Alcatel Voice over WLAN (R1.1.1) Guide
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
ESD/ Central Pre Sales / DF/ JM 1/34 June 2005 – Ed 01
Pre-Sales Communication
Voice over WLAN (R1.1.1) Design Guide
June 2005
All rights reserved © 2004, Alcatel
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
1. Introduction & Objectives .....................................................................................................4
1.1. Operational Components .............................................................................................4
1.1.1. OmniPCX Enterprise Applications Specific Elements ................................................4
1.1.2. VoWLAN Infrastructure (SVP Server)........................................................................4
1.1.3. WLAN Infrastructure (Provided by Alcatel NIBU) ......................................................5
1.1.4. Server Elements (DHCP, TFTP, Management) ..........................................................6
1.1.4.1..DHCP Server 6
1.1.4.2..TFTP Server 7
1.1.4.3..RF Director Management 7
1.1.5. Mobile IP Touch Terminals.....................................................................................8
1.1.6. Terminal Options (Chargers, Clips, Pouches)..........................................................8
2. Operational Modes and Considerations..............................................................................11
2.1. Infrastructure Topology Options ..................................................................................11
2.1.1. Direct Mode (Direct-Attach)..................................................................................11
2.1.2. Appliance/Overlay Mode ....................................................................................12
2.1.2.1..Appliance /Overlay Mode Operation 12
2.2. Quality of Service .......................................................................................................13
2.3. Security ......................................................................................................................14
2.3.1. SSID Broadcast ...................................................................................................14
2.3.2. Authentication & Encryption .................................................................................15
2.3.3. MAC Address Filtering.........................................................................................15
2.3.4. Rogue Activity Detection.......................................................................................15
2.3.5. Isolation Practices................................................................................................16
2.3.6. Layer 3 & 4 Filtering (ACL & Packet Inspection) .....................................................16
2.3.7. Auxiliary Security Measures ..................................................................................16
3. Design Process for VoWLAN ...............................................................................................16
3.1. Pre Sale Data Collection .............................................................................................16
3.1.1. Physical Diagram (to include existing wireless technologies)...................................16
3.1.2. Logical Diagram .................................................................................................17
3.1.3. Floor Level Maps/Diagrams.................................................................................18
3.1.4. Customer Specific Application & Design Considerations ........................................19
3.1.4.1..Feature Restrictions (R1.1.1) 19
3.1.4.2..MIPT Offer Restrictions (R1.1.1) 20
3.1.4.3..Converged Wireless Environments 22
ESD/ Central Pre Sales / DF/ JM 2/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
3.2. Predictive Environment Solution Options (Responding to RFx) ........................................24
3.2.1. Manual Calculation of Predictive Coverage ..........................................................24
3.2.2. Predictive Tool Coverage Planning .......................................................................25
4. Environment Verification & Validation .................................................................................25
4.1. Compliance with (R 1.1.1 Offer)..................................................................................25
4.1.1. Exceptional Deal Handling ..................................................................................26
4.2. Pre Install VoWLAN Radio Coverage Audit (Site Survey) ................................................26
4.3. Post Install Survey .......................................................................................................26
5. Design Examples ...............................................................................................................27
5.1. Configuration for up to 4 AP (Demo or small area coverage)........................................27
5.2. Configuration for up to 16 AP (No redundancy) ...........................................................28
5.3. Configuration for up to 16 AP (with redundancy)..........................................................29
6. Quotes & Orders ...............................................................................................................29
7. References.........................................................................................................................30
8. Annex ...............................................................................................................................31
8.1. Site Survey Tool ..........................................................................................................31
8.2. Call Handling ............................................................................................................32
8.3. IP Flows .....................................................................................................................33
8.4. MIPT Gatekeeper IP address in DHCP mode ................................................................34
Figure 1: Direct Mode (WLAN Switch) .........................................................................................11
Figure 2 OmniSwitch 6600-P24 (supporting IEEE 802.3af) ..........................................................13
Figure 3 QOS on WLAN solution ...............................................................................................14
Figure 4 Physical Diagram .........................................................................................................17
Figure 5 IP Addressing Plan .......................................................................................................18
Figure 6 Logical paths for Voice and Data ..................................................................................18
Figure 7: Floor Map (with scale & legend)...................................................................................19
Figure 8 MIPT to MIPT inter-nodes communication via IP ............................................................21
Figure 9 User Throughput (type of Wall) for 802.11g ..................................................................24
Figure 10 Predictive Method: AP Calculation...............................................................................25
Figure 11 Configuration for up to 4 AP (no redundancy) .............................................................27
Figure 12 Configuration for up to 16 AP (no redundancy) ...........................................................28
Figure 13 Configuration for up to 16 AP (with redundancy) .........................................................29
Figure 14 Survey Result..............................................................................................................31
ESD/ Central Pre Sales / DF/ JM 3/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
1. Introduction & Objectives
It is the intent of this guide to aid Sales Engineers in designing and selling telecommunications solutions
Incorporating Alcatel’s Mobile IP Touch (MIPT) Voice over Wireless LAN (VoWLAN) solution (R 1.1.1)
This document has been created specifically in the context of an architectural and technical Pre-Sales Design
Guide approach. It is clearly understood that a client’s choice of solution components and design options
will take into account many factors that will not be explored here (such as financial considerations,
deployment constraints, and business process limitations).
Alcatel’s MIPT VoWLAN product offering is a multi-stage solution aimed at meeting customer demand for
converged voice and data wireless environments based on 802.11 technologies. The R1.1.1 version of the
MIPT suite is the result of leveraging existing OmniPCX Enterprise features with OEM products available in the
Alcatel portfolio from Aruba, SpectraLink and others.
Technically speaking, the VoWLAN solution can be built on several centralized WLAN topology schemes but
must always adhere to the Voice over WLAN MIPT solution R 1.1.1 operational design restrictions (For more
information on design restrictions, see: section 3.1.4.2 of this document and the ALCATEL OmniPCX Enterprise
R6.1 Standard Offer document).
1.1. Operational Components
The Alcatel MIPT VoWLAN solution offer is comprised of many subcomponents. These components can be
easily grouped into their categories defined by their functions and responsibilities.
1.1.1. OmniPCX Enterprise Applications Specific Elements
At the core of Alcatel’s MIPT VoWLAN offer lays the
Alcatel OmniPCX Enterprise platform (r6.1 or greater,
r6.1.1 or greater preferred.)
Key to enabling the capabilities of Alcatel’s VoWLAN
solution are two OXE features, Remote Extension and
integrated H.323 client support (via the embedded
H.323 gateway.)
1.1.2. VoWLAN Infrastructure (SVP Server)
SVP Server:
Responsible for synchronizing MIPT terminal
communication flows and managing Access Point
saturation to provide strong QoS; this is an essential
MIPT VoWLAN element.
ESD/ Central Pre Sales / DF/ JM 4/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
1.1.3. WLAN Infrastructure (Provided by Alcatel NIBU)
OmniAccess 4304:
Used to support a maximum of 4 AP. Equipped with
eight 10/100 Ethernet ports (802.3af capable). Two
different models providing either one 1000base-T
Gigabit uplink (Copper) or one 1000base-SX Gigabit
uplink (Fiber).
OmniAccess 4304
OmniAccess 4308:
Used to support a maximum of 16 AP. Equipped with
eight 10/100 Ethernet ports (802.3af capable). Two
different models providing either one 1000base-T
Gigabit uplink (Copper) or one 1000base-SX Gigabit
uplink (Fiber). Imbedded Stateful Inspection firewall
options allow for robust security installations.
OmniAccess 4324:
Used to support a maximum of 48 AP. Equipped with
twenty-four 10/100 Ethernet ports and two GBIC
uplink modules for flexible LAN applications.
Imbedded Stateful Inspection firewall options allow for
robust security solutions.
OmniAccess 6000:
Four slot modular chassis used to support a maximum
of 512 AP. Equipped with up to seventy-two 10/100
Ethernet ports and six GBIC uplink modules for f
LAN applications. Imbedded Stateful Inspectio
firewall options allow for robust security solutions.
lexible
n
OmniAccess 60/61:
Single network (802.11a or 802.11b/g) Wi-Fi Access
Points for use with OmniAccess WLAN controllers.
WLAN 60 model requires external special purpose
antenna (WLAN 61 offers only internal antenna
option.)
OmniAccess 4308
OmniAccess 4324
OmniAccess 6000
OmniAccess 60 & 61
ESD/ Central Pre Sales / DF/ JM 5/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
OmniAccess 70
Flexible multifunction Access Point provides
simultaneous access to both 802.11a and 802.11b/g
networks. Supports built-in and external special
purpose antenna.
OmniAccess 70
Alcatel openly recognizes the challenges faced by customers with existing 802.11 network implementations.
For this reason, Alcatel also seeks to support Mobile IP Touch - Voice over Wireless Local Area Network
solutions on a variety of approved third-party infrastructure architectures. Infrastructure vendors such as
Aruba, Cisco (former Airespace product suite), Colubris and D-Link can possibly be used in lieu of Alcatel’s
OmniAccess WLAN products. Solutions leveraging third-party Wi-Fi infrastructures (such as those previously
mentioned) must be reviewed and approved by Alcatel’s Bid Desk (SDP) for applicability and support.
1.1.4. Server Elements (DHCP, TFTP, Management)
1.1.4.1. DHCP Server
Customers have two IP address allocation schemes to choose from for MIPT handsets, static mode and
dynamic mode. Static mode operation is very simple and requires no expanded explanation. Terminals are
simply programmed manually with IP addresses, subnet mask, default gateway, TFTP server, H.323
gatekeeper and SVP Server information. Optionally, MIPT Terminals can be configured in a dynamic mode
via standard DHCP server options.
Dynamic mode is recommended due to ease of use and speed of reconfiguration. For a number of reasons,
the DHCP Server function can not currently be hosted by the OmniPCX or SVP Server. A dedicated external
DHCP server is recommended for all MIPT VoWLAN solutions. Alcatel does not currently offer the DHCP
Server hardware platform and recommends the customers or business partners source this equipment from
their usual PC Server supplier.
Alcatel has validated the following DHCP Server software platforms for use with MIPT VoWLAN solutions.
Validated DHCP Server software platforms.
Windows 2000 (Server) DHCP turbo by Weird Solutions
Important remark: In addition to standard and common parameters (IP Address, Subnet Mask, Default Gateway
IP Address, TFTP Server IP Address), the external DHCP server must be able to provide the MIPT
terminal with the IP addresses of the SVP Server and H.323 Gatekeeper. This makes the
optional DHCP fields for “Vendor Specific Options” mandatory for use with MIPT handsets. For
Windows 2000 Server, the Vendor Specific Option fields are known as “Special Option N°151”
(for the SVP Server) and “Special Option N°154” (for the H.323 Gatekeeper).
ESD/ Central Pre Sales / DF/ JM 6/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
1.1.4.2. TFTP Server
A TFTP Server is mandatory for all MIPT VoWLAN solutions. The TFTP Server is responsible for supplying
Binary and Text configuration files to the MIPT handsets.
TFTP Server functions can not be hosted from the OmniPCX Enterprise Communication Server due to
performance, security and compatibility reasons. The SVP Server is not permitted to host TFTP Server
operations due to TCP port conflicts. This makes mandatory the use of an external TFTP Server. There are
no unique TFTP Server requirements beyond standard TFTP protocol specifications to support MIPT terminals.
It is possible to combine TFTP Server and DHCP Serer functions on a single external platform.
Alcatel has validated the following TFTP Server platforms for use with MIPT solutions.
Validated TFTP Server software platforms.
3Com TFTP Server (3CDaemon) V2.0r10 Cisco TFTP Server
TFTP turbo by Weird Solutions Solar Winds TFTP
1.1.4.3. RF Director Management
The initial goal of RF Spectrum Management is to configure and calibrate radio settings for the
wireless network. After the radio network is operational, the goal of RF Spectrum Management
changes to that of tuning and adjusting radio parameters in order to maintain a high degree of
performance. With Alcatel, RF Spectrum Management is largely automatic, requiring little
configuration or intervention from the administrator. Key components of Alcatel’s RF Director
solution are:
•Calibration: Used continuously throughout the life of a wireless network; Calibration functions
allow network administrators to optimize power and sensitivity settings of the network on an
antenna by antenna basis.
•Optimization:
oAuto Radio Resource Allocation: allows individual access points to monitor for RF
changes and, in conjunction with Calibration information, make appropriate channel
assignment changes.
oSelf Healing: In the event that an AP fails, surrounding APs can automatically increase
their transmit power level to fill in any gaps.
oLoad Balancing: ensures optimum performance by automatically spreading client
association in an equitable manner to avoid the premature saturation of a single AP.
•RF Monitoring:
oCoverage Hole Detection: Continuous monitoring of client data access and error rates
provides for the identification of coverage holes or areas of diminished service.
oInterference Detection: notifies network administrators when localized interference
becomes sufficient to cause performance degradation.
oEvent Threshold Configuration: provides the ability to configure event thresholds to notify
the administrator when certain RF parameters are exceeded.
•Wireless Intrusion Detection: can identify and defeat a wide assortment of DoS attacks
aimed at Wi-Fi networks.
ESD/ Central Pre Sales / DF/ JM 7/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
1.1.5. Mobile IP Touch Terminals
Alcatel makes two MIPT models available, one each for office and industrial use. The performance of these
two handsets is very similar but their designs and options are focused for use in specific environments. Both
of these terminals are products of an OEM partnership between Alcatel and Spectralink.
For office environments Alcatel proposes the MIPT 300.
Dimensions : 5.5” x 2.0” x 0.9” (14 x 5.1 x 2.3 cm)
Weight: 4.2 ounces (119 grams)
For industrial environments (manufacturing facilities,
warehouses, and other harsh environments) Alcatel proposes
the MIPT 600 with special “Push-to-talk” function.
Dimensions : 5.9” x 2.2” x 1.0” (15 x 5,6 x 2,5 cm)
Weight: 6.0 ounces (170,1 grams)
Both terminals employ a standard 12 button keypad (0-9, *, #).
Four soft keys are supplied on MIPT handsets:
•Menu key: access to phone features
•Function key: access to a customization menu
•Navigation keys (Qty-2): selection keys for menu navigation.
The Ni-MH battery supplied with MIPT handsets is capable of
operating for 4 hours of talk time and supporting 80 hours of
standby operation.
1.1.6. Terminal Options (Chargers, Clips, Pouches)
To complement Alcatel’s MIPT handsets offerings, Alcatel includes in its catalogue a list of optional
components for use directly with the MIPT 300 and MIPT 600.
Clothing/Belt Clips:
The MIPT 300 and MIPT 600 each have an option for a
model specific Clothing Clip.
Pouches: (MIPT 600 only)
For handset protection and ease of transport, the MIPT 600
can be equipped with one of two optional pouches (with or
without keypad cover.)
ESD/ Central Pre Sales / DF/ JM 8/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
Swivel Clip for MIPT 300:
Offering easy removal of battery, interchangeable clips for
simple attachment to clothing.
Charging Stands:
The MIPT 300 and MIPT 600 each have an option for a
model specific Charging Stand. (For instance when ordering
from Actis, “the MIPT 300/600 Pack” provides the selected
MIPT set + the Charging Stand)
MIPT Charger Plug:
The MIPT 300/600 Charger Plug provides the AC-DC
transformer feeding the Charging Stand. The power plug is
country dependent.
Gang Charger: (MIPT 600 only)
To support multiple battery charging operations for MIPT 600
terminals, the four-port Gang Charger accepts batteries (not
terminals.)
Shown with two batteries.
Dual Charger Stand:
Available for MIPT 300 and for MIPT 600.
Charging priority provided first to the Phone Slot.
The spare battery starts charging when the phone battery is
fully charged.
ESD/ Central Pre Sales / DF/ JM 9/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
Configuration cradle:
One MIPT set configuration at a time
One slot per MIPT set type.
MIPT set configuration via Windows-PC (RS-232 serial
interface to PC).
Direct upload or download from/to the MIPT set flash
memory.
Store multiple configurations to support different user profiles
The cradle has 3 levels of device configuration (global or
individual).
Each level represents a particular configuration file that can
be loaded from or sent to a MIPT set.
System Level
Changes configuration parameters/settings common to all
phones. E.g., WEP/WPA Keys, SSIDs, Subnet Mask, etc.
Group Level
Changes configuration parameters/settings common to a
group of MIPT sets. Ex for MIPT 600: PTT (Push To Talk)
enable/disable or PTT channels.
Phone Level
Changes configuration parameters/settings unique to an
individual telephone. E.g., extension numbers, static IP
addresses, and/or ring tones.
Customizable Rings on MIPT 300 and 600:
Ring Tone, Ring Delay, Ring Cadence and Vibrate Cadence parameters can all be adjusted independently to
meet individual call notification preferences.
Ring Volume on MIPT 600
Ring Volume is adjustable only on the MIPT 600.
Icon Display on MIPT 300 & 600
Icons are available on the MIPT 300/600 display to indicate the present RF
Signal Strength and the Battery Power Level.
ESD/ Central Pre Sales / DF/ JM 10/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
2. Operational Modes and Considerations
The Alcatel VoWLAN solution presents several topology, call handling and performance options to meet
customer demands. Many of these options are described below.
2.1. Infrastructure Topology Options
Being as no two customer network environments are exactly the same, it is critical for technology such as
VoWLAN to possess a great degree of flexibility. Alcatel’s MIPT solution is not exempt from this requirement.
The following section highlights some MIPT architectural adaptabilities.
2.1.1. Direct Mode (Direct-Attach)
In Direct Mode operation, the Access Points are directly connected to the 10/100 Ethernet switch interfaces on
an Alcatel OmniAccess Wireless Switch (model: OA4308, 4324 and/or 6000.) These WLAN Switches have
the ability to provide Power over Ethernet (IEEE 802.3af) to Access Point (AP) on all Ethernet ports (Power Class
3 for all ports simultaneously.)
This type of operational mode is desirable and advantageous in the following situations:
1. In small buildings or locations where cables lengths are less than 100m (in order to effectively
leverage integrated IEEE 802.3af capabilities.)
2. Where there is no existing data network or the existing data network is already operating at
maximum capacity.
3. When existing data network elements lack the ability to provide sufficient IEEE 802.3af power to
Access Points.
4. When wireless LAN Access Point controller redundancy is not necessary.
5. For small WLAN environments requiring only a small number of Access Points.
6. To meet requirements for completely independent voice and data networks/backbones.
Figure 1: Direct Mode (WLAN Switch)
ESD/ Central Pre Sales / DF/ JM 11/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
2.1.2. Appliance/Overlay Mode
In Appliance Mode operation, Access Points are not directly attached to Alcatel OmniAccess Wireless
Switches. In this type of operational mode, the Alcatel OmniAccess Wireless Switch acts only as an Access
Point Controller and does not directly host AP via local 10/100 ports.
This type of operation mode can be highly desirable and advantageous in the following situations:
1. When existing data network elements are present and capable to supporting WLAN Access Points
and traffic.
2. In large and/or multi-floor buildings where cables lengths are commonly in excess of 100m from the
data switching centers and wiring closets to Access Points, thus causing problems for Inline Power
over Ethernet (IEEE 802.3af.)
In cases such as this, localized power options can be proposed to meet or eliminate the distance
limitation and power problems.
3. When system failover/redundancy of the WLAN controller elements is highly desired.
2.1.2.1. Appliance /Overlay Mode Operation
While OmniAccess Wireless Switches can support Direct Mode operation, they can also be used for Appliance
Mode scenarios. In this way, Access Points can be directly connected to an existing LAN infrastructure Ethernet
data switch (from Alcatel or third party supplier.) These Access Points can be configured to automatically
connect to one or multiple OmniAccess Wireless Switch(s) using a tunnel protocol optimized for lightweight
access points management and traffic transport (GRE, IPSec, and/or L2TP.)
This type of operational mode with OmniAccess Wireless Switches allows for a low cost redundancy proposal
for small configurations, particularly with the OmniAccess 4308 model. By being aware of the IP addresses
of multiple OmniAccess Wireless Switches, Access Points can perform near-immediate transfer of
management responsibilities to backup OmniAccess Wireless Switches and in so doing maintain operation
during periods of partial network outage and/or OmniAccess Wireless Switch maintenance.
Since Access Points are not directly attached to OmniAccess Wireless Switches, network connectivity and
power options must be provided by an Ethernet switch or other source. It is important to ensure that the
desired Ethernet switch is capable of supporting the QoS requirements of the VoIP traffic that it will be forced
to carry. The tunnel path between the Access Point and the Wireless Switch must receive high priority to
ensure a sufficient level of voice quality.
We can also mix both modes (Direct and Appliance) but for backup purpose the best solution remains the
Appliance mode.
ESD/ Central Pre Sales / DF/ JM 12/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
Figure 2 OmniSwitch 6600-P24 (supporting IEEE 802.3af)
Since the Access Points can not benefit from the Inline Power capabilities of the OmniAccess Wireless Switch,
the Ethernet switch must be capable of supplying sufficient and standard format power (full 15W limit of IEEE
802.3af.) In the event that this can not be achieve, several options are available:
•The OmniAccess Access Point can be supported via a localized
external power supply. This AC/DC transformer is the same type
of device used to recharge batteries in PDAs, mobile phones, and
some laptop computers. While an available option, the use of
localized power is discouraged due to the likely location of Access
Point placement and this proximity to AC outlets, fire-code safety
concerns, and power autonomy costs.
External Power Su
pp
l
y
•Inline Power Injectors can be used to provide IEEE 802.3af power to
individual Access Points. These low-cost, single port (one in, one out)
injectors can be used in situations where only one or a few devices require
power. These devices require a local AC outlet connection to
produce IEEE 802.af power and then inject this power along
with the Ethernet traffic that pass transparently through it.
Inline Power Injector
•Much like the above discussed Inline Power Injector, Inline Power
Patch Panels can be used to achieve the same effect when more
than a few devices require IEEE 802.3af power. Alcatel offers
Power Patch Panels in 6, 12, and 24 port varieties.
Power Patch Panel
2.2. Quality of Service
The QoS management responsibilities are shared between the SVP Server and the OmniAccess infrastructure
components.
The first responsibility of the SVP Server is to control the number of simultaneous voice flows permitted per
Access Point. While the absolute maximum limit of simultaneous voice conversations per Access Point is 14,
assuming ideal conditions, the actual limits enforced per Access Point must take competition (bandwidth and
radio spectrum sharing with data clients) and signal quality (distance from AP and radio
obstacles/interference) into consideration.
The SVP Server is also tasked with the coordination and synchronization of MIPT traffic on each AP in order to
avoid the collision of MIPT voice flows with each other and other traffic forms. These coordination and
synchronizations activities are performed without any enforceable congestion avoidance or traffic shaping
ESD/ Central Pre Sales / DF/ JM 13/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
mechanisms. This makes SVP efforts towards QoS, in the R 1.1.1 offer, a “Best Effort” prioritization function.
(No current VoWLAN offer supports better QoS facilities than the Spectralink solution employed by Alcatel.)
Infrastructure components, such as the OmniAccess Wireless Switch and/or OmniAccess Wireless Appliance
possess the ability to assure certain levels of prioritization of voice traffic over data traffic. This can only be
performed in a single direction (using Weighted Fair Queuing), from the infrastructure towards the MIPT
handset. No infrastructure facility (such as IEEE 802.11e) is presently included in Alcatel’s MIPT VoWLAN
R1.1.1 solution to provide for QoS from the MIPT handset towards the wired LAN. For prioritization from the
MIPT handset in the wireless environment towards the wired LAN, only proprietary methods and adaptations
of the IEEE 802.11 PIFS (PCF Interframe Spacing) option are currently offered. (Further information on these
proprietary methods can be found in the Spectralink SVP Whitepaper and the to-be-released Alcatel Voice
over Wireless Local Area Network Engineering Reference.)
Figure 3 QOS on WLAN solution
As with all other forms of Voice over IP, strict prioritization on the wired LAN is essential in order to eliminate
the effects of traffic competition on quality. For this reason, VLAN prioritization using IEEE 802.1q (VLAN
priority option) and traffic prioritization using 802.1p by the data network elements are considered
mandatory for connections between infrastructure components and the OmniPCX Enterprise. This is
especially important for connects to devices like the SVP Server, which can not current stamp packet priority
labels on traffic.
2.3. Security
Security is always a sensitive topic to discuss, and opinions on how best to provide for it vary greatly from one
engineer to the next. With this in mind, Alcatel is constantly developing the list of security options available
within the MIPT VoWLAN solution offer to satisfy as many different opinions as possible.
For the R 1.1.1 solution offer, Alcatel makes the following security recommendations:
2.3.1. SSID Broadcast
When designing and managing a Wireless LAN, engineers must make calculated compromises
between performance and ease of use. One such decision is that of whether or not to broadcast the
SSID (Service Set Identifier) of a wireless network. Broadcasting the SSID allows clients to “scan” for
available network and then attempt to join them. This eliminates the need for users to explicitly know
the name of the network that must be defined in their 802.11 client configuration, since it can be
learned from the over-the-air broadcasts (excluding MIPT terminals that must be configured manually
by design.) Obviously, not broadcasting the SSID provides the opposite: users must know the SSID.
In the above mentioned way, it is commonly thought that we can offer a limited realm of security
simply by not broadcasting the SSID of the Wi-Fi environment dedicated to VoWLAN activity. In truth,
ESD/ Central Pre Sales / DF/ JM 14/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
this practice is often far more troublesome to network administrators than it is to network attackers.
The advantages of SSID broadcast usually far exceed the threat of visibility it offers.
Since all MIPT terminals must be manually configured with an SSID, the decision to enable or disable
SSID broadcast is of little consequence to Alcatel MIPT terminals. There is no impact to ease of use
or functionality presented by the state of SSID broadcast. Alcatel recommends that customers
maintain their current or desired security policies governing this topic.
2.3.2. Authentication & Encryption
At present, for the MIPT R 1.1.1 offer, Alcatel provides authentication and encryption options based
on WEP 128 (Static Key) and WPA-PSK. This means that, if selected, wireless traffic for VoWLAN can
be encrypted based on RC4 ciphering techniques (with or without TKIP) and “Shared Key”
authentication mechanisms. Pre Shared Keys must be manually entered in each MIPT terminal at
installation. In the case of WPA-PSK implementation, the Pre Shared Key is used for initial
authentication and as the seed for Temporal Key Integrity Protocol key rotations. No other
authentication and/or encryption options are presently available (i.e. 802.1x authentication and/or
802.11i / AES encryption.)
WEP is recognized as being a weak security option due to the static nature of the encryption key.
Derivation of the key is possible through simple passive scanning techniques and data analysis. To
counter this problem, the Wi-Fi Alliance has defined a standard known as WPA. WPA, in reality, is
WEP enhanced with TKIP key rotation. This prevents key derivation through passive scanning and
brute force attacks. WPA-PSK can be implemented in most infrastructure environments through
simple software upgrades, making it a universally available, simple and effective scheme for content
protection.
Alcatel strongly recommends the use of WPA in order to provide for the highest levels of
confidentiality and network security.
2.3.3. MAC Address Filtering
MAC address filtering facilities are provided for within Alcatel’s OmniAccess product platforms.
Alcatel strongly encourages the use of LOCAL MAC address filter rules to help ensure that only
authorized wireless clients are permitted to join the VoWLAN network.
For more information on MAC address filtering, please refer to the Alcatel VoWLAN Engineering
Reference.
2.3.4. Rogue Activity Detection
Rogue Access Points and Rogue Ad-Hoc Wi-Fi activity can seriously degrade VoWLAN voice quality
by wreaking havoc with carefully designed and implemented Radio Frequency coverage patterns.
For this reason, Alcatel strongly recommends the use of the OmniAccess Wireless Protection option to
identify and eliminate these potential threats. The nominal cost of this technology option provides an
immense amount of investment protection, and the value of Rogue Activity Detection can not be
stressed enough.
ESD/ Central Pre Sales / DF/ JM 15/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
2.3.5. Isolation Practices
Network segmentation is seen as a critical core component of any network security design.
Separating traffic by type and application scope allows for more sophisticated security methodologies
to be later implemented. VPN, Packet Inspection/Filtering, Access Control Lists, and other security
technologies generally rely on network segmentation in order to be most effective.
For the above reasons, Alcatel strongly suggests a Voice and non-Voice domain separation on
VoWLAN equipment. Sharing the VoWLAN environment with non-voice related elements is a
compromise in security that does not need to be made.
2.3.6. Layer 3 & 4 Filtering (ACL & Packet Inspection)
It is assumed that the VoWLAN environment will be hosted on a customer network which also
supports data networking environments. To assure privacy and system security, security controls
should be implemented at network routing points to restrict the ability of non-voice related elements
from gaining access to VoWLAN and OmniPCX Enterprise components. These security controls can
be delivered in the form of router or route-switch based Access Control Lists or via dedicated Packet
Filtering and Packet Inspection platforms.
Alcatel’s OmniAccess WLAN 43xx and 6xxx products incorporate integral Stateful Inspection
technology. This allows for strong access control policies and network protection.
2.3.7. Auxiliary Security Measures
In addition to the standard security mechanisms discussed above, some customers may desire to
implement specialized security measures that apply specifically to their environment. Use of MAC
address controls within the external TFTP server or DHCP server, as well as other application security
methods can be very advantageous. Alcatel offers none of these server-based features, but
encourages customers to explore the security capabilities present in third-party support hardware.
3. Design Process for VoWLAN
3.1. Pre Sale Data Collection
In order to prepare an Alcatel VoWLAN solution, several pieces of documentation must be sourced from the
customer. The accuracy of a final system proposal is directly related, in most cases, to the amount and
quality of information collected prior to initiating design formulation.
3.1.1. Physical Diagram (to include existing wireless technologies)
A clear understanding of the customer’s physical network topology is essential in order to properly determine
the possible future locations and integration points of VoWLAN support elements. This physical diagram
should be as complete as possible and include information related to all existing customer infrastructure
(Data Wi-Fi, LAN, MAN, closet switching platforms (to include power feeding abilities), core routing
platforms, copper and fiber patching facilities (termination types).) Again, an accurate MIPT VoWLAN
solution can not be developed without this information.
The physical diagram is responsible for helping the design engineer in gauging a number of placement and
connectivity options from the number of locations where OmniAccess Wireless Switch/Appliance platforms
ESD/ Central Pre Sales / DF/ JM 16/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
can be housed, to the type of physical connectors needed on the fiber patch cords to connect them to the
network. To meet this requirement, the physical diagram must contain as much detail as possible.
This diagram should also detail cable-plant distances and the ability of existing data network switches to
support IEEE 802.3af power in sufficient quantity for the proposed solution.
Of a much more complex nature is the presence and status of existing wireless technology. The Physical
diagram should detail, in as much detail as possible, the presence of existing or proposed Bluetooth, Wi-Fi,
microwave technology, high-gain or industrial radio transmitters, DECT/PWT technologies and other
interference or radio spectrum competitors.
Figure 4 Physical Diagram
3.1.2. Logical Diagram
Logical Diagrams are also critical for complete and accurate solution construction. The logical diagram must
include information related to the existing customer VLAN strategy, QoS policies, Security measures,
redundancy and fault tolerance schemes, as well as future provisioning and traffic shaping.
Information gathered from the logical diagrams will determine IP addressing schemes, security measures,
and VLAN mapping as well as influence certain physical design options (ideal SVP Server location, ideal TFTP
& DHCP Server location, etc.)
This diagram shows the different domains at layer 2 and 3 currently used in the customer network: VLANs,
Broadcast domains, IP subnets and IP addressing Plan.
ESD/ Central Pre Sales / DF/ JM 17/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
Figure 5 IP Addressing Plan
This call-flow diagram shows the logical paths for Voice and Data at Wireless and Wired level.
Figure 6 Logical paths for Voice and Data
3.1.3. Floor Level Maps/Diagrams
To complete detailed planning, a floor level diagram is required. This floor level diagram can be used in the
design process in two different ways, Prediction Planning and for the Site Survey. This diagram does not
necessarily need to include detail on how desks are situated within office and where toilets and potted plants
are located within restroom, but walls, dividers, elevators, pillars, windows, doors, and other obstacles should
be clearly marked and to scale.
ESD/ Central Pre Sales / DF/ JM 18/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
Figure 7: Floor Map (with scale & legend)
3.1.4. Customer Specific Application & Design Considerations
Due to the fact that Alcatel’s MIPT VoWLAN solution is being offered in a multi-stage fashion with evolving
capabilities, it is important for the design engineer to compare expected customer usage patterns against
current MIPT release restrictions before proposing an Alcatel MIPT VoWLAN solution.
3.1.4.1. Feature Restrictions (R1.1.1)
We must be aware that MIPT handsets are not as full featured as DECT/PWT technology. The MIPT handset
is capable of accessing PBX resources and enhanced features not commonly available to standard H.323
terminals (set supervision (partial), twin set, three party conference, camp-on, (immediate, busy & no answer)
call forwarding, call enquiry, business call, private call, call transfer, call back request, …) but can not be
used for any of the following:
•Dial by name
•Participation in text messaging
•Act as an alarm set of a notification server
•Be an attendant set
•Be the main set in a Hotel Suite (MIPT can act as a secondary Hotel Suite set)
•Be a Guest/Room set
•Be used as a CCD agent
•Be notified of a message by a LED or by an icon
For a more complete list of available and non-available features, refer to the OXE R6.1 Feature List.
ESD/ Central Pre Sales / DF/ JM 19/34 June 2005 – Ed 01
Design Guide for the Alcatel OmniPCX Enterprise – Mobile IP Touch
3.1.4.2. MIPT Offer Restrictions (R1.1.1)
Before proposing an Alcatel MIPT VoWLAN solution, we must ensure that the customer environment can host
the desired technology. This means ensuring the following:
•All existing, or proposed, OmniPCX Enterprise platforms planned to support MIPT VoWLAN must
operate on OXE-R6.1 or greater.
•Voice over Wireless Local Area Network solutions are restricted in IP network communication options.
As a result of this, all MIPT VoWLAN ‘infrastructure,’ ‘terminals,’ and ‘server’ components (excluding
RF Director Management) must exist in a single IP broadcast domain (bridged VLAN & SSID
environment.)
RF Director Management and OXE components can exist in a separate network and/or IP subnet. It
is not mandatory or recommended for security reasons to place these object in the VoWLAN
broadcast domain.
•SVP Server redundancy and/or duplication are not offered or supported in MIPT R1.1.1. No Master-
Slave or Load Balancing options are presently offered or supported. One, and only one, SVP Server
is required for each MIPT VoWLAN design.
It is not unusual for a customer to desire strong redundancy and failure resiliency options for voice
applications. Alcatel’s MIPT VoWLAN R1.1.1 solution provides redundancy options for
Communications Servers, PBX Ethernet accesses, AP controllers, and in some cases can eve provide
for Access Point redundancy. Support for SVP Server redundancy, however, is not currently possible.
•As part of the MIPT R1.1.1 offer (and due to the single SVP Server/Gatekeeper limitation), the
maximum number of simultaneous calls and/or MIPT subscribers are Gatekeeper dependent:
oEmbedded Gatekeeper in SVP Server:
Up to 60 simultaneous calls and/or up to 400 MIPT subscribers
oExternal Gatekeeper (i.e. GNU Gatekeeper version 2.07 validated by Alcatel):
Up to 80 simultaneous calls and/or up to 500 MIPT subscribers
oFor example a configuration made of 401 MIPT users with 55 simultaneous calls requires an
External Gatekeeper. Similarly a configuration made of 250 MIPT users with 61
simultaneous calls also requires an External Gatekeeper.
•MIPT VoWLAN terminals are restricted to 802.11b network environments. Alcatel’s MIPT VoWLAN
R1.1.1 solution is based on IEEE 802.11b technology. Alcatel offers support for IEEE 802.11g and
IEEE 802.11a data subscribers via the OmniAccess range or products, but provides no option for
non-IEEE 802.11b handsets.
ESD/ Central Pre Sales / DF/ JM 20/34 June 2005 – Ed 01
Table of contents
Other Alcatel IP Phone manuals
Alcatel
Alcatel OmniPCX Enterprise 4039 User manual
Alcatel
Alcatel IP30 User manual
Alcatel
Alcatel OmniPCX Office Easy Reflexes User manual
Alcatel
Alcatel TEMPORIS IP 200 Service manual
Alcatel
Alcatel Temporis IP100 User manual
Alcatel
Alcatel Temporis IP150 Instruction Manual
Alcatel
Alcatel Omni Office Instruction manual
Alcatel
Alcatel First Reflexes User manual
Alcatel
Alcatel Temporis IP 600 User manual
Alcatel
Alcatel Temporis IP251G User manual
Alcatel
Alcatel OmniPCX Office User manual
Alcatel
Alcatel Advaced Reflexes User manual
Alcatel
Alcatel Advanced Reflexes User manual
Alcatel
Alcatel IP2015 User manual
Alcatel
Alcatel IP Touch 4008 User manual
Alcatel
Alcatel T30 User manual
Alcatel
Alcatel Temporis IP901G User manual
Alcatel
Alcatel First Reflexes User manual
Alcatel
Alcatel TEMPORIS IP 200 User manual
Alcatel
Alcatel Advanced Reflexes User manual
Popular IP Phone manuals by other brands
Barracuda
Barracuda Cisco 7900 Series Quick reference guide
Cisco
Cisco IP Phone 6851 Administration guide
Cisco
Cisco WIP310 - iPhone Wireless VoIP Phone user guide
Yealink
Yealink T58A Skype for Business user guide
Grandstream Networks
Grandstream Networks BroadWorks BLF GRP260X Configuration guide
Snom
Snom 320 manual