This section outlines the high availability (HA) solution in Azure.
| Info |
|---|
|
The screen captures in this section are example configurations. |
The following example implements an
HA solution in Azure. This system interconnects Microsoft Teams Direct Routing with a SIP Trunk that does not have a load sharing solution.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Azure HA Solution |
|---|
|
|
To implement the HA solution in Azure, you must perform the following procedures:
- Configure the Azure HA Solution
- Load Balancing Microsoft Teams Direct Routing
- Load balancing SIP Trunk using Azure Load Balancer
- SBC SWe Lite Edge Configuration
- SIP Trunk Configuration
Elimination of Single Points of Failure
In an on-premise deployment, single points of failure are eliminated to ensure the same outage does not impact the different elements of a HA solution. Microsoft Azure uses the following resources to support this capability:
Azure Availability Sets (Intra-Datacenter Redundancy)
An availability set is a logical grouping of Virtual Machines (VMs) within a single datacenter that makes Azure understand how to build the VM's implantation with redundancy and availability. In an availability set, VMs automatically distribute across fault and update domains in a single datacenter. An availability set limits the impact of potential Azure maintenance, physical hardware failures, network outages, and power interruptions. To use an availability set, the VMs must be on the same resource group.
| Info |
|---|
|
Fault domains: A logical group of underlying hardware that shares a common power source and network switch, similar to a rack within the datacenter of an on-premise deployment. Update domains: A logical group of underlying hardware that can undergo Microsoft Azure maintenance. Azure can reboot all VMs in a single update domain at the same time for maintenance, but two different update domains will never reboot at the same time. |
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Azure Availability Set |
|---|
|
|
Azure availability sets offer a 99.95% service level agreement (SLA).
Azure Availability Zone (Inter-Datacenter Redundancy)
An availability zone is an HA offering that protects a VM from complete datacenter failures. An availability zone provides the same level of redundancy and availability as an availability set.
Azure availability zones offer a 99.99% SLA.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Azure Availability Zone |
|---|
|
|
Reliable Crossover and Failure Detection
In redundant systems, the crossover point (which allows switching between the two VMs) is often a single point of failure. The
uses load balancing to provide reliable crossover and detect failures as they occur. The sender or receiver manage load balancing.
Load Balancing Managed by Sender
The SBC supports sharing loads between several destination endpoints (refer to Creating and Modifying Entries in SIP Server Tables).
Load Balancing Managed by Receiver
If you do not control the remote endpoint to implement load balancing or if the remote endpoint does not support load balancing, you can implement an Azure load balancer that shares the load between the elements of your HA solution.
A load balancer maps the IP addresses and ports of incoming traffic to the private IP addresses and ports of the VMs in the HA solution. For response traffic from the VM, a load balancer maps the private IP addresses and ports of the VMs to the IP addresses and ports of incoming traffic in the HA solution. You can apply load balancing rules to distribute specific types of traffic across multiple VMs or services. For example, you can spread the SIP request traffic across multiple
s.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Azure Load Balancer |
|---|
|
|
The following are the Azure load balance types:
- Public Load Balancer: The Azure infrastructure maps the public IP addresses and ports of the incoming traffic to the private IP addresses and ports of the VM. The media directly establishes on the public IP address.
- Internal Load Balancer: The Azure infrastructure restricts the access of load-balanced IP addresses to a virtual network. The never directly exposes the load balancer IP addresses and virtual networks to an internet endpoint.
Configure the Azure HA Solution
Use one of the following procedures to configure the Azure HA solution:
| Anchor |
|---|
| avail_set_procedure |
|---|
| avail_set_procedure |
|---|
|
Azure Availability Sets
This section outlines how to configure and validate the Azure availability sets.
| Anchor |
|---|
| configure_avail_set |
|---|
| configure_avail_set |
|---|
|
Configure an Azure Availability Set
Use the following procedure to configure an Azure availability set.
| Anchor |
|---|
| create_avail_set |
|---|
| create_avail_set |
|---|
|
Create an availability set.
- Connect to the Azure portal. Refer to http://portal.azure.com.
From the left navigation pane, click All services.
| Caption |
|---|
|
|
Select Compute > Availability sets.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Availability Sets |
|---|
|
|
Click + Add.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Add Availability Set |
|---|
|
|
Configure the availability set.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Create Availability Set |
|---|
|
|
The following table outlines some of the fields you must configure.
| Caption |
|---|
| 0 | Table |
|---|
| 1 | Create Availability set Fields |
|---|
|
| Field | Description |
|---|
| Fault domains | Select the number of fault domains equal to the number of instances you plan to deploy. If your zone supports less fault domains than the number of instances, select the maximum number of fault domains. | | Update domains | Select the number of update domains equal to the number of instances you plan to deploy. If your zone supports less update domains than the number of instances, select the maximum number of update domains. | | Use managed disks | Set this field to Yes (Aligned). |
|
- Click Review + create to review the configuration of the availability set.
- Click Create.
- Use the preceding availability set to create the first element. To create an element, refer to Deploying an SBC SWe Edge from the Azure Marketplace.
- In the Create a virtual machine Basics screen,
- you must use the same Resource group and Region created in the availability set.
- set the Availability options field to Availability set.
- set the Availability set field to the Availability set created in the previous step.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Create a Virtual Machine Basics with Availability Set |
|---|
|
|
In the Create a virtual machine Networking screen, you must use a Public IP with a Standard SKU if you plan to use an Azure load balancer.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Create a Virtual Machine Networking with Availability Set |
|---|
|
|
When you perform the Create/Assign Signaling Network Interface on
procedure, assign a network security group that allows HTTP, HTTPS, and Teams Traffic on the PKT0.| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Inbound Port Rules |
|---|
|
|
- Use the preceding availability set to create the second element. To create an element, refer to Deploying an SBC SWe Edge from the Azure Marketplace.
- In the Create a virtual machine Basics screen,
- you must use the same Resource group and Region created in the availability set.
- set the Availability options field to Availability set.
- set the Availability set field to the Availability set created in the previous step.
In the Create a virtual machine Networking screen, you must use a Public IP with a Standard SKU and use the same Virtual network as your first
element if you plan to use an Azure load balancer.| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Create a Virtual Machine Networking with Availability Set - Second SBC SWe Edge |
|---|
|
|
When you perform the Create/Assign Signaling Network Interface on
procedure, assign a network security group that allows HTTP, HTTPS, and Teams Traffic on the PKT0.Validate an Azure Availability Set
Use the following procedure to validate an Azure availability set.
- Connect to the Azure portal. Refer to http://portal.azure.com.
- From the left navigation pane, click All services.
Select Compute > Availability sets.
Select the availability set you created in the Configure an Azure Availability Set procedure.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Availability Sets |
|---|
|
|
In the Overview screen, confirm that the
instances are on different fault and update domains.| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Review SBC SWe Edge Instances |
|---|
|
|
| Anchor |
|---|
| avail_zone_procedure |
|---|
| avail_zone_procedure |
|---|
|
Azure Availability Zones
This section outlines how to configure and validate the Azure availability zone.
| Anchor |
|---|
| configure_avail_zone |
|---|
| configure_avail_zone |
|---|
|
Configure an Azure Availability Zone
Use the following procedure to configure an Azure availability zone.
- Connect to the Azure portal. Refer to http://portal.azure.com.
- Use an availability zone to create the first element. To create an element, refer to Deploying an SBC SWe Edge from the Azure Marketplace.
- In the Create a virtual machine Basics screen,
- set the Availability options field to Availability zone.
- set the Availability zone field to an Availability zone (for example, 1).
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Create a Virtual Machine Basics with Availability Zone |
|---|
|
|
- Use an availability zone to create the second element. To create an element, refer to Deploying an SBC SWe Edge from the Azure Marketplace.
- In the Create a virtual machine Basics screen,
- you must use the same Region created in the first element.
- set the Availability options field to Availability zone.
- set the Availability zone field to an Availability zone (different than the zone used for the first element).
In the Create a virtual machine Networking screen, you must use the same Virtual network as your first
element if you plan to use an Azure load balancer.| Info |
|---|
|
The following are possible Public IP addresses: - Zone redundant: All zones can use this public IP address. This public IP address helps manually redirect the flow of your network.
- Zone dependent: Only a single zone can use this public IP address.
|
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Create a Virtual Machine Networking with Availability Zone - Second SBC SWe Edge |
|---|
|
|
Validate an Azure Availability Zone
Use the following procedure to validate an Azure availability zone.
- Connect to the Azure portal. Refer to http://portal.azure.com.
- From the left navigation pane, click All services.
- Select Compute > Virtual machines.
Select the VM you created in the Configure an Azure Availability Zone procedure.
| Caption |
|---|
|
|
In the Overview screen, confirm that the
instances are on different availability zones.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Review SBC SWe Edge 1 Instance |
|---|
|
|
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Review SBC SWe Edge 2 Instance |
|---|
|
|
Load Balancing Microsoft Teams Direct Routing
To implement Microsoft Teams Direct Routing, refer to https://docs.microsoft.com/en-us/microsoftteams/direct-routing-configure.
Load Balancing SIP Trunk using Azure Load Balancer
This section outlines how to load balance the SIP Trunk.
Load Balance SIP Trunk using Load Balancer
Use the following procedure to load balance the SIP Trunk using the Azure load balancer.
- Connect to the Azure portal. Refer to http://portal.azure.com.
- Create the Azure load balancer.
- From the left navigation pane, click All services.
Select Networking > Load balancers.
| Caption |
|---|
|
|
Click + Add.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Add Load Balancer |
|---|
|
|
Configure the load balancer.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Create Load Balancer |
|---|
|
|
The following table outlines some of the fields you must configure.
| Caption |
|---|
| 0 | Table |
|---|
| 1 | Create Load Balancer Fields |
|---|
|
| Field | Description |
|---|
| Type | Select Internal if you can use the virtual network to access all remote devices that send you the load, which means no remote device requires a public IP. For other scenarios, select Public. | | SKU | Select one of the following SKUs:
- Basic: Supports only availability sets
- Standard: Supports availability sets and availability zones
| | Availability zone | Select Zone-redundant. |
|
- Click Review + create to review the configuration of the availability set.
- Click Create.
- Add the HA solution as a backend pool.
- From the left navigation pane, click All services.
- Select Networking > Load balancers.
Select the Azure load balancer you created in the previous step.
| Caption |
|---|
|
|
Under Settings, click Backend pools.
| Caption |
|---|
|
|
- Click + Add.
Configure the backend pool.
| Info |
|---|
|
Make sure you select the media interface that you want to receive the load. |
| Caption |
|---|
|
|
- Click Add.
- Configure the health probes.
Under Settings, click Health probes.
| Caption |
|---|
|
|
- Click + Add.
Configure the health probe.
| Caption |
|---|
|
|
The following table outlines some of the fields you must configure.
| Caption |
|---|
| 0 | Table |
|---|
| 1 | Add Health Probe Fields |
|---|
|
| Field | Description |
|---|
| Protocol | Select TCP. | | Port | Select the port used for signaling on the . |
|
- Click OK.
- Configure the load balancing rules.
Under Settings, click Load balancing rules.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Load Balancing Rules |
|---|
|
|
- Click + Add.
Configure the load balancing rule.
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | Add Load Balancing Rule |
|---|
|
|
The following table outlines some of the fields you must configure.
| Caption |
|---|
| 0 | Table |
|---|
| 1 | Add Load Balancing Rule Fields |
|---|
|
| Field | Description |
|---|
| Protocol | Select the protocol used for signaling on the . If you select UDP, you must allow TCP and UDP in the Federated port of the signaling group and make sure the can accept the probes. | | Port | Select the port used for signaling on the . | | Backend port | Select the port used for signaling on the . |
|
- Click OK.
Configuration
For the
configuration, make sure
- the Microsoft Teams tenant is configured (refer to Deploying an SBC SWe Edge from the Azure Marketplace).
- all s are running.
the initial setup for each
is complete (refer to Connect SEC SBC SWe Lite Edge to Microsoft Teams Direct Routing Deployed in Azure).When you perform the Connect SBC SWe Edge to Microsoft Teams Direct Routing Deployed in Azure procedure to configure Direct Routing and the SIP Trunk on each
,- use a Standard SKU when you create the public IP address in Step 3: Configure Azure for Microsoft Teams Direct Routing.
- use the SIP Trunk IP address or FQDN (not the load balancer IP) when you configure the SIP Trunk information in Step 4: Configure for Microsoft Teams Direct Routing.
- after you finish using the Easy Configuration wizard, configure the SIP Trunk signaling group to use the outbound NAT and make sure the SIP Trunk's SIP Profile has Session Timer enabled. You must configure the Session Timer with a value less than the idle timeout (25 minutes) of the load balancing rule (that is, 300).
| Anchor |
|---|
| SIPTrunk_Config |
|---|
| SIPTrunk_Config |
|---|
|
SIP Trunk Configuration
You must configure your SIP Trunk to send signaling to the Azure load balancer IP. See the following screen capture for an example.
| Info |
|---|
|
The SIP Trunk must have Connection Reuse disabled. |
| Caption |
|---|
| 0 | Figure |
|---|
| 1 | SIP Trunk Configuration |
|---|
|
|