Summary of the content on the page No. 1 
                    
                        Cisco − Wireless IPT Design Guide for the Cisco 7920 IP Phone
Table of Contents
Wireless IPT Design Guide for the Cisco 7920 IP Phone................................................................................1
 Introduction.............................................................................................................................................1
 Prerequisites...................................................................................................................
                    
                    Summary of the content on the page No. 2 
                    
                        Wireless IPT Design Guide for the Cisco 7920 IP Phone Introduction Prerequisites      Requirements      Components Used      Conventions Cisco 7920 IP Phone Overview WLAN Overview RF Overview   Site Surveys and Design Recommendations VoIP QoS Security for the Cisco 7920 and WLAN Networks Network Sizing      Number of 802.11b Devices per AP      Number of 802.11b IP Phones per AP      Numbers of 802.11b Phones per Layer 2 Subnet or VLAN Understanding Layer 2 and Layer 3 Roaming      Understanding
                    
                    Summary of the content on the page No. 3 
                    
                        • AVVID design guides and administration. Components Used The information in this document is based on the software and hardware versions below: • The Cisco 7920 IP Phone. The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command. Conventions For more information on document conventio
                    
                    Summary of the content on the page No. 4 
                    
                        remember that the Cisco 7920 has somewhat different roaming characteristics than Cisco Aironet Network Interface Cards (NICs). This includes thresholds on the Cisco 7920 that determine when the phone roams or how much the RF environment needs to change in order to determine when a roaming event should occur. Because of this, it is recommended that a secondary site survey be performed for the Cisco 7920s. This gives you the opportunity to tune the APs to ensure that the Cisco 7920s have enough RF
                    
                    Summary of the content on the page No. 5 
                    
                        Voice traffic can be classified with the following characteristics: • Smooth   VoIP packets are sent at consistent intervals with uniform packet sizes. • Benign   VoIP packets only attempt to use the bandwidth necessary to send from end to end. VoIP does not use any windowing to determine data rates. • Packet Loss Sensitive   VoIP traffic is extremely sensitive to packet loss. Excessive loss degrades overall voice quality. • Delay Sensitive   While VoIP can tolerate some amount of delay, excessi
                    
                    Summary of the content on the page No. 6 
                    
                        Technical Assistance Center (TAC) (if problems arise) is limited for this situation. Security for the Cisco 7920 and WLAN Networks The Cisco 7920 is supported in the architecture of the Cisco Wireless Security Suite. The architecture is discussed in detail in documents for Wireless LAN Security Solution. The architecture fits into the overall Cisco SAFE security architecture. For more information, refer to Cisco SAFE: Wireless LAN Security in Depth. Note: The Cisco 7920 does not support Cisco Te
                    
                    Summary of the content on the page No. 7 
                    
                        RADIUS functionality in a small office, but could also be used as a ACS server in case of WAN failure. The following is a step−by−step example of configuring the fallback RADIUS server for LEAP authentication: 1. Configure the Network Access Server (NAS), by issuing the following commands: radius−server local nas 192.168.10.35 key Cisco nas 192.168.10.45 key Cisco 2. Configure the user database, by issuing the following commands: radius−server local user BM−AP1200−one−SCM password Cisco user BM−
                    
                    Summary of the content on the page No. 8 
                    
                        One of the key aspects when calculating network capacity for 802.11b networks is that it is a shared medium. Because of this, consideration must be given for radio contention among the various devices. This means that the back−off algorithms in 802.11b, that allow multiple devices to access the medium, affect the overall throughput. For the VoIP calculations below, a VoIP call has the following characteristics: 1. The packets are made up of a 20 byte IP header, an 8 byte UDP header, a 12 byte RT
                    
                    Summary of the content on the page No. 9 
                    
                        All of the above calculations and design recommendations are based on VAD being disabled on the Cisco 7920 IP Phones. VAD is a mechanism in VoIP where no RTP packets are sent if no speech is occurring during the conversation. VAD can be enabled on the Cisco 7920 phones and provides some bandwidth conservation, typically around 30 percent. With VAD enabled on the Cisco 7920, it does not use VAD for transmit (Tx) packets, but it understands what to do on the receive (Rx)−side if VAD is being used 
                    
                    Summary of the content on the page No. 10 
                    
                        30 AP limit is due to memory and processor constraints on the Wireless Domain Server (WDS), which is AP functionality to provide this enhanced roaming and security. This functionality is introduced into Cisco IOS Software Release 11.2(11)JA on the Cisco APs. Deployments that do not require this functionality, or have a physical area that requires more than 30 APs of coverage, can disable the WDS or Secure Fast Roaming functionality on the APs. This eliminates the limitation of 30 APs in the subn
                    
                    Summary of the content on the page No. 11 
                    
                        Note: Any references to roam or roaming throughout the remainder of this document is in the context of mid−call roaming. As it relates to roaming, the Cisco 7920 IP Phone currently only supports Layer 2 roaming. This means that a Cisco 7920 IP Phone can roam between APs that have coverage for a single Layer 2 subnet, but calls are dropped when the phone roams into the AP coverage for another Layer 2 network. Layer 2 Roaming Layer 2 Roaming occurs when a WLAN device, for example the Cisco 7920, p
                    
                    Summary of the content on the page No. 12 
                    
                        this AP. If either the association or authentication fails, it continues to try the next best AP. Note: As a Cisco 7920 roams between APs, it re−authenticates with each new AP. 2. AP B sends a null MAC multicast using the source address of the Cisco 7920. This updates the Content Addressable Memory (CAM) tables in upstream switches and directs further LAN traffic for the Cisco 7920 to AP B, and not AP A. 3. AP B sends a MAC multicast using its own source address telling the old AP that AP B now 
                    
                    Summary of the content on the page No. 13 
                    
                        Layer 2 roaming with both static WEP and LEAP has been shown to provide acceptable QoS using either G.711 or G.729. If LEAP is being used, it is recommended that users are defined locally on the ACS server. This is because using off−box databases have potentially unknown response times, which could adversely effect overall QoS during Layer 2 roaming. Layer 3 Roaming Layer 3 roaming occurs when a client moves from an AP that covers IP subnet A to an AP that covers IP subnet B. At this point, the 
                    
                    Summary of the content on the page No. 14 
                    
                        VLANs VLANs are used by WLAN networks to provide two distinct functions: • Segment traffic into distinct broadcast domains (IP subnets). • Create separate security domains for different security models (such as open, WEP, LEAP, Protected Extensible Authentication Protocol (PEAP), EAP Transport Layer Security (EAP/TLS)) The Cisco AVVID design guide states that separate VLANs should be created for voice and data traffic. This allows appropriate QoS to be provided to different classes of traffic as
                    
                    Summary of the content on the page No. 15 
                    
                        For more details on deploying VLANs in WLAN networks, refer to the Wireless Virtual LAN Deployment Guide. WLAN QoS for VoIP As mentioned earlier, WLANs operate as a shared medium. This means that QoS on WLAN networks are more difficult than wired networks because end points do not have dedicated bandwidth for sending and receiving traffic. The following is a list of characteristics of a wired VoIP QoS: • Dedicated access per user or device (switched ethernet, Point−to−Point (P2P) WAN). • Packets
                    
                    Summary of the content on the page No. 16 
                    
                        Before discussing how WLAN QoS works, you must first understand how end points transmit data on WLAN networks. Similar to wired Ethernet networks, 802.11b WLANs employ Carrier Sense Multiple Access (CSMA). However, instead of using Collision Detection (CD), WLANs use Collision Avoidance (CA). This means that instead of each station trying to transmit as soon as the medium is free, WLAN devices use a CA mechanism to prevent multiple stations from sending at the same time. The model used for WLAN 
                    
                    Summary of the content on the page No. 17 
                    
                        2. After the IFS expires, the end point selects a value between 0 and aCWmin. The end point waits the length of this value and determines if the medium is available to transmit. 3. If the medium is available, the end point transmits the packets. 4. If the medium is unavailable (such as if another device sent a packet), the end point waits until the end of the packet transmission (from another device) and the IFS period. In addition, it doubles the value chosen in Step 2 and then attempts to tran
                    
                    Summary of the content on the page No. 18 
                    
                        Cisco Aironet APs support a QoS similar to EDCF as of Cisco IOS Software Release 12.0T SW. This provides up to eight queues for downstream (toward the 802.11b clients) QoS. These queues can be allocated in the following ways: • Based on ToS or DiffServ settings of packets. • Based on Layer 2 or Layer 3 Access Control Lists (ACLs). • Based on the VLAN. • Based on the dynamic registration of devices such as the Cisco 7920 IP Phone. Although eight queues are supported on the AP, it is recommended t
                    
                    Summary of the content on the page No. 19 
                    
                        The following is an example of configuring the QBBS element in beacons on Cisco IOS Software−based APs: Beyond just having queuing and setting packets with the correct DiffServ markings, delay and jitter need to be taken into consideration. This is especially true for upstream traffic since there is no queuing among clients on the 802.11b side of the AP. The simplest way to accomplish this is to stay within the guidelines for the number of WLAN clients per AP. Exceeding this creates additional o
                    
                    Summary of the content on the page No. 20 
                    
                        • Disable Port Aggregation Protocol (PagP) − PagP is enabled by default, but it is not needed for user−facing ports. • Enable Port Fast   Allows a switch to quickly resume forwarding traffic if a Spanning Tree Protocol (STP) link goes down. • Configure Wireless VLAN   Creates a unique wireless VLAN that isolates wireless traffic from other data, voice, and management VLANs, thereby isolating traffic and ensuring greater control of traffic. • Enable QoS, and Do not Trust the Port (mark down to 0)