02-23-2018 12:52 AM - edited 03-13-2019 10:09 PM
After having read the multiple Docs on expressway I have a good understanding of best practice for having 2 nics as opposed to 1. However from the Basic config guide, there is a diagram showing an example of a single nic deployment and the media flow. (have attached here) The media flow is displayed as arriving at the expressway from the firewall, going through the B2BUA and back to the firewall. The next bit I don't understand. The firewall is then sending the media back to the expressway edge? ( why is it not forwarding to the expressway core? I would have assumed that when a packet first arrives at expressway edge, the edge would re-write packets to have a destination for the exp core. I guess this is the key to having 2 Nics instead of one. but can anyone explain what that extra step is from B2BUA and the packets reflecting back to edge from the firewall?
02-23-2018 05:49 AM
The reason is explained in the deployment guide as below:
For deployments that use only one NIC on the Expressway-E, but also require static NAT for the public address, the media must "hairpin" or reflect on the external firewall whenever media is handled by the Expressway-E's back to back user agent (B2BUA).
For all calls coming in on a Unified Communications Traversal Server zone, or another zone where SIP Media encryption mode is not Auto, the Expressway-E's B2BUA could be engaged to decrypt or encrypt the media packets. In these deployments, the B2BUA sees the public IP address of the Expressway-E instead of its private IP address, so the media stream must go through the network address translator to get to the private IP address.
■ Not all firewalls will allow this reflection, and it is considered by some to be a security risk.
■ Each call where the B2BUA is engaged will consume three times as much bandwidth as it would using the
recommended dual NIC deployment. This could adversely affect call quality.
Please rate if found helpful
Regards,
Aeby
02-23-2018 08:15 PM
02-24-2018 12:38 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide