Centralized SIP trunking routes all VoIP traffic, including branch site traffic, through your data center. The centralized deployment model is simple, cost-effective, and generally the preferred approach for implementing SIP trunks with Communications Server 2010.

Depending on usage patterns within your enterprise, you may not want to route all users through the SIP trunk. To analyze your needs, answer the following questions:

• How big is each site? How many users?
  
  
• Which Direct Inward Dialing (DID) numbers at each site get the most phone calls?
  
  

Distributed SIP trunking is a deployment model in which you implement a local SIP trunk at one or more branch sites. VoIP traffic is then routed from the branch site directly to their service provider, without going through your data center.

Distributed SIP trunking is required only in the following cases:

• The branch site requires survivable phone connectivity (for example, if the WAN goes down). If the branch does need redundancy and failover, the service provider will charge more and the configuration will take longer. This should be analyzed for each branch site. Some of your branches may require redundancy and failover, while others do not.
  
  
• The branch site and data center are in different countries. For compatibility and legal reasons, you need at least one SIP trunk per country.
  
  

The decision about whether to deploy centralized or distributed SIP trunking requires a cost-benefit analysis. In some cases, it may be advantageous to opt for the distributed deployment model even if it is not required. In a completely centralized deployment, all branch site traffic is routed over WAN links. Instead of paying for the bandwidth required for WAN linking, you may want to use distributed SIP trunking.

Note:
For more information about why and how you might use distributed SIP trunking, see Branch Site SIP Trunks.

Communications Server 2010 supports the following connection types for SIP trunking:

• Multiprotocol Label Switching (MPLS) is a private network that directs and carries data from one network node to the next. The bandwidth in an MPLS network is shared with other subscribers, and each data packet is assigned a label to distinguish one subscriber’s data from another’s. This connection type does not require VPN. A potential drawback is that excessive IP traffic can interfere with VoIP operation unless VoIP traffic is given priority.
  
  
• A private connection with no other traffic, for example a leased fiber-optic connection or T1 line, is typically the most reliable and secures connection type. This connection type provides the highest call-carrying capacity, but is typically the most expensive. VPN is not required. Private connections are appropriate for organizations with high call volumes or stringent security and availability requirements.
  
  
• The public Internet is the least expensive connection type, but also the least reliable with the lowest call-carrying capacity.
  
  

  Note:
  Internet connection is the only Communications Server 2010 SIP trunking connection type that requires VPN.

Selecting a Connection Type

The amount of bandwidth your implementation requires depends on call capacity (the number of concurrent calls you must be able to support). Bandwidth availability needs to be taken into account so that you can take full advantage of the peak capacity that you have paid for. Use the following formula to calculate SIP trunk peak bandwidth requirement:

SIP Trunk Peak Bandwidth = Max Simultaneous Calls x 80kbps

For information about how to calculate bandwidth requirements for each SIP trunking connection type, see (insert link to SIP Trunking Drilldown, Bandwidth Considerations).

A Session Border Controller (SBC) is a device used in some VoIP networks to control the signaling and media streams involved in setting up and managing telephone calls or other interactive real-time communications. SBCs are typically deployed in a VoIP network for security purposes, especially when sending and receiving data beyond the corporate network. SBCs provide security features that Communications Server 2010 already provides, so SBCs are not required. Enabling SBC security features in a Communications Server 2010 deployment can interfere with end-to-end data integrity and prevent connections from being established.

Follow these guidelines when deploying an SBC:

• Do not deploy an SBC between a Mediation Server and your firewall.
  
  
• Do not deploy SBCs if your SIP connection will use a dedicated line. They do not enhance security because the line is not publicly accessible.
  
  

Note:
If your SIP trunk will use the public Internet connection type, you can install SBCs for their VPN and tunneling capabilities, but do not enable the SBC security features.

To determine whether you need a certificate for SIP trunking, check with your ITSP about protocol support:

1. If your service provider supports Real-time Transport Protocol (RTP) only, you do not need a certificate.
   
   
2. If your service provider supports Secure Real-time Transport Protocol (SRTP) they must provide you with a certificate.
   
   

Note:
SIP works in conjunction with RTP or SRTP, the protocols that manage the actual voice data in VoIP calls.

The Service Provider Proxy must support the following codecs:

1. G.711 a-law (for Europe)
   
   
2. G.711 µ-law (for North America)
   
   

Generically, SIP can use at least three transport types: UDP, TCP, and TLS. In the default SIP transport configuration, TLS runs over TCP. TLS is used within the Communications Server 2010 network. At the edge of the network, Communications Server 2010 can interoperate over TCP.

Communications Server 2010 does not support UDP for SIP transport because it has problems meeting the minimum standards for enterprise communications security, reliability, and scalability. For details, see http://go.microsoft.com/fwlink/?LinkId=185369.