Actually on site in Egypt to deploy full VoIP infrastructure(main site: 4 VM(CUCM-Pub+ CUCM-Sub1-CM + CUCM-Sub2-TFTP + VoiceMail Unity + BAckup site: 3 VM: CUCM-Sub3-CM-BAckup + CUCM-Sub4-TFTP-Backup + UNity-BackUp), I have 2 big issues I wanna talk to you about.
In fact, I prepared all the VM in my Lab @ work. Then I uploaded them all in the current ESX here on site(lets talk about main site only).
1°) But it seems only SIP phones that have already been registered in my lab are registering OK. Phones I've never connected(despite being present in Subscriber-DB + Pub-DB) dont want to register. Whereas everything, IP, SIP, ... is OK. While tracing the SIP phones, these ones are sending their Register correct but Sub1_CallMAnager responds/sends back to the phones"Not found, not present in DB"...whereas I can see them perfectly when logged on the Web I/F of Subscriber1_CallMAnager=> Any idea?
2°) Due to some VLAN segregation, we recently changed SUb1_CM IP@ to put it in a separate VLAN than the 3 others(Pub+Sub2+Unity) here on main site. But I was not aware that ONLY Pub has full R+W rights. So, I tried to make changes from the Sub1_CM, but it tells me "NO permission". Thats why I understand I need to repair my Pub, because all management should be done from this machine, right?
But, at the moment, I had my 4 VM assigned to the same ESX Eth port: is there a way to say"OK, Pub is on VLAN1, and the 3 others on VLAN2? Or do I have to move my 3 other VM to a different ETh port of the ESX?
And by the way, what are the best practices about VLAN vs VM(Pub+Sub...) that Cisco advices? All in same VLAN? Or can we put Sub1_CM in 1 VLAN(because all VoIP traffic is here) + Unity eventually, and Pub + SUb2 in some other VLAN because no Voice traffic on these 2?
Thank you very much for support
Can you go onto your command line and issue a utils dbreplication runtime state. Is your database in order?
Please post a santized version of your output.
There is no problems and subs and pubs being on different vlans.
All best practices for this stuff is called out in the SRND. I suggest you read and refernece that document.
Not sure what you mean by this “Or can we put Sub1_CM in 1 VLAN(because all VoIP traffic is here) + Unity eventually, and Pub + SUb2 in some other VLAN because no Voice traffic on these 2?”
Do you mean that sub1 and phones are in the same vlan? If so that would not be recommend. Ideally phones would be in their own vlan and the servers would be in one. Although the servers could very well be in different vlans. But as you run them in VMWare what would the reason be to put them into different vlans?
Let me be clear:
phones + Sub1_CM+Unity in Voice VLAN => because all RTP flow is here
Pub + Sub2_TFTP => no Voice traffic, so I wanna put it in another VLAN
+ Also fo r a matter of NAT/SRST/IP Lookup, I had to remove Sub1_CM from the Voice VLAN
Did I make it clear enough?
Thanks, that’s sort of what I thought. Minus the mention of NAT. What would be the reason for NAT being used for an internal sourced service?
About the RTP traffic, there are barely any traffic of this kind to any CM node. For sure it would be for CUC, but still the recommendation would be to put the phones and servers on different vlans. All this is very well described in the SRND, Solution Reference Network Design document. If your not familiar with this I recommend you to read up on the parts that you have questions about.
As far as I know and from experience there is no reason for why NAT would be needed for SRST.
Yes there would be RTP between phones and the voice gateway(s) that interface with external services, like an ITSP or TDM service provider. That traffic wouldn’t however go via a CM, other than signaling.
I am afraid I forgot
This is a military project, so here it is briefly =>
IP from central => satellite up/RF=> satellite down/RF => IP to remote stations
Thats why it is really particular., this is not full IP, for a private company, bank
There is no direct RTP in this condition(how could it be?), all flows, sig+RTP, are going thru CM, so it is not an easy-to-deploy infrastructure...
Does anyone have any kid of experience on that kind of military + IP + RF environment?
Thx for advice
From reading your previous post I was wondering if you were DoD. I manage multiple clusters world wide. I would let your satcom engineers handle the RF and transport, let the network engineers handle all the routing and KGs. As long as you have full ip connectivity you should be fine assuming you have enough bandwidth. Let me know if you have any further questions.