Genesys Cloud - Main

Hi All,

I have a customer with an on premise Edge.  They have two network ports configured on the Edge, Port 1 - WAN port, Port 2 - LAN port.  they have WebRTC clients inside and outside of the Organization.  They would like outside clients to have the media (audio) traffic of the WebRTC phone traverse the WAN port but when the clients are inside the organization the media traffic to route via the LAN port to save on bandwidth.

The help site does show some diagrams with this connectivity however there is no clear documentation for how to achieve this.  We have tried to add the WebRTC phone trunk to the WAN and LAN ports but the traffic still flows through the WAN port only.

Does anybody know how/if this is possible?

Have raised a case with support but they are not able to confirm yet

Thanks Luke
#ArchitectureandDesign
#Implementation
#Outbound
#PlatformAdministration
#SIP/VolP
#SystemAdministration
#Telephony

------------------------------
Luke Mitchell
G3 Comms Ltd
------------------------------

Hi Luke,

I don't work with WebRTC but have received this long time ago and it seems to be possible.

When a call is initiated from the desktop Browser ( using a WebRTC 'phone') the request is sent to Purecloud , and from there to the Edge for processing. The Edge has no idea where the desktop Browser actually is, and so uses the configured WebRTC Trunk to reach out to Googles STUN servers to ask for the list of candidates where the browser is. The Browser also sends its location (local ip address and NAT'd IP address , or candidate list)  to the STUN server. Once the Edge has the candidate list, it can determine where the SRTP packets (voice) can be sent locally ( direct to the browser via the internal LAN) or routed back out to the Internet to the NAT'd IP.

It is important to note that the site WebRTC Trunk configure for the Edge Group must be bound to the Edge Port that connects to the Internet (usually the WAN port). The WebRTC Trunk is not for the desktop client, but used by the Edge to communicate with the STUN servers.(Which, in this case, belong to Google)

Also important to note, if the user is using the WebRTC externally, then any firewall they are behind must also allow the WebRTC traffic through it.
Take a look at https://help.mypurecloud.com/articles/purecloud-ports-services/ for the WebRTC ports required for both Internal and External clients

------------------------------
Paulo Mesquita
Spark NZ Trading
------------------------------

Ok thanks Paulo,

So my understanding is as you have stated although Genesys care are advising to remove the WebRTC trunk from the WAN port and put it only on the LAN port but I am not happy to risk this on our client as they are 247.  I will try and get a window to test this but would be nice for confirmation on this.

We currently have the WebRTC trunk configured only on the WAN port of the Edge, but when PureCloud tries to initiate the media traffic it does not try and use the local LAN port

This is the ICE logs:

ICE candidates received by the Edge:

i3ice::Session::on_remote_candidates_received_from_peer(): New candidates received from remote peer:

[MediaID, ComponentID, CandidateType, Address]

0, 1, host, ClientInternalIP:52037 0, 1, srflx, ClientExternalIP:52249 0, 1, srflx, ClientExternalIP:52250 0, 1, relay, ClientExternalIP:21294

 

Connectivity checks are performed:

i3ice::Session::on_round_trip_failed(): Round trip between LocalAddress=EdgeWANIP:20306 and RemoteAddress=ClientinternalIP:52037 timed out.

i3ice::Session::on_round_trip_failed(): Round trip between LocalAddress=EdgeWANIP:20306 and RemoteAddress=ClientexternalIP:52249 timed out.

..

i3ice::Session::on_connectivity_check_succeeded(): Outgoing Connectivity Check succeeded. MediaID=0, ComponentID=1, LocalAddress=EdgeWANIP:20306, RemoteAddress=ClientExternalIP:21294,

------------------------------
Luke Mitchell
G3 Comms Ltd
------------------------------

Original Message:
Sent: 12-11-2019 08:35
From: Paulo Mesquita
Subject: WebRTC Configuration/Media Traffic

Hi Luke,

I don't work with WebRTC but have received this long time ago and it seems to be possible.

When a call is initiated from the desktop Browser ( using a WebRTC 'phone') the request is sent to Purecloud , and from there to the Edge for processing. The Edge has no idea where the desktop Browser actually is, and so uses the configured WebRTC Trunk to reach out to Googles STUN servers to ask for the list of candidates where the browser is. The Browser also sends its location (local ip address and NAT'd IP address , or candidate list)  to the STUN server. Once the Edge has the candidate list, it can determine where the SRTP packets (voice) can be sent locally ( direct to the browser via the internal LAN) or routed back out to the Internet to the NAT'd IP.

It is important to note that the site WebRTC Trunk configure for the Edge Group must be bound to the Edge Port that connects to the Internet (usually the WAN port). The WebRTC Trunk is not for the desktop client, but used by the Edge to communicate with the STUN servers.(Which, in this case, belong to Google)

Also important to note, if the user is using the WebRTC externally, then any firewall they are behind must also allow the WebRTC traffic through it.
Take a look at https://help.mypurecloud.com/articles/purecloud-ports-services/ for the WebRTC ports required for both Internal and External clients

------------------------------
Paulo Mesquita
Spark NZ Trading
------------------------------

You could suggest VPN for the external clients, but if Internet is down, that would be down as well.  I suggest redundancy of the internet connectivity through two physically seperate ingress routes so likelihood of losing the internet is practically nill.

------------------------------
Robert Wakefield-Carl
Avtex Solutions, LLC
Contact Center Innovation Architect
robertwc@avtex.com
https://www.Avtex.com
https://RobertWC.Blogspot.com
------------------------------