Forum Discussion
Direct Routing SBC failover planning in carrier hosted setup (derived trunk model)
- Jul 07, 2020
For hosting provider failover routing, the hosting provider will need to configure multiple PSTN gateways in their tenant. For example:
- sbc1.contoso.com
- sbc2.contoso.com
This will require multiple wildcard san names to support each namespace. For example:
- *.sbc1.contoso.com
- *.sbc2.contoso.com
Each customer will be provide two FQDN's to be added to Tenant domain and a single user licensed for SfB Online in the namespace to create the domain in the service forest. For example:
- cust1.sbc1.contoso.com
- cust2.sbc1.contoso.com
Then a route will be created for each of these gateways.
These were all just examples. Let me try to make this simpler without specific names.
Carrier Tenant Online PSTN Gateway(s), can be one or greater if failover is being handled by multiple FQDNs.
- sbcBaseName1.carrier.com
- sbcBaseName2.carrier.com
Carrier certificate SAN names
- *.sbcBaseName1.carrier.com
- *.sbcBaseName2.carrier.com
Customer Tenant Domain Name and SBC named used in Route configuration
- cust1.sbcBaseName1.carrier.com
- cust2.sbcBaseName2.carrier.com
The pattern here is that the carrier PSTN Gateway is the base name for which customer names are derived. The customer names will be a single level child of the base domain.
Hope that helps.
The use of wildcards is really not the best solution in my experience as it really doesn't provide any advantage over and above using a normal fqdn cert, and adds to the cost if purchasing them.
We've chosen now to create a standard cert for each SBC, this keeps it simple.
Also I'm sure we tried
SBC1.customer1.ourdomain.com
SBC2.customer1.ourdomain.com
With the wildcard as *.customer1.ourdomain.com and Microsoft would not accept this for some reason so reverted to getting a cert for each SBC.