<html><head><style type='text/css'>p { margin: 0; }</style></head><body><div style='font-family: Verdana; font-size: 10pt; color: #000000'>Nope, we (and others on the list I believe) were looking to it as a possible security implementation.<br><br>----- Original Message -----<br>From: "Derick Winkworth" <dwinkworth@att.net><br>To: "Lelio Fulgenzi" <lelio@uoguelph.ca><br>Cc: cisco-voip@puck.nether.net<br>Sent: Tuesday, March 3, 2009 4:38:06 PM GMT -05:00 US/Canada Eastern<br>Subject: Re: [cisco-voip] Cisco recommending against using VRF w/ VoIP?<br><br><style></style><link href="/zimbra/css/msgview.css?v=081117021119" rel="stylesheet"><div style="font-family: times new roman,new york,times,serif; font-size: 12pt;"><div style="font-family: times new roman,new york,times,serif; font-size: 12pt;">Are you trying to solve a particular problem in a VRF enabled environment?<br><br><br><div style="font-family: times new roman,new york,times,serif; font-size: 12pt;"><font size="2" face="Tahoma"><hr size="1"><b><span style="font-weight: bold;">From:</span></b> Lelio Fulgenzi <lelio@uoguelph.ca><br><b><span style="font-weight: bold;">To:</span></b> cisco-voip voyp list <cisco-voip@puck.nether.net><br><b><span style="font-weight: bold;">Sent:</span></b> Tuesday, March 3, 2009 2:29:34 PM<br><b><span style="font-weight: bold;">Subject:</span></b> [cisco-voip] Cisco recommending against using VRF w/ VoIP?<br></font><br>
<style>p {margin:0;}</style><div style="font-family: Verdana; font-size: 10pt; color: rgb(0, 0, 0);">A colleague forwarded this on....do a CTRL F for voip<br><br><a target="_blank" href="http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a0080851cc6.pdf">http://www.cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a0080851cc6.pdf</a><br><br><div style="margin-left: 40px;">When deploying a VoIP architecture to be integrated in a virtualized network, the current best practice design recommends to keep the main components of the voice infrastructure (VoIP handsets, Cisco CallManagers, Cisco Unity Servers, and so on) in the global table, together with all the users that use voice services (using Cisco Communicator software, VT Advantage, and so on). Reasons for following this recommendation in this phase of the technology include the following:<br>–Current lack of VRF-aware voice
services such as Survivable Remote Site Telephony (SRST) or Resource Reservation Protocol (RSVP) for Call Admission Control (CAC), which would prevent a successful deployment of VoIP technologies at remote locations (without the burden of replicating the physical network infrastructure, which is against one of the main drivers for virtualizing the network). Also, Cisco CallManager does not currently officially support multi-tenant environments.<br>- Complex configuration required at the services edge of the network to allow the establishment<br>of voice flows between entities belonging to separate VPNs. This would also require<br>“punching” holes in the firewall deployed in this area of the network, increasing the security<br>concerns of the overall solution.<br>- VoIP can be secured without requiring the creation of a dedicated logical partition for the voice<br>infrastructure. There are proven tools and design recommendations that can be used
for<br>hardening the voice systems that are inherent in the system and do not require any form of<br>network virtualization to be implemented. For more information, see the Voice SRND at the<br>following URL:<br><a target="_blank" href="http://www.cisco.com/en/US/netsol/ns656/networking_solutions_design_guidances_list.html#">http://www.cisco.com/en/US/netsol/ns656/networking_solutions_design_guidances_list.html#</a><br>anchor10<br>When the VoIP infrastructure is deployed in the global table, the direct consequence is the recommendation of keeping all the internal users that make use of VoIP applications (such as Cisco Communicator clients, for example) in the same domain, to not complicate the design too much when there is a need to establish voice flows between these users and, for example, the VoIP handsets. This is inline with the recommendation given in the first bullet point dictating the creation of virtual networks only for specific
purposes.<br></div><br>---<br>Lelio Fulgenzi, B.A.<br>Senior Analyst (CCS) * University of Guelph * Guelph, Ontario N1G 2W1<br>(519) 824-4120 x56354 (519) 767-1060 FAX (JNHN)<br>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^<br>"Bad grammar makes me [sic]" - Tshirt<br><br></div></div></div></div></div></body></html>