beautypg.com

Zones, About zones, Neighbor zone – TANDBERG Security Camera User Manual

Page 81: Traversal client zone, Traversal server zone, About zones neighbor zone traversal client zone

background image

81

D14049.03
MAY 2008

Grey Headline (continued)

TANDBERG

VIDEO COMMUNICATIONS SERVER

ADMINISTRATOR GUIDE

Introduction

Getting Started

Overview and

Status

System

Configuration

VCS

Configuration

Zones and

Neighbors

Call

Processing

Bandwidth

Control

Firewall

Traversal

Maintenance

Appendices

Zones

A zone is a collection of endpoints, either all registered to a
single system (e.g. VCS, gatekeeper or Border Controller), or of
a certain type such as ENUM or DNS. The use of zones enables
you to:

use links to determine whether calls can be made between

your local subzones and these other zones
manage the bandwidth of calls between your local subzones

and endpoints in other zones
easily search for aliases that are not registered locally

apply transforms to aliases before searching for them.

Your VCS allows you to configure up to 200 zones of 5 different
types. It also has a non-configurable Default Zone.

About Zones

In order to be able to traverse a firewall, the VCS must be
neighbored with a traversal server (for example a TANDBERG
VCS Expressway or a TANDBERG Border Controller).
In this situation your local VCS is a traversal client, so you
neighbor with the traversal server by creating a traversal client
zone on your local VCS. You then configure the client zone with
details of the corresponding zone on the traversal server. (The
traversal server must also be configured with details of the VCS
client zone.)
Once you have neighbored with the traversal server you can:

use the neighbor as a traversal server

query the traversal server about its endpoints

apply transforms to any queries before they are sent to the

traversal server
control the bandwidth used for calls between your local VCS

and the traversal server.

A VCS Expressway is able to act as a traversal server, providing
firewall traversal on behalf of traversal clients (for example, VCS
Controls or gatekeepers).
In order to act as a traversal server, the VCS Expressway must
have a special type of two-way neighbor relationship with each
traversal client. To do this, you create a traversal server zone
on your local VCS Expressway and configure it with the details of
the corresponding zone on the traversal client. (The client must
also be configured with details of the VCS Expressway.)
Once you have neighbored with the traversal client you can:

provide firewall traversal services to the traversal client

query the traversal client about its endpoints

apply transforms to any queries before they are sent to the

traversal client
control the bandwidth used for calls between your local VCS

and the traversal client.

Traversal client-server zone relationships are two-way; in order for firewall traversal to work, the traversal server and the
traversal client must each be configured with the other’s details. (See

Quick Guide to VCS Traversal Client - Server

Configuration

for more information.) The client and server will then be able to query each other.

A Neighbor zone could be a collection of endpoints registered
to another system (e.g. VCS, gatekeeper, or Border Controller),
or it could be a SIP device. The other system or SIP device is
referred to as a neighbor. Neighbors can be part of your own
enterprise network, part of a separate network, or even stand-
alone systems.
You create a neighbor relationship with the other system by
adding it as a neighbor zone on your local VCS. Once you have
added it, you can:

query the neighbor about its endpoints

apply transforms to any requests before they are sent to the

neighbor
control the bandwidth used for calls between your local VCS

and the neighbor zone.

Traversal Client Zone

Traversal Server Zone

Neighbor Zone

Neighbor zone relationships are one-way; adding another
system to your VCS as a neighbor does not mean that
your VCS will also be a neighbor of that other system. In

such a situation, your VCS will know about and be able to query
the other system, but the other system will not know about or be
able to query your VCS. However, inbound calls will be identified
as coming from that neighbor if the source IP address matches.