In this section:
This section outlines the high availability (HA) solution in Azure.
The screen captures in this section are example configurations.
The following example implements an SBC SWe Lite HA solution in Azure. This system interconnects Microsoft Teams Direct Routing with a SIP Trunk that does not have a load sharing solution.
Azure HA Solution
To implement the HA solution in Azure, you must perform the following procedures:
In an on-premise deployment, single points of failure are eliminated to ensure the same outage does not impact the different elements of a HA solution. Microsoft Azure uses the following resources to support this capability:
An availability set is a logical grouping of Virtual Machines (VMs) within a single datacenter that makes Azure understand how to build the VM's implantation with redundancy and availability. In an availability set, VMs automatically distribute across fault and update domains in a single datacenter. An availability set limits the impact of potential Azure maintenance, physical hardware failures, network outages, and power interruptions. To use an availability set, the VMs must be on the same resource group.
Fault domains: A logical group of underlying hardware that shares a common power source and network switch, similar to a rack within the datacenter of an on-premise deployment.
Update domains: A logical group of underlying hardware that can undergo Microsoft Azure maintenance. Azure can reboot all VMs in a single update domain at the same time for maintenance, but two different update domains will never reboot at the same time.
Azure Availability Set
Azure availability sets offer a 99.95% service level agreement (SLA).
An availability zone is an HA offering that protects a VM from complete datacenter failures. An availability zone provides the same level of redundancy and availability as an availability set.
Azure availability zones offer a 99.99% SLA.
Azure Availability Zone
In redundant systems, the crossover point (which allows switching between the two VMs) is often a single point of failure. The SBC uses load balancing to provide reliable crossover and detect failures as they occur. The sender or receiver manage load balancing.
The SBC supports sharing loads between several destination endpoints (refer to Creating and Modifying Entries in SIP Server Tables).
If you do not control the remote endpoint to implement load balancing or if the remote endpoint does not support load balancing, you can implement an Azure load balancer that shares the load between the elements of your HA solution.
A load balancer maps the IP addresses and ports of incoming traffic to the private IP addresses and ports of the VMs in the HA solution. For response traffic from the VM, a load balancer maps the private IP addresses and ports of the VMs to the IP addresses and ports of incoming traffic in the HA solution. You can apply load balancing rules to distribute specific types of traffic across multiple VMs or services. For example, you can spread the SIP request traffic across multiple SBC SWe Lites.
Azure Load Balancer
The following are the Azure load balance types:
Use one of the following procedures to configure the Azure HA solution:
This section outlines how to configure and validate the Azure availability sets.
Use the following procedure to configure an Azure availability set.
From the left navigation pane, click All services.
All Services
Select Compute > Availability sets.
Availability Sets
Click + Add.
Add Availability Set
Configure the availability set.
Create Availability Set
The following table outlines some of the fields you must configure.
Create Availability set Fields
Field | Description |
---|---|
Fault domains | Select the number of fault domains equal to the number of SBC SWe Lite instances you plan to deploy. If your zone supports less fault domains than the number of instances, select the maximum number of fault domains. |
Update domains | Select the number of update domains equal to the number of SBC SWe Lite instances you plan to deploy. If your zone supports less update domains than the number of instances, select the maximum number of update domains. |
Use managed disks | Set this field to Yes (Aligned). |
Create a Virtual Machine Basics with Availability Set
In the Create a virtual machine Networking screen, you must use a Public IP with a Standard SKU if you plan to use an Azure load balancer.
Create a Virtual Machine Networking with Availability Set
When you perform the Create/Assign Signaling Network Interface on SBC SWe Lite procedure, assign a network security group that allows HTTP, HTTPS, and Teams Traffic on the PKT0.
Inbound Port Rules
In the Create a virtual machine Networking screen, you must use a Public IP with a Standard SKU and use the same Virtual network as your first SBC SWe Lite element if you plan to use an Azure load balancer.
Create a Virtual Machine Networking with Availability Set - Second SWe Lite
When you perform the Create/Assign Signaling Network Interface on SBC SWe Lite procedure, assign a network security group that allows HTTP, HTTPS, and Teams Traffic on the PKT0.
Use the following procedure to validate an Azure availability set.
Before you validate an Azure availability set, you must configure an Azure availability set.
Select Compute > Availability sets.
Select the availability set you created in the Configure an Azure Availability Set procedure.
Availability Sets
In the Overview screen, confirm that the SBC SWe Lite instances are on different fault and update domains.
Review SWe Lite Instances
This section outlines how to configure and validate the Azure availability zone.
Use the following procedure to configure an Azure availability zone.
Create a Virtual Machine Basics with Availability Zone
In the Create a virtual machine Networking screen, you must use the same Virtual network as your first SBC SWe Lite element if you plan to use an Azure load balancer.
The following are possible Public IP addresses:
Create a Virtual Machine Networking with Availability Zone - Second SWe Lite
Use the following procedure to validate an Azure availability zone.
Before you validate an Azure availability zone, you must configure an Azure availability zone.
Select the VM you created in the Configure an Azure Availability Zone procedure.
Virtual Machines
In the Overview screen, confirm that the SBC SWe Lite instances are on different availability zones.
Review SWe Lite 1 Instance
Review SWe Lite 2 Instance
To implement Microsoft Teams Direct Routing, refer to https://docs.microsoft.com/en-us/microsoftteams/direct-routing-configure.
This section outlines how to load balance the SIP Trunk.
Use the following procedure to load balance the SIP Trunk using the Azure load balancer.
Select Networking > Load balancers.
Load Balancers
Click + Add.
Add Load Balancer
Configure the load balancer.
Create Load Balancer
The following table outlines some of the fields you must configure.
Create Load Balancer Fields
Field | Description |
---|---|
Type | Select Internal if you can use the virtual network to access all remote devices that send you the load, which means no remote device requires a public IP. For other scenarios, select Public. |
SKU | Select one of the following SKUs:
|
Availability zone | Select Zone-redundant. |
Select the Azure load balancer you created in the previous step.
Load Balancers
Under Settings, click Backend pools.
Backend Pools
Configure the backend pool.
Make sure you select the media interface that you want to receive the load.
Add Backend Pool
Under Settings, click Health probes.
Health Probes
Configure the health probe.
Add Health Probe
The following table outlines some of the fields you must configure.
Add Health Probe Fields
Field | Description |
---|---|
Protocol | Select TCP. |
Port | Select the port used for signaling on the SBC SWe Lite. |
Under Settings, click Load balancing rules.
Load Balancing Rules
Configure the load balancing rule.
Add Load Balancing Rule
The following table outlines some of the fields you must configure.
Add Load Balancing Rule Fields
Field | Description |
---|---|
Protocol | Select the protocol used for signaling on the SBC SWe Lite. If you select UDP, you must allow TCP and UDP in the Federated port of the SBC signaling group and make sure the SBC can accept the probes. |
Port | Select the port used for signaling on the SBC SWe Lite. |
Backend port | Select the port used for signaling on the SBC SWe Lite. |
For the SBC SWe Lite configuration, make sure
the initial setup for each SBC SWe Lite is complete (refer to Connect SEC SWe Lite to Microsoft Teams Direct Routing Deployed in Azure).
When you perform the Connect SBC SWe Lite to Microsoft Teams Direct Routing Deployed in Azure procedure to configure Direct Routing and the SIP Trunk on each SBC SWe Lite,
You must configure your SIP Trunk to send signaling to the Azure load balancer IP. See the following screen capture for an example.
The SIP Trunk must have Connection Reuse disabled.
SIP Trunk Configuration