SARK UCS/MVP Network Setup

Server-Gateway Mode

In Server-Gateway mode, the server sits at the head of the network and, in addition to providing e-mail, secure file storage and telephony services, it also acts as a firewall/router and network manager. Provided you are running either pppoe over ADSL/DSL or cable, you can plug your server's WAN ethernet socket directly into the modem. However, if you are in a country/area (such as the United Kingdom) where ADSL is only available with pppoa, then you will need to use a pppoa modem/router which is capable of running in half-bridged mode. One such unit is the Billion 5102S. This is a low-cost German unit which is both CE and FCC approved. In general, if you are going to run half-bridged, then it is not necessary to purchase a high-function modem/router since in service, most of the functionality will be switched off!

Server-only Mode

In server-only mode, the server sits on your network, either in the DMZ, or in the Green, protected zone, behind a firewall/router. In this posture, the server will provide all, or any, of the following services; e-mail, file-server, automatic backup, telephony, DHCP and DNS.

General SME server Port Management

In Server-Gateway mode, the following ports may be opened by the server, depending upon whether the actual services are up and running;

In Server-only mode, you should only forward those ports from your firewall/router which you actually intend to use. For example, if you wish to run the server purely as a mail server and nothing else, with no external access to e-mail, then you should only have port 25 (SMTP/TCP) opened and forwarded to the server. Similarly if you wish to run the server purely as a web-server then you should only have port 80 (HTTP/TCP), and possibly port 443 (HTTPS/TCP) open and forwarded. All other ports should remain closed/filtered.

IP (VOIP) Telephony

Aside from closed proprietary protocols, like Skype, there are primarily three IP protocols to choose from and SARK UCS/MVP supports two of them. They are called H323, SIP and IAX2. H323 is used by many of the large carriers to transport VOIP packets from place to place. It is big, secure and very complex. The underlying SARK UCS/MVP telephony software (Asterisk) does support H323 but that support is not implemented in SARK UCS/MVP .

In recent years, another protocol, SIP, has more or less taken over the consumer and SME end of the VOIP market. Almost all commercially available IP Telephones use the SIP protocol by default. SIP is a peer-to-peer protocol and using it to communicate across NAT'ed firewalls can be something of challenge in certain circumstances as we shall discuss below.

Finally, IAX2 is a proprietary, but open, protocol developed by Digium. It has some unique advantages over SIP which make it very attractive to PBX manufacturers and small carriers, particularly in its ability to Trunk, i.e. carry multiple calls on a single logical pathway, and in its NAT friendly construction.

Choice of VOIP Carrier

In principle, there is nothing to stop you from choosing a carrier from anywhere in the world. However, there are a few practical issues to consider. The geographically further away from you the carrier is, then the greater the lag during the eventual conversation. This can become considerable when crossing continents. The ping time from Europe to the USA is about 150ms on a good day. So let's say for sake of argument that you live in the UK and you have chosen a US carrier because it is the cheapest in the world. You then decide to call your mum who lives half a kilometre down the road. The combined ping times of the outbound leg to the carrier and the inbound leg to your mum's will be at least 300ms, possibly more. A third of a second delay may not sound like much but it is very noticeable to the human ear during a telephone conversation.

The other issue to consider when using remote carriers is that you will usually have to dial your numbers as if you were in the country where the carrier is based (unless the carrier supports E164 numbering - and few do as yet). So again, to phone mum using a US carrier you are going to have to dial a US international call. Let's say your mum is in Birmingham England and her full UK number is 0214 679 2314, then with your US carrier you will have to dial 01144 214 679 2314, which is a bit of a pain. SARK UCS/MVP can handle many of these issues with its smart JDI number recognition, but it's still something to be aware of.

Next thing to consider is whether the carrier can handle IAX2 for both outbound and inbound calls. This may be a distinct advantage if you are operating behind a firewall.

If the carrier only supports SIP then they will almost certainly be running SessionBorderControl (it's worth checking - they may not). SBC is a piece of software which sits at the carrier's site and makes SIP transactions a little easier for your firewall by forcing the RTP ports to be symmetrical. You may even have to consider running your own session control (a sip stack and proxy set-up of some sort) if you wish to support remote SIP users. SARK UCS/MVP can help you by forcing Symmetrical RTP for remote phones and this can get you through a single wall but it can't get you through two or more firewalls. For this reason, if you are intending to run remote users from the outset then you should either run SARK UCS/MVP in server-gateway mode (and it should "own" its own internet connection), or you can run in server-only mode in a DMZ where ALL incoming packets are atomatically routed to the SARK UCS/MVP box.