TANDBERG D13691.03 user manual Bandwidth Control and Firewall Traversal

Page 23

TANDBERG Border Controller User Manual

xConfiguration Pipes Pipe [1..100] Bandwidth PerCall Mode xConfiguration Pipes Pipe [1..100] Bandwidth PerCall Limit

Pipes may be shared between one or more links. This is used to model the situation where a site communicates with several other sites over the same broadband connection to the Internet. Each link may have up to two pipes associated with it. This is useful for modeling two sites, each with their own broadband connection to the Internet backbone. Calls between zones or subzones consume bandwidth from each zone and any pipes on the link between them.

When a Border Controller is neighbored with another Gatekeeper or a Border Controller, the neighbor is placed in its own zone. This allows you to control the bandwidth used by calls to and from endpoints controlled by the other Gatekeeper. Sometimes you may place and receive calls to Gatekeepers you are not neighbored with (See section 6). These Gatekeepers, and any unregistered endpoints reached by dialing their IP address, are placed in the Default Zone.

If bandwidth control is in use, there are two possible behaviors when a call cannot be placed at the bandwidth requested. By default the call will be connected at a reduced bandwidth (down-speeding), assuming that there is some bandwidth still available. Optionally the call may be rejected if it cannot be placed at the requested bandwidth. This option is controlled through the web interface of the Border Controller by navigating to Border Controller Configuration → Gatekeeper (Figure 7) or through the following command line instructions:

Figure 7: Configuring down-speeding options

xConfiguration Gatekeeper Downspeed PerCall Mode: <On/Off>

xConfiguration Gatekeeper Downspeed Total Mode: <On/Off>

4.1Bandwidth Control and Firewall Traversal

When a Border Controller and Gatekeeper are being used to traverse a firewall, an additional zone and subzone come into use.

The traversal zone is used to represent the zone containing the Gatekeeper Controller this Border Controller is paired with. This zone is automatically added for you. The traversal subzone represents the Border Controller itself. The traversal subzone allows you to control total and per call bandwidths passing through the Border Controller. Unlike other subzones, no endpoints will ever be registered in this subzone.

16

Page 22 Page 24
Image 23
Page 22 Page 24
Contents Tandberg Border Controller Disclaimer Trademarks and copyrightEnvironmental Considerations Environmental IssuesTANDBERG’s Environmental Policy Operator Safety Summary Page Contents Software Upgrade Introduction Tandberg Border Controller Overview Unpacking InstallationPrecautions Mounting Connecting CablesSwitching on the System Installation site preparationsBorder Controller Initial Configuration Page Getting started System AdministrationAdministrator Account Root Account RegistrationNeighbor Gatekeepers Search Order Alternate Border Controllers Call Control Location decision flow diagram Firewall Traversal Bandwidth Control Page Bandwidth Control and Firewall Traversal Bandwidth Control Examples Network Deployment with firewalls Page Registration Restriction Policy Registration ControlAuthentication using an Ldap server AuthenticationAuthentication using a local database Securing the Ldap connection with TLS Creating DNS SRV records URI DialingPage Simple Enterprise deployment Example Traversal deploymentsDialing Public IP addresses Enterprise GatekeepersURI dialing from within the enterprise Neighbored enterprisesPage Making Decisions Based on Addresses Address-switchCall Policy Subfield Reject CPL Script ActionsLocation ProxySelective Call Screening Unsupported CPL ElementsCPL Examples Call screeningCall Redirection Event log format Controlling what is loggedLogging Logged Events Event LevelsDNS 245,NTP,DNS,LDAP Event dataPage YYYY/MM/DD-HHMMSS Remote LoggingUpgrading Using Https Software UpgradeUpgrading Using SCP Page Ethernet Command ReferenceStatus CallsLdap ExternalmanagerFeedback 11.1.5 IPResourceUsage 11.1.8 NTPPipes RegistrationsZones Authentication11.2 Configuration SystemUnitGatekeeper Page 11.2.6 IP HTTP/HTTPSLdap Option Key 11.2.9 Log11.2.10 NTP 11.2.15 SSH SessionSnmp Subzones Traversal TelnetTimeZone Zones Command CheckBandwidth BootAllowListAdd AllowListDeleteDenyListDelete DefaultLinksAddDefaultValuesSet DenyListAddLinkAdd FeedbackRegisterFeedbackDeregister FindRegistrationPipeDelete OptionKeyAddOptionKeyDelete PipeAddHistory Feedback Eventlog Other commandsAbout ClearSyslog RelkeyBind 8 Appendix Configuring DNS ServersMicrosoft DNS Server Verifying the SRV recordAs expected Adding H.350 objects Appendix Configuring Ldap ServersMicrosoft Active Directory PrerequisitesSecuring with TLS OpenLDAPInstalling the H.350 schemas Add the H.350 objects EMC Immunity Electrical SafetyApprovals EMC Emission Radiated Electromagnetic InterferenceTechnical Specifications Certification Physical DimensionsPower supply References Glossary Index
Top Page Image Contents