cisco meeting server, · cisco meeting server, on-premises and hybrid large scale conferencing...
TRANSCRIPT
Cisco Meeting Server, on-premises and hybrid large scale conferencing design
Aniello (Nello) Zanfardino, Solution Architect Cisco Advanced Services
BRKCOL-3990
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Spark
Questions? Use Cisco Spark to communicate with the speaker after the session
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
How
cs.co/ciscolivebot#BRKCOL-3990
• Introduction
• Core
• Edge
• MS Interoperability
• Hybrid Conferencing
• Conclusions
• Backup slides
AgendaCisco Meeting Server, on-premises and hybrid large scale conferencing design
Introduction
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 6BRKCOL-3990
CMS - Key CapabilitiesWhat CMS does
Video ConferenceAudio
ConferenceSpaces
Browser Access
(WebRTC)
Cisco Meeting
Application
(Native CMA)
MS Interoperability
• Interoperability
• Scaling
• Clustering
• Multitenancy
• Virtual Meeting
Rooms
• Built in NAT
traversal
• Security
• Scalable
• Reduced costs
• Multiple ways to
join
• DTMF, IVR
• Enriched meeting
• Virtual meeting
rooms
• Multiple VMR per
user
• content sharing
• WebRTC browsers
• Users & Guests
access
• Session Controls
(mute, drop, etc)
• Session handoverbrowser/video room
• PC/MAC/iOS
• Same
functionalities and
look & feel as
WebRTC client
• Better video quality
• Native
• Any Lync/S4B
version
• On-prem and cloud
• Bidirectional
content
• Seamless user
experience
Cisco Meeting Server
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Hardware ComponentsHow CMS looks like – excluding legacy servers
CMS 2000
Flagship, Highest Capacity
CMS1000
Swiss KnifeHigh Capacity
Spec Based
FlexibilityMedium capacity
BRKCOL-2803 Abhijit Dey Designing and deploying multiparty conferencing for telepresence video
BRKCOL-3990 7
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 8BRKCOL-3990
Core CMS sizing
Platform Capacity [HD sessions per server(*)]
CMS 2000 500 (up to CMS 2.2)
CMS 1000 (****) 96
MM410v (legacy) 64
MM400v (legacy) 32
Dedicated server VM (**) 2.5 per physical core
Co-resident VM
(hyper-threading disabled)
1.25 per physical core
(*) HD 720p30 video calls with 720p5 content and up to 2.5 Mbps bandwidth
(**) CPU 2.5 GHz+, 1 GB vRAM per vCPU, hyper-threading enabled, more details at:https://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/uc_system/virtualization/virtualization-cisco-meeting-server.html
(***) With G.711 codec. Max 450 participant per conference per CallBridge, max 3000 audio calls
(****) Cms1000 VM : hyper-threading enabled ,2 Virtual Sockets, 35 Core per sockets, 58 GB vRAM,100 GB HD
Max 100 WebRTC sessions per server and max 500 sessions per XMPP cluster (see edge section)
Session
Type
Capacity
Multipliers
Full-HD
1080p30
0.5
HD (*)
720p30
1
480p30 2
Audio (***) 40
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
CLI / Console
WebAdmin(Web GUI)
SFTP
API
9BRKCOL-3990
Management / Admin methodsHow to interact with CMS
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 10BRKCOL-3990
CMS - ServicesCMS Key Software Components
Call Bridge
(core)
XMPP
(core)
WebBridge
(core, edge)
Turn Server
(edge)
Load Balancer
(edge)
H323 GW and
SIP Edge
(legacy)
Video Bridging core
Call Control
Media processing
Clustering
Client and
Inter-component
signalling
IM&P
WebRTC with compatible
browsers (Chrome,
Firefox, Opera)
Brand-able
VP8 & H.264
Firewall traversal for
media traffic
XMPP signalling
firewall traversal
(proxy)
H323 GW (not GK)
SIP firewall
transversal
Equivalents services
exist in Expressway
Webadmin
(core)
Recorder &
Streamer (core)
Database cluster
(core)
Web Administration Recording
meetings to
external storage
Streaming
meetings to
external server
Database Clustering
Redundancy and
Resiliency
Services are split between
• Core Service
• Edge Services
depending on their placement in the network
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 11BRKCOL-3990
Architecture – Core only – Single server
XMPP WEBBRIDGE
CALLBRIDGE
SIP
XMPP
HTTPS / WEBRTC
Media
LDAPAD
CORE SERVER
CMA
ClientsWebRTC
Clients
Although the term CMA client in documentation may refer to both native and WebRTC clients,for simplicity, we will use the CMA name only for native clients
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 12BRKCOL-3990
Architecture – core and edge (pre-Expressway WebProxy)
XMPP WEBBRIDGE
CALLBRIDGE
SIP
XMPP
HTTPS / WEBRTC
Media
LDAP
LOADBALANCER WEBBRIDGE
AD
CORE SERVER
EDGE SERVER
External
Internal
DMZTURN
CMA
Clients
CMA
Clients
WebRTC
Clients
WebRTC
Clients
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
CMS Clustering
13BRKCOL-3990
Benefits Components
• Scalability
• Resiliency
• Geographic optimization:
• Reduce latency using closest call
bridge
• Minimize WAN traffic
Database Clustering
• Spaces
• Dial Plan
• Cluster-wide configuration
Call Bridge Clustering
• Distributed calls
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 14BRKCOL-3990
Database Clustering
Highlights
Odd number of DB servers required for reliable master election if network split
DB nodes needs to see more than half of the cluster members to be eligible as master
Max 5 DB server, recommended 3
All DB operations are directed to the master
Separate DB server improves CallBridge robustness and simplifies upgrades(suggested with server with distribute processing (cms2000, X3) and large DBbs (>10k spaces))
Max of 8 Call Bridges per cluster.
Designs more than 8 Call Bridges in a cluster need to be validated by Cisco BU
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 15BRKCOL-3990
Clustering Architecture - Call Bridge with dedicated DB
Database Connect
TLS/Postgres
Call Bridge Cluster
HTTPS + SIP
Database Cluster
TLS / PostgresDatabase Cluster
Database Connect
Call Bridge Cluster• Keepalives• Call Status• Distributed Calls• Max 300 ms RTT
(max 100 ms RTT within CallBridgeGroup)
• Spaces• Users• Dial-plan• Cluster-wide
configuration• Max 300 ms RTT
• Cluster sync• Max 200 ms RTT
DB Master
DB SlaveDB Slave
PostgresTCP/TLS Port : 5432
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 16BRKCOL-3990
Clustering Architecture - Call Bridge with co-located DB
Database Connect
TLS/Postgres
Call Bridge Cluster
HTTPS + SIP
Database Cluster
TLS / Postgres
Database Cluster
Call Bridge Cluster
• Keepalives• Call Status• Distributed Calls
• Spaces• Users• Dial-plan• Cluster-wide
configuration
• Cluster sync
Other combinations of CallBridges and DataBase are also possible, best choice may vary with customer deployment
DB Master
DB SlaveDB Slave
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 17BRKCOL-3990
Distributed callsResiliency, scale, geo-distribution
Americas APAC
EMEA
Conference 2
Conference 1
distribution links with multiple streams for remote participants (*)
(*) up to 4 streams using
max “peerlinkbitrate” bandwidth
(before CMS 2.3)
Preview in CMS 2.3 : more than 4
streams in the distribution links (Cluster.peerlinkbitrate >= 2Mpbs)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 18BRKCOL-3990
Distributed call Setup
CUCM1
SIP: INVITE MySpace1
SIP: INVITE MySpace1
Intra-cluster dialogue finds that the space is already active in in CB1
Call Bridge CB1 Call Bridge CB2
Call Bridge Cluster
SIP: INVITE Conf_ID@CB1
DB: MySpace1
SIP: INVITE MySpace1
CUCM2Enpoint1
Enpoint2
SIP
HTTPS / SIP
MediaDistributed Video Call established
First call established
CB1: generating peer URI sip:Conf_ID@CB1 for coSpace <spaceID>
CB2: call <Call ID> now peered with conference on server CB1 (peer URI Conf_ID@CB1)
For reference
Dual protocol
HTTP/SIP inter-
CallBridges trunk
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
XMPP Clustering
Highlights
XMPP High Availability mechanism with keepalives
3 or 5 XMPP Servers
Master election similar to the database cluster
Call Bridges gets XMPP server list from DNS _xmpp-component._tcp SRV record
(use GEO DNS to optimize geographically the XMPP server selection)
Call Bridge must be configured on all XMPP servers with same credentials(use the xmpp callbridge add once and then xmpp callbridge add-secret)
All XMPP traffic is forwarded to XMPP master (CallBridge/loadbalacers can send message to any XMPP server)
Full mesh connectivity from LoadBalancers to XMPP servers is not required
Max 500 sessions per XMPP cluster
Max 200 msec RTT between XMPP servers
19BRKCOL-3990
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 21BRKCOL-3990
Deployment Prerequisites - DNS• Several DNS records are required for the solution to work properly
• The main DNS records are:
1. 1) DNS A records for all the servers involved (e.g. cms1-us.mycompany.com)
2. 2) DNS A records for user access to services (e.g. meet.mycompany.com)
3. 3) DNS SRV records to locate XMPP server:
4. -For clients and internal services _xmpp-client._tcp.mycompany.com port 5222-For CallBridges to locate XMPP cluster members _xmpp-components._tcp.mycompany.com port 5223
5. A more comprehensive list is in installation docs
• Large conference design involves (discussed in the Edge section)
• GEO DNS for optimal allocation of service entry point from Internet
• Split DNS allocation of external, internal service
DNS
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 22BRKCOL-3990
Deployment Prerequisites - Certificates
Components that need a certificate:
•WebAdmin
•XMPP
•WebBridge
•Callbridge
•Loadbalancer
•Trunk
•Turn (if using TLS)
•Database Cluster
•Recording server
•Streaming server
Certificate types:
• self-signed
• Private CA Signed
• Public CA Signed
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Reduce Certificate Complexity
• Plan/design certificate structure before deployment
• Combined Certificates
• Certificates shared among multiple components and servers
• Use multiple FQDN entries in certificates Subject Alternative Name (SAN)
• CA-Signed
• Combined certificates have some limitations:• database clustering (client) needs separate certificate
• Lync/S4B integration have specific requirements
• Wildcard certificates
• Supported but limitations applies too
23BRKCOL-3990
Cisco Meeting Server 2.x, Certificate Guidelines for Scalable and Resilient Server Deployments
CMS Core Design
• Use case 1
• Call Control : traffic optimization
• Bridge and DB Cluster distribution
• LDAP integration : user and space names
• Domains structure and Dial Plan
• Call Admission Control
• TMS Scheduling
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Use Case 1
Large enterprise with established worldwide collaboration infrastructure
with the need of pervasive video services with global coverage
Structural requirements (*): Conferencing requirements:
• Three worldwide regions (**)
• Redundancy with 2 Data Centres (DC) in
each region (**)
• Traffic Optimization (localize the traffic to
regions whenever possible)
• Virtual Meeting Rooms (VMR)
• Scheduled meetings with OBTP (One
Button To Push)
• Expected load around 2000 HD ports
evenly split between the regions
25BRKCOL-3990
(*) Structural requirements will be the same in most of the use cases presented
(**) More regions or more DCs can be added to the same design
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Global
Routing &
Management
Regional
Call Control
Conferencing
(CMS cluster)
26BRKCOL-3990
Use Case 1 - Architecture Summary
Core
(**)
TMS+TMSXE Calendar
AD
.
Database
Core
(**)
.
Database
Core
(**)
.
Database
Americas APACEMEA
(**) The design discussed do not depend on the use of SME, as long asthe global routing call control entity (CUCM or SME) is aware of global and regional topology
Sizing for use case 1 :
6 x CMS-2000 : 3000 HD ports
3 x spec based VMs for DB servers
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conferencing
(CMS cluster)
Global
Routing &
Management
Regional
Call Control
27BRKCOL-3990
Call Control – Trunks
.
.
.
.
.
.
Americas APACEMEA
Trunk the CMS cluster to global routing call control to simplify configurationand to reflect the global reach of the CMS cluster
One CUCM trunk per CMS to leverage CUCM route advance on call error codes (see load limit slide)
SIP HTTPS / SIP
BRKCOL-2614 Glen Lavers Technical Overview of Preferred Architecture for Enterprise Collaboration 11.6 release
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conferencing
(CMS cluster)
Global
Routing &
Management
Regional
Call Control
28BRKCOL-3990
Traffic Optimization 1 – LocalizationLocalization == keep traffic in region whenever possible
.
.
.
.
.
.
Americas APACEMEA
Traffic from endpoints (CMS numeric pattern and CMS SIP domains) to CallBridges
is localized by leveraging CUCM “CSS/partition/RL/RG” or Local Route Groups
Traffic back from CallBridges is localized by configuring
CallBridge (scope) specific outbound dial-plan rule (with CMS API)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conferencing
(CMS cluster)
Global
Routing &
Management
Regional
Call Control
29BRKCOL-3990
Traffic optimization 2 - HA and loop avoidanceAvoid call loop when using CMS in other region as backup/overflow
Core
.
.
EMEA_CB1
.
.
Core
.
.
Americas APACEMEA
Incoming CSS of trunk to other SME
can only see local CMS
Incoming CSS of trunk to leaf CUCM has
access to regional CMS and other SME’s
Trunk_to_regional_CUCM
Incoming CSS
(RP,RL,RG)
1) EMEA_CB1
2) EMEA_CB2
3) other SMEs
Trunk_to_other_SME
IncomingCSS
(RP,RL,RG)
1) EMEA_CB1
2) EMEA_CB2
EMEA_CB2
CMS 2.x White Paper : Load Balancing Calls Across Cisco Meeting Servers
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 30BRKCOL-3990
Intra-region or Intra-DC distributed conferences should be limited
EMEA
For these four conferences load balancing distribute calls may create up to 17 call legs (9+4x2)With more CallBridges number can increase fast!!
Conference 1
Conference 2
EMEA
If call legs belonging to the same conferenceare bound to a single CallBridge in the region,then the number of call legs is reduced to 9(even with more CallBridges )
Focus on one Region
.
Conference 3
Conference 4
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Call Bridge Group - Feature I: Grouping
• CMS 2.1 introduces the concept of CallBridge Group
• When CallBridges in the same region or DC are placed in the same CallBridge Group, conference will not be distributed between them
• It leverages the SIP replace mechanism (supported by CUCM)
• When CUCM makes a call to a conference (space) in a CallBridge, if the conference exists on another CallBridge in the same group, then the call is “replaced” to the correct call Bridge
• Network Requirement : Max latency between members of a Call Bridge Group 100 ms RTT
31BRKCOL-3990
replace query for conference YYY using server CB2 (priority: 0, load level: 0, conference is running: 1)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 32BRKCOL-3990
Call Replacement (simplified flow)
CUCM
SIP: INVITE MySpace1
SIP: INVITE MySpace1 with Call_ID Supported:.. Replace
Video Call established on CB2 only
replacing call Call_ID to conference YYY on server CB2
SIP: INVITE EndpointURI From spaceURI Replaces: Call_ID
Call Bridge CB1 Call Bridge CB2
Call Bridge group EMEA
replacing call Call_ID from server CB1 into conference YYY
SIP: INVITE EndpointURI
Space MySpace1
Video EP with existing call
to MySpace1 on CB2
SIP
HTTPS / SIP
Media
For reference
SIP: CANCEL Call_ID
Do not forget CUCM
Rerouting CSS on
CUCM CMS trunk
and Accept replace
on SIP trunk security
profiles
replace query for conference YYY using server CB2 (priority: 0, load level: 0, conference is running: 1)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Call Bridge Group – Feature II: Load Balance• A mechanism is necessary to ensure load
balancing of conferences in the same CallBridge Group
• This is implemented by distributing conferences based on conference_ID and bridge_ID hashing that generate a “priority” in the CallBridge choice
• It is totally transparent to the user and it leverages the same replace mechanismfor call reallocation
• Load balancing is applied from the first call to a space
33BRKCOL-3990
EMEA_CB1EMEA_CB2
EMEA_CUCM
EMEA_CBGroup
1) Call to Space 02
3) Invite w/Replaceto Space02
2) check
Space02(priority EMEA_CB1,
then EMEA_CB2)
replace query for conference YYY using server CB2 (priority: 0, load level: 0, conference is running: 1)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Call Bridge Group - Feature III: LoadLimit
• Before version 2.1 the CMS carried on accepting calls even when it was “full” by simply reducing other call resolution to accommodate load
• With 2.1 a max load Limit can be configured on each CallBridge so that when a call is received and the CMS is above a limit CMS rejects the call;
• Limit is variable according to the conference state
• CUCM receives “SIP 488 ,Not acceptable here”, and Dial Plan (RG, RL) can be configured to route advance to next call bridge
• Because of this, one SIP trunk per CMS is required,so that error handling “surface” to CUCM RG/RL level
34BRKCOL-3990
Max load Limit 100%
Existing Conference Threshold 80 %
New Conference Threshold 50%
CallBridge1 log: call XX: ending; local teardown, system participant limit reached
CallBridge2 log: replace query for conference YYY using server CB2 (priority: 0, load level: 2, conference is running: 1)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
LDAP integration : user and space names
• CMS can be synchronized with LDAP to generate users and spaces
• A good mapping of AD fields into CMS objects creates a solid and flexible naming structure
35BRKCOL-3990
AD
Key parameters for mapping
Username: [email protected]
Space URI user part: $sAMAccountName$.space
Space secondary URI user part: 888$telephoneNumber$
User (XMPP ID & URI) [email protected]
Space URI [email protected]
2nd Space URI [email protected]
Space+
ActiveDirectory
CallBridge Database
Use case 1
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 36BRKCOL-3990
CMS Dial plan : Inbound call processing
Stage 1 Incoming
• Is the call for this CMS ?
• For spaces, users, IVR ?
• Does the call require a Lync meeting resolution ?
Stage 2 Forwarding
• Shall the call be forwarded ?
• With domain rewrite ?
Stage 3 Outgoing
• Where to send the call ?
• And how ?
In use case 1:
CUCM SIP domain ucdomain.com
CMS cluster SIP domain meet.ucdomain.com
CMS space will have dual alphanumeric and numeric URI
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 37BRKCOL-3990
CMS dial plan configuration detailsFocus on configuration of one region: EMEA
EMEA_CB1 EMEA_CB2
EMEA_CUCM
ucdomain.com
meet.ucdomain.com
EMEA_CBGroup
Domain SIP proxy to useLocal contact
domainLocal from domain
Trunk
typeBehavior Priority(5) Encryption
CallBridge
Scope
ucdomain.com EMEA_CUCM_fqdn (3) meet.ucdomain.com Standard Continue 10 <match CUCM> EMEA_CB1
ucdomain.com EMEA_CUCM_fqdn (3) meet.ucdomain.com Standard Continue 10 <match CUCM> EMEA_CB2
EMEA_CB1_IP EMEA_CB1_IP (4) Standard Continue 5 Auto All
EMEA_CB2_IP EMEA_CB2_IP (4) Standard Continue 5 Auto All
Call Bridge specific outbound dial rule (API)
with same priority (keep traffic in EMEA)
EMEA Outbound dial rules for CUCM
Domain name PriorityTargets
spaces
Targets
users
Targets
IVRsTargets Lync
meet.ucdomain.com (1) 100 Yes Yes Yes No
EMEA_CB1_fqdn (2) 50 Yes Yes Yes No
EMEA_CB2_fqdn (2) 50 Yes Yes Yes No
EMEA Inbound dial rules for CUCM
EMEA Forward dial rules : none
(1) Highest priority domain will be used in meeting request invite
(2) Assuming CUCM trunk has CMS FQDN as “destination address”(3) alternative : multiple rules for each Subscriber(4) required by distributed calls when “default SIP route” is used(5) Same domain entries need equal priority
type Match exp. Transform Prior. Action
strip ($1/(.*)/) [email protected] 10 accept
Dial transform for CMA/WebRTC numeric dial-out
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 38BRKCOL-3990
TMS SchedulingFrom version 15.3 TMS supports CMS as scheduled bridge
CMS can be added as scheduled Bridge in TMS
CMS clusters supportSet CMS as preferred MCU
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 39BRKCOL-3990
TMS Scheduling – CMS interaction
Administrator configures a CMS meeting number range in TMS (with a domain)
TMS programs a set of static meeting into CMS
TMS reconfigures the static meeting at the conference start time by activating it and updating the meeting name
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conferencing
(CMS cluster)
Global
Routing &
Management
Regional
Call Control
Use Case 1 TMS Scheduling and OBTP - Flow
.
TMS+TMSXE
Calendar
.
.
.
.
.
Americas APACEMEA
SIP HTTPS / SIPCMS API EWS
3) Program meetingon CMS
2) Send OBPTto Endpoints
4) OBTP toJoin conference
EP API
1) Meeting
Media
5) Distributed call
4) OBTP toJoin conference
40BRKCOL-3990
Use case 2:Scheduled conferences with white glove services
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Use Case 2
A large traditional worldwide enterprise where employers meeting are mediated by
white gloves service from an internal video service team
Structural requirements (*): Conferencing requirements:
• Three worldwide regions
• Redundancy with 2 DC in each region (**)
• Traffic Optimization
The great majority of the video conferences are
• Scheduled and managed by the video team
• Connected automatically (auto-connect)
42BRKCOL-3990
(*) Structural requirements will be the same in most of the use cases presented
(**) More regions or more DCs can be added to the same design
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Key challenges with scheduling with white glove services
• Challenge 1: Optimal call routing with auto-connect
• Solution:• If video endpoints belong to different regional SIP domains,
then a single worldwide CMS cluster can still be used and call routing optimized - TMS 15.5+ and CMS 2.2+ to enable loadBalanceOutgoingCalls in CallBridgeGroup- configure per region CallBridgeGroup specific outbound dial rules
• If video endpoints belong to same SIP domain, then a separate regional CMS clusters can be deployed
• Challenge 2 : TMS Conference Control Center (CCC ) does not support CMS
• Solution : • Cisco Meeting Manager (CMM)
BRKCOL-3990 43
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Regional
Call Control
Global
Routing &
Management
Conferencing
(Global
cluster)
44BRKCOL-3990
TMS Scheduling with auto-connect with separate endpoint SIP domain
.
TMS
.
.
.
.
.
Americas APACEMEA
SIPHTTPS / SIP
API EWS
1) Create meetingon CMS
2) ConferenceStart
Media
3) Distributed Conferenceon global CMS cluster
eu.example.com
us.example.com
ap.example.com
CBGroup US CBGroup AP
CBGroup EU
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conferencing
(Regional
clusters)
Global
Routing &
Management
RegionalCall Control
45BRKCOL-3990
TMS Scheduling with auto-connect with single endpoint SIP domain
CMS ClusterAmericas
.
TMS
.
.
.
CMS clusterAPAC
.
.
Americas APACEMEA
SIPHTTPS / SIP
API EWS
1) Create meetingon CMS
2) ConferenceStart
Media
IPZONE EMEA IPZONE APACIPZONE Americas
3) Conferenceon regional CMScluster
example.com
example.com
example.com
CMS ClusterEMEA
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 46BRKCOL-3990
Conference Management : CMM 1.x
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Update CMS 2.3, CMM 1.0, TMS 15.6,
• From TMS 15.6 Meeting owner is passed to CMM
• Note also that Scheduled meeting appear as soon as it is activated, even if no participant has joined yet (handy in white glove environments)
• CMS 2.3 adds call type (Lync, Space, Forwarded, Ad-hoc) to API GET to /calls for CMM
47BRKCOL-3990
User case 3 -Ad-hoc conferencing
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Use Case 2
A large and dynamic worldwide enterprise where employers communicate on the fly
and need ad-hoc conference capability
Structural requirements (*): Conferencing requirements:
• Three worldwide regions
• Redundancy with 2 DC in each region (**)
• Traffic Optimization
Mainly Ad-hoc conference with participant
belonging to any region
Some rendezvous conferences
49BRKCOL-3990
(*) Structural requirements will be the same in most of the use cases presented
(**) More regions or more DCs can be added to the same design
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
CUCM ad-hoc
• CMS 2.0+ supports CUCM ad-hoc calls and it can be configured as CUCM Conference Bridge(type is conductor in CUCM 11.x and CMS in CUCM 12.x)
• Configuration is two steps• A SIP trunk (secure or not secure) between
CUCM and CMS
• Conference Bridge - API connection (always secure/HTTPS) from CUCM to CMS (*)
• CA-Signed certificates strongly recommended
• Recommended to use prefixes
(URI uniqueness, troubleshooting, routing)
(*) same port as Webadmin
50BRKCOL-3990
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conferencing
(CMS cluster)
Global
Routing &
Management
Regional
Call Control
51BRKCOL-3990
CUCM ad-hoc Conferencing - ArchitectureDirect trunk from regional CUCM clusters for ad-hoc conference
Core
.
.
.
.
Core
.
.
Americas APACEMEA
SIP HTTPS / SIPAPI Media
Core
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Conferencing
(CMS cluster)
Global
Routing &
Management
Regional
Call Control
52BRKCOL-3990
CUCM ad-hoc ConferencingSimplified call flow
.
.
.
.
.
.
Americas APACEMEA
Merge conference
SIP HTTPS / SIPAPI Media
Core CoreCore
Use cases with large number of ports but smaller regional footage
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 54BRKCOL-3990
Single region, large port number use cases1000 SIP HD ports, no WebRTC or CMA clients
1000 HD ports500 WebRTC or CMA sessions
CMS 2000:- Call-Bridge- Database
Spec based VM:- Database(master)
CMS 2000:- Call-Bridge- Database
CMS 1000 (*):- Webbridge- XMPP (**)- Database
CMS 1000 (*):- Webbridge- XMPP (**)- Database
CMS 1000 (*):- Webbridge- XMPP (**)- Database
CMS 2000:- Call-Bridge- Webbridge
CMS 2000:- Call-Bridge- Webbridge
(*) or spec based VM(**) require server license
Database Connect
TLS/PostgresCall Bridge Cluster
HTTPS + SIP Database Cluster
TLS / PostgresXMPP
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 55BRKCOL-3990
Single region, large port number use cases
480 (96x5) WebRTC or CMA HD sessions (*) Optimization via CallBridgeGroup is a must to minimize of distributed calls
CMS 1000:- Call-Bridge - Webbridge- XMPP- Database CMS 1000:
- Call-Bridge - Webbridge- XMPP- Database
CMS 1000:- Call-Bridge - Webbridge- XMPP- Database
CMS 1000:- Call-Bridge- Webbridge
CMS 1000:- Call-Bridge- Webbridge
Database Connect
TLS/ PostgresCall Bridge Cluster
HTTPS + SIP Database Cluster
TLS / PostgresXMPP
(*) Note that this is below the 500 XMPP sessions limit
Alternatively the same topology can host 480 SIP HD ports, but then it is worthy considering CMS2000 that doesn’t“waste” capacity for distributed legs
Edge• WebRTC proxy with Expressway
• Edge design
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
CMS WebProxy feature in Expressway
• First step toward the single edge
• CMS WebProxy feature in Expressway leverages expressway existing capabilities (TURN and MRA Web-Proxy) to facilitate firewall transversal of WebRTC CMS clients
• On expressway it can coexist with MRA, B2B, Registrar, IMP federation but not with Jabber-Guest or Expressway-MS Interop
LIMITATIONS
• CMA native clients still needs classical CMS edge
• TURN on TCP port 443Planned for Expressway X8.11
• Load balancing is supported, but no redundancy
• Expressway TURN for native/CMA clients is not yet supported
57BRKCOL-3990
BRKCOL-2986 Kristof Van Coillie ICE / TURN / STUN Tutorial
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 58BRKCOL-3990
From legacy CMS Edge to Expressway Web-Proxy
XMPP HTTPS / WEBRTC Media ; TURN
XMPP WEBBRIDGE
WEBBRIDGE
CMS CORE SERVER
CMS EDGE SERVER
TURN
CALLBRIDGE
LOADBALANCER Web-Proxy
UC transversal
Expressway-E
TURN
XMPP
WEBBRIDGE
CMS CORE SERVER
CALLBRIDGEUC transversal
client
Expressway-C
Expressway
WebProxy
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 59BRKCOL-3990
Expressway proxy for WebRTCArchitecture with updated DNS requirements
HTTPS / WEBRTC Media/TURN
Core CMS
With WebBridge
Expressway-C Expressway-E WebRTC Client
Internal DNS (split) resolves:
1) (A) meet.myCompany.com to Webbridge IPs
2) (SRV) _cms-web._tls. meet.myDomain to Webbridge FQDNs
3) (SRV) _xmpp-client._tcp.MyDomain to XMPP FQDN(s)
External DNS (split) resolves
(A) meet.myDomain to Expressway-E IP
DMZ Internet
DNS
DNSDNS
Add WebBridge and Expressway FQDNs in certificate SANs
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 60BRKCOL-3990
Web-Proxy Some configuration screenshots
Match to Guest Client Account URI in CMS GUI
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 61BRKCOL-3990
CMS Edge Design – Sizing (*)
• Maximum number of concurrent XMPP clients per XMPP cluster: 500(include CMA and WebRTC client, users and guests)
• Maximum number of concurrent WebRTC sessions per CMS server: 100
WebRTC proxy:
• Medium Expressway : max 100 media traversal calls per node (B2B or MRA or WebRTC, any combination)
• Large Expressway Max 500 (**) WebRTC or 500 B2B calls per node
(*) Figures referred to expressway dedicated to the service mentioned
(**) Figure may be updated in upcoming expressway version X8.11
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 62BRKCOL-3990
CMS Edge Design - Sizing
• TURN server allocation limits:
• CMS TURN server: max 1000 allocations
• Medium Expressway: max 1800 TURN allocations
• Large Expressway: max 6000 TURN allocations (*)
• Notes :
• Each CallBridge will use only one TURN server of a certain type (standard or Lync)
• TURN allocation are requested for every CMA, WebRTC and distributed calls (not on standard SIP calls), TURN allocations are kept for the call duration (as safeguard for network connectivity problems)
• With audio, video and content streams, each with media and control, 6 allocation are needed per TURN client, so we can size 6 TURN allocations for internal calls, 12 TURN allocation for calls over internet (CMA or WebRTC)
(*) 6000 TURN allocation using one port are planned for new expressway release
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
CMS Edge Design – Service Selection
• A combination of factors influence edge service selection and hence high availability and traffic localization:
• DNS resolutions
• RTT calculation
• Configuration
• Notes• RTT has an important role so administrators have not full control on traffic localization
• CallBridge Groups feature at edge is not a complete solution but it helps in cleaning up the selection process by “reducing the number of choices” (e.g. excluding choice like CallBridge in EMEA via TURN in APAC)
• When more granular control is required, explicit selection of CallBridgecan be used in alternative to CBGroup (e.g. TURN in DC1 in US is bound to CB in the same DC)
Next slides detail the mechanism and how they can be used for High Availability and Traffic localization
63BRKCOL-3990
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 64BRKCOL-3990
Multiregional architecture with CMS edgesFor CMA and WebRTC clients (this is the full picture for next slide diagram)
Americas
DC1 DC2
CBGroup Americas
CallBridge Groups include CallBridges, TURN and WebBridge servers
CB WB
CB WB
XM DB
LB WB
TU
LB WB
TU
EMEA
DC1 DC2
CBGroup EMEA
CB WB
CB WB
XM DB
LB WB
TU
LB WB
TU
APAC
DC1 DC2
CBGroup APAC
CB WB
CB WB
XM DB
LB WB
TU
LB WB
TU
LB: LoadBalancer
WB: WebBridge
TU: TURN server
CB: CallBridge
XM: XMPP server
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 65BRKCOL-3990
CMA: Service SelectionIt affects High Availability and Traffic Localization (for full picture see previous slide)
LB WB TU TU WB LB
WB CB CB WB XM
TU LB WB
XM CB WB
1) Client selects LoadBalancer (DNS SRV)
LB: LoadBalancer
WB: WebBridge
TU: TURN server
CB: CallBridge
XM: XMPP server
(GEO) DNS SRV
_xmpp-client
Trunk
configuration
-Turn configuration
-CallBridgeGroup
-RTT
Trunk
configuration
“Home” selection using RTT among
Call Bridge direct and CallBridge via TURN
(TURN/CB pairs from CBGroups)
Region1 CallBridgeGroup1 Region2 CallBridgeGroup2 (partially shown)core core core
edge edge edge
Selecting entity and criteria
Selected Path
Alternative selections
2) LoadBalancer selects XMPP server (trunk config)
3) Client selects “home” CB, CB+TURN (CBGroups, RTT)
4) CallBridges selects TURN (CBGroups, RTT)
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 66BRKCOL-3990
Multiregional Architecture with CMS and ExpresswayWebRTC only
Americas
DC1 DC2
Xway-E Xway-E
CBGroup Americas
CallBridge Groups include CallBridges and TURN servers in Expressway
CB WB
XM DB
CB WB
Xway-C
Core CMS
Xway-C
EMEA
DC1 DC2
Xway-E Xway-E
CBGroup EMEA
CB WB
XM DB
CB WB
Xway-C
Core CMS
Xway-C
APAC
DC1 DC2
Xway-E Xway-E
CBGroup APAC
CB WB
XM DB
CB WB
Xway-C
Core CMS
Xway-C
LB: LoadBalancer
WB: WebBridge
TU: TURN server
CB: CallBridge
XM: XMPP server
Core CMS Core CMS Core CMS
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
WebRTC proxy via Expressway: Service SelectionIt affects High Availability and Traffic Localization
WB CB CB WB XM XM XM WB
Selecting entity and criteria
Selected Path
Alternative Selections
LB: LoadBalancer
WB: WebBridge
TU: TURN server
CB: CallBridge
XM: XMPP server
(GEO) DNS A
meet.MyDomain +
Xway cookie
Region1 CallBridgeGroup1 Region2 CallBridgeGroup2 (partially shown)
Xway-C
Xway-E
TURN
Xway-C
Xway-E
TURN
Xway Clusters
Transversal
Configuration
(GEO) DNS SRV
_cms-web._tls
-Turn configuration
-CallBridgeGroup
-RTTs
corecore
DNR SRV
2) Client selects Expressway-E (DNS A)
3) Expressway Transversal (transversal)
4) Xway-C selects WebBridge (DNS SRV)
5) WebBridge selects CallBridge/TURN (CBGroups, RTT)
1) WebBridge (and CB) has selected XMPP (DNS SRV)
6) CallBridges selects TURN (CBGroups, RTT)
“Home” selection using RTT
among Call Bridge direct and
CallBridge via TURN (TURN/CB
pairs from CBGroups)
BRKCOL-3990 67
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 68BRKCOL-3990
Multiregional Architecture with CMS and ExpresswayWith limitation of cross DC traffic to DMZ
Americas
DC1 DC2
Xway-E Xway-E
CBGroup Americas
• TURN servers are directly mapped to callBridge in same DC, Expressways are not clustered between DCs, Expressway-C use the regional WebBridges (GEO DNS)
• CallBridge Groups include CallBridges only
CB WB
XM DB
CB WB
Xway-C
Core CMS
Xway-C
EMEA
DC1 DC2
Xway-E Xway-E
CBGroup EMEA
CB WB
XM DB
CB WB
Xway-C
Core CMS
Xway-C
APAC
DC1 DC2
Xway-E Xway-E
CBGroup APAC
CB WB
XM DB
CB WB
Xway-C
Core CMS
Xway-C
LB: LoadBalancer
WB: WebBridge
TU: TURN server
CB: CallBridge
XM: XMPP server
Core CMS Core CMS Core CMS
Special use case
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 69BRKCOL-3990
Load-balancing of CMA native and WebRTC calls New in CMS 2.3, this complements the load-balance feature suite
• The same mechanism to avoid distributed call inside a CallBridgeGroup is available for client calls CMA and WebRTC on CMS 2.3
• Inside a CallBridgeGroup, CMA calls to the same meeting will not be distributed and they will happen on one CallBridge (as long as it has capacity left)
• Configuration steps:1. Add a CallBridgeGroup and place the CallBridge in the group
2. In the CallBridgeGroup configure (with API) loadBalanceUserCalls(in addition to loadBalancingEnabled for SIP call load balance)
3. Ensure that each Call Bridge in the Call Bridge Group has a connection to the XMPP cluster or single XMPP server
• Log messages are similar to a normal “load-balanced” call
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 70BRKCOL-3990
Summary of LoadBalance CallBridgeGroups parameters
/callBridgeGroup API parameter Usage
loadBalancingEnabled = true Use to LoadBalance SIP calls to spaces and to minimize distributed
call between CallBridges in the same CallBridge Group
loadBalanceOutgoingCalls = true Use to optimally allocate outgoing calls to CallBridges or
CallBridgeGroups
loadBalanceUserCalls = true Use to optimally allocate user calls (webRTC and CMA) to
CallBridges or CallBridgeGroups
loadBalanceLyncCalls = false About loadbalancing lync/S4B calls to Spaces
Keep it as false, as it is not supported
For reference
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 71BRKCOL-3990
WebRTC and Meeting Apps new look and featuresNew in CMS 2.3 and CMA 1.10
• Lock meetings, make participant important, mute audio or video, drop
• "Activity" "People" and "Spaces" are replaced with "Recent activity" and "Meet"
• Multiple way of join • management and presentation : manage the meeting, see only
audio and presentation
• use this computer
• nearby endpoint: use video endpoint via proximity
• use my video endpoint: use video endpoint via SIP
• use my phone
BRKCOL-2803 Abhijit Dey Designing and deploying multiparty conferencing for telepresence video
On-Premises MS Interoperability
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 73BRKCOL-3990
MS-Interoperability with CMS
• Native capability of CallBridge
• Interoperability with most of Lync/S4B versions and video protocols (SVC, H.264UC, RTVideo )
• On-premises or cloud
• Large scale
• Bidirectional content sharing
• Drag &Drop video participant
• Lync buddy list integration
• Presence information and in meeting IM
• Native user experience with Dual Home
Key features
BRKCOL-2610 Tobias Neumann Cisco Interoperability with Microsoft - Part 1, Collaboration
BRKCOL-2611 Fabio Chiesa Cisco Interoperability with Microsoft - Part 2, Video Interoperability
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 74BRKCOL-3990
Skype for Business Integration call types
Gateway : call goes across CMS for adaptation and transcoding
Rendezvous : Video and Lync Endpoints meet in a CMS space
Dual Homed conferencing – Video endpoint joins a Lync/S4B meeting via CMS as a native participants
Dial IVR+ConferenceID Click-To-JoinJoin Lync Conference
LYNC SERVER
AVMCU
CMSVideo EP
5 media streams
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 75BRKCOL-3990
Call types: Call start and user experience comparison
Call method CMS call type End user
experience
video side
End user
experience MS
side
Direct point to point call Gateway Good Good
Endpoints and Video Clients
meet into a CMS space
Rendezvous Good Better layouts;
missing
participant roster
and controls
-Dial Lync meeting via IVR
-Drag and drop Video EPs into a
Lync conference
Dual homed Good Lync layouts,
roster and limited
controls
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 76BRKCOL-3990
Video endpoint user experience
Option1: Meeting email invitation with additional info about how to join Lync/S4B meeting from Video Endpoint
[Modification of Lync email invitation form]
Option 2: One Button to Push
on endpoints
[TMS/TMSXE integration
with MS-Exchange]
When joining a Lync/S4B (dual homed) scheduled meeting
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 77BRKCOL-3990
Comparison of TMS scheduling with CMS and OBTP
without Lync participants With Lync participant on-prem
User add Lync Meeting in invitation No Yes
In outlook invitation,
TMSXE service user will look at
Rooms only Rooms and Lync conference ID
CMS Query for Lync Conference_ID No SIP SERVICE message
to resolve lync conference
Book CMS scheduled spaces Yes No
OBTP content <CMS_Scheduled_Space>@<C
MS_Domain>
<Lync_Conferece_ID>@
<Lync_Domain>
CMS meeting type Rendez-vous Dual homed
For reference
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 78BRKCOL-3990
Dual homed call setup via IVR (*)
SIP: INVITE IVR
Lync resolution for "969306786"
SIP: SERVICE sip:FEP-FQDN….<resolveConference> <pstn-meeting-id> 969306786
MS Front End & AVMCUCall Bridge
Client creates
a Lync Meeting
Lync client
SIP: SUBSCRIBE sip:LyncUser@LyncDomain .. 3BG9G902
Lync conference subscription
SIP: OK with Conference information.
Video EP
Type meeting ID "969306786" from invitation email
SIP: OK… <msci:conference-id>3BG9G902
SIPMedia
INVITE sip:LyncUser@LyncDomain .....:conf:focus:id:3BG9G902
Lync conference join
(*) simplified
Email invite with Lync Meeting ID: 969306786
Lync clients join meeting
All participant in a dual homed meeting
For reference
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Use Case 4
Customer is a Large Enterprise with Cisco UC + Video and on-premises Lync/S4B
requiring full featured integration between the two worlds
Structural requirements (*): Conferencing requirements:
• Three worldwide regions (**)
• Redundancy with 2 Data Centres (DC) in each
region (**)
• Traffic Optimization (localize the traffic to
regions whenever possible)
• Point to point call between Video EP and
Lync/S4B clients
• Lync/S4B clients able to join Spaces on CMS
(rendezvous)
• Video Endpoints able to join Lync meetings via
OBTP and via IVR with full features (dual
homed)
79BRKCOL-3990
(*) Structural requirements will be the same in most of the use cases presented
(**) More regions or more DCs can be added to the same design
This is an extension of use case 1; configuration is additive to the one in use case 1
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
MS Lync/S4B
Conferencing
CMS cluster
Global
Routing &
Management
Regional
Call Control
80BRKCOL-3990
Use case 4 : Architecture
.
.
.
.
.
.
Americas APACEMEA
SIP HTTPS / SIP
(*) DB server not shown for simplicity
(MS) SIP
CalendarTMS & TMSXE
Front End Pool +Infra Front End Pool +Infra Front End Pool +Infra
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
LDAP integration : User and Space names
• The simple solution is to use a different domain for CUCM, CMS and Lync/S4B
81BRKCOL-3990
SIP domains URIs
CUCM ucdomain.com [email protected]
Lync/S4B lyncdomain.com [email protected]
CMS Spaces meet.ucdomain.com [email protected]
CMS users: [email protected]
• This ensure that user and space URIs do not overlap with Lync/S4B URI
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
MS Lync/S4B
Conferencing
CMS cluster
Global
Routing &
Management
Regional
Call Control
82BRKCOL-3990
Use case 4 : Traffic optimization (localization)
.
. .
.
.
Americas APACEMEA
SIP HTTPS / SIP
(*) interregional secondary path is possiblebut pay attention to call loop
(MS) SIP
Traffic from local EPs to Lync domain is kept local by CUCM DialPlan(*)
Traffic from call Bridge to Lync is
kept local by using CallBridge
specific outbound dial rules
Traffic from Lync to CallBridge is
kept local by FEP specific static
routes
Traffic from call Bridge to CUCM is
kept local by using CallBridge
specific outbound dial rules
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
CMS configuration detailsFocus on Lync related configuration of one region: (*)
SIP Domains
CUCM ucdomain.com
CMS meet.ucdomain.com
Lync lyncdomain.com
EMEA_CB1 EMEA_CB2
EMEA_FEP
lyncdomain.com
ucdomain.com
meet.ucdomain.com
EMEA_CBGroup
Domain SIP proxy to useLocal contact
domain
Local from
domain
Trunk
typeBehavior Priority Encryption
CallBridge
Scope
lyncdomain.com EMEA_FEP_fqdn EMEA_CB1_fqdn ucdomain.com Lync Continue 10 Encrypted EMEA_CB1
lyncdomain.com EMEA_FEP_fqdn EMEA_CB2_fqdn ucdomain.com Lync Continue 10 Encrypted EMEA_CB2
Call Bridge specific outbound dial rule (API),
same priority
CMS Dial Plan: EMEA Outbound dial rules for Lync (CUCM rules omitted)
Domain name PriorityTargets
spaces
Targets
users
Targets
IVRs
Targets
Lync
lyncdomain.com 20 No No No Yes
CMS FQDN(s) 10 Yes Yes Yes Yes
CMS Dial Plan: (additional) Inbound dial rules for Lync CMS Dial Plan: Forward dial rules
Forward both ucdomain.com and lyncdomain.com
with no changes
For reference
Direct numeric call from CUCM to Lync Meeting (optional)
(*) to be added to configuration for use case 1 83BRKCOL-3990
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Lync configuration detailsFocus on one region: EMEA
EMEA shared CMS Certificate
CN: EMEA_CBGroup_fqdn
SAN: EMEA_CB1_fqdn, EMEA_CB2_fqdn
SIP Domains
CUCM ucdomain.com
CMS meet.ucdomain.com
Lync lyncdomain.com
New-CsTrustedApplicationPool -Identity EMEA_CBGroup_fqdn -ComputerFqdn EMEA_CB1_fqdn -Registrar EMEA_FEP_fqdn -site 1 -
RequiresReplication $false -ThrottleAsServer $true -TreatAsAuthenticated $true
New-CsTrustedApplicationComputer –Identity EMEA_CB2_fqdn –Pool EMEA_CBGroup_fqdn
New-CsTrustedApplication -ApplicationId EMEA-CMS-Group -TrustedApplicationPoolFqdn EMEA_CBGroup_fqdn -Port 5061
$Route1 = New-CsStaticRoute -TLSRoute -Destination EMEA_CBGroup_fqdn -MatchUri ucdomain.com -Port 5061 -UseDefaultCertificate $true
Set-CsStaticRoutingConfiguration -Identity “Service:Registrar:EMEA_FEP_ID” -Route @{Add=$Route1}
$Route2 = New-CsStaticRoute -TLSRoute -Destination EMEA_CBGroup_fqdn -MatchUri meet.ucdomain.com -Port 5061 -UseDefaultCertificate $true
Set-CsStaticRoutingConfiguration -Identity “Service:Registrar:EMEA_FEP_ID” -Route @{Add=$Route2}
EMEA_CB1 EMEA_CB2
EMEA_FEP
lyncdomain.com
ucdomain.com
meet.ucdomain.com
EMEA_CBGroup
FEP specific static routes
For reference
1. EMEA_FEP_ID from Get-CsStaticRoutingConfiguration
2. Moving from routing global to “FEP specific” requires full re-config !!
FEP specific application pool
84BRKCOL-3990
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 85BRKCOL-3990
CMS 2.3 S4B meeting optimization: dualHomeCluster modedefault and pre-2.3 behaviour
SIP HTTPS / SIP
(MS) SIP
SIP
XMPP
HTTPS / SIP
Media
Audio/Video
Distributedcall leg
Lync proxy leg
Lync proxy leg
dualHomeCluster (*): Behaviour as in previous versions. Conferences on callbridges have distribution and Lync
proxy calls between them. All calls to S4B meeting from one callbridge. CMS participants video mixed by CMS.
Use this mode when a single cascading point per S4B dual homed conference is preferable
(*) lyncConferenceMode in /callProfiles/
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 86BRKCOL-3990
CMS 2.3 S4B meeting optimization: dualHomeCallbridge mode
No distribution between callbridges
SIP HTTPS / SIP
Audio/Video
Conference & Participants info
Audio/Video
dualHomeCallBridge: No distribution between callbridges. Separate conference on every callbridge, each with
calls out to S4B meeting. A/V mixed by S4B AVMCU.
Use this mode when a independent cascading points to S4B conference on each CMS are preferredA typical use is when conference participants are mostly belonging to the same region and you want to avoid that when the conference is
opened by a participant in the region with few participants, traffic is anchored on this region CMS and then clearly suboptimal
(MS) SIP
SIP
XMPP
HTTPS / SIP
Media
Lync proxy leg
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 87BRKCOL-3990
CMS 2.3 S4B meeting optimization: gateway modeCMS creates legs for each endpoint
SIP HTTPS / SIP
Audio/Video
Conference & Participants info
Audio/Video
gateway: No distribution between callbridges. Each SIP participant in its own conference with associated
calls out to S4B meeting. A/V mixed by S4B AVMCU.
Use this mode when separate and independent “gateway” call legs for each endpoint are needed
with the purpose of giving the “full control” of the meeting to the S4B AVMCU
(note that this is still a dual homed call because S4B meeting need to be resolved)
(MS) SIP
SIP
XMPP
HTTPS / SIP
Media
Lync proxy leg
MS interoperability off-premises
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
MS interop off-premises - Use Case 5
Customer is a Large Enterprise with Cisco UC and without on-prem MS infrastructure
requiring integration and federation with external organizations using MS and
standard SIP
Structural requirements : Conferencing requirements:
• Three worldwide regions
• Redundancy with 2 Data Centres (DC) in each
region
• Traffic Optimization
• Video calls with external organizations using
standard SIP
• Video calls with external organizations with own
MS infrastructure or using O365
• Join meetings (spaces) hosted on this
organization CMS cluster with any client
89BRKCOL-3990
TECCOL-2225 Davide Preti, Fabio Chiesa Cisco Collaboration and Microsoft Skype for Business - Best Practices for a successful coexistence and migration
BRKCOL-2986 Kristof Van Coillie ICE / TURN / STUN Tutorial
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 90BRKCOL-3990
CMS with Expressway Edge: Basic ArchitectureExpressway advanced search rule filtering options : any part of URI ,SIP variant, SIP content (AV/Share or IM&P)
All traffic that needs smart SIP analysis will be sent to expressway
When required, Expressway hairpins the call leg to CMS for the adaptation and transcoding for MS-interop
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 91BRKCOL-3990
Points of attention and limitations
Points of attention and limitations
Expressway do not support yet load balance with CMS (callBridgeGroup)
Hair-pinning traffic to CMS from Expressway require a relatively complex dial plan
Because of that for large deployments, it is simpler to have one separate “adaptation” CMS
per region – separate from the interregional MS cluster
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
ExternalUsers
Regional Call control
Global Routing Edgewith adaptation CMS
Global Conferencingwith core CMS cluster
EMEA
92BRKCOL-3990
Use case 5 : Architecture
SIP HTTPS / WebRTC (MS) SIP
Americas
APAC
B2B standard SIP
Organization with
MS infrastructure
O365 Clients
Other SIP domains
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
O365 OBTP Dual Homed experience
• Office 365 users join skype meeting (o365 cloud same organization)from Video Endpoints with OBTP and with Dual Homed Experience
• Prerequisites: CMS 2.2, TMS 15.5, TMSXE 5.5, X8.10.2+
• Operation (see next slide) :• TMSXE monitors the room mailboxes
• When it sees a meeting it gets the skype alphanumeric URL value fetched from MAPI property
• TMSXE appends the cisco meeting server domain name (a sort of dummy/routing domain)
• TMS saves the appointment in TMS as “Externally Hosted” conference(no resource local reserved)
• When meeting start and OBTP is pressed, CMS resolves the Lync Simple Meet URL(requires both connectivity to internet and permission to resolve)
• Then CMS sends an INVITE to join the resolved meeting
93BRKCOL-3990
BRKCOL-2986 Kristof Van Coillie ICE / TURN / STUN Tutorial
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 94BRKCOL-3990
O365 OBTP Dual Homed experience
Fetch meeting info, including “join Lync” URL
SIP HTTPS / EWSEP API ICE
Program OBTP with Simple_URI @cms_domain
INVITE Simple_URI @cms_domain
https Resolve Simple URI
Meeting URI and id
INVITE user@LyncDomain;gruu;.......:id:<Lync MeetingID>
O365 client TMS/TMSXE Video EP CMS Expressway-C Expressway-E
MS SIP
O365 client books a meeting adding room participants
ICE Negotiation
Media
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 95BRKCOL-3990
O365 OBTP Dual Homed: Configuration screenshots (*)
TMSXE: Define CMS domain + Skype support for Multiple Domains
(*) SIP domains used in the example
• sthlab.onmicrosoft.com : 0365
• Meet.lync.com : CMS domain for 0365 OBTP
• sthlab.net : CUCM
CMS: Define CMS domain + Target Lync SimpleJoin
ExpresswayC: call hairpinning to and from CMS for SIP MS variant adaptation + reach O365 via transversal
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 96BRKCOL-3990
O365 OBTP Dual Homed: Some operational screenshots
TMS: Meeting confirmation email
Lync/Touch: See combined participant list
…….But controls affect only one side
B2B SIP Microsoft AV calls to O365
on Expressway C and E
EP: OBTP with Simple URI
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 97BRKCOL-3990
Comparison of TMS scheduling with CMS and OBTP
without Lync participants Lync on-prem O365 Dual homed
experience
User add Lync Meeting in
invitation
No Yes Yes
In outlook invitation,
TMSXE service user will look at
Rooms only Rooms and Lync Conference ID Rooms and Conference URL
CMS Query for Lync
Conference_ID
No SIP SERVICE message
to resolve lync conference
https conference resolution
Book CMS scheduled spaces Yes No No
OBTP content <CMS_Scheduled_Space>@
<CMS_Domain>
<Lync_Conferece_ID>@
<Lync_Domain>
<Lync_Simple_URI>@
<CMS_Domain_for_interop>
CMS meeting type Rendez-vous Dual homed Dual homed experience
For reference
Hybrid ConferencingHow apply large scale design principles to cloud/hybrid conferencing
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Hybrid Media Node Highlights
• HMN is an on-prem extension of the Webex/Spark cloud
• Runs on CMS-1000 (or MM410v or spec based VM)
• Improve media quality by reducing latency and bandwidth consumption
• Automatic overflow. Controllable automatic upgrade
• In Phase II, HMN supports spark clients, spark rooms and SIP video endpoints
• Management via the spark admin with resource monitoring and usage metrics
• HMN can be installed in core or in DMZ
• It requires minimal number of Firewall ports to be opened
99BRKCOL-3990
BRKCOL-2607 Louis Pratt Understanding Cloud and Hybrid Cloud Collaboration Deployment
BRKCOL-1120 Richard Murphy Cisco Spark Hybrid Media Node
BRKCOL-2202 Luca Pellegrini Cisco Spark Hybrid Call Services Architecture and Design
BRKCOL-2030 Anthony Mulchrone Cisco Spark - Cloud and On Premise Security explained
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 100BRKCOL-3990
Conferencing Architecture with Hybrid Media Node in core
SIP
Webex session
Signaling/media
HTTPS
REST/API AudioOther Video HMN Video
B2B partner
Expway-E
PSTN
Webex
clients
WebEx/Spark
HMN
Expway-C
SIP Video
Endpoints
Spark
Clients
Spark Video
Endpoints
Media
Signaling
CUCM
Webex
client Overflow
Traffic
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 101BRKCOL-3990
Conferencing Architecture with Hybrid Media Node in DMZ
HMN
Webex
client
B2B partner
Expway-E
PSTN
Webex
clients
WebEx/Spark
Expway-C
SIP Video
Endpoints
Spark
Clients
Spark Video
Endpoints
SIP
WX media
9000 udp
443 tcp
HTTPS
REST/API Audio Video HMN VideoMedia
Signaling
CUCMOverflow
Traffic
900
WX session
Signaling
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 102BRKCOL-3990
Use case 5 : Hybrid Conferencing with large hub site
Large Enterprise with Cisco UC and video looking for cloud web conferencing
Structural requirements : Conferencing requirements:
• Large hub site with two DC
• Redundancy
• Maximize Local (on-premises) Media
Termination
• Traffic Optimization
Webex Meetings
Personal Meeting Rooms
Scheduled Meetings
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 103BRKCOL-3990
Design Notes
HMN placed in core
• Local media stays in core
• Minimal number of port opened on internal firewall
• Avoid traffic between DMZs in different DCs(caused by HMN inter-cluster signalling and media)
HMN placed in DMZ
• Security policies may prefer this: the “extension of the cloud” devices is confined to DMZ
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 104BRKCOL-3990
Use case 5 Architecture with Hybrid Media Node in coreMinimization of ports to be opened on internal FW and of traffic between DMZs in different DCs
SIP
Webex session
Signaling/media
HTTPS
REST/API AudioOther Video HMN Video
HMNs
Expway-E (*)
WX
clients
WebEx/Spark
Expway-CSIP Video
Endpoints
Spark
Clients
Spark Video
Endpoints
Media
Signaling
CUCM
Expway-E (*)
HMNs
Expway-CCUCM
DC 2
DC 1
HMN
Cluster
(*) Expressways are clustered inside a DCs, not between DCs
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 105BRKCOL-3990
Use case 5 Architecture with Hybrid Media Node in DMZsThe “extension of the cloud” device (HMN) is confined to DMZ but more inter-DMZ traffics and more opened ports on internal FW
SIP
Webex session
Signaling/media
HTTPS
REST/APIExpway
ClusterOther Video HMN Video
Expway-E (*)
WX
clients
Expway-C (*)
SIP Video
Endpoints
Spark
Clients
Spark Video
Endpoints
Media
Signaling
CUCM
Expway-E (*)Expway-C (*)CUCM
DC 2
DC 1
HMN Cluster
(*) also Expressways are clustered between DCs
WebEx/Spark
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 106BRKCOL-3990
Design Notes
CUCM SIP trunk(s) to HMN
• Cloud allocates HMN within cluster (CUCM is informed by SDP)
=> HMNs in same cluster can be assigned to same CUCM SIP trunk(One trunk with multiple HMN IPs for each HMN cluster)
• CUCM Route Groups/Lists are needed for
1. Traffic overflow via Expressway (route advance on SIP error 488)
2. Routing to multiple HMN clusters
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 107BRKCOL-3990
Cloud Allocation of HMN within HMN clusterHow CUCM is informed about the HMN to use
Video Endpoint CUCM HMN
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 108BRKCOL-3990
Cloud Allocation of HMN within HMN clusterThere is not much benefit in leveraging CUCM route advance within an HMN cluster
Video Endpoint CUCM HMN1 HMN2
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 109BRKCOL-3990
Design Notes – Bandwidth utilization
Device Behavior Typical bandwidth with 720p resolution
HMN
(on-prem and cloud)
Switch media whenever possible
Transcode media when required
Send up to 6 streams between HMNs
including roster participants using original
participant stream resolution
Spark devices
(rooms and clients)
Receive multiple streams with participants to
compose in local layout
1 Mbps to 2.5 Mbps
SIP Video
Endpoints
Receive pre-composed stream with layout (traditionally coming from a transcoding video bridge)
1 Mbps to 2.5 Mbps
Webex Client Receive multiple streams with participants to
compose in local layout ;
only main participant is at full resolution
Up to 2Mbps
BRKCOL-1120 Richard Murphy Cisco Spark Hybrid Media Node
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 110BRKCOL-3990
Design Notes – Bandwidth utilization - ExamplesSIP + Webex clients (average bandwidths)
HMN
Webex
client (on cloud)
Webex
clients
(on prem)
WebEx/Spark
SIP Video
Endpoints
Webex session
media Audio Video HMN Video
SIP Video
Endpoints
SIP Video
Endpoints
2 Mbps 2 Mbps (max)
(*) Two participant streams but only one sent with 720p
SIP Video
Endpoints
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 111BRKCOL-3990
Design Notes – Bandwidth utilization - ExamplesSIP + Webex + Spark clients
HMN
Webex
client (on cloud)
Webex
clients
(on prem)
WebEx/Spark
SIP Video
Endpoints
Webex session
media Audio Video HMN Video
SIP Video
Endpoints
SIP Video
Endpoints
2 Mbps 2 Mbps
B2B partner
(*) 4 participant streams but only 3 with 720p
Spark Video
Endpoints
Spark Video
Endpoints
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 114BRKCOL-3990
Design Notes – Bandwidth utilization - ExamplesAttention to unbalanced conferences
Webex session
media Audio Video HMN Video
6 streams
1 stream
Remote VideoEndpoint
1 stream
1 streamRemote VideoEndpoint
vs.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Use case 6 : Hybrid Conferencing with multiple regions
115BRKCOL-3990
Large Enterprise with Cisco UC and video looking to migrate from a legacy
conferencing infrastructure to cloud web conferencing
Structural requirements : Conferencing requirements:
• Three worldwide regions
• Redundancy with 2 DC in each region
• Maximize Local (on-premises) Media
Termination
• Traffic Optimization
Webex Meetings
Personal Meeting Rooms
Scheduled Meetings
Only SIP Endpoints and Webex clients
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 116BRKCOL-3990
Additional Design Notes
CUCM SIP trunk(s) to HMN
• CUCM trunks to different HMN regional clusters need be separate
HMN traffic
• HMN intra-cluster traffic stays within enterprise network
• HMN inter-cluster traffic use cloud
HMN selection (SIP devices)
• HMN cluster used for the call is chosen by CUCM
• HMN server inside a cluster is chosen by the cloud based on HMN inputs (latency, load)
HMN selection (Spark clients/rooms)
• HMN is chosen by cloud based on reachability info provided by client (STUN RTT) with preference for on-premises HMN
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 117BRKCOL-3990
Additional Design Notes
Want to keep media on-premises
• Do not close port 5004, this will cause split meetings !!
• Traffic via cloud can be reduced but not avoided, the following traffic types go anyway via cloud
• Spark/HMN signaling
• Webex signalling and media
• HMN Inter-cluster signalling and media
Approach to limit HMN inter-cluster traffic for SIP devices: CUCM Time Of Day Routing
1. Prefer a regional HMN cluster at a certain time of the day,
2. with alternate route to the other HMN regional clusters for High Availability and Overflow
3. and to cloud via Expressway for overflow
• TOD time switch should avoid meeting start time :00, :30 (:45 may be a good choice)
Limitations
• Spark clients and rooms (not covered by this use case) do not follow CUCM allocation.
• Strategy applies only to dial in to Webex/HMN Future HMN dial out feature may not fit this approach
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Webex/Spark cloud
Endpoint SIP Call control Regional EdgesOn premises Hybrid conferencing layer
EMEA
118BRKCOL-3990
Use case 6 : Architecture
Americas
APAC
WebEx/Spark
During US business hours
1) HMN cluster Americas
2) HMN cluster EMEA, APAC
3) Overflow to cloud via US Expressway
HMN cluster APAC
HMN cluster EMEA
HMN cluster Americas
During EMEA business hours
1) HMN cluster EMEA
2) HMN cluster Americas, APAC
3) Overflow to cloud via EMEA Expressway
During APAC business hours
1) HMN cluster APAC
2) HMN cluster Americas, EMEA
3) Overflow to cloud via APAC Expressway
Conclusions
When planning a large conferencing infrastructure, you cannot “count on magic”.
Good planning and design enables a seamless and robust deployment.
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Spark
Questions? Use Cisco Spark to communicate with the speaker after the session
1. Find this session in the Cisco Live Mobile App
2. Click “Join the Discussion”
3. Install Spark or go directly to the space
4. Enter messages/questions in the space
How
cs.co/ciscolivebot#BRKCOL-3990
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
• Please complete your Online Session Evaluations after each session
• Complete 4 Session Evaluations & the Overall Conference Evaluation (available from Thursday) to receive your Cisco Live T-shirt
• All surveys can be completed via the Cisco Live Mobile App or the Communication Stations
Don’t forget: Cisco Live sessions will be available for viewing on-demand after the event at www.ciscolive.com/global/on-demand-library/.
Complete Your Online Session Evaluation
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• Tech Circle
• Meet the Engineer 1:1 meetings
• Related sessions
122BRKCOL-3990
Thank you
BACKUP SLIDES
Cisco Advanced Services
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Advanced Services Portfolio
ADVISE IMPLEMENT
OPTIMIZE
Implement Services
• Integrate new solutions with existing
technology
• Migrate from your current state to
future-state solution
• Validate that the solution meets your
business and technical needs
Optimize Services
• Recommend best practices for
maintaining your solutions
• Remediate solution-related issues
• Analyze solution value and recommend
adjustments or improvements
Advise Services
• Develop a strategy to align your
people, process, and technology
• Assess your network, infrastructure,
security, and readiness for change
• Design sustainable architectures and
tech-enabled business processes
BRKCOL-3990 127
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Cisco Meeting Server Services
• Highly scalable video and audio conferencing design
• Interoperability with Microsoft Lync/Skype for Business and WebRTC
• Extensible to new user video experiences and business interactions
• Migration from legacy MCUs and/or TelePresence Servers
• Flexible, global on premise deployment model
Advise and Implement
• Ongoing capability, functionality, and capacity evolution
• Escalation support for critical or service impacting incidents/ problems
• Security alerts and risk mitigation
• Enterprise wide change management and architectural integrity
• Knowledge transfer - architecture and design changes, migration testing
Optimize
Other relevant AS value added services are available: NPA, MNRA, Adoption.
Please contact AS Global BDM team for Advanced Services scoping & quotes.
Cisco MCU
Cisco
TelePresence
Server
Cisco Meeting Server
Migrate
Interoperate
BRKCOL-3990 128
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Value Added Services
Customer IssuesProposed AS Value Added Services
• When installing Cisco Meeting Servers in new data centers
• When installing Cisco Meeting Servers that have more capacity than the
existing MCUs / TelePresence Servers
• New video customers deploying video bridges for the first time
• Migration from third party video bridges / services (on-premises or cloud)
• Customer environment has known video quality issues
Network Path Assessment (NPA)
-- or –
Media Network Readiness
Assessment (MNRA)
• Customer's needing assistance with an end-user communication plan
• Customer's needing assistance with educating end-users on any
experience changes after the deployment
Adoption Services
* Contact AS Global BDM team to determine which service is appropriate
BRKCOL-3990 129
CMS configuration quick start
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 131BRKCOL-3990
Configuration quick start - basic
• Configure IP
• ipv4 a add <CMS_IP>/<mask> <def_GW>
• Hostname <CMS_name>
• 2nd admin and an API user
• user add admin2 admin
• user add apiuser api
• Ntp server
• Ntp server add <NTP_IP>
• Timezone <timezone>
• DNS add and verify
• Dns add forwardzone <DNS_IP>
• Dns lookup a <address to lookup>
• Dns lookup SRV _xmpp-client._tcp.xxx
• Certificate command (transfer with sftp)
• Pki list
• Pki match <key> <cert>
• Pki inspect <cert>
• License (transfer with sftp file cms.lic)
• License
• Webadmin
• Webadmin listen a 8443
• Webadmin certs <key> <cert> <rootbundle>
• Webadmin enable
• CallBridge
• callbridge listen a
• callbridge certs <key> <cert> <rootbundle>
• callbridge restart
For reference
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 132BRKCOL-3990
Configuration quick start - Spaces• Add IVR
• GUI->configuration->General
• Add static Rendezvous meeting
• GUI->configuration->Spaces
• Active Directory (example)
• Base DN :OU=Training,DC=EXAMPLE,DC=com
• FILTER: (&(objectCategory=person)(objectClass=user)(!(cn=Administrator))(!(cn=Guest))(!(cn=krbtgt)))
• Display name: $cn$
• Username: [email protected]
• Space Name $sAMAccountName$.space
• Space URI $sAMAccountName$.space
• Secondary Space URI 15$telephoneNumber$
For reference
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 133BRKCOL-3990
Configuration quick start – XMPP & WebBridge• XMPP
• xmpp listen a
• xmpp certs <key> <cert> <rootbundle>
• xmpp domain meet.example.com
• xmpp enable
• Add callbridges (CLI on xmpp server)
• xmpp callbridge add core1
• xmpp callbridge add core2
• Xmpp callbridge list
• Connect CallBridge to XMPP (GUI or API)
• Webbridge
• Webbridge listen a
• Webbridge certs <key> <cert> <rootbundle>
• Webbridge trust <callBridge_cert>
• Webbridge enable
• Webbridge Web GUI config (or API)
• CMS Dial Plan – see core section
For reference
Core
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
CMS cluster operation during outages If connection to DB is lost, operation stop or it is severely degraded
For reference
Operation Status Condition Features available
READ/WRITE
All read and write queries are always directed to current
DB Master, wherever it is. It is not possible to perform any
WRITE operation to a database which is not elected as
current Master.
CallBridge is fully featured
READ-ONLY
If CallBridge server has local, collocated database, it can
only read from local database when Master DB is not
accessible.
inbound/forwarding/outgoing calls
possible, TMS scheduled conferences
will not work, dual home conferencing
may not work
NO OPERATION
POSSIBLE
If CallBridge is a standalone - no local database on the
same server, it can't do read access to any node except
the Master DB.
CallBridge “death”,
only outgoing calls may work
BRKCOL-3990 135
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 136BRKCOL-3990
Distributed call Setup
CUCM1
SIP: INVITE MySpace1
SIP: INVITE MySpace1
Intra-cluster dialogue finds that the space is already active in in CB1
Call Bridge CB1 Call Bridge CB2
Call Bridge Cluster
SIP: INVITE Conf_ID@CB1
DB: MySpace1
SIP: INVITE MySpace1
CUCM2Enpoint1
Enpoint2
SIP
HTTPS / SIP
MediaDistributed Video Call established
First call established
CB1: generating peer URI sip:Conf_ID@CB1 for coSpace <spaceID>
CB2: call <Call ID> now peered with conference on server CB1 (peer URI Conf_ID@CB1)
For reference
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 137BRKCOL-3990
Call Replacement (simplified flow)
CUCM
SIP: INVITE MySpace1
SIP: INVITE MySpace1 with Call_ID Supported:.. Replace
Video Call established on CB2 only
replace query for conference YYY using server CB2 (priority: 0, load level: 0, conference is running: 1)
replacing call Call_ID to conference YYY on server CB2
SIP: INVITE EndpointURI From spaceURI Replaces: Call_ID
Call Bridge CB1 Call Bridge CB2
Call Bridge group EMEA
replacing call Call_ID from server CB1 into conference YYY
SIP: INVITE EndpointURI
Space MySpace1
Video EP with existing call
to MySpace1 on CB2
SIP
HTTPS / SIP
Media
For reference
SIP: CANCEL Call_ID
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
LDAP integration : things to watch
• AD mapping creates 3 dial-able URIs in CMS : Primary and Secondary Space URI and User URI
=> None of them should overlap with other URI in the network
• Dual mapping with alphanumeric and numeric URI for spaces provides a flexible way to join spaces
• Sizing : If more than 30000 users need to be imported from AD, the design should be validated by Cisco
• There is a lot of flexibility in configuring LDAP• Multiple LDAP sources and mapping can be configured
• LDAP configuration on CallBridge is per server when configured using GUI
• All CallBridges in a cluster can update users and space database
• For a clustered environment, it is best to configure LDAP integration using API
But case should be take to to avoid feeding CMS with incongruent information
138BRKCOL-3990
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 139BRKCOL-3990
CMS 2.2 – Load balancing of outbound SIP calls
Operation:
• When CMS receive an API request to make an outbound call, it finds the highest priority outbound dial plan rule that matches the SIP domain,
• if this applies to a local Call Bridge, then balance the call within the local Call Bridge Group.
• if this only applies to remote Call Bridges, then load balance the call within the Call Bridge Group to which the Call Bridge is a member
As a consequence, traffic can be optimized as long as video endpoints belong to different regional SIP domains
For reference
Recording and Streaming
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 141BRKCOL-3990
Recording and streaming basic architecture
XMPP Media
CallBridge +XMPP server
Recorder NFS server
Media (NFS)
CallBridge +XMPP server
Streamer Streaming Server
Media (RTMP)
NFS/mp4
RTMP/H264
Streaming Clients
VideoManagementServer
Viewing Clients
xmpp client
xmpp client
RECORDING
STREAMING
Third party
BRKCOL-2544 Terry French Enterprise Webcasting and Recording Architecture with VBrick Rev
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
Sizing
Virtual Machine
• Recording and Streaming needs separate VM with minimum 4 vCPUs
• Streaming: 1 vCPU and 1GB of memory per 6 concurrent streams (max 6 VM)
Recording: 1 vCPU and 0.5GB of memory per concurrent recording (max 8 VM)
Network
• Stream media is H264 at 720p30 (2Mbps)
Disk
• The size of 720p30 recordings ranges from 300MB to 800MB for 1 hour
• Presentation is captured in the main recording stream, not separately
142BRKCOL-3990
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 143BRKCOL-3990
Scaling Streaming and RecordingCall Bridge Groups allow optimal allocation of resources
Edge
• WebRTC proxy with Expressway
• Edge design
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 145BRKCOL-3990
CMA Sign-in and Join a space (simplified)
DNS SRV lookup _xmpp-client._tcp.MyDomain
CMA
client
XMPP HTTPS / WEBRTC Media/TURNDNS
XMPP Server
DNS
TURN CallBridge(s)
Sign-in + userID, password
Join Space
Call Request
Port Allocation Request[UDP 3478]
Answer with TURN address and port to use
Port Allocation Request[UDP 3478 or TCP 443]
Answer
UDP or TCP UDP
Validate credential
For reference
AD
LoadBalancer
list of CB and CB via TURN
CMA Client: Evaluate RTT among CB and CB via TURN, Choose CB
Welcome CMA Screen
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 146BRKCOL-3990
WebRTC Sign-in and Join a space (simplified)
Authenticate
DNS SRV lookup _xmpp-client._tcp.MyDomain
Web
client
XMPP HTTPS / WEBRTC Media/TURNDNS
XMPP via
LoadBalancerDNS
TURN CallBridgeWebBridge
DNS A lookup meet.MyDomain
Sign-in + userID, password
Join Space Call Request
Port Allocation Request[UDP 3478]
Answer with TURN address and port to use
Port Allocation Request[UDP 3478 or TCP 443]
Answer
UDP or TCP UDP
Validate credential
For reference
ADlist of CB and CB via TURN
WB:Evaluate RTT among CB and CB via TURN, Choose CB
Welcome CMA Screen
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 147BRKCOL-3990
WebRTC Guest joins a Space (simplified)
Authenticate
DNS SRV lookup _xmpp-client._tcp.domain
Web
client
XMPP HTTPS / WEBRTC Media/TURNDNS
XMPP via
LoadBalancerDNS TURN CallBridgeWebBridge
DNS A lookup meet.MyDomain
Validate Meeting_ID & passwd
Enter Name + Join
Request guest credentials
Validate credentials
For reference
Join a meeting + Meeting_ID & passwd
TBV list of CB and CB via TURN
TBV WB Evaluate RTT among CB and CB via TURN, Choose CB, Call Request
Port Allocation Request[UDP 3478]
Answer with TURN address and port to use
Port Allocation Request[UDP 3478 or TCP 443]
Answer
UDP or TCP UDP
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 148BRKCOL-3990
CMA: Traffic Localization and High Availability Tools
Selecting entity Service / Server Section method Localization High Availability
Client LoadBalancer DNS SRV GEO DNS Multiple LB SRV records
and/or smart DNS
Load Balancer XMPPserver Trunks configuration Local Trunk Multiple trunks from
LoadBalancer to XMPP
servers
CMA client (via
XMPPserver)
CallBridge (CB) CMA Client estimation
RTT among CB and CB
via TURN ( sticky result,
selected CB will be
“homeCB” )
- TURN according to
CBgroups
- RTT favours regional
servers
Multiple CallBridges
CallBridge (CB) TURN Server CB RTT estimation +
CallBridgeGroup
RTT and CBgroup
(same as above)
Multiple TURN choices
per CB
CMA Client TURN server at CMA
client side
Received by CB after CB
turn allocation
Decided in previous step Multiple TURN servers
TURN protocol and
port at CMA client
side
Try fist UDP.3478, then
TCP.443
Decided in previous step Multiple TURN servers
For reference
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public
WebRTC: Traffic Localization and High Availability Tools Selecting entity Service / Server Section method Localization High Availability
Client WebBridge (WB) DNS A (need that client sticks
with one WebBridge IP)
GEO DNS Multiple WB A records
and/or smart DNS
WebBridge LoadBalancer DNS SRV GEO DNS Multiple SRV records and/or
smart DNS
Load Balancer XMPPserver Trunks configuration Local Trunk Multiple trunks from
LoadBalancer to XMPP
servers
WebBridge (via
XMPPserver)
CallBridge (CB) WebBridge estimation
RTT among CB and
CB+TURN (TBVerified)
( sticky result -> “home CB”)
- TURN according to
CBgroups
- RTT favour regional
servers
Multiple CallBridges
WebBridge XMPP server DNS SRV record GEO DNS XMPP clustering
CallBridge (CB) TURN Server CB RTT estimation +
CallBridgeGroup
RTT and CBgroup
(same as above)
Multiple TURN choices per
CB
WebBridge Client TURN server at
client side
Received by CB after
CallBridge TURN allocation
Decided in previous step Multiple TURN servers
TURN protocol &
port at client side
Try fist UDP.3478, then
TCP.443
Decided in previous step Multiple TURN servers
For reference
BRKCOL-3990 149
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 150BRKCOL-3990
WebRTC Expressway Proxy : Localization and HA Tools Selecting entity Service / Server Section method Localization High Availability
Client Expressway-E DNS A (Xway sticks the
session with a cookie)
GEO DNS Multiple Xway-E A records
and/or smart DNS
Expressway-E Expressway-C Transversal Zone Config. Regional Xway Cluster,
Configuration
Clustering, transversal
zone configuration
Expressway-C WebBridge DNS SRV record GEO DNS Multiple SRV records
and/or smart DNS
WebBridge (via
XMPPserver)
(WebBridge
located in core)
CallBridge (CB) WebBridge estimation
RTT among CB and
CB+TURN (TBVerified)
( sticky result )
- TURN according to
CBgroups
- RTT favour regional
TURN servers
Multiple CallBridges
WebBridge XMPP server DNS SRV record GEO DNS XMPP clustering
CallBridge (CB) TURN Server CB RTT estimation +
CallBridgeGroup
RTT and CBgroup
(same as above)
Multiple TURN choices per
CB
WebBridge Client TURN server at
client side
Received by CB after
CallBridge TURN allocation
Decided in previous
step
Multiple TURN servers
TURN protocol
and port at client
side
Try fist UDP.3478, then
TCP.443
Decided in previous
step
Multiple TURN servers
For reference
On-Premises MS Interoperability
© 2018 Cisco and/or its affiliates. All rights reserved. Cisco Public 152BRKCOL-3990
Dual homed call setup via drag and drop (*)Lync client
SIP: INVITE VideoEP
escalating Lync conversation …. To Lync Conference
SIP: INVITE sip:LyncUser@LyncDomain…. conf:focus:id:R6KHVK2Y
MS Front End
& AVMCUCall Bridge
Lync clients in meeting
Lync client
SIP: (re)INVITE VideoEP with conf:focus:id:R6KHVK2Y
SIP: SUBSCRIBE sip:LyncUser@LyncDomain .. conf:focus:id:R6KHVK2Y
Lync conference subscription
SIP: OK with Conference information.
Video EP
drag and drop Video EP to the meeting
(*) simplified SIPMedia
For reference
All participant in a dual homed meeting