Optimizing Your Network for UCx
Here is a “top 10” checklist to help you ensure that your network is ready for the UCx Hosted Unified Communications Service.
Step 1: Make sure you have enough bandwidth
This won’t be an issue if you’re connecting to our network directly. If you are “bringing your own broadband” at any site, use trace-route, ping and bandwidth tests to confirm that the connection has sufficient capacity. For detailed instructions, see Testing Your Bandwidth.
Step 2: Set up your firewall to work with VoIP
First of all, make sure you are using a quality firewall from a manufacturer like Cisco, Fortinet, Netscreen, WatchGuard or Juniper. Often, SOHO firewalls like the Linksys or Sonicwall are just not good devices to use with VoIP.
If you have locked down your network using IP Access Control Lists or firewall policies, please verify that these ports are not restricted from making outbound connections from your LAN:
- FTP – TCP/20-21 outbound to host 220.127.116.11
- FTP – TCP/20-21 outbound to 18.104.22.168
- FTP – TCP/20-21 outbound to 22.214.171.124
- FTP – TCP/20-21 outbound to 126.96.36.199
- FTP – TCP/20-21 outbound to 188.8.131.52
- SIP – TCP/5060 outbound to host 184.108.40.206
- SIP – UDP/5060 outbound to host 220.127.116.11
- SIP – TCP/5060 outbound to host 18.104.22.168
- SIP – UDP/5060 outbound to host 22.214.171.124
- RTP – UDP/60000-65535 to host 126.96.36.199
- RTP – UDP/60000-65535 to host 188.8.131.52
- HTTP – TCP/80 outbound to 184.108.40.206
- HTTP – TCP/80 outbound to 220.127.116.11
- HTTP – TCP/80 outbound to 18.104.22.168
- HTTP – TCP/80 outbound to 22.214.171.124
- HTTP – TCP/80 outbound to 126.96.36.199
- HTTPS – TCP/443 outbound to 188.8.131.52
- HTTPS – TCP/443 outbound to 184.108.40.206
- HTTPS – TCP/443 outbound to 220.127.116.11
- HTTPS – TCP/443 outbound to 18.104.22.168
- HTTPS – TCP/443 outbound to 22.214.171.124
- XMPP – TCP/5222 outbound to 126.96.36.199
- XMPP – TCP/1081 outbound to 188.8.131.52
- HTTPS – TCP/443 outbound to 184.108.40.206
- NTP – TCP/123 outbound to host 220.127.116.11/24
Many manufacturers are adding features which alter VoIP traffic as it traverses the firewall. These devices attempt to mask the internal IP information required to properly communicate with the UCx phone. For this reason, you’ll need to disable all VoIP application awareness features configurable on your firewall. Failure to do so will cause one-way audio issues and call route failures.
Step 3: Hard code your speed/duplex settings
Speed/duplex mismatches account for 90% of VoIP call quality issues. Make sure you hard code the speed/duplex to match between switch, firewall, and router uplink ports. Uplink ports are those ports which interconnect network devices together. They should always be statically set for speed and duplex to ensure auto negotiation is never a cause of a speed/duplex mismatch. Devices which only support 10baseT are acceptable as long as they can be set for full duplex. For all the other ports (the ones where you’ll be connecting computers and/or phones), leave them as auto-sensing.
Step 4: Use managed switches only
Hubs are not supported with VoIP deployments and must be replaced with switches (preferably managed switches). Hubs broadcast traffic by design and will ultimately cause network congestion which will degrade call quality. Hubs are typically unmanaged, which means there is no way to hard code speed/duplex settings.
Network switches should be deployed in a tree or hub/spoke topology instead of a cascade topology. This will ensure that all network traffic originating from one switch has the same number of hops to reach the Internet as any other switch. Take care to avoid any Ethernet device from being more than three hops away from the Internet.
Step 5: Provide your phone’s power via POE, not AC
Each UCx phone may be powered by two methods – by an AC power supply or through a Power over Ethernet (PoE) enabled network.
An AC power supply provides the phone’s power from a wall outlet. This may be an issue if you do not have enough AC outlets, or if you have a power supply that has a slight voltage dip from time to time (like when a large piece of equipment powers on). This brown-out may cause the phones to reboot.
You may wish to consider the use of PoE to centrally manage power required to support the UCx deployment. PoE is typically made available to the phone by a PoE enabled network switch or through a PoE injector cable. Ideally, this equipment would be plugged into an Uninterrupted Power Supply (UPS). These are highly recommended for all of your network and VoIP devices, helping to protect your network investments and provide business continuity during a power outage.
Step 6: Set up Quality of Service on your LAN
Most businesses of less than 20 users have excess bandwidth available on the LAN, and therefore no need to set up Quality of Service (QoS) on their equipment. If you are a larger office (20+ users), however, you will want to make sure QoS is set up on your switches, firewall, and router to prioritize voice traffic. Your DSCI Service Delivery Specialist can advise you on these settings and configurations.
Step 7: Use a DHCP server
Each UCx device requires an IP address. By default, UCx phones will request an IP address assignment using DHCP. These phones won’t work if you use static IPs. If you have certain devices that always need the same IP address, use DHCP reservations instead.
Step 8: Ensure all wiring is Cat 5E or better
You should ensure your networks are wired with certified Cat 5E, or better, cabling. Cat5E terminated (4-pair) is the minimum required to support Power over Ethernet (PoE). Some legacy networks are wired with Cat3 (2-pair), which will support a 10baseT and possibly VoIP but not PoE. At each location you wish to deploy a UCx phone, you must have a readily accessible network jack to accept an RJ-45 male adaptor.
Step 9: Don’t use an amplified headset
Only use Polycom-approved headsets with your IP phones. No amplified headsets are supported. DSCI uses Jabra headsets in our office and can highly recommend the GN2100 (used with the GN1200 connector cord) and GN9350e (used with the EHS adapter) headsets.
Step 10: Don’t bog down your network
Keep the downloading of large files from the Internet, as well as audio and video streaming, to a minimum. These bandwidth hogs can overwhelm VoIP traffic when QoS is not applied.