Connect Convergence Configuration
Avaya Easy Management
The Avaya Easy Management integration is a one-way integration offering end-system data retrieval from Avaya on phones. This data enriches each end-system data set within ExtremeCloud IQ Site Engine and offers comprehensive reporting capabilities within OneView.
Module Configuration
| Service Configuration | Description |
|---|---|
| Username | Username used to connect to the Avaya SQL Anywhere 9 DB |
| Password | Password used to connect to the Avaya SQL Anywhere 9 DB |
| Avaya DB Server IP | IP Address of the Avaya SQL Anywhere 9 DB Server |
| Avaya DB Server Port | TCP port of the Avaya SQL Anywhere 9 DB Server |
| General Module Configuration | |
|---|---|
| Poll interval in seconds | Number of seconds between connections to the Avaya DB. |
| Module loglevel | Verbosity of the module. Logs are stored in ExtremeCloud IQ Site Engine's server.log file. |
| Module enabled | Whether or not the module is enabled. |
| Update local data from remote service | If this is set to true, data from the remote service will be used to update the internal end-system table. |
| Default end-system group | The default end-system group name to use for all phones retrieved from Avaya. |
| Enable Data Persistence | Enabling this option will force the module to store end-system and end-system group data to a file after each cycle. If this option is disabled, the module will forget all data after a service restart, but in order to clean already existing data, the corresponding .dat files have to be deleted. |
| Service Specific Configuration | |
|---|---|
| Custom field to use | The custom field withinExtremeCloud IQ Site Engineto update the information for endsystems retrieved from Avaya Easy Management (valid values: 1-4). |
| Format of the incoming data | Format of the data that gets stored in the custom data field. Syntax: Number: #phoneNumber#; User: #UserDefinedField1#; Hardware: #hardwareVersion#; Software: #swVersion#; Gatekeeper: #currentGatekeeperAddress#; Status: #status# Available Variables: mac, status, ipAddress, currentGatekeeperAddress, phoneNumber, swVersion, hardwareVersion, UserDefinedField1 |
| Use global endsystem groups | This feature enables the module to use the global endsystem groups of the OneFabric ConnectExtreme Connect. |
Verification
To verify proper functioning of the Avaya Easy Management integration, validate that data on Avaya phones has been published within NAC’s/OneView’s custom field within the end-system list.
Polycom CMA
The Polycom CMA integration is a one-way integration offering end-system data retrieval from Polycom for managed devices. This data enriches each end-system data set in ExtremeCloud IQ Site Engine and offers comprehensive reporting capabilities within OneView.
Required configuration within the Polycom CMA Web Management: navigate to Admin → SNMP Settings and enable SNMPv3:
- Transport: UDP
- Authentication Type: SHA
- Encryption Type: AES 128 Bit
The other values can be customized to your environment. SNMP community and V3 Context Name are not evaluated.
The integration has been tested with Polycom CMA 5.5.0.ER19 but should work with older versions from 5.3.0 upwards. Both CMA 4000/5000 are supported, as well as the complete HDX and VVX 1500 line of end-points. There is no software dependency on the endpoint devices as long as they are monitored by the CMA
Module Configuration
| Service Configuration | Description |
|---|---|
| Server | Polycom CMA Server IP |
| Password | Password used to connect to the Avaya SQL Anywhere 9 DB |
| SNMPv3 Security Name | SNMPv3 Security Name |
| SNMPv3 Auth Passphrase | SNMPv3 Auth Passphrase |
| SNMPv3 Privacy Passphrase | SNMPv3 Privacy Passphrase |
| General Module Configuration | |
|---|---|
| Poll interval in seconds | Number of seconds between connections to the Polycom CMA. |
| Module loglevel | Verbosity of the module. Logs are stored in ExtremeCloud IQ Site Engine's server.log file. |
| Module enabled | Whether or not the module is enabled. |
| Update local data from remote service | If this is set to “true”, data from the remote service will be used to update the internal end-system table. |
| Default endsystem group | The default end-system group name to use for all managed devices retrieved from Polycom CMA. |
| Enable Data Persistence | Enabling this option will force the module to store end-system and end-system group data to a file after each cycle. If this option is disabled, the module will forget all data after a service restart, but in order to clean already existing data, the corresponding .dat files have to be deleted. |
| Service Specific Configuration | |
|---|---|
| Custom field to use: | The custom field within ExtremeCloud IQ Site Engine to update the information for endsystems retrieved from Polycom CMA (valid values: 1-4). |
| Format of the incoming data: | Format of the data that gets stored in the custom data field. Syntax: Endpoint ID: #endPointID#, Status: #status#, Type: #type# Available Variables: endPointID, macAddress, status, type |
Verification
If you configured a valid NAC end-system group to assign Polycom devices:
- Verify that the MAC address of your Polycom end-points are now member of that end-system group in NAC.
- Verify that for each Polycom device the end-point’s device type (HDX or VVX) and the end-point’s status (offline/online) has been imported.
Microsoft Lync / Skype For Business
The Microsoft Skype for Business (formerly known as Lync) integration offers dynamic call prioritizations and comprehensive reporting capabilities within OneView.
Before installing and configuring the OFConnect integration for MS Skype for Business:
- Install the Skype for Business SDN API which can be retrieved from Microsoft:
http://www.microsoft.com/en-us/download/details.aspx?id=44274 - Make sure to point the Skype for Business SDN management service to your ExtremeCloud IQ Site Engine server (where ExtremeConnect is installed).
- Read the corresponding solution guide for further details.
Module Configuration
| Service Configuration | Description |
|---|---|
| Skype for Business SDN Management Service IP | IP Address of the Skype for Business SDN management service. |
| General Module Configuration | |
|---|---|
| Poll interval in seconds |
The time the module will wait during each run. |
| Caution | |
|---|---|
| During each run (cycle) the module will perform various steps some of which are putting extra load on the ExtremeCloud IQ Site Engine server. It is not recommended to set this value below 600 seconds (=10 minutes). The larger the ExtremeCloud IQ Site Engine environment (=number of NAC end-systems, switches, access points, etc.) the higher this value should be. Setting this value too high though (for example: 7200 seconds = 2 hours) will lead to the fact that administrators won’t be able to analyze call reports for up to 2 hours before those calls have ended. | |
| Module log-level | Verbosity of the module. Logs are stored in ExtremeCloud IQ Site Engine's server.log file. |
| Module enabled | Whether or not the module is enabled. |
| Enable Data Persistence | Enabling this option will force the module to store end-system data to a file after each cycle. If this option is disabled, the module will forget all data after a service restart, but in order to clean already existing data, the corresponding .dat files have to be deleted. |
| Service Specific Configuration | |
|---|---|
| Custom field to use | This field is not yet used by this integration so keep set to the default of 1. |
| ExtremeCloud IQ Site Engine Request Timeout | Timeout in seconds the module waits until it declares a web service call to ExtremeCloud IQ Site Engine as timed-out. |
| Time to wait for a quality update from Skype for Business | When a Skype for Business call finishes Skype for Business sometimes sends a 'QualityUpdate' shortly after the end of the call. We should be able to retrieve call quality information from this message. This timeout value defines the minimum number of seconds the module waits before it declares a call as fully ended (with or without the existence of a QualityUpdate info). |
| Enable audio call prioritization | Enable this to prioritize audio streams (connections/flows) for all Skype for Business calls if possible. If this is disabled, no audio streams for any Skype for Business call will be prioritized, either via XAPI or via ODL. You will still be able to access the OneView reports but no dynamic ACLs/QoS profiles will be created in the infrastructure for the audio flows. Default: true |
| Enable video call prioritization | Enable this to prioritize video streams (connections/flows) for all Skype for Business calls if possible. If this is disabled, no video streams for any Skype for Business call will be prioritized, either via XAPI or via ODL. You will still be able to access the ExtremeCloud IQ Site Engine reports but no dynamic ACLs/QoS profiles will be created in the infrastructure for the video flows. Default: true |
| Enable application sharing call prioritization | Enable this to prioritize application sharing streams (connections/flows) for all Skype for Business calls if possible. If this is disabled, no application sharing streams for any Skype for Business call will be prioritized, either via XAPI or via ODL. You will still be able to access the OneView reports but no dynamic ACLs/QoS profiles will be created in the infrastructure for the application sharing flows. Default: true |
| QoS Profile for audio calls | The name of the QoS profile used on the ExtremeXOS/Switch Engine access switches to prioritize audio calls. This profile must be pre-configured on each access switch manually before using it. |
| QoS Profile for video calls | The name of the QoS profile used on the ExtremeXOS/Switch Engine access switches to prioritize video calls. This profile must be pre-configured on each access switch manually before using it. |
| QoS Profile for application sharing calls | The name of the QoS profile used on the ExtremeXOS/Switch Engine access switches to prioritize application sharing calls. This profile must be pre-configured on each access switch manually before using it. |
| DSCP value for audio calls | The DSCP value to apply to audio call packets on access switches. This value can be picked up by all switches on the path between caller and callee to provide end-to-end QoS for audio calls. Default: 46 |
| DSCP value for video calls | The DSCP value to apply to video call packets on access switches. This value can be picked up by all switches on the path between caller and callee to provide end-to-end QoS for video calls. Default: 36 |
| DSCP value for app sharing calls | The DSCP value to apply to app sharing call packets on access switches. This value can be picked up by all switches on the path between caller and callee to provide end-to-end QoS for app sharing calls. Default: 26 |
| Default username for web access toExtremeXOS/Switch Engine switches | The default username to connect to ExtremeXOS/Switch Engine switches' HTTP(S) interface (xapi). This username is only used if there are no CLI credentials defined for a switch inExtremeCloud IQ Site Engine. Otherwise theExtremeCloud IQ Site Engine CLI username takes priority. This setting is only used if the OpenDaylight option is disabled. |
| Default password for web access to ExtremeXOS/Switch Engine switches | The default password to connect to ExtremeXOS/Switch Engine switches' HTTP(S) interface (xapi). This password is only used if there are no CLI credentials defined for a switch in ExtremeCloud IQ Site Engine. Otherwise theExtremeCloud IQ Site Engine CLI password takes priority. This setting is only used if the OpenDaylight option is disabled. |
| Hard timeout (in minutes) for Skype for Business calls | The number of minutes after which a Skype for Business call is considered as ended even if no ended notification has been received from Skype for Business in the meantime. If the configured amount of minutes have passed between the start of a call and now this call will be considered ended → any prioritization will be removed from the infrastructure, the call data will be removed from the in-memory list and reporting data will be created for OneView reporting. This feature handles cases where for some reason the Skype for Business front-end or SDN management servers have been down or communication has been blocked and thus OneFabric Connect didn't receive the 'call ended' notifications for one or more active calls. This setting is only used if the OpenDaylight option is disabled. When using an OpenDaylight controller, the corresponding flows will timeout automatically. Default: 360 (=6 hours). |
| Use Skype for Business call timestamp instead of local ExtremeCloud IQ Site Engine time | The Skype for Business front-end servers typically report the call start and end timestamps in UTC time - no matter for which timezone each FE server is configured. If this option is set to 'true', these timestamps are used for ExtremeCloud IQ Site Engine reporting but also to decide when to end a call (and remove its corresponding prioritizations) using the configured value for "call_hard_timeout_in_minutes". If you enable this option you need to ensure that your ExtremeCloud IQ Site Engine server is also running on UTC timezone otherwise the OneView reports will be off and the hard timeout functionality for call prioritization won't work properly. It is recommended to keep this option set to 'false' -→ in this case, the Skype for Business timestamps will be ignored and the local ExtremeCloud IQ Site Engine timestamp will be used at the moment the Skype for Business notifications arrive at your ExtremeCloud IQ Site Engine server. Default: false. |
| Number of days to store call reporting data | The number of days to store data on Skype for Business calls in the Derby DB. Calls that predate than the configured number of days will automatically be purged from the DB and won't appear in the OneView reports anymore. A higher value will have a negative impact on the overall performance of this module and the OneView reports. Default: 30. Purging is performed every night during the first run of the MSSkype for BusinessSDNHandler module after midnight. So if you set the interval for this module to 600 seconds purging will happen somewhere between midnight and 00:10:00 (0:10 AM). |
| Enable the cleanup routine for obsolete Skype for Business-related ACLs on ExtremeXOS/Switch Engine switches | Enable this to run an automated cleanup process one time per night/week. It will connect to all your ExtremeXOS/Switch Engine switches via Telnet or XAPI (depending on firmware support) and try to identify obsolete Skype for Business-related dynamic ACLs. If found, it will remove those ACLs from all ports and delete the ACLs from the switch afterwards. Set the interval for this process using the next setting cleanUpObsoleteACLsOnXosSwitchesInterval. This setting is only applicable if the OpenDaylight option is disabled. When using an OpenDaylight controller, the corresponding flows will timeout automatically. |
| Interval for cleanup routine for obsolete Skype for Business-related ACLs on ExtremeXOS/Switch Engine switches | If the feature cleanup_obsolete_acls_from_xos_switches is enabled, use this setting here to define the interval, which will be used for the cleanup routine. Two available options: daily or weekly. The default is weekly. |
| Enable the clean-up routine for obsolete Skype for Business-related ACLs on EOS switches | Enable this to run an automated clean-up process one time per night/week. It will connect to all your EOS switches via Telnet and try to identify obsolete Skype for Business-related policy ACLs. If found, it will delete the ACLs from the switch. Set the interval for this process using the next setting cleanUpObsoleteACLsOnEosSwitchesInterval. |
| Interval for clean-up routine for obsolete Skype for Business-related ACLs on EOS switches | If the feature cleanup_obsolete_acls_from_eos_switches is enabled, use this setting here to define the interval which will be used for the clean-up routine. Two available options: daily or weekly. The default is weekly. |
| Gateway Switches | A list of switches that are located at the edge of your network where all external Skype for Business calls pass through. If an external Skype for Business call is detected, a dynamic ACL to prioritize this call's ingressing flow will be created on all switches on this list on their ANY interface. This will enable QoS for external calls as they enter your network at those gateway switches. Ensure that these switches support the required number of dynamic ACLs for the ANY interface. If you don't want to enable this feature simply keep on empty with 127.0.0.1 in the list. If you manually modify this list make sure to keep the "id" values for all entries consistent and unique. Example entry: <gateway_switch_entry desc="Gateway Switch Entry" id="1" type="Entry"> <info>A Gateway Switch Entry</info> <value>127.0.0.1</value> </gateway_switch_entry> |
| Skype for Business Front-End Server IP addresses | A list of all Skype for Business front-end server IP addresses. If you want to prioritize conference calls but you cannot (or don't want to) enable any end-system tracking mechanism (RADIUS authentication, ExtremeXOS/Switch Engine IDM, OneController plugin) feature on your data center switches where your Skype for Business front-end servers are connected to, provide the list of all your FE server IPs here. When calls from or to your FE servers are seen, they will be prioritized on all gateway switches listed within the feature list "Gateway Switches". Ensure that the list of gateway switches contains all switches where your FE servers are connected. If you don't want to enable this feature simply keep a single entry with IP 127.0.0.1 and ID 1 in the list. If you manually modify this list make sure to keep the "id" values for all entries consistent and unique. This setting is only applicable if the OpenDaylight option is disabled. |
| Use HTTPS for XAPI calls | Enable this to use HTTPS instead of HTTP for any XAPI communication with all ExtremeXOS/Switch Engine switches. If enabled, you will also need to install the SSH mod on all ExtremeXOS/Switch Engine switches and configure "enabled web https". This setting is only applicable if the OpenDaylight option is disabled. Default: false |
| Use OpenDaylight controller instead of XAPI for call prioritization | Enable this to use an Open Daylight controller to locate Skype for Business call end-points in the network infrastructure and prioritize audio/video calls using OpenFlow. When enabled, you will also need to configure the OpenDaylight server using various settings below. If this is disabled, it will use theExtremeCloud IQ Site Engine API and XAPI on ExtremeXOS/Switch Engine switches to located end-points and prioritize calls. Default: false |
| IP address of the Open Daylight controller | ExtremeCloud IQ Site Engine IP of the Open Daylight controller. This configuration only is valid when the option use_opendaylight is set to true. |
| TCP/HTTP port of the Open Daylight controller | The HTTP port on which the Open Daylight REST API is provided. At the moment, only HTTP is supported. This configuration only is valid when the option use_opendaylight is set to true. Default: 8181. |
| Username to connect to the Open Daylight controller API | The given user should have admin rights to be able to create new flows and search for host. This configuration only is valid when the option use_opendaylight is set to true. |
| Password to connect to the Open Daylight controller API | The password for the given user. This configuration only is valid when the option use_opendaylight is set to true. |
| Idle timeout for flows created via Open Daylight controller | The idle timeout in seconds for newly created flows. All flows created via the Open Daylight controller to prioritize Skype for Business calls will use this idle timeout setting. Set this to 0 to disable this feature. Default: 300. |
| Hard timeout for flows created via Open Daylight controller | The hard timeout in seconds for newly created flows. All flows created via the Open Daylight controller to prioritize Skype for Business calls will use this hard timeout setting. Set this to 0 to disable this feature. Default: 3600. |
| Prioritize Wifi Calls | When enabled, it is verified whether the source or destination Lync end-point are connected through an Extreme Identify wireless controller / AP. If that is the case, the corresponding call flow will be prioritized on the switchport where the corresponding Extreme Access Point is connected to. This feature is only available starting with Extreme Management Center version 6.3 and only in Bridged@AP modes. If your wifi topology is Bridged@Controller the call flows will still be prioritized on the corresponding switch access ports but it won't have any effect as the wifi client traffic is transparently tunneled through to the controller and the ACLs/flows/policies configured on the access switch will never match any of those packets. Ensure that LLDP is enabled on both your access switches and all access points. Also ensure that you have enabled device statistics collection for OneView for all access switches where AP's are connected to. Default: true |
| Prioritize real-time control protocol traffic | Audio and video are typically sent using RTP, which requires two UDP ports, one for the media and one for the control protocol (RTCP). Enable this feature to also prioritize the RTCP traffic/flows. They typcially use the RTP port number reported by the Lync API plus one. So for example, if Lync reports a UDP source port of 5000 for a specific call connection the code will prioritize traffic on both ports 5000 and 5001. Default: false |
Verification
In order to verify that the integration is properly assigning dynamic ACLs to prioritize Skype for Business calls in the infrastructure:
- Start a call between two Skype for Business end-points and keep it running/active
- Use Telnet or SSH to connect to the switches where these Skype for Business end-points are currently connected (you can use the NAC end-system list to get the switches and ports of your Skype for Business end-points easily)
- Perform a “show config acl” to list all ACLs currently active on the switch and validate that you see at least one ACL with a name similar to the following syntax: Skype for BusinessSrcA1234567890. The first piece indicates that this ACL has been dynamically created by OFConnect to prioritize a Skype for Business call. The “Src” or “Dst” part indicates whether this ACL is used for the source or destination end-point of a call. The “A” or “V” indicates whether this ACL is used to prioritize the audio or video stream for the Skype for Business call. The rest of the name a part of the call ID retrieved from Skype for Business and thus makes this ACL name unique.
- If you see two or even four ACL names starting with “Skype for Business…” this would indicate that both Skype for Business end-points are connected to the same switch and/or that this is an audio and video call and both streams get prioritized with unique ACLs.
- Ensure those ACLs are bound to the correct ingress switch port.
- In order to verify that the reporting capabilities are working as expected, login to OneView and launch the MS Skype for Business specific report found in the “Reports” tab on the left navigation pain under “VoIP MS Skype for Business”. If this report is not visible, you might be missing the required xml reporting file.
-
Verify that you do see calls in the first tab of the report and the data seems correct.
Analytics
Reporting
ExtremeConnect offers a new set of reports focused around different generalized solution sets like Data Center Management and Mobile Device Management. In addition, end-system data will be propagated in a dedicated custom field across all modules. This field will contain labels to identify characteristics like “virtual” or “mobile” available to searches across the entire end system table in ExtremeCloud IQ Site Engine.