officeserv 7400 4.network configuration
Download
Report
Transcript officeserv 7400 4.network configuration
Proposed Network Configuration
OfficeServ 7400
Samsung Electronics Co., Ltd.
Contents
WAN Configuration
VoIP Network Configuration
Switch/Router Configuration
Security Configuration
© Samsung Electronics Co., Ltd.
2
WAN Configuration
© Samsung Electronics Co., Ltd.
3
WAN interface on the Serial
ISP
CSU/DSU
10.0.0.x
V.35/HSSI
IP Telephony
Management
10.0.0.x
Data Service
© Samsung Electronics Co., Ltd.
4
WAN1 and WAN2 interface with the ISP
DSL
DSL
Internet
Dynamic VDSL
Modem
Modem
IP Telephony
Static
61.77.137.81/25
LP40
MP40
Gateway
10.0.0.1
MGI
Call server
10.0.0.2
Data Service
© Samsung Electronics Co., Ltd.
Media Gateway
10.0.0.3
5
System to System
Site #A
IP Phone
ADSL
#1
IP : 61.77.207.154
MP40 : 10.0.0.2
MGI : 10.0.0.3
165.213.109.100
3202
Internet
Site #B
VDSL
VDSL
IP Phone
ADSL
Digital Phone
2001
IP Phone
10.0.0.20(DHCP)
3201
#2
IP : 61.77.137.81
MP40 : 192.168.0.2
MGI : 192.168.0.3
61.77.207.150(DHCP)
3201
Digital Phone
2001
© Samsung Electronics Co., Ltd.
6
DSL Configuration
ISP
AP
WIP5000M
DSLAM
Modem
ADSL/VDSL
PDA
GWIM
GSIM
Laptop PC
WLI
GPLIM
GPLIM
Management
© Samsung Electronics Co., Ltd.
Data Service
IP Telephony
7
Public IP Phone
Home
Internet
192.168.0.100
3202
WAN : 165.213.89.178
IP : 10.0.0.10
Public IP : 165.213.89.178
LP40
GWIM
MP40
LAN : 10.0.0.x
MGI64
IP : 10.0.0.15
Public IP : 165.213.89.178
16DLI
VoIP Phone
3201
© Samsung Electronics Co., Ltd.
GPLIM
Digital Phone
LAN : 10.0.0.100
2001
8
VoIP Configuration
© Samsung Electronics Co., Ltd.
9
NAPT for VoIP Service
165.213.109.186:6000U
Home
Public Fixed IP : 165.213.109.186
Inter Private IP : 10.0.0.1/24
MP40
IP phone
165.213.109.186:9000U
165.213.109.100 165.213.109.186:30000~30031U
3202
MGI
10.0.0.2:6000U
10.0.0.2:9000U
10.0.0.20
3201
MP
(10.0.0.2)
Digital Phone
10.0.0.3:30000
~30031U
NAPT
© Samsung Electronics Co., Ltd.
MGI
(10.0.0.3)
2001
10
SIP ALG
For standard SIP Phone
SIP
Internet
IP : 168.219.149.225
SIP standard
ADSL
WAN : 165.213.89.218
LAN : 192.168.1.1
SIP
IP : 192.168.1.180
SIP standard
IP Phone
PC
SIP
IP : 192.168.1.181
SIP standard
© Samsung Electronics Co., Ltd.
11
GWIM and GSIM QoS
AP
WIP5000M
Internet
PDA
Auto-QoS
Auto-Firewall (TBD)
Auto-NAPT Service
VoIP Group
10.0.0.0/24
© Samsung Electronics Co., Ltd.
Laptop PC
GWIM
-. HTBQ
-. SPQ
GSIM
-. Classification, DSCP Marking,
-. Policing, Buffer Management (WRED-like)
-. IEEE 802.1p marking, CoS Mapping
-. DiffServ, Scheduling
12
GPLIM QoS
Internet
Port based QoS (using port priority)
MP40
GWIM
GPLIM
GPLIM
-. CoS Mapping, Scheduling
IP phone with 5
value of 802.1p tag field
© Samsung Electronics Co., Ltd.
MGI
IP phone with 1
value of 802.1p tag field
13
Switch/Router Configuration
© Samsung Electronics Co., Ltd.
14
Layer 3 Routing
• GWIM : L3 Routing, QoS, Firewall/IDS, VoIP Service
• GSIM : L3 Routing, QoS, VoIP Service
• GPLIM : QoS, PoE
External Optical Cable : Sx,Lx
PSTN
Internet
IP Phones
1000Base-Sx/Lx
V.35/HSSI
GWIM
GSIM
GPLIM
External Optical Cable : Sx,Lx
Fail over & Load balancing
GPLIM
GPLIM
PC
Server Farm
© Samsung Electronics Co., Ltd.
10/100Base-Tx with PoE
Max. 2 PLIM per cabinet (24ports)
15
Layer 3 Routing with NAT
• GWIM : NAT/PT, DMZ, QoS, VoIP Service
• GSIM : L3 Routing, QoS, VoIP Service
• GPLIM : QoS, PoE
PSTN
Mail Server Web Server
Internet
External Optical Cable : Sx,Lx
V.35/HSSI
DMZ
1000Base-Sx/Lx
IP Phones
GWIM
GSIM
GPLIM
External Optical Cable : Sx,Lx
Fail over & Load balancing
GPLIM
GPLIM
PC
Server Farm
© Samsung Electronics Co., Ltd.
10/100Base-Tx with PoE
Max. 2 PLIM per cabinet (24ports)
16
Two Internal Network
Internet
WAN Configuration
165.213.97.100
192.168.1.1 (GSIM #1)
192.168.2.1 (GSIM #2)
LAN Configuration
192.168.1.1/24
192.168.2.1/24
192.168.0.x
DMZ
Web Server FTP Server
Server Access Group
Training Center
R&D Center
PC
PC
Server
PC
PC
PC
192.168.1.101 192.168.1.102 192.168.1.10 192.168.2.101 192.168.2.102 192.168.2.103
© Samsung Electronics Co., Ltd.
17
Layer2 Switching and Router
• GWIM : NAT/PT, DMZ, IDS, QoS, VoIP Service
• GPLIM : QoS, PoE
Internet
IP Phones
GWIM
GPLIM
GPLIM
PC
10/100Base-Tx with PoE
Max. 4 GPLIM per cabinet (48ports)
Max. 3 PLIM per cabinet (48ports)
© Samsung Electronics Co., Ltd.
18
VLAN Configuration
Internet
VLAN Config. (GPLIM)
-. Port Based
-. Tag Based
-. MAC Based
MP40
GWIM
VLAN Config. (GSIM)
-. Port Based
-. Tag Based
-. IP-Subnet Based
GPLIM/GSIM
MGI
PC Group
VoIP Group
© Samsung Electronics Co., Ltd.
Test Group
19
Configures OSPF
7400 B
192.168.30.0/24
PC
172.16.0.0/24
7400 A
7400 C
10.0.0.100
PC
30.0.0.100
10.0.0.0/24
30.0.0.0/24
7400 A
router ospf 1
redistribute connected subnets
network 192.168.30.0 0.0.0.255 area 0
7400 A Routing Table
router ospf 1
redistribute connected
network 172.16.0.0 0.0.0.255 area 0
network 192.168.30.0 0.0.0.255 area 0
192.168.30.0/24 is directly connected, Serial0
172.16.0.0/24 is subnetted, 1 subnets
O 172.16.0.0 [110/49] via 192.168.30.2, 00:01:11, Serial0
10.0.0.0/24 is subnetted, 1 subnets
C 10.0.0.0 is directly connected, FastEthernet0
30.0.0.0/24 is subnetted, 1 subnets
O E2 30.0.0.0 [110/20] via 192.168.30.2, 00:01:11, Serial0
DataServer
DataServer Routing Table
>> enable
>> configure terminal
>> router ospf
>> network 172.16.0.0/24 area 0
>> redistribute kernel
>> redistribute connected
O>* 10.0.0.0/24 [110/20] via 172.16.0.1, eth0, 00:02:31
C>* 30.0.0.0/24 is directly connected, eth1
C>* 127.0.0.0/8 is directly connected, lo
O 172.16.0.0/24 [110/10] is directly connected, eth0, 00:03:10
C>* 172.16.0.0/24 is directly connected, eth0
O>* 192.168.30.0/24 [110/74] via 172.16.0.1, eth0, 00:02:32
7400 B
© Samsung Electronics Co., Ltd.
C
20
DHCP Configuration
Internet
ADSL
WAN : 165.213.109.186/24
LAN : 10.0.0.1/24
PC
IP Phone
© Samsung Electronics Co., Ltd.
PC
PC
21
Security Configuration
© Samsung Electronics Co., Ltd.
22
Configure a IDS
Un-trusted Network
165.213.88.100
Mail server
165.213.109.0
Internet
165.213.87.230
Management
165.213.89.238
10.0.0.0
10.0.0.0
IP Telephony
© Samsung Electronics Co., Ltd.
Data Service
23
Configure a DMZ
ISP
Modem
DSLAM
165.213.97.100
Management
192.168.0.x
10.0.0.x
10.0.0.x
DMZ
IP Telephony
Web Server FTP Server
© Samsung Electronics Co., Ltd.
24
VPN Configuration
IPSec and IKE (Internet Key Exchange)
Tunneling (IPSec, PPTP, L2TP)
#1
IP : 165.213.109.185/24
10.0.0.1/24
© Samsung Electronics Co., Ltd.
#1
IP : 165.213.89.245/24
192.168.1.1
25
Samsung Electronics Co., Ltd.