SIP Server and BIG-IP LTM Integration Overview

The SIP Server and BIG-IP LTM integration solution described in this document enables you to preserve SIP sessions between SIP Server and other SIP-enabled devices that are involved in contact center operations, in switchover scenarios.

In this integration solution, one Virtual Server configured on the BIG-IP LTM is associated with a single IP address (referred to as Virtual IP address), and it represents one HA pair of SIP Servers configured as members of one server pool that is associated with the Virtual Server.

Integration Solution Notes

• UDP, TCP, or TLS can be used as the transport for SIP signaling.
• Up-front load balancing via Network SIP Server or other device could be implemented, but is not described in this document.
• Configuration of BIG-IP High Availability is not described in this document and has not been validated with SIP Server.
• BIG-IP LTM can be configured in a more complex load-balancing role. This is beyond the scope of this document.

Supported Versions

The integration solution described in this document supports the following software versions:

Deployment Architecture

The figure below depicts the architecture of a sample deployment of primary and backup SIP Servers with the BIG-IP LTM, in which:

• BIG-IP LTM is positioned as a network router between a SIP Server HA pair and other network entities.
• Hosts where SIP Servers are running use the BIG-IP LTM as the default gateway.
• BIG-IP LTM is configured to apply SNAT (Secure Network Address Translation) to all outbound packets, with the exception of destinations that are defined in the SNAT exclusion group.

Deployment Requirements

There are four different communication groups of devices that interact with SIP Server (see the preceding figure). Each group has its own requirements that must be considered when configuring the BIG-IP LTM.

Agent SIP Endpoints Group

The Agent SIP Endpoints Group (group A in the preceding figure) includes SIP phones that are used by agents.

Initially, devices of this group use the REGISTER method to notify SIP Server of the current Contact URI (IP address). SIP Server uses the Contact information for further communication with the device.

By default, SIP Server uses the UDP to communicate with devices of the group. Devices send requests to and receive responses from the BIG-IP LTM Virtual IP address.

This group requires that:

• Any inbound packets received at the BIG-IP LTM Virtual IP address are directed to the primary SIP Server.
• SNAT is applied to any outbound packets that are sent to devices of the group, which means that a source IP address of the outbound packet is translated from a SIP Server physical IP address to the BIG-IP LTM Virtual IP address.

SIP Service Devices Group

The SIP Service Devices Group (group B in the preceding figure) includes media gateways, softswitches, Session Border Controllers (SBC), and SIP-based VoIP Service devices such as Genesys Media Server (Resource Manager and MCP). These devices do not register with SIP Server; their contact information is known in advance and it remains consistent.

By default, SIP Server uses the UDP to communicate with devices of the group. Devices receive requests from the BIG-IP LTM Virtual IP address.

This group requires that:

• Any inbound packets received at the BIG-IP LTM Virtual IP address are directed to the primary SIP Server.
• SNAT is applied to any outbound packets that are sent to devices of the group.

Genesys Systems Group

The Genesys Systems Group includes Genesys Configuration Server, Genesys Message Servers and other SIP Servers in multi-site deployments (group C in the preceding figure). SIP Server maintains permanent TCP/IP connections with members of the Genesys Systems Group. Connections with members of the Genesys Systems Group are initiated from a SIP Server physical IP address. Responses from them are directed to the SIP Server physical IP address. Note that missing definitions of Genesys Systems Group members in the SNAT exclusion group result in SNAT being applied to the outbound packets. In this case, the Genesys Systems are unaware of physical IP addresses of the SIP Servers and, instead, receive packets from the Virtual IP address; this complicates troubleshooting.

IT infrastructure servers, such as DNS, LDAP, log server, or software repository, are typically included into this group for similar reasons.

This group requires that:

• No SNAT is applied to outbound packets sent to the members of the Genesys Systems Group.

Note: In this deployment architecture, HA synchronization traffic between primary and backup SIP Servers does not traverse the BIG-IP LTM, and SNAT control is not applicable to this type of connections (the primary and backup SIP Servers do not belong to the Group).

Genesys T-Client Group

The Genesys T-Client Group includes clients initiating and maintaining connections with the SIP Server (group D in the preceding figure). These are Stat Servers, URSs, ORSs, T-Library desktops like Interaction Workspace, and other T-Library clients. For this group, connection is initiated by the members of the group toward the SIP Server (primary or backup) physical IP address, and SIP Server accepts the connection. In this case, SNAT is not applied to the outbound packets, and SNAT control does not apply to this type of connections; from the perspective of group members, both SIP Servers send packets from the physical IP address of SIP Server.

IT infrastructure systems, such as monitoring servers querying hosts, or the workstation of the system administrator, belong to this group.

This group requires that:

• The primary or backup SIP Server is accessible via its physical IP address.

Note: SNAT pool must not be activated as the configuration element of Virtual Server. SNAT must not be applied to SIP messages sent by clients to SIP Server. Enabling SNAT for these messages results in a broken call flow, as in some circumstances the SNAT is not aligned with SIP Protocol.

Integration

Network and Host Prerequisites

• BIG-IP LTM and SIP Server hosts must be on the same network (broadcast domain, VLAN).
• The Self-IP (or Floating IP address) of BIG-IP LTM must be configured as the Default Gateway in routing tables of SIP Server hosts.
• All traffic between SIP Server hosts and any other SIP peers in the deployment, represented by groups A and B such as Agent SIP Endpoints, MGW, SBC, and RMs, must traverse BIG-IP LTM.
• Firewall settings of SIP Server hosts must enable sending of the ICMP Port Unreachable messages towards the other SIP peers of the deployment represented by groups A and B, such as Agent SIP Endpoints, MGWs, SBCs, and RMs.
• Firewall settings of SIP Server hosts must enable receiving of the ICMP Echo Requests from the Self-IP (or Floating IP address) of BIG-IP LTM.

Required Provisioning

• The IP address of the Virtual Server configured on BIG-IP LTM for SIP communications with SIP Server over UDP, TCP, or TLS must match the value of the sip-address option configured in the TServer section of the SIP Server application.
• The port of the Virtual Server configured on BIG-IP LTM for SIP communications with SIP Server over UDP and TCP must match the value of the sip-port option configured in the TServer section of the SIP Server application.
• The port of the Virtual Server configured on BIG-IP LTM for SIP communications with SIP Server over TLS must match the value of the sip-port-tls option configured in the TServer section of the SIP Server application.

Integration Steps

To integrate SIP Server with the BIG-IP LTM, complete the following procedures:

1. Configure SIP Server HA.
2. Configure BIG-IP LTM.
3. Configure Resource Manager HA.

Note: Genesys strongly advises to use Resource Manager in Active-Active high-availability. Refer to the Genesys Voice Platform Integration section in the ''Framework 8.1 SIP Server Deployment Guide''.