Forum Discussion

Copper Contributor

Nov 05, 2019

Solved

Direct Routing SBC failover planning in carrier hosted setup (derived trunk model)

Hi, I am trying to setup Teams Direct Routing in our network using the hosted carrier model using two SBCs which are in active/active setup for outbound and inbound calls. I haven't begun any con...

Direct Routing

Carolyn Blanding (MS TEAMS)
Jul 07, 2020
Shihab Azimullah

For hosting provider failover routing, the hosting provider will need to configure multiple PSTN gateways in their tenant. For example:

sbc1.contoso.com

sbc2.contoso.com

This will require multiple wildcard san names to support each namespace. For example:

*.sbc1.contoso.com

*.sbc2.contoso.com

Each customer will be provide two FQDN's to be added to Tenant domain and a single user licensed for SfB Online in the namespace to create the domain in the service forest. For example:

cust1.sbc1.contoso.com

cust2.sbc1.contoso.com

Then a route will be created for each of these gateways.

Carolyn Blanding (MS TEAMS)

Microsoft

Jul 07, 2020

teo221935

Sorry for delayed response here and hope you have resolved this. If not, please respond and let me know.

Summary steps for carrier model.

Carrier creates PSTN Online gateway in their tenant with namespace of sbc1.contoso.com. For failover they would also create a 2nd one, e.g. sbc2.contoso.com
Carrier will create wildcard certificate with SAN names for each namespace, e.g. *.sbc1.contoso.com, *.sbc2.contoso.com
Carrier will create DNS records resolving to each of the gateway names
Carrier will provide customers with unique FQDNs, e.g. cust1.sbc1.contoso.com, cust1.sbc2.contoso.com
Customer adds FQDN name as tenant domain name and licenses one user for SfB Online Plan 2 in this domain namespace; e.g. user@cust1.sbc1.contoso.com, user@cust1.sbc2.contoso.com
Once domain namespace has been added to tenant service forest, customer adds route specifying SBC FQDN. If provided two FQDN's they will create two routes.

VoipGuyUK

Copper Contributor

Jul 07, 2020

Thanks for clearing this up. In regards to certificate why would *.contoso.com not work?

Carolyn Blanding (MS TEAMS)
Microsoft
Jul 07, 2020
VoipGuyUK

You're welcome. Working to fine tune docs as well.

When defining a wildcard certificate, name spaces that are covered by the wildcard is just one level to the left. So wildcard of *.contoso.com would cover: anyname.contoso.com.

Wildcard of *.sbc1.contoso.com would cover: anyname.sbc1.contoso.com.

Cheers,
- VoipGuyUK
  Copper Contributor
  Jul 07, 2020
  That makes sense. In regards to carrier tenant Domains we would add sbc1.contoso.com & sbc2.contoso.com ? In non failover base domain is customers.contoso.com but this is no longer valid?
  
  Thanks!
  - Carolyn Blanding (MS TEAMS)
    Microsoft
    Jul 08, 2020
    VoipGuyUK
    
    These were all just examples. Let me try to make this simpler without specific names.
    
    Carrier Tenant Online PSTN Gateway(s), can be one or greater if failover is being handled by multiple FQDNs.
    
    sbcBaseName1.carrier.com
    
    sbcBaseName2.carrier.com
    
    Carrier certificate SAN names
    
    *.sbcBaseName1.carrier.com
    
    *.sbcBaseName2.carrier.com
    
    Customer Tenant Domain Name and SBC named used in Route configuration
    
    cust1.sbcBaseName1.carrier.com
    
    cust2.sbcBaseName2.carrier.com
    
    The pattern here is that the carrier PSTN Gateway is the base name for which customer names are derived. The customer names will be a single level child of the base domain.
    
    Hope that helps.