier configuration:
H323Router(config)# interface loopback 0
H323Router(config-if)# h323-gateway voip id CUCMGK ipaddr 10.10.1.180
The command h323-gateway voip id identifies the ID and IP address of the gatekeeper with which the gateway should register. The configuration of a gatekeeper to support an H.323 gateway is covered in the next section.
H.323 Gatekeeper
H.323 gatekeepers are devices that can provide functions such as the following:
■ Address resolution (directory number to IP mapping)
■ Call Admission Control (CAC) and bandwidth control (gatekeeper-based CAC) ■ Zone management (intra- and interzone communication)
ptg13358382 H.323 Gateway, Gatekeeper, and RAS 77
Gatekeeper-controlled communication can be implemented by configuring either of the following:
■ H.225 trunk (gatekeeper controlled): Provides connectivity of a CUCM server/
cluster to H.323 network(s)
■ Intercluster trunk (gatekeeper controlled): Provides connectivity between a CUCM server/cluster in a distributed call-processing network in H.323 network
To configure a gatekeeper-controlled trunk, first a gatekeeper must be added in CUCM by going to the Cisco Unified CM Administration page and choosing Device >
Gatekeeper . To configure a gatekeeper-controlled trunk, choose Device > Trunk and add the appropriate gatekeeper trunk type (H.225 or intercluster).
Example 3-7 shows basic configuration for a Cisco IOS gatekeeper (for CUCM and H.323 gateway RAS).
Example 3-7 H.323 Gatekeeper Configuration
GKRouter(config)# gatekeeper
GKRouter(config-gk)# zone local CUCMGK corp.local 10.10.1.180 GKRouter(config-gk)# zone prefix CUCMGK 1*
GKRouter(config-gk)# gw-type-prefix 1#* default-technology GKRouter(config-gk)# bandwidth session zone CUCMGK 256 GKRouter(config-gk)# bandwidth total zone CUCMGK 2048 GKRouter(config-gk)# no shutdown
The zone local CUCMGK corp.local 10.10.1.180 command defines the local zone con-trolled by the gatekeeper, domain name, and the IP address (for RAS) for one of the interfaces on the gatekeeper router. A gatekeeper can also work with another gatekeeper, in which case the remote zone command is used. The zone prefix CUCMGK 1* com-mand is employed to specify the gatekeeper’s name and add a prefix to the local zone list. In this case, all prefixes beginning with digit 1 are associated with the gatekeeper CUCMGK. The gw-type-prefix 1#*default-technology command specifies a default technology prefix 1#*, which is used to route calls if the called number does not cor-respond with a registered E.164 address. Next, the bandwidth commands are employed to specify the per-session maximum bandwidth (256 Kbps) and total bandwidth (2048 Kbps) assigned to the zone CUCMGK . The no shutdown command activates the gate-keeper function on the Cisco IOS router.