Thanks a lot for the information regarding the private network but am still unable to get the information on when the public network comes into the picture.

Public network is used between the Router <-> PG (or) connection between different components.. Private network is used between the redundant components (routerA->routerB, pgA->pgB). 

You can get information from CCE SRND as well.

Just want to validate the information i have. Do we have a private network between router and logger if so may i know why.

ihsan... Each component has their own reason as to why they need to communicate to its peer over the private network. 

I highly suggest that you take time to read the design document:

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/icm_enterprise/icm_enterprise_11_0_1/Design/Guide/UCCE_BK_U05A84E5_00_unified-cce-design-guide.pdf

Gary Ford authored a book specifically about UCCE. It came out during the version 8 days, but still very relevant: http://www.amazon.com/Unified-Contact-Enterprise-Networking-Technology/dp/1587141175

Hi 

thank you for the neat explainion sir .

in private network it is MDS service and 5 heartbeat missed the redundant will become active mode.??

and if that is for private network which has sperate interface for fault tolerance .

how is the fault tolerance in public network -- is it through DMP protocol ? 

Good morning kavle, 

Let me explain it. When the private network is up and works fine, the ICM Central Controller is in Active-Active mode. Both sides (A and B) are synchronized, they send heartbeats every 100ms to each other via MDS. The decision, which side processes route requests is made based on the number PGs available to Router A and to Router B correspondingly. If Router A can communicate with at least half of its total enabled PGs, then it route the calls and Router B just waits (disabled state). But if Router B can communicate with more than half of its total enabled PGs, then it becomes an active router and Router A goes into disabled state. It is called device majority.  

When the sides miss 5 keepalive in the MDS, they consider the private network is down. Then the A and B sides transition into isolated-enabled operation and they work independently from each other. They are not synchronized anymore and they DO NOT use public network for resynchronization or Central Controller redundancy. When Cisco says that the public network is used for fault tolerance, it means redundancy for the connections between PGs and the Routers. Only one side of the Central Controller provides call routing. In order to decide if it is Router A, who makes a routing decision, or it is Router B, the system uses public network to find out, which Router has device majority and if PGs can reach the Router A. 

You can read all this stuff more in detail on SRND. The link was provided by Omar Deen in the previous answers. Let me repeat it here:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/icm_enterprise/icm_enterprise_11_0_1/Design/Guide/UCCE_BK_U05A84E5_00_unified-cce-design-guide.pdf

The info you need is on the section Common Processes That Support Failovers (page 85 of this document). 

Here are the answers:
- point 1 - the public network is used for redundancy between side A and side B of the central controller and PGs ?? - public network is never used for the redundancy for the Router A and B, or PG A and PG B. When in the document you see something like "as an alternate network to distinguish between node failures and network failures, may also use the visible network.", it means that in case of private network failure the system uses the public network to understand if the PGs can connect to Router A or not. 
- point 2 - private network is used for fault tolerance between the PEERs (side A and side B) ? - that's true

- I have attached a diagram here -- in that will the routing decision made at router A as it has two active session with the PG ? - correct, the routing result will be taken from the Router A. The Router B also make script execution, however, its result is not used. 

- in any case if the side A and side B goes isolated , the routing decision still made at Router A ..as the rules -- at least half of it PGs that its connected are healthy  .?? - yes, the Router A wins, until the PGs can't connect to it. 
- so the router B will be active only when the Side A central controller software component failure and also when total network failure at A side CC and A side PGs  - yes, it seems to be so. 

what is the exact role of the Router in the call flow .- it is the brain of the system. All calls go through the ICM Router. The Router executes ICM routing scripts and make a routing decision (it select an Agent or maybe sends the call to Labels, etc). Also the ICM script defines, which CVP VXML Application to execute for prompt & collect phase of the call.

in the fresh call , call from the CUBE will enter CVP through SIP service and from there call will hit router and PG and CCE and execute script ?? - true, the Router executes the ICM script. 

in the CVP what's it make happen the call to hit CCE... - it depends on the CVP Deployment Mode. When the CVP is deployed along with the ICM, it works in so called CVP Comprehensive Mode. In this mode the CVP sends all incoming calls to the ICM by default and literally asks the ICM where to send this call. 

is it the router who does that job ? - no, it is not. The Router receives a route request from the CVP and then process it. 

if so what is the configuration on CVP to hit router . - there is no specific config on the CVP side for that. All you need is to add the components of the CVP to its OAMP (UCCE), or even do nothing for the PCCE (in this case the PCCE installation script will do this job for you), 

thank you very much sir.. I thought Admin data server will execute the script