How we did a gigantic amount of communication for a rather large security structure

Part of the equipment of the central network node, which, according to the survival scenario, can be completely destroyed, and the network will retain its basic functionality.

There is one state-owned enterprise, whose employees are guarding more than 2,000 different objects, including strategically important ones. IT, and indeed communications, is not within the scope of their main interests, therefore, it has few specialists in networks and telephony.

Within the framework of the project, two tasks were simultaneously solved: separation from the departmental network channels and saving on communication. If you are involved in IP-telephony, perhaps our experience will be of interest to you.

Situation

As part of a comprehensive project, we built for this customer a corporate data network on Huawei routers. Plus, the customer wanted to provide all of their facilities with telephone communications, while simultaneously reducing their costs. Only about 500 objects, for a start, they took up 270 of them. Objects are large - these are departments of regional units that manage work, respectively, at the regional level. Local branches are subordinate to them, and small areas are already subdivisions.


Each of the facilities had a local area network on the equipment that they could afford. The existing telephony at the facilities was implemented either on small PBXs connected to external telephone networks using conventional two-wire lines, or these two-wire lines were routed directly to offices and workstations. Some regional branch offices had E1 flows. There was no single standard for equipment and settings for telephony. There was one exception unit - a full-fledged piece of KSPD based on Cisco DMVPN and telephony based on Avaya were already built there. The Avaya PBX is currently integrated with Huawei-based telephony and a common dial plan.

Decision selection

By telephony, we examined key market players. The customer needed only basic telephone functionality - call routing, transfer, call forwarding, etc., scalability and disaster tolerance. This functionality was easily covered by all vendors. The scope of the project was large - the whole of Russia, so the choice was made for the price. In terms of price-quality ratio, the best solution was Huawei.

How was the KSPD built?

To build the DRC, we simply selected the routers by performance for each type of object. Here's what we got:

The parent company. Huawei AR2240:



regional offices. Huawei AR2240, Huawei 2220E or Huawei 1220 (depending on the size of the unit).

Local branches. Huawei AR1220:



Router Huawei 2220E:



Small sites: Huawei AR151:



From the point of view of the logic of building a network, between objects, repeating their hierarchy, we build GRE / IPSec tunnels, inside of which we transmit routing information using OSPF. It turns out such a tree structure. Routing scheme in a corporate data network:

Telephony

At first, the vendor, following the usual design schemes, proposed to carry out all call processing at one central point. In our case, this is the parent company.
Having estimated the size of the territory over which the customer’s objects are scattered, and the reliability of communication channels, we came to the conclusion that it is better to make processing distributed. In the adopted architecture, it occurs independently in the management of each of the regional units. The equipment of local branches is connected to the equipment of units in the Local Regeneration Mode. In this mode, calls between SIP phones and analog lines of the local branch are managed by the regional department, and if the connection with it is disconnected, it is automatically transferred to the local branch equipment. Small sites, in turn, receive analog voice gateways - devices that are registered via SIP on the control equipment of the regional unit and provide a number of analog ports.

Distributed call processing solved another problem: the corporate network had satellite crossings and tricky joints of several providers, thanks to which, for example, traffic between cities of the Far East cut a loop through Moscow. On some nodes, the network delay reached 1 second. With such a delay, telephones from distant points might not register at the central facility at all.

Equipment mounted in the local office:



As an alternative to the old PBXs, the regional offices received eSpace U1960 devices. It is a chassis with E1, FXO, and FXS interface modules and SIP support. ESpace U1911, similar smaller devices, went to small platforms.

PBX Huawei eSpace U1960:



eSpace U1911:



The parent company installed eSpace U1981, the older brother of U1960. In addition, in the offices of regional offices deployed a server for registering softphones. Employees of the customer who spend a lot of time on business trips use them.

External telephone lines, in most cases analog, or ISDN PRI interfaces and subscribers, are connected to the eSpace PBX. An auto attendant with extension dialing is supported.

On small sites, external telephone lines are not connected; small analog line adapters are used. Called IAD. IAD 104H analog line adapter:



In most cases, analogue telephones were used as subscriber devices. This made the solution cheaper at the initial stage compared to the mass installation of SIP phones, since telephone lines, unlike Ethernet cables, are already installed at the customer for all workplaces. Now, the customer’s own efforts are testing SIP devices from other manufacturers in order to enable regional units to purchase phones of their choice from a list of verified ones.

The heads of regional departments received SIP-devices with Android inside and video support. SIP-phone Huawei eSpace 8950:


Secretaries - devices with an extension panel. Huawei eSpace 7950 SIP Phone:

Some of the other employees are the base devices of the eSpace 7910. In the photo he is already “at work”. Huawei eSpace 7910 SIP Phone:

Result

The whole solution looks like this. KSPD and IP-telephony solution architecture:



What did the customer receive in the end?

The corporate data network has allowed the integration of local area networks into a common infrastructure. This is the basis for the application services, including telephony. In terms of telephony itself:

• Communication is now organized in the same way (you no longer need to think about which PBX is where and if it is at all), the same equipment is installed on objects of the same hierarchy level (regional branch office / local branch / small platform)
• Everyone uses a single numbering plan - employees have four-digit extension numbers, each regional unit has its own two-digit prefix
• The same telephone functionality is available in all local offices and offices - connecting analog and SIP subscribers, external FXO and PRI interfaces for connecting to city networks
• Everywhere there was an auto attendant for extension dialing. There is no longer any need to set up an external city line for each employee who receives calls from the city
• Finally, the classic IP-telephony - the cost of reducing long-distance calls over public networks - both by paying for calls and paying for city lines, the number of which can now be reduced.

Project Features

A total of 5 thousand subscribers are covered. The first part of the implementation is 10 months.

One of the main difficulties was the installation. Business trips to all the necessary points in our country would cost more than work. Therefore, we acted differently: we received equipment at the customer’s Moscow warehouse, unpacked, set up, then packed it back and sent it to places. On the ground, the customer’s employees plugged the equipment into a power outlet and a local area network, embroidered analog lines on the patch panel, after which we connected and tuned everything we needed. Often, some of the settings did not match the survey data - somewhere the wrong IP, somewhere not the same mask. A separate topic is analog telephone lines. With them, adventure never ends. We quickly got used to situations where parameters like pulse / tone dialing or a busy signal didn’t coincide, but there were moments and more interesting. At one of the facilities, the line when dialing from the telephone did not accept the number “9”. All other numbers were typed normally. It was decided only by laying a new cable.

ESpace has some good means of analogue telephony troubleshooting - from the web interface you can see current and voltage graphs of the line and even something like a sound waveform. It helped us a lot, but the main tools for solving problems, as in the old days, were a handset and a punch in the hands of a customer employee working on site. The project in general was more about interacting with people than about working with technology. Once, for example, after long attempts to conquer voltage fluctuations on external communication lines during long consultations and dialogs, we came across a person who told us that these lines along the way to the customer’s site pass near the power plant, and everyone has long been accustomed to pickups on them. The same person helped colleagues on the spot to correctly organize the grounding and ultimately solve the problem.

Well and yes, even for IVR we gave texts to the customer’s employees, and they called a special number and recorded greetings. Not Levitan, of course, but someone discovered the talent of an announcer.

At one site, we initially incorrectly loaded localization files, because of which the station told the external subscriber that he would be transferred to the extension in Chinese. The customer informed us that he hears “speech that is alien to his ear,” and suggested overwriting the voice file on his own. They showed him how to do it. After 5 minutes we make a test call and hear: “Of the sober people in the office, there are only signalmen, so we transfer the call to the IT department.”

References

• About the features of brake lines
• Alteration of the Aeroexpress network
• VKS in ECE
• My mail is ASigachev@croc.ru