Training IP Foundations for VoIP Carriers (ecgt2020)
VoIP networks are subject to attacks that were impossible on SS7 networks. We cover the key attacks and failure conditions. We show how un-protected networks are subject to attackers can interrupt service, steal confidentiality (such as recording phone calls), steal service, overload the system, retrieve customer data, etc. We include US Federal government requirements for Customer Proprietary Network Information (CPNI). And we show how to defend your network against VoIP network attacks.
This course is intended for network planners, engineers, and operators of VoIP networks who need to know the specific details of the underlying technologies: IP Routing, Ethernet, Quality-of-Service systems, VLANs, and VoIP System components. This course is designed to enable focused learning on tactical skills needed every day at VoIP carriers. At the end of the course, you will be able to:
- Read and understand a router configuration
- Perform fundamental configuration on a Cisco router, including special requirements for VoIP
- Plan, configure and troubleshoot Ethernet switching
- Understand and plan a VoIP network interfacing with multiple devices and carriers
- Understand and configure NAT, and understand its affect on VoIP calling
- Understand core VoIP component types and their interaction
This class is intended for participants with little or minimal IP networking expertise. It is great for engineers and technicians migrating from TDM/SS7 environments and for new staff learning IP networking.
IP Routing. The IP Routing module introduces the concepts of Internet routing using point-to-point links. IP Routers are at the heart of service provider networks, and a solid understanding of their capabilities makes design and troubleshooting possible. Participants learn the basic theories of IP addresses, subnet masks, and routing tables.
Examples center on WAN (point-to-point) networks. Exercises ensure knowledge of precise router function and use Cisco syntax.
IP over Ethernet. For many simple networks, Ethernet just works. But new, large-scale Ethernet networks that spread Ethernet over large distances require detailed understanding of Ethernet's basics of operation. This module will enable you to make solid design and operation decisions both in local and customer networks, and in a carrier core network. Auto-learning Ethernet Switches and Ethernet rings add significant capability but latent complexity. This module covers MAC addresses and transmission rules, mapping of IP addresses to MAC addresses with ARP, the differences between Ethernet hubs and switches, and the detailed operation of Auto-learning Ethernet switches. This module's exercises cover knowledge of exact Ethernet behavior, and include troubleshooting of Ethernet problems.
Routing and Ethernet. This module covers specific issues related to IP routing on Ethernet. Participants learn to use Ethernet as a powerful tool both for local and distributed networks. IP Address management is covered in detail. The exercises are designed to provide thorough comprehension of routing and Ethernet transmission function; further, participants gain experience performing basic network planning and configuration on Cisco equipment.
Real-Time Flows and QoS. This module covers the fundamental of Real-Time flows used for VoIP audio and video. Participants learn how Internet networks are optimized, and how to implement prioritization to make VoIP calling successful. The exercises involve troubleshooting audio problems, and basic interpretation of packet captures showing RTP media.
Transport Protocols – TCP and UDP. This module discusses the transport "middleware" used in IP networks, and how VoIP uses these systems. This module help participants understand fundamental operation of protocols in IP networks.
Firewalls and NAT. Firewalls and Network Address Translation are facts of life for VoIP operators, often appearing both at customer locations and in the network core. However, they both have significant effects on VoIP signaling and media. This module covers the basics of firewalling and NAT technology, how to implement and configure routers to perform these functions, and how to plan for VoIP deployments involving these. Participants will configure routers to perform these functions, and analyze the precise effects on VoIP.
Dynamic Host Configuration Protocol. The Dynamic Host Configuration Protocol (DHCP) is used by most VoIP Customer-Premise Equipment to enable basic configuration. A solid basic understand is required to deploy CPE in large numbers. The exercises in this module let participants configure, test, and analyze DHCP behavior.
Domain Name System. The Internet Domain Name System (DNS) provides a key function for IP applications. It plays a special role in location VoIP servers. This module introduces participants to the operation of the technology, including recursive lookups to root Internet servers. In the exercises, participants learn how queries traverse the Internet.
VoIP Systems Overview. Once the underlying VoIP network is understood, this module introduces the foundational VoIP servers and devices, including SIP servers, registrars, Session Border Controllers, and PSTN Gateways, and CPE.
High-Availability Networking. To provide fault-tolerant VoIP services, a number of high-availability techniques are applied, such as redundant Ethernet with Spanning Tree Protocol, IP routing protocols like OSPF, and virtual IP and MAC addresses. This modules covers those and other technologies to help participants plan and operate high-availability network designs. Techniques for verifying high-availability designs are also covered. The exercises give participants a chance to configure and test some redundant networking technologies, including technologies used in geo-redundant networks.
Ethernet VLANs. Virtual LANs (VLANs) have become a standard part of Ethernet designs. Effective use can reduce equipment cost, and greatly improve reliability. Advanced VoIP deployment models require careful VLAN design and implementation. This module introduces VLANs, explains their use and configuration. In exercises, participants configure VLANs on managed Ethernet switches.
It will help if you know how to access and change the network settings on your computer, and access a Command Prompt or Terminal window.