my question is about best VLAN distribution of main Call Manager components. I have to setup an infrastructure with:
- 3 CUCM Servers
- 2 Unity Connection Servers
- 6 Gateways Routers
- 2 servers with 4 monitoring software (Unified Provisioning Manager, Unified Operations Manager, Unified Service Monitor, Unified Service Statistics
Assuming that i will put IP Phones on separate VLANs, my questions are:
- which is the best VLAN configuration for all these components ? (eg: CUCM and Gateways in same VLAN, ecc...)
- is there any particular rule i must respect to put these appliances in separate VLANs ? I mean, if there is a limitation that force me to put some components on the same VLAN or put other components in different VLANs.
. It is a good refereence document. To answer your question, as long as the number devices do not exceed 512 in a single vlan you will be fine.
Proper access layer design starts with assigning a single IP subnet per virtual LAN (VLAN). Typically, a VLAN should not span multiple wiring closet switches; that is, a VLAN should have presence in one and only one access layer switch (see Figure 3-2). This practice eliminates topological loops at Layer 2, thus avoiding temporary flow interruptions due to Spanning Tree convergence. However, with the introduction of standards-based IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) and 802.1s Multiple Instance Spanning Tree Protocol (MISTP), Spanning Tree can converge at much higher rates. More importantly, confining a VLAN to a single access layer switch also serves to limit the size of the broadcast domain. There is the potential for large numbers of devices within a single VLAN or broadcast domain to generate large amounts of broadcast traffic periodically, which can be problematic. A good rule of thumb is to limit the number of devices per VLAN to about 512, which is equivalent to two Class C subnets (that is, a 23-bit subnet masked Class C address). Typical access layer switches include the stackable Cisco Catalyst 2950, 3500XL, 3550, and 3750, as well as the Cisco 3560 and the larger, higher-density Catalyst 4000 and 6000 switches.
Note The recommendation to limit the number of devices in a single Unified Communications VLAN to approximately 512 is not solely due to the need to control the amount of VLAN broadcast traffic. For Linux-based Unified CM server platforms, the ARP cache has a hard limit of 1024 devices. Installing Unified CM in a VLAN with a IP subnet containing more than 1024 devices can cause the Unified CM server ARP cache to fill up quickly, which can seriously affect communications between the Unified CM server and other Unified Communications endpoints. Even though the ARP cache size on Windows-based Unified CM server platforms expands dynamically, Cisco strongly recommends a limit of 512 devices in any VLAN regardless of the operating system used by the Unified CM server platform.
As opposed to putting everything into a separate VLAN, I would suggest trying to take a more logical approach and then you can use ACL's to control inter-VLAN communication, if needed, and/or restrict unwanted access to the voice networks from data networks. So, example would be:
Call Control - CUCM
Media - Gateways
Applications (Critical) - Unity, Unity Connection, CER, CUPS (would depend on the criticality of the apps for your organization and then you could apply QoS according per application)
Applications (Secondary) - Non-critical apps, could be CUOM, CUPM, CUMA, Third-party apps like Cistera, Right Fax, etc.
How you split them up is up to you. But, this will help you separate things without having a VLAN for every single app, and will make your ACL's for security a bit more manageable.
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...
This document describe how DST changes and how time changes are
implemented in DST. Daylight Saving Time (DST) is the practice of
setting the clocks forward 1 hour from standard time during the summer
months, and back again in the fall, in order to make b...