Chapter 11. Clustering Expressways

This chapter covers the following topics:

Images Clustering Requirements: This topic will review the pre-requisite requirements that must be met before clustering Cisco Expressways.

Images DNS and Clustering: This topic will discuss the role DNS should play in Expressway clusters.

Images Zones and Clustering: This topic will examine different scenarios where Neighbor Zones and Traversal Zones are used with Expressway Clusters.

Clustering is certainly not a new concept. Ever since people began to store data on digital servers the architects of those servers have been working on solution to provide redundancy so that information will not be lost in the event of a server failure. Live content during an audio or video meeting is no exception to the vulnerability of servers going down. For this reason, the architects of the Expressway server have built redundancy into the solution through clustering. This lesson will provide you with the knowledge and skills to understand clustering for the use of redundancy on the Cisco Expressway. This knowledge includes understanding the requirements and limitations, integration with DNS, and how clustering functions with FindMe, Presence, Neighbor Zones, and Traversal Zones.

This chapter covers the following objectives from the Implementing Cisco Collaboration Cloud and Edge Solutions (CLCEI) exam 300-820:

Images 1.8 Describe key Expressway settings

Images 1.8.e Clustering

Images 2.1 Configure key Expressway settings

Images 2.1.e Clustering

“Do I Know This Already?” Quiz

The “Do I Know This Already?” quiz allows you to assess whether you should read this entire chapter thoroughly or jump to the “Exam Preparation Tasks” section. If you are in doubt about your answers to these questions or your own assessment of your knowledge of the topics, read the entire chapter. Table 11-1 lists the major headings in this chapter and their corresponding “Do I Know This Already?” quiz questions. You can find the answers in Appendix A, “Answers to the ‘Do I Know This Already?’ Quizzes.”

Table 11-1 ”Do I Know This Already?” Section-to-Question Mapping

Images

Caution

The goal of self-assessment is to gauge your mastery of the topics in this chapter. If you do not know the answer to a question or are only partially sure of the answer, you should mark that question as wrong for purposes of the self-assessment. Giving yourself credit for an answer you correctly guess skews your self-assessment results and might provide you with a false sense of security.


1. When using clustering to increase the capacity of an Expressway, how many registrations can a cluster of six Expressways support?

a. 2500

b. 10,000

c. 15,000

d. 40,000

2. Which of the following settings is true when setting up a cluster?

a. Federation and dual-homed domain spaces are supported within an Expressway cluster.

b. Major versions on Expressways being clustered must be the same, but minor version do not matter.

c. Room System and Desktop System licenses must be the same on all peers within the cluster.

d. Rich Media session licenses do not have to be the same on all peers within the cluster.

3. What round-trip-delay time must be maintained between all peers within a cluster of Expressways in order to support the sending and receiving of information?

a. 30ms

b. 40ms

c. 80ms

d. 300ms

4. Which of the following statements is true about using DNS with an Expressway cluster?

a. The DNS Server does replicate so only one cluster member needs to be created in DNS.

b. Reverse lookup is not used with clustering, so no PTR records need to be created.

c. SRV records are never required when setting up DNS to operate with Expressway Clusters.

d. The cluster FQDN must be used with the unique IP address of each Expressway when creating the A Records.

5. When creating Neighbor or Traversal Zones between clustered and single Expressways, which of the following combinations is allowed?

a. Three Expressway Cores neighbored to Six Expressway Cores

b. Two Expressway Cores traversing to four Expressway Edges

c. One Expressway Core neighbored to three Expressway Cores

d. Six Expressway Cores traversing to one Expressway Edge that is also traversing to another cluster of three Expressway Edges.

e. Three Expressway Cores Neighbored to Three Expressway Cores

f. All choices

Foundation Topics

Clustering Requirements

Clustering is achieved by establishing a logical group of up to 6 identical peer Expressways. This allows the systems to work together as one large Local Zone. Clustering Expressways can add both increased capacity and resiliency.

Clustering can increase the capacity of an Expressway deployment by a maximum factor of four, compared with a single Expressway. There is no capacity gain after four peers. So, if you deployed a maximum six-peer cluster the fifth and sixth Expressways do not add extra call capacity to the cluster. Resilience is improved with the extra peers, but not capacity. Also, the Small Expressway VMs are intended for Cisco Business Edition 6000 customers, so clustering of Small VMs only provides redundancy and does not provide any additional scale benefit. Capacity licensing is done on a per-cluster basis, and all capacity licenses installed on a cluster peer are available to any peer in the cluster. This includes Rich Media Session licenses and room system & desktop system registration licenses. Table 11-2 identified the capacity limitations within a cluster of Cisco Expressways.

Images

Table 11-2 Expressway Cluster Registration and Call Capacity limitations

Images

Clustering can provide redundancy while an Expressway is in maintenance mode, or in case it becomes inaccessible due to a network or power outage, or other reason. The Expressway peers in a cluster share bandwidth usage as well as routing, Zones, FindMeTM, and other configuration settings. All Peers within the cluster are always active; there is no hot-standby. Therefore, endpoints can register to any of the peers in the cluster. If an endpoint loses connection to its initial peer, it can re-register to another node within the cluster.

Requirements for setting up a cluster of Expressways has changed over the years. Therefore, you will want to check the Cisco Expressway Cluster Creation Deployment Guide for the version you are clustering before setting up the cluster to ensure all the requirements are met. However, for X12.5 Expressway cluster, ensure that the following requirements are met.

Images

Common settings that must be configured the same across all peers in a cluster include the following:

Images Only Expressway Cores can be clustered with Expressway Cores, and only Expressway Edges. Can be clustered with Expressway Edges. Likewise, a legacy VCS Control cannot be clustered with an Expressway Core or Edge, not can a legacy VCS Expressway be clustered with an Expressway Edge or Core.

Images All settings under the Configuration menu must be configured the same way. In a green-field deployment it is best to leave these settings at their default values until after the cluster is created. Then configure these settings on the primary Peer. The settings will be replicated to all other peers in the cluster. Brown-field deployments require only the primary peer be configured, because it will replicate the settings once the cluster is active. Any settings configured on other Peer Expressways will be replaced with the settings on the Primary Peer once the cluster is initiated.

Images All peers in the cluster must operate within the same domain. No federation or dual-homed domain spaces are supported within an Expressway cluster.

Images All peers must be running the same version of firmware, because how you configure a cluster may diverge between different versions. Therefore, if the firmware version is different, the cluster may not work.

Images All peers within the cluster must have the same set of option keys installed. Exceptions to this rule include Rich Media Session (RMS) licenses, and Room System and Desktop System registration licenses.

Images H.323 mode is enabled on each peer. This setting can be enabled under the Configuration > Protocols > H.323 menu and setting the H.323 mode to On. The cluster uses H.323 signaling between peers to determine the best route for calls, even if all endpoints are SIP endpoints.

Images The firewall rules on each peer must be configured to block connections to the clustering TLS ports from all IP addresses except those of its peers. Within the external network firewall itself, policies should be set up to block access to the clustering TLS ports as well.

Images

Common settings that must be configured differently across all peers in a cluster include the following:

Images Each peer must have a different System Name to all other peers.

Images Each peer must have a different LAN address configured. There must be no NAT between cluster peers.

These LAN addresses can be within the same subnet or in different subnets. As far as the network is concerned, there are only two other requirements that must be met. First, all peers within the cluster must be able to route to all other peers within the cluster. Second, each peer within the cluster must be able to support a round-trip-delay of up to 80ms. This is an improvement over previous versions of the Expressway that required a 30ms round-trip-delay. This means that each Expressway in the cluster must be within a 40ms hop to any other peer within the cluster.

In addition to all the requirements previously mentioned, there are some other considerations that must be taken into account regarding security certificates. Each peer in the cluster should have a certificate that identifies it to other peers. The minimum requirement regarding certificates is to set the TLS verification mode to the default value of Permissive. If you wish to have authenticated TLS connections, the certificate must also be valid and be issued by an authority that is trusted by all peers. This required the TLS Verification mode be set to Enforce. Cisco recommends populating the CN of all peer certificates with the same cluster FQDN, and populating each peer certificate’s SAN with that peer’s FQDN. Although using one certificate for multiple Expressways in one cluster is supported, this is not recommended due to the security risk. That is, if one private key is compromised on one device, it means all devices in the cluster are compromised.

Once an Expressway has been determined as the primary Configuration settings must only be configured on the primary. Any attempt to configure these settings on any other peer will result in those settings being overwritten by the primary immediately. When these settings are configured on the primary, they will be applied to all peers within the Cluster. The password for the default admin account is not replicated. Each Peer can have a different password for this one account. However, any other administration accounts and passwords created on Expressway peers will be replicated from the Master Peer to all other Peers.

Some settings within an Expressway cluster can be configured on any peer within the cluster, and these settings will be replicated out to all other peers. Peers share information with each other about their use of Bandwidth, registrations, and FindMe users. This process is part of what allows the cluster to act as one large Expressway Local Zone. The Event Log and Configuration Log on each Peer will only report activity for that particular Expressway. It is recommended that you set up a remote Syslog server to which the logs of all Peers can be sent. This log will allow you to have a global view of activity across all Peers in the Cluster. Figure 11-1 illustrates how an Expressway Cluster operated as one large Local Zone.

Images

Figure 11-1 Expressway Cluster Operation as one large Local Zone

DNS and Clustering

Images

Clustering Expressways managed by TMS is heavily dependent on DNS. However, whether TMS is being used or not, DNS can be used with Expressway clusters for many other purposes. A profound fundamental use of DNS with clusters is the use of round robin DNS. This process will allow for load distribution between all devices registering to the Expressway. Figure 11-2 illustrates how DNS can be used to create a load distribution of registered endpoints using the round robin method.

Images

Figure 11-2 Expressway Cluster Using DNS for Round Robin

In the previous figure there is a cluster of three Expressways that each have a unique IP address. The cluster uses the FQDN of exp-cluster.cisco.com and there are three A Records created in DNS, each using this cluster FQDN and the respective unique IP address of each Expressway Edge. When endpoint 1, indicated by EP1 in the figure, sends a “Who is…” request to the DNS server for exp-cluster.cisco.com, the DNS server will return the IP address from the A Record matching this URL using a weighted scale. If the weight of each entry is the same, a round robin distribution using a top-down approach is implemented. Therefore, endpoint 1 will receive the IP address 10.1.1.101 and will proceed to register to the first Expressway in the cluster. When endpoint 2 queries DNS for exp-cluster.cisco.com, it will receive the IP address 10.1.1.102 in response and proceed to register to the second Expressway in the cluster. When endpoint 3 queries DNS for exp-cluster.cisco.com, it will receive the IP address 10.1.1.103 in response and proceed to register to the third Expressway in the cluster. So, what happens when endpoint 4 queries DNS for exp-cluster.cisco.com? Since there are no more Expressways listed in DNS for this cluster, round robin will return to the first A Record. The IP address 10.1.1.101 will be sent to Endpoint 4 in response, and that endpoint proceed to register to the first Expressway in the cluster. This process will continue for each additional endpoint that tries to register using the exp-cluster.cisco.com URL.

In order to use DNS with a cluster of Expressways, the cluster name must be created in DNS as a Fully Qualified Domain Name (FQDN). The DNS Server configuration does not replicate, so each cluster member must also be created in DNS with both forward and reverse A records. The DNS servers must also provide address look up for any other DNS functionality required, such as NTP servers or the External Manager address if they are configured using DNS names. A Microsoft Front-End (FE) server FQDN look up may be required, as well as an LDAP server forward and reverse look up. Reverse look ups are frequently provided through Pointer (PTR) Records.

SRV records may also be required for the cluster as well. Multiple entries for each service with equal weights can be entered to cover each peer in the cluster. This configuration is advised for video interoperability and Business-to-Business (B2B) video calling but is not required for Mobile and Remote Access (MRA). For MRA, create a collab-edge SRV record for each pier in the Expressway Edge cluster. For B2B only calls the expressway Edge cluster has a DNS SRV record that defines all cluster peers. Part 3 of this book will delve deeper into the MRA solution.

Zones and Clustering

A cluster of Expressway Cores can be neighbored to a single Expressway Core. A cluster of Expressway Cores can also be neighbored to another cluster of Expressway Cores. Likewise, a cluster of Expressway Cores can traverse to a single Expressway Edge. A single Expressway Core can traverse to a cluster of Expressway Edges. And a cluster of Expressway Cores can traverse to a cluster of Expressway Edges. Figure 11-3 illustrates how Expressway clusters can communicate using Zones.

Images

Figure 11-3 Expressway Clusters using Zones

In each of these cases, when a call is received on your local Expressway and is passed via the relevant Zone to the remote cluster, it will be routed to whichever peer in that neighboring cluster has the lowest resource usage. That Peer will then forward the call as appropriate to one of the following:

Images

Images To one of its locally registered endpoints, if the endpoint is registered to that Peer.

Images To one of its Peers, if the endpoint is registered to another Peer in that Cluster.

Images To one of its external Zones, if the endpoint has been located elsewhere.

Images

When configuring a connection to a remote cluster, you should configure the relevant Zone with details of all the Peers in the cluster. Adding this information to the Zone will ensure that the call is passed to the cluster regardless of the status of the individual Peers. You will only need to enter the IP Address of all Peers only when configuring Neighbor or Traversal Client Zones. As you may recall, the Traversal Server Zones do not allow you to configure any IP Addresses. Also, Zones are only configured on the primary Peer within the cluster. Do not try configuring Zone settings on any of the alternate peers. When you are configuring a Zone between two clusters, it is not necessary to have the same number of Peers in each Cluster. For example, a cluster of three Expressway Cores can traverse to a cluster of six Expressway Edges.

Exam Preparation Tasks

As mentioned in the section “How to Use This Book” in the Introduction, you have a couple of choices for exam preparation: the exercises here, Chapter 22, “Final Preparation,” and the exam simulation questions in the Pearson Test Prep Software Online.

Review All Key Topics

Review the most important topics in this chapter, noted with the Key Topics icon in the outer margin of the page. Table 11-3 lists a reference of these key topics and the page numbers on which each is found.

Images

Table 11-3 Key Topics for Chapter 11

Images

Complete Tables and Lists from Memory

Print a copy of Appendix C, “Memory Tables” (found on the companion website), or at least the section for this chapter, and complete the tables and lists from memory. Appendix D, “Memory Tables Answer Key,” also on the companion website includes completed tables and lists to check your work.

Define Key Terms

There are no new Key Terms for Chapter 11

Q&A

The answers to these questions appear in Appendix A. For more practice with exam format questions, use the Pearson Test Prep Software Online.

1. List the six common settings that must be configured the same on each Expressway Peer within a cluster.

2. List the two common settings that must be configured differently on each Expressway Peer within a cluster.

3. List the three ways a cluster of Expressways will forward incoming call requests when using Zones.

Answers

1. common settings on each Expressway Peer

a. Same “Configuration” menu settings

b. Same domain

c. Same version of software

d. Same option Keys (except RMS and Registration)

e. H.323 Mode enabled on all Peers

f. Firewall rules on the Expressways block connections from all IP addresses except those of its peers.

2. different settings on each Expressway Peer

a. Different System Names

b. Different LAN Address

3. That Peer will then forward the call as appropriate to one of the following:

a. To one of its locally registered endpoints, if the endpoint is registered to that Peer.

b. To one of its Peers, if the endpoint is registered to another Peer in that Cluster.

c. To one of its external Zones, if the endpoint has been located elsewhere.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.86.235.207