Poc Net Ip Planning

System Release 1.
PUBLIC SAFETY LTE

PUSH-TO-TALK (PTT)
NETWORKS AND IP PLANNING
GUIDE
October 2011
*6871018P74 *
6871018P74-A
2011 Motorola Solutions, Inc. All rights reserved.
Copyrights
The Motorola products described in this document may include copyrighted Motorola computer programs. Laws
in the United States and other countries preserve for Motorola certain exclusive rights for copyrighted computer
programs. Accordingly, any copyrighted Motorola computer programs contained in the Motorola products described
in this document may not be copied or reproduced in any manner without the express written permission of Motorola.
2011 Motorola Solutions, Inc. All Rights Reserved
No part of this document may be reproduced, transmitted, stored in a retrieval system, or translated into any language
or computer language, in any form or by any means, without the prior written permission of Motorola Solutions, Inc.
Furthermore, the purchase of Motorola products shall not be deemed to grant either directly or by implication,
estoppel or otherwise, any license under the copyrights, patents or patent applications of Motorola, except for the
normal non-exclusive, royalty-free license to use that arises by operation of law in the sale of a product.
Disclaimer
Please note that certain features, facilities, and capabilities described in this document may not be applicable to
or licensed for use on a particular system, or may be dependent upon the characteristics of a particular mobile
subscriber unit or configuration of certain parameters. Please refer to your Motorola contact for further information.
Trademarks
MOTOROLA, MOTO, MOTOROLA SOLUTIONS, and the Stylized M Logo are trademarks or registered
trademarks of Motorola Trademark Holdings, LLC and are used under license. All other trademarks are the property
of their respective owners.
European Union (EU) Waste of Electrical and Electronic Equipment

(WEEE) directive
The European Union's WEEE directive requires that products sold into EU countries must have the crossed out
trashbin label on the product (or the package in some cases).
As defined by the WEEE directive, this cross-out trashbin label means that customers and end-users in EU countries
should not dispose of electronic and electrical equipment or accessories in household waste.
Customers or end-users in EU countries should contact their local equipment supplier representative or service
centre for information about the waste collection system in their country.
Contents
1 Public Safety Long Term Evolution Push-to-Talk (PTT) Architecture .................................................................. 1-1
1.1 PTT Architecture Overview ................................................................................................................ 1-1
1.2 Public Safety LTE Push-to-Talk (PTT) Port Assignment Map.................................................................... 1-4
2 Highly-Available IP Network ....................................................................................................................... 2-1
3 Public Safety Long Term Evolution Push-to-Talk (PTT) Network Implementation.................................................. 3-1
3.1 IP Configuration ............................................................................................................................... 3-1
3.2 Updating any Configured IP Address' ................................................................................................... 3-3
3.3 External Subnet(s) Operations ............................................................................................................. 3-5
3.4 Configuration Examples..................................................................................................................... 3-6
4 Public Safety Long Term Evolution Push-to-Talk (PTT) Firewall Rules................................................................ 4-1
4.1 PTT Switch and Handset Interface Rules............................................................................................... 4-2
4.2 OAMP Traffic Rules.......................................................................................................................... 4-2
4.2.1 Provisioning Graphical User Interface Rules ................................................................................. 4-2
4.2.2 Enterprise Administrator Web Server Interface Rules ..................................................................... 4-3
4.2.3 MTAS Client and MTAS Interface on the PTT Server Interface Rules................................................ 4-3
4.2.4 Operator SNMP Manager and the SNMP Interface on the PTT Server Interface Rules .......................... 4-4
4.2.5 TL1 Interface Rules ................................................................................................................. 4-4
4.2.6 SFTP Interface Rules ............................................................................................................... 4-5
4.2.7 SSH Interface Rules ................................................................................................................. 4-5
5 Transferring Billing Data............................................................................................................................. 5-1
iii
List of Figures
Figure 1-1
Figure 1-2
Figure 2-1
Figure 2-2
Public Safety Long Term Evolution Push-to-Talk (PTT) System Architecture ...................................... 1-2
PTT PS Port Assignment Map ..................................................................................................... 1-4
System Network Overview.......................................................................................................... 2-1
Web server in PTT Solution ........................................................................................................ 2-3
List of Tables
Table 3-1
Table 4-1
Table 4-2
Table 4-3
Table 4-4
Table 4-5
Table 4-6
Table 4-7
Table 4-8
Table 4-9
Table 4-10
Table 4-11
Table 4-12
Motorola Solutions Support Center ................................................................................................ xv

North America Parts Organization ................................................................................................. xv
IP Configuration........................................................................................................................ 3-1
PTT Switch and Handset Interface Rules ....................................................................................... 4-2
Handset and PTT Switch Interface Rules ....................................................................................... 4-2
Operator Browser to PTT server Interface Rules.............................................................................. 4-2
PTT Server to Operator Browser Interface Rules ............................................................................. 4-3
Operator Browser to PTT Server ( Enterprise Administrator Web Server) Interface Rules........................ 4-3
PTT server to Operator Browser ( Enterprise Administrator Web Server) Interface Rules ........................ 4-3
MTAS client and MTAS Interface Rules ........................................................................................ 4-4
Operator SNMP Manager and the SNMP Interface Rules.................................................................. 4-4
SNMP Traps to SNMP Manager Interface Rules ............................................................................. 4-4
TL1 Interface Rules ................................................................................................................... 4-5
SFTP Interface Rules ................................................................................................................. 4-5
SFTP Interface Rules ................................................................................................................. 4-5
vii
About Public Safety LTE Push-to-Talk (PTT) Network

Operations and IP Planning
This guide provides Motorola Solution Public Safety LTE Push-to-Talk (PTT) switch IP network and provides
guidance for the field engineer, who implements the IP interface between the Public Safety Long Term Evolution
Push-to-Talk (PTT) and the customer network. Also covers the following topics:
Different Motorola Solutions Public Safety LTE Push-to-Talk (PTT) IP networks and their implementation
Public Safety LTE Push-to-Talk (PTT) system IP address and subnet assignment
Firewall Rules
This guide is for experienced network administrators responsible for configuring and maintaining the switch.
Administrators should have hands-on experience in configuring, administering, and troubleshooting a network,
should know how to configure routers, switches, and other internetwork devices, and should be familiar with the
protocols and media that their hardware supports. Awareness of the basic topology of their network is also essential.
The term Public Safety LTE Push-to-Talk is referred as PTT in the document for server/system
references and network/services/switch context.
Contact Motorola System Support Center (SSC) if any situations not described in this guide are
encountered or if unable to solve any problem involving the Public Safety LTE Push-to-Talk
(PTT) system using the procedures in this guide.
Related Information
Document
Description
Public Safety LTE

Push-to-Talk (PTT)
Operations, Administration
and Maintenance Guide
Provides how to operate, administer and maintain the Public Safety LTE
Push-to-Talk (PTT) Provisioning Guide SoftSwitch. The Public Safety
LTE Push-to-Talk (PTT) Provisioning Guide Server provides Operations,
Administration, Maintenance functionality through the EMS subsystem. Operators
and system administrators can use Public Safety LTE Push-to-Talk (PTT)
Operations Guide for script execution, monitoring, and maintaining the Public
Safety LTE Push-to-Talk (PTT) system components.
Public Safety LTE

Push-to-Talk (PTT)
Provisioning Guide
Provides detailed procedures for operators/administrators responsible for

configuring and provisioning the Public Safety LTE Push-to-Talk (PTT) Services,
Subscriber provisioning and so on via graphical user interface (GUI). The
operator has control over a large variety of the Public Safety LTE Push-to-Talk
system configuration options by using the Public Safety LTE Push-to-Talk (PTT)
SoftSwitch GUI. The EMS browser offers pull-down menus and default values
in the point-and-click fashion for easy operation. The provisioning guide does
not contain any procedures for Web XML provisioning and XML Subscriber
Provisioning. For these procedures refer Public Safety LTE Push-to-Talk (PTT)
Web XML Provisioning Guide and Public Safety LTE Push-to-Talk (PTT) XML
Subscriber Provisioning Guide.
ix
Document
Description
Public Safety LTE

Push-to-Talk (PTT)
Hardware Installation
Guide
Describes the Public Safety LTE Push-to-Talk (PTT) hardware components and
features. Designed for the networking or the computer technician responsible for
identifying the hardware components, install/mounting the hardware components,
cabling and replacing the Field Replaceable Units (FRUs) of the Public Safety LTE
Push-to-Talk (PTT) system. It describes the physical and characteristics of the
switch, explain how to install it, and provide LEDs information. The document
does not describe system messages that you might receive or how to configure
your switch.
Public Safety LTE

Push-to-Talk (PTT)
Software Installation and
Upgrade Guide
Provides a description of the Public Safety LTE Push-to-Talk (PTT) Software

Installation and Upgrade Guide including detailed information about how to
initially configure, reinstall, and upgrade the system software.
Public Safety LTE

Provides the user to identify the issues faced while working with the system
Push-to-Talk (PTT) Alarms and hence troubleshoot the same. It provides methods to collect system data for
and Output Messages Guide troubleshooting and validating the same.
This guide contains procedures for troubleshooting information that depict
capabilities within the system for Fault detection, Alarm management, alarm
resolution, and Operations. This guide covers a comprehensive list of alarms and
events available in Motorolas Public Safety LTE Push-to-Talk (PTT) solution.
Revision History
The following sections show the revision status of this document.
Version Information
The following table describes the changes made to this document:
Version
Date of Issue
Description
OCT 2011
Initial Release
Release information
This section describes the changes in this document for the current release.
Initial Release
Release Information
This release contains OMA features and functionalities (related to provisioning, configuration, billing, statistics, web
server, so on.) which are not supported for commercial deployment. OMA PoC Service shall not be considered
for launching without Motorola's approval. Please contact Product Management for more information. Motorola
recommends the Public Safety LTE Push-to-Talk (PTT) customers to refer the Software Release Manual for better
understanding of the supported and not supported features.
Resolution of Service Requests

The following Service Requests are resolved in this document:
General Information
Service Request
CMBP Number
Description
N/A
N/A
N/A
General Information
Motorola Solutions documents provide the information to operate, install, and maintain Motorola equipment. It is
recommended that all personnel engaged in such activities be properly trained by Motorola Solutions.
Always use the switch and software configuration settings specified by Motorola Solutions. If other settings are
necessary for proper system operation, consult with the Motorola SSC. Deviating from Motorolas original
configuration settings in your system may result in damage to equipment or loss of service.
Motorola disclaims all liability whatsoever, implied or expressed, for any risk of damage, loss or reduction in system
performance arising directly or indirectly out of the failure of the customer, or anyone acting on the customer's
behalf, to abide by the instructions, system parameters, or recommendations made in this document.
These documents are not intended to replace the system and equipment training offered by Motorola. They can be
used to supplement and enhance the knowledge gained through such training.
If this document was obtained when attending a Motorola Solutions training course, it is not updated or
amended by Motorola Solutions. It is intended for TRAINING PURPOSES ONLY. If it was supplied
under normal operational circumstances, to support a major software release, then Motorola Solutions
automatically supplies corrections and posts on the Motorola Solutions customer website.
Cross References
References made to external publications are shown in italics. Other cross references, emphasized in blue text in
electronic versions, are active links to the references.
This document is divided into numbered chapters that are divided into sections. Sections are not numbered, but are
individually named at the top of each page, and are listed in the table of contents.
Document banner definitions

A banner indicates that some information contained in the document is not yet approved for general customer use. A
banner is oversized text on the page, for example, PRELIMINARY UNDER DEVELOPMENT
Icon Conventions
The documentation set is designed to give the reader more visual clues. The following graphic icons are used
throughout the documentation set. These icons and their associated meanings are described below.
The signal word DANGER with the associated safety icon implies information that, if disregarded,
will result in death or serious injury.
xi
The signal word WARNING with the associated safety icon implies information that, if disregarded,
could result in death or serious injury, or serious product damage.
The signal word CAUTION with the associated safety icon implies information that, if disregarded,
may result in minor or moderate injury, or serious product damage.
The signal word CAUTION may be used without the safety icon to state potential damage or injury
that is not related to the product.
IMPORTANT statements contain information that is crucial to the discussion at hand, but is not CAUTION
or WARNING. There is no warning level associated with the IMPORTANT statement.
NOTE contains information more important than the surrounding text, such as exceptions or preconditions.
They also refer the reader elsewhere for additional information, remind the reader how to complete an
action (when it is not part of the current procedure, for instance), or tell the reader where something is
located on the screen. There is no warning level associated with a note.
SUGGESTION
SUGGESTION implies a recommendation or tip from Motorola that does not require to be followed, but
might be helpful. There is no warning level associated with SUGGESTION.
Style Conventions
The following style conventions are used:
xii
Convention
Description
Bold
This typeface is used for names of, for instance, windows, buttons, and labels
when these names appear on the screen (example: the Alarms Browser window).
When it is clear that we are referring to, for instance, a button, the name is used
alone (example: Click OK).
Monospacing font in
bold
This typeface is used for words to be typed in exactly as they are shown in the
text (example: In the Address field, type http://ucs01.ucs:9080/)
Monospacing font
This typeface is used for messages, prompts, and other text displayed on the
computer screen (example: A new trap destination has been
added).
General Safety Information

Convention
Description
Monospacing font in
bold Italic
This typeface is used with angle brackets for words to be substituted by a specific
member of the group that the words represent (example: <router number>).
In sequences to be typed in, the angle brackets are omitted to avoid

confusion as to whether the angle brackets are to be included in the
text to be typed.
CAPITAL LETTERS
This typeface is used for keyboard keys (example: Press Y, and then press
ENTER).
Italic
This typeface is used citations. This can be the name of a document or a phrase
from another document (example: Dimetra IP System Overview.
An (arrow pointing right) is used for indicating the menu or tab structure in
instructions on how to select a certain menu item (example: File Save) or
a certain sub-tab.
General Safety Information

Remember: Safety depends on you!!
The following general safety precautions must be observed during all phases of operation, service, and repair of the
equipment described in this manual. Failure to comply with these precautions or with specific warnings elsewhere in
this manual violates safety standards of design, manufacture, and intended use of the equipment. Motorola, Inc.
assumes no liability for the customers failure to comply with these requirements. The safety precautions listed
below represent warnings of certain dangers of which we are aware. You, as the user of this product, should
follow these warnings and all other safety precautions necessary for the safe operation of the equipment in your
operating environment.
Ground the Instrument

To minimize shock hazard, the equipment chassis and enclosure must be connected to an electrical earth ground.
The power cable must be either plugged into an approved three-contact electrical outlet or used with a three-contact
to two-contact adapter. The three-contact to two-contact adapter must have the grounding wire (green) firmly
connected to an electrical ground (safety ground) at the power outlet. The power jack and mating plug of the power
cable must meet International Electro technical Commission (IEC) safety standards.
ESD Procedure
Motorola Solutions strongly recommends that you use an antistatic wrist strap and a conductive foam pad when
installing or upgrading the system. Electronic components, such as disk drives, computer boards, and memory
modules, can be extremely sensitive to Electrostatic Discharge (ESD). After removing the component from the
system or its protective wrapper, place the Wrist Strap component flat on a grounded, static-free surface, and in the
case of a board, component-side up. Do not slide the component over any surface.
If an ESD station is not available, you can avoid damage resulting from ESD by wearing an antistatic wrist strap
(available at electronics stores) that is attached to an unpainted metal part of the system chassis.
Hazardous voltage, current, and energy levels are present in this product. Power switch terminals can have
hazardous voltages present even when the power switch is off. Do not operate the system with the cover removed.
Always replace the cover before turning on the system. Do not operate in an explosive atmosphere. Do not operate
the equipment in the presence of flammable gases or fumes. Operation of any electrical equipment in such an
environment constitutes a definite safety hazard.
xiii
Keep away from live circuits

Operating personnel must adhere to the following:
Do not remove equipment covers. Only Factory Authorized Service Personnel or other qualified maintenance
personnel may remove equipment covers for internal subassembly, or component replacement, or any
internal adjustment.
Do not replace components with power cable connected. Under certain conditions, dangerous voltages may
exist even with the power cable removed.
Always disconnect power and discharge circuits before touching them.
Do not service or adjust alone

Do not attempt internal service or adjustment, unless another person, capable of rendering first aid and resuscitation,
is present.
Use caution when exposing or handling the CRT

Breakage of the Cathode-Ray Tube (CRT) causes a high-velocity scattering of glass fragments (implosion). To
prevent CRT implosion, avoid rough handling or jarring of the equipment. Only qualified maintenance personnel,
using approved safety mask and gloves, should handle the CRT.
Do not substitute parts or modify equipment

Because of the danger of introducing additional hazards, do not install substitute parts or perform any unauthorized
modification of equipment. Contact Motorola Warranty and Repair for service and repair to ensure that safety
features are maintained.
Dangerous procedure warnings

Warnings, such as the example below, precede potentially dangerous procedures throughout this manual. Instructions
contained in the warnings must be followed. You should also employ all other safety precautions that you deem
necessary for the operation of the equipment in your operating environment.
Hazardous Voltage
Voltages, capable of causing death, are present in this equipment. Use extreme caution when handling, testing,
and adjusting.
Non-Disclosure and Assistance Information

Please be advised that the data contained herein is Motorola Confidential Restricted and is subject to the terms and
conditions of the Non-Disclosure agreement. The distribution of this data should be limited to employees with a
need to know. This information shall not be disseminated to any third parties without Motorolas prior written
permission. This data is intended for reference and is not intended to modify the contract.
PoC Security Information

Do not implement any security features/enhancements or make any security/OS parameter changes on PoC
network elements without contacting the CNRC. Unsupported security/OS modifications may result in failed
upgrades/backouts or may leave the system in irrecoverable state.
xiv
Contacting Motorola Solutions Support
Contacting Motorola Solutions Support

Motorola solutions appreciates feedback from the users of our documents.
Support Center
The Motorola Solutions Support Center (SSC) is the primary Motorola Solutions contact. Call:
Prior to any software reload.
To confirm troubleshooting results and analysis prior to removing and replacing a Field Replaceable Unit
(FRU) and Field Replaceable Entity (FRE) to repair the system.
Motorola Solutions Support Center
For....
Phone
Domestic Calls
8004227144
International Calls
8475767300
North America Parts Organization

For assistance in ordering replacement parts or identifying a part number, contact Motorola's parts organization.
Please remember that your first response when troubleshooting your system is to call the Motorola SSC.
North America Parts Organization
For....
Phone
Phone Orders
8004202210 (US and Canada Orders)

8475388023 (International Orders)
Fax Orders
8006226210 (US and Canada Orders)
Help identifying an item or part number
8004224210 and select choice 3 from the menu
Ordering documents and CD-ROMs

With internet access available, to view, download, or order documents (original or revised), visit the Motorola
Solutions customer web page at https://businessonline.motorola.com, or contact your Motorola account
representative.
Without internet access available, order hard-copy documents or CD-ROMs from your Motorola Solutions Local
Office or Representative.
If Motorola Solutions changes the content of a document after the original printing date, Motorola Solutions
publishes a new version with the same part number but a different revision character.
Errors
To report a documentation error, call the SSC and provide the following information to enable support to open
an SR (Service Request):
The document type
The document title, part number, and revision character
xv
The page number with the error

A detailed description of the error and if possible the proposed solution
xvi
1
Public Safety Long Term Evolution
Push-to-Talk (PTT) Architecture
Topics Covered in this Chapter
PTT Architecture Overview
Public Safety LTE Push-to-Talk (PTT) Port Assignment Map
The Public Safety Long Term Evolution Push-to-Talk (PTT) systems are connected by IP or Ethernet networks. IP
networks are an integral part of the Motorola Solutions Public Safety Long Term Evolution Push-to-Talk (PTT)
system that consists of three potential exposed IP subnet and multiple non-exposed IP subnets.
The non-exposed IP subnets are internal to Public Safety Long Term Evolution Push-to-Talk (PTT) system operation
and other systems in the customer network can not reach the Public Safety Long Term Evolution Push-to-Talk (PTT)
non-exposed IP subnets directly. To access the non-exposed subnet systems, the administrator first needs access to
the NMHost, which is a system in the exposed IP subnet. From the NMHost, the administrator has access to the
systems that are in non-exposed subnets.
The Public Safety Long Term Evolution Push-to-Talk (PTT) requires one exposed or routable subnet for management
operations, also referred to as the management subnet or management VLAN, such as billing system interconnection,
SNMP agent interconnection alarm and, operational measurements and secure shell (ssh) or secure FTP (SFTP).
This subnet is typically connected to the customer LAN or WAN network.
1.1 PTT Architecture Overview

Following diagram shows the IP connectivity of the Public Safety Long Term Evolution Push-to-Talk (PTT) system
components.
6871018P74A - OCT 2011
1-1
Figure 1-1
Public Safety Long Term Evolution Push-to-Talk (PTT) System Architecture
The PTT system and the customer network has the following main components:
DL380 Server(s) :HP Proliant DL380 G6 is the Public Safety Long Term Evolution Push-to-Talk (PTT)
server platform. A redundant server is available addition to the primary server.
One DL380 server is configured to run all active processes. The other DL380 server is configured to run all
backup and EMS processes. Together, the servers provide the following:
Control Public Safety LTE Push-to-Talk (PTT) system component startup and shutdown
Log events
Run the Managed Object (MO) server process, which provides the HTTP and Transaction Language
1 (TL1) interfaces to the provisioning database. MO server process collects the statistics and events,
and raises SNMP traps for transmission to one or more SNMP trap recipients.
Provide Management Information Base (MIB) support
Run the Billing North Bound Interface process, which analyzes the call detail records and sends
the billing data.
Monitor the performance of the Public Safety LTE Push-to-Talk (PTT) system.
RAID: The RAID contains and manages the following system elements:
System provisioning database
Alarms database
Call billing data
1-2
6871018P74A - OCT 2011
1.1 PTT Architecture Overview
System statistics
Call performance data
System logs
VLAN : The virtual local area network (VLAN) technology is developed for switches to control broadcast
operations in LANs. Virtual local area networks (VLANs) establishes the IP connectivity among the private
nodes within the Public Safety Long Term Evolution Push-to-Talk (PTT) network. VLANs provide external
access to the private nodes for external communications. A VLAN can span across multiple switches, or
even routers. This enables hosts in a VLAN to be dispersed in a more loose way. That is, hosts in a VLAN
can belong to different physical network segment.
One advantage of VLAN is network security is improved. VLANs cannot communicate with each
other directly. That is, hosts in different VLANs cannot communicate with each other directly. To
enable communications between different VLANs, network devices operating on Layer 3 (such as
routers/switches) are needed.
L1: Redundant links for private traffic
L2: Redundant links for signaling and media traffic (VLAN 1)
L3: Redundant links for management traffic (VLAN 2)
L4: Redundant links for Web server traffic (VLAN 3)
L5: Connection between iLO port and regular ethernet port of same DL380
Public Safety Long Term Evolution Push-to-Talk (PTT) traffic to and from the switch is classified as listed. There are
separate physical links dedicated to each type of traffic. Thus the Public Safety Long Term Evolution Push-to-Talk
(PTT) switch caters to 3 external networks.
Management network to accommodate management traffic : Network management deals with the
process of monitoring and controlling the activities of network besides transforming the network into a
managed resource by improving performance, efficiency, and security. It also helps to operate, administer,
and maintain the network systems.
Signaling/ Media network to accommodate VoIP traffic: When a network is presented with large amounts
of user activity and session initiation requests, the service must be able to handle and efficiently process
that traffic.
Web server network to accommodate to web server traffic: Web Server traffic is the amount of data sent
and received by a web server.
Alternatively, there is an option to collapse the different traffic types into a single network. In addition, there is an
internal network used by the Public Safety Long Term Evolution Push-to-Talk (PTT) applications to communicate
with each other in the Public Safety Long Term Evolution Push-to-Talk (PTT) switch. This internal network is fixed
as 192.168.0.0/24 and cannot be changed.
The network for iLO connections is 172.16.0.0/24 and for RAID management connections is 10.0.0.0/24.
The external subnet(s) are restricted to reach the respective interfaces on the Public Safety Long Term Evolution
Push-to-Talk (PTT) switch.
A subnetwork, or subnet, is a logically visible subdivision of an IP network. The practice of dividing a network
into subnetworks is called sub-netting. All computers that belong to a subnet are addressed with a common,
identical, most-significant bit-group in their IP address. This results in the logical division of an IP address into
two fields, a network or routing prefix and the rest field. The rest field is a specific identifier for the computer
or the network interface.
The external subnet access restriction is a mandatory configuration while configuring the switch. For example,
external subnet A and subnet B are configured to reach the Signaling/ Media network on the Public Safety Long
Term Evolution Push-to-Talk (PTT) switch. Thus a network device from subnet C cannot reach the Signaling/ Media
network on the Public Safety Long Term Evolution Push-to-Talk (PTT) switch.
6871018P74A - OCT 2011
1-3
1.2 Public Safety LTE Push-to-Talk (PTT) Port

Assignment Map
The following describes the ports and their assignment in a Public Safety Long Term Evolution Push-to-Talk
(PTT) system.
Figure 1-2
1-4
PTT PS Port Assignment Map
6871018P74A - OCT 2011
Highly-Available IP Network
The following graphic depicts the redundant IP network as a bus function between the system components. This
function allows the Public Safety Long Term Evolution Push-to-Talk (PTT) switch to continue operation in the event
of a single point of failure. A single point of failure is defined as an ethernet link/ port failure. It includes single
uplink failure when a dual uplink configuration is used. The Public Safety Long Term Evolution Push-to-Talk
(PTT) switch does not support multiple points of failure including dual uplink failure. Care should be taken in the
design of the customer network uplink interconnections.
Figure 2-1
System Network Overview
The Public Safety Long Term Evolution Push-to-Talk (PTT) switch supports a highly available (HA) IP network
system. For each external subnet (management, signaling/ media, webserver), 2 ethernet ports (per nmhost) are
used. These 2 ports are bonded using Linux Bonding (Active/ Backup mode) to overcome any Ethernet port failure.
The 2 links are connected to 2 ports on the customer router to overcome any Ethernet link failure. If redundant
customer routers are used, the 2 links are connected to these 2 routers (i.e., 1 port on DL380 to 1 router and another
port on DL380 to another router). The 2 routers must be configured with VRRP (or equivalent protocol) so that
router redundancy can work.
The Public Safety Long Term Evolution Push-to-Talk (PTT) system has the following main components:
Control Switch (CS): The Control Switch supports all call processing for the Motorola Solutions Public
Safety Long Term Evolution Push-to-Talk (PTT) system. The Control Switch controls the call setup and tear
down as well as collection of mid-call data from the end users. The Control Switch is responsible for
associating all call legs of a call with a particular multicast port. The Control Switch also collects call
information and sends it to the Element Management System to generate Usage Detail Records (UDR). The
Control Switch interfaces to the Active Directory to share presence and subscriber data. It is cached at the
Control Switch for users registered on that CS.
The CS provides the basic call processing capabilities for the system.
Active Directory (AD): The Active Directory maintains Public Safety Long Term Evolution Push-to-Talk
(PTT) Subscriber profile including Group Lists, Contact Lists, presence information and subscriber specific
settings. The Public Safety Long Term Evolution Push-to-Talk (PTT) Subscriber and Presence database
6871018P74A - OCT 2011
2-1
maintains data on current Public Safety Long Term Evolution Push-to-Talk (PTT) Subscribers, and provides
the mobile directory number (MDN or MSISDN) to IP address mapping and presence status (registered/user
selected state or not registered). The PTT Subscriber and Presence database (SPdb) also maintains a list of
user groups and contacts, and information associated with groups. This includes the members of the group,
IP address, and presence.
Operators may provision subscribers on the AD through either a web GUI, or XML interface on the AD.
Whenever a Push-to-Talk (PTT) Subscriber registers, de-registers, or makes other changes in status,
the Push-to-Talk (PTT) Subscriber and Presence database is updated. Whenever a Push-to-Talk (PTT)
Subscriber requests a point-to-point or private call, a lookup is carried out to the PTT Subscriber and
Presence Database to identify the called partys IP address and presence status. This lookup is performed
only if the called parties information is not found in the Control Switchs local AD cache. When a call is
made to a Push-to-Talk (PTT) group, a look-up is also carried out to the SPdb to obtain IP addressing and
presence information.
The SPdb maintains the dynamic presence information about all individual members of a given group.
Whenever a registration change happens on the Push-to-Talk (PTT) Subscriber and Presence Database for a
specific Push-to-Talk (PTT) Subscriber, the Push-to-Talk (PTT) Subscriber and Presence database triggers an
update to the group information (the Push-to-Talk (PTT) Subscriber is a member of a list of groups each of
which is potentially owned by some SPdb) and to the SPdb entries of all other subscribers who have that
subscriber as a contact. As a result, only registered members of a given group being called will be returned
back from the SPdb to the CS for call processing.
NMHost (Element Management System): The Element Manger is the network management control point
for each of the elements within the system. The Element Manager interfaces to the operators management
system via the SNMP standard Network Management interface. The Element Manager for the Control
Switch supports generation of Usage Detail Records for each PTT call and the Element Manager for
the Active Directory support provisioning interfaces for carrier provisioning of subscribers. Alarming,
performance, and system configuration is managed by the Element Manager as well.
Web Server: The PTT web server provides a web interface for enterprise administrators to provision and
manage contacts and groups. The web interface is available only for enterprise administrators. The Web
Server interfaces to the Active Directory. The actual storage of the groups and contacts is in the Active
Directory.
Following graphic shows the Web server in the overall architecture of the Public Safety Long Term Evolution
Push-to-Talk (PTT) solution.
2-2
6871018P74A - OCT 2011
1.2 Public Safety LTE Push-to-Talk (PTT) Port Assignment Map
Figure 2-2
Web server in PTT Solution
Enterprise Administrator Access: The Web server provides a web-based interface for Enterprise
Administrators. Operator creates and manages the administrator at the EMS GUI interface. Once
provisioned, the administrators may use the Web server to manage the contacts and groups for the
members of their enterprise.
The following is a list of major features that administrators can access through the Web server:
Manage (add, modify, delete) entries from Contact List
Assign or remove individual contact entries from subscriber phones in the enterprise manage groups
Manage groups and members of groups
Manage Chat group (add, modify, delete) operations
Assign or remove individual group entries from subscriber phones in the enterprise
Change Administrator Password
IPMH: The IP Message Handler (IPMH) process is responsible for any route incoming / outgoing SIP call
control messages to / from the call control processes. The IPMH process is responsible for routing the IP
messages between the PTT entities and executing the load balancing policy for Public Safety Long Term
Evolution Push-to-Talk (PTT).
MRS: The Media Resource Server (MRS) is a pure IP-based network element without the TDM interfaces.
The MRS implements the following media-specific services:
Voice multicasting
Multi-party calls
The media stream is based on the Real-time Transport Protocol (RTP) or the User Datagram Protocol (UDP)
or the Internet Protocol (IP) format. The MRS replicates the voice from one stream to other streams that are
part of the same session for one to one and group calls.
The MRS processes run only in active configuration. Loss of the MRS process results in all active calls on
6871018P74A - OCT 2011
2-3
that card to drop.

The standard MRS uses RTP/RTCP ports in the range 2300-4300.
SNMP: Simple network management protocol (SNMP) is used for ensuring the transmission of the
management information between any two nodes. The network administrators can easily search and modify
the information on any node on the network. In the meantime, they can locate faults promptly and implement
the fault diagnosis, capacity planning and report generating.
SNMP adopts the polling mechanism and provides the most basic function set. It is used to manage the
Public Safety Long Term Evolution Push-to-Talk (PTT) systems and performs either of the following to
collect information from the Public Safety Long Term Evolution Push-to-Talk (PTT) systems.
Get/Set/Walk the MIB of the Public Safety Long Term Evolution Push-to-Talk (PTT) system containing
information about the hardware, configuration, alarms, and events.
Receive traps from the Public Safety Long Term Evolution Push-to-Talk (PTT) system when alarms
or events occur.
SMTP Server :The Simple Mail Transfer Protocol (SMTP) server uses SMTP (Simple Mail Transfer
Protocol) common mechanism for transferring e-mails among different hosts. The ADs and Web servers
send e-mail notification to the SMTP server. For auto provisioning feature, the ADs send e-mail to the SMTP
server and the web server for forgot/reset password support.
DNS: The Domain Name Server (DNS) translates hostnames to IP addresses. For example,
pttcs.mot-sol.com to 10.51.25.131. The following use the DNS:
The PTT handsets to get the IP addresses of the PTT CS. They perform a DNS lookup. For example,
pttcs.mot.com
The PTT CS to route NNI calls to the other operator PTT system.
NTP: Network time protocol (NTP) is a time synchronization protocol defined by RFC1305. It is used for
time synchronization among a set of distributed time servers and clients. NTP is based on user datagram
protocol (UDP). NTP is mainly applied to synchronizing the clocks of all the network devices in a network.
NTP is intended for time synchronization of all devices that have clocks in a network, so that the clocks of all
devices can keep consistent. This enables the applications that require unified time.
A network running NTP not only can be synchronized by other clock sources, but also can serve as a clock
source to synchronize other clocks. Besides, it can negotiate with other network devices by exchanging NTP
packet to reach the time for them to synchronize to.
In Public Safety Long Term Evolution Push-to-Talk (PTT) system the Network Time Protocol (NTP) server
is a dedicated time server. It synchronizes the time across all the network elements such as NMHosts( 2
DL380 's) within Public Safety LTE Push-to-Talk (PTT) architecture using NTP. It is essential to have all
the elements in the network NTP synchronized. It is important for billing purposes to get the exact time of
the call. This method is also applicable for the events which are raised in this network and would be used
in a different network.
NAT: The Network Address Translation (NAT) devices are deployed on the edges of the operator networks.
These devices are mainly for security purposes and for address translation, when private IP addresses are
used.
The PTT server must expose its SIP (signaling) and SDP (media) IP addresses to the following external
entities:
PTT handsets in the operator network
NNI servers for NNI calls (PTT servers of other operators)
Therefore, the PTT server includes functionality, where it is aware of NAT translated SIP and SDP addresses.
These addresses are used in signaling messages to ensure that handsets and NNI servers are able to reach the
PTT server through NAT.
The PTT server has the following configurations to support NAT address translations:
NAT addresses for communication with handsets
SIP IP address
SDP addresses
2-4
6871018P74A - OCT 2011
1.2 Public Safety LTE Push-to-Talk (PTT) Port Assignment Map
The mentioned addresses are reachable from handset clients.

NAT addresses for communication with NNI servers
SIP NNI IP address
SDP NNI IP addresses
The mentioned addresses are reachable from all NNI servers.
6871018P74A - OCT 2011
2-5
3
Push-to-Talk (PTT) Network Implementation
IP Configuration
Updating any Configured IP Address'
External Subnet(s) Operations
Configuration Examples
The standard Public Safety Long Term Evolution Push-to-Talk (PTT) shipped with each switch chassis includes
Two DL380 G6 Servers
One RAID
3.1 IP Configuration
The entire IP configuration on the Public Safety Long Term Evolution Push-to-Talk (PTT) server is done using
networkConf.sh script.
A file /cluster/xfs/etc/ipConfig.cfg, must be created that contains the following IP related information.
Table 3-1
IP Configuration
NO.
IP
Configuration Description/Summary
SIGNALING_IP
This is the IP Address for signalling (SIP). This IP floats

between the two DL380s and is associated with the DL380
where the active IPMH is running. The handsets uses this
IP address(NAT not configured) to send SIP messages.
MEDIA_IP_1
The media (RTP/RTCP) on NMHOST01uses this IP

address. This IP is fixed on the DL380.
MEDIA_IP_2
The media (RTP/RTCP) on NMHOST02 uses this IP

address. The IP is fixed on the DL380.
SIGNALING_MEDIA_NETMASK
The signaling/ media network on the Public Safety Long

Term Evolution Push-to-Talk (PTT) switch uses the netmask.
SIGNALING_MEDIA_GATEWAY
All the signaling/ media traffic to reach the clients (VoIP

devices) uses this gateway.
SIGNALING_MEDIA_SUBNETS
This is a list of subnets that has access to the

signaling/media interface on the Public Safety Long Term
Evolution Push-to-Talk (PTT) switch. Each subnet is in
a.b.c.d/n (Classless Inter-Domain Routing (CIDR))
format where a.b.c.d is like any IP Address and
n is the subnet mask in integer format. For example,
255.255.255.0 will be 24. Multiple subnets can be
specified (each separated by a comma). For example,
10.51.4.0/24, 10.51.37.0/24,10.51.74.0/24,
10.234.16.0/24,10.232.0.0/16
6871018P74A - OCT 2011
3-1
Table 3-1
3-2
IP Configuration (cont'd.)
NO.
IP
Configuration Description/Summary
MANAGEMENT_FLOATING_IP
The management network on the Public Safety Long Term

Evolution Push-to-Talk (PTT) switch uses this IP address.
This IP floats between the two DL380s and associated with
the DL380 where the wms_nmh1 service is running.
MANAGEMENT_IP_1
The management network on NMHOST01 uses this IP

MANAGEMENT_IP_2
The management network on NMHOST02. The IP is fixed

on the DL380.
10
MANAGEMENT_NETMASK
The netmask is used for the management network on the

Public Safety Long Term Evolution Push-to-Talk (PTT)
switch.
11
MANAGEMENT_GATEWAY
All the management traffic reaching the clients, uses this

gateway.
12
MANAGEMENT_SUBNETS
This is a list of subnets that has access to the management

interface on the Public Safety Long Term Evolution
Push-to-Talk (PTT) switch. Each subnet is in a.b.c.d/n
(CIDR) format where a.b.c.d is like any IP Address
and n is the subnet mask in integer format. For example,
255.255.255.0 will be 24. Multiple subnets can be
specified (each separated by a comma). For example,
10.51.4.0/24, 10.51.37.0/24,10.51.74.0/24,
10.234.16.0/24,10.232.0.0/16
13
WEBSERVER_FLOATING_IP
The web server network on the Public Safety Long Term

Evolution Push-to-Talk (PTT) switch uses this floating IP.
This IP floats between the two DL380s and associated
with the DL380 where the web server (part of wms_nmh1
service) is running.
14
WEBSERVER_IP_1
The web server network on NMHOST01 uses this IP

15
WEBSERVER_IP_2
The web server network on NMHOST02 uses this IP

16
WEBSERVER_NETMASK
The web server network on the Public Safety Long Term

Evolution Push-to-Talk (PTT) switch uses the netmask.
17
WEBSERVER_GATEWAY
All web server traffic to reach the clients uses this gateway.
18
WEBSERVER_SUBNETS
This is a list of subnets that has access to the web server

interface on the Public Safety Long Term Evolution
Push-to-Talk (PTT) switch. Each subnet will be in
a.b.c.d/n (CIDR) format where a.b.c.d is like any
IP Address and n is the subnet mask in integer format. For
example, 255.255.255.0 will be 24. Multiple subnets
can be specified (each separated by a comma). For example,
10.51.4.0/24, 10.51.37.0/24,10.51.74.0/24,
10.234.16.0/24,10.232.0.0/16
19
DEFAULT_GATEWAY
This is the IP Address of the default gateway.
6871018P74A - OCT 2011
3.2 Updating any Configured IP Address'
3.2 Updating any Configured IP Address'

Perform the following procedure to update the configured IP address'.
Prerequisites: The devices are properly connected and all the required IP address' are available. The destination
port and traffics are defined. The port on which to perform this configuration has been determined.
When and where to use: To update/edit any IP address' which are already configured.
Procedure Steps
1
Login to NMHost01.
login as: swuser
I've read & consent to terms in IS user agreem't.
swuser@10.234.22.165's password:
Last login: Fri Jun 10 03:28:36 from 10.232.53.167
I've read & consent to terms in IS user agreem't.
[swuser@nm71-01:swuser]$
Login as root.
[swuser@nm71-01:swuser]$ su Password:
[root@nm18-01:root]#
Edit the /cluster/xfs/etc/ipConfig.cfg file.

[root@nm18-01:root]# vi /cluster/xfs/etc/ipConfig.cfg
6871018P74A - OCT 2011
3-3
Execute /root/SCRIPTS/networkConf.sh u
By default, the network configuration script mandates that SIGNALING_MEDIA,

MANAGEMENT and WEB SERVER be in distinct subnets. However, there is an option
allow_same that can be used as the first argument if this check needs to be bypassed.
[root@nm18-01:root]# /root/SCRIPTS/networkConf.sh -u
Below is the related IP configuration details
SIGNALING_IP=10.51.24.173 MEDIA_IP_1=10.51.24.171
MEDIA_IP_2=10.51.24.172 SIGNALING_MEDIA_NETMASK=255.255.255.0
SIGNALING_MEDIA_GATEWAY=10.51.24.1
MANAGEMENT_FLOATING_IP=10.51.13.143
MANAGEMENT_IP_1=10.51.13.141
MANAGEMENT_NETMASK=255.255.255.0
MANAGEMENT_GATEWAY=10.51.13.1
WEBSERVER_FLOATING_IP=10.51.28.123
WEBSERVER_IP_1=10.51.28.121
WEBSERVER_NETMASK=255.255.255.0
WEBSERVER_GATEWAY=10.51.28.1
DEFAULT_GATEWAY=10.51.13.1
SIGNALING_MEDIA_SUBNETS=10.51.74.0/24
MANAGEMENT_SUBNETS=10.51.122.0/24,10.232.53.0/24
WEBSERVER_SUBNETS=10.234.16.0/24,10.234.12.0/24,
10.234.17.0/24,10.232.53.161/32,10.232.53.191/32
Please enter swuser password for NMHOST02:
Please enter root password for NMHOST02:
This may take some time. Please be patient.
reboot both NMHOST01 and NMHOST02.
This script will
PLEASE NOTE THAT NAT IP ADDRESSES WILL NOT BE UPDATED.

PLEASE REFER TO THE PROVISIONING GUIDE FOR THE PROCEDURE TO UPDATE NAT IP
ADDRESSES.
Everything seems OK. Rebooting NMHOST01
Broadcast message from root (pts/4) (Sun Mar 6 22:09:12 2011):
The system is going down for reboot NOW!
The script execution reboots both NMHost01 and NMHost02.
3-4
6871018P74A - OCT 2011
3.3 External Subnet(s) Operations
Update the NAT addresses for SIP and Media (for each MRS).
a. For SIP, Select Home -> Configuration -> NNI -> Params -> Edit -> Global Parameters -> External
SIP IP Address
Refer section Setting NNI Params in Public Safety Long Term Evolution Push-to-Talk (PTT) Provisioning
Guide.
b. For Media, Home -> Configuration -> MRS NAT Configuration -> Edit (for each MRS) -> NAT
RTP Address.
Refer section Configuring MRS NAT in Public Safety Long Term Evolution Push-to-Talk (PTT)
Provisioning Guide.
3.3 External Subnet(s) Operations

Perform the following procedure for addition/deletion/modification operations on external subnets.
Prerequisites: The devices are properly connected and all the required IP address' are available. The destination
port and traffics are defined. The port on which to perform this configuration has been determined.
When and where to use: To perform addition/deletion/modification operations on external subnet(s).
Procedure Steps
1
Logon to NMHost01.
login as: swuser
swuser@10.232.114.86's password:
This Session will be Logged
Last login: Wed Oct 28 08:32:24 from 10.232.2.147
You have new mail.
[swuser@nm18-01:swuser]$
Login as root.
[swuser@nm18-01:swuser]$ su Password:
To add/ delete/ modify external subnet(s) from which access is allowed to respective interfaces on the Public
Safety Long Term Evolution Push-to-Talk (PTT) switch, edit the /cluster/xfs/etc/ipConfig.cfg file.
[root@nm18-01:root]# vi /cluster/xfs/etc/ipConfig.cfg
6871018P74A - OCT 2011
3-5
Execute /root/SCRIPTS/networkConf.sh r
By default, the network configuration script mandates that SIGNALING_MEDIA,

MANAGEMENT and WEB SERVER be in distinct subnets. However, there is an option
allow_same that can be used as the first argument if this check needs to be bypassed.
[root@nm18-01:root]# /root/SCRIPTS/networkConf.sh r
Below is the related IP configuration details
SIGNALING_IP=10.51.24.173 MEDIA_IP_1=10.51.24.171
MEDIA_IP_2=10.51.24.172
SIGNALING_MEDIA_NETMASK=255.255.255.0
MANAGEMENT_SUBNETS=10.51.122.0/24,10.232.53.0/24,10.51.106.0/24
WEBSERVER_SUBNETS=10.234.16.0/24,10.234.12.0/24,10.234.17.0/24,
10.232.53.161/32,10.232.53.191/32
Please enter swuser password for NMHOST02:
Please enter root password for NMHOST02:
Everything seems OK.
3.4 Configuration Examples

Following is the example of a typical Public Safety Long Term Evolution Push-to-Talk (PTT) switch after running
the LINUX commands ifconfig, ip addr list and route.
The contents of /cluster/xfs/etc/ipConfig.cfg file are given first.
SIGNALING_IP=10.51.30.173
MEDIA_IP_1=10.51.30.171
MEDIA_IP_2=10.51.30.172
SIGNALING_MEDIA_NETMASK=255.255.255.0
3-6
6871018P74A - OCT 2011
MANAGEMENT_SUBNETS=10.232.53.191/32,10.232.53.161/32,10.234.12.40/32,
10.234.12.0/24,10.234.16.0/24,10.234.17.0/24,10.232.53.0/24,10.51.122.0/24
WEBSERVER_SUBNETS=
ifconfig
[root@nm13-01:swuser]# ifconfig
bond0 Link encap:Ethernet HWaddr D8:D3:85:B1:70:42
inet addr:192.168.0.141 Bcast:192.168.0.255
Mask:255.255.255.0
inet6 addr: fe80::dad3:85ff:feb1:7042/64 Scope:Link
UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1
RX packets:4107364 errors:0 dropped:0 overruns:0 frame:0
TX packets:4256896 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1319644627 (1.2 GiB)
TX bytes:788944444 (752.3 MiB)
inet addr:10.51.15.141 Bcast:10.51.15.255
Mask:255.255.255.0
RX bytes:341848870 (326.0 MiB)
TX bytes:26587670 (25.3 MiB)
inet addr:10.51.30.171 Bcast:10.51.30.255
Mask:255.255.255.0
RX bytes:1773230 (1.6 MiB)
TX bytes:76806434 (73.2 MiB)
bond2:1 Link encap:Ethernet HWaddr D8:D3:85:B1:70:46
inet addr:10.51.30.173 Bcast:10.51.30.255
Mask:255.255.255.0
bond3 Link encap:Ethernet HWaddr 00:26:55:DE:8A:D2
inet addr:10.51.24.221 Bcast:10.51.24.255
Mask:255.255.255.0
inet6 addr: fe80::226:55ff:fede:8ad2/64 Scope:Link
6871018P74A - OCT 2011
3-7

RX bytes:7519514 (7.1 MiB)
TX bytes:1308 (1.2 KiB)
eth0 Link encap:Ethernet HWaddr D8:D3:85:B1:70:42
UP BROADCAST RUNNING SLAVE MULTICAST MTU:1500 Metric:1
RX bytes:1319605580 (1.2 GiB) TX bytes:788810060 (752.2 MiB)
Interrupt:169 Memory:f4000000-f4012800
RX bytes:341847256 (326.0 MiB)
TX bytes:26587580 (25.3 MiB)
RX bytes:1772210 (1.6 MiB)
TX bytes:76806344 (73.2 MiB)
inet addr:10.0.0.4 Bcast:10.0.0.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX bytes:0 (0.0 b) TX bytes:1900 (1.8 KiB)
RX bytes:39047 (38.1 KiB) TX bytes:134384 (131.2 KiB)
Memory:fbde0000-fbe00000
RX bytes:1614 (1.5 KiB) TX bytes:90 (90.0 b)
3-8
6871018P74A - OCT 2011
Memory:fbce0000-fbd00000
RX bytes:1020 (1020.0 b) TX bytes:90 (90.0 b)
Memory:fbfe0000-fc000000
eth7 Link encap:Ethernet HWaddr 00:26:55:DE:8A:D2
UP BROADCAST SLAVE MULTICAST MTU:1500 Metric:1
Memory:fbee0000-fbf00000
eth8 Link encap:Ethernet HWaddr 00:26:55:DE:8C:61
inet addr:172.16.0.4 Bcast:172.16.0.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
Memory:fb8e0000-fb900000
eth9 Link encap:Ethernet HWaddr 00:26:55:DE:8A:D2
RX bytes:7519514 (7.1 MiB) TX bytes:1308 (1.2 KiB)
Memory:fb7e0000-fb800000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX bytes:2604674980 (2.4 GiB) TX bytes:2604674980 (2.4 GiB)
ip addr list
[root@nm13-01:swuser]# ip addr list
1: lo: <OOPBACK,UP,LOWER_UP>mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:
pfifo_fast
link/ether
3: eth1:
6871018P74A - OCT 2011
<ROADCAST,MULTICAST,SLAVE,UP,LOWER_UP>mtu 1500 qdisc

master bond0 qlen 1000
d8:d3:85:b1:70:42 brd ff:ff:ff:ff:ff:ff
<ROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc
3-9
pfifo_fast master bond1 qlen 1000

link/ether d8:d3:85:b1:70:44 brd ff:ff:ff:ff:ff:ff
4: eth2: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen
1000
inet 10.0.0.4/24 brd 10.0.0.255 scope global eth3
inet6 fe80::dad3:85ff:feb1:7048/64 scope link
9: eth7: <NO-CARRIER,BROADCAST,MULTICAST,SLAVE,UP> mtu 1500 qdisc
link/ether 00:26:55:de:8a:d2 brd ff:ff:ff:ff:ff:ff
10: eth8: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc
pfifo_fast qlen 1000
link/ether 00:26:55:de:8c:61 brd ff:ff:ff:ff:ff:ff
inet 172.16.0.4/24 brd 172.16.0.255 scope global eth8
12: eth10: <BROADCAST,MULTICAST> mtu 1500 qdisc
noop qlen 1000
13: eth11: <BROADCAST,MULTICAST> mtu 1500 qdisc
noop qlen 1000
14: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
15: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue
inet 192.168.0.141/24 brd 192.168.0.255 scope global bond0
inet 192.168.0.143/24 scope global secondary bond0
3-10
6871018P74A - OCT 2011

inet 10.51.30.173/24 brd 10.51.30.255 scope global secondary bond2:1
inet6 fe80::226:55ff:fede:8ad2/64 scope link
route
[root@nm13-01:swuser]# route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
wms_mgmt * 255.255.255.255 UH 0 0 0 bond0
10.51.15.142 * 255.255.255.255 UH 0 0 0 bond0
10.232.53.191 10.51.15.1 255.255.255.255 UGH 0 0 0 bond1
10.234.12.40 10.51.15.1 255.255.255.255 UGH 0 0 0 bond1
239.192.15.143 * 255.255.255.255 UH 0 0 0 bond0
10.232.53.161 10.51.15.1 255.255.255.255 UGH 0 0 0 bond1
10.51.30.172 * 255.255.255.255 UH 0 0 0 bond0
10.51.24.222 * 255.255.255.255 UH 0 0 0 bond0
10.51.30.173 * 255.255.255.255 UH 0 0 0 bond0
wms_wbsvr * 255.255.255.255 UH 0 0 0 bond0
10.234.12.0 10.51.15.1 255.255.255.0 UG 0 0 0 bond1
10.0.0.0 * 255.255.255.0 U 0 0 0 eth3
172.16.0.0 * 255.255.255.0 U 0 0 0 eth8
192.168.0.0 * 255.255.255.0 U 0 0 0 bond0
10.51.74.0 10.51.30.1 255.255.255.0 UG 0 0 0 bond2
10.51.24.0 * 255.255.255.0 U 0 0 0 bond3
10.51.122.0 10.51.15.1 255.255.255.0 UG 0 0 0 bond1
10.232.53.0 10.51.15.1 255.255.255.0 UG 0 0 0 bond1
10.234.17.0 10.51.15.1 255.255.255.0 UG 0 0 0 bond1
10.51.30.0 * 255.255.255.0 U 0 0 0 bond2
10.234.16.0 10.51.15.1 255.255.255.0 UG 0 0 0 bond1
10.51.15.0 * 255.255.255.0 U 0 0 0 bond1
169.254.0.0 * 255.255.0.0 U 0 0 0 eth8
default 10.51.24.1 0.0.0.0 UG 0 0 0 bond3
6871018P74A - OCT 2011
3-11
4
Push-to-Talk (PTT) Firewall Rules
PTT Switch and Handset Interface Rules
OAMP Traffic Rules
Firewalls are one of the core components of a network security implementation. Firewall rules inspect and filters
the connections between the internal network and the Internet. The first step in creating firewall rules is to list the
services that should be allowed with their sources and destinations.
Following list allows some of the specified service to pass through the firewall.
WWW (HTTP) The HTTP protocol is used by Apache (and by other Web servers) to serve web pages.
SSH Secure Shell (SSH) is a suite of tools for logging into and executing commands on a remote machine.
TCP TCP enables two hosts to establish a connection and exchange streams of data.
UDP UDP, a no connection protocol that, like TCP, runs on top of IP networks. Unlike TCP/IP, UDP/IP
provides very few error recovery services, offering instead a direct way to send and receive datagrams
over an IP network.
SFTP SFTP is a method of transferring files between computers over a secure SSH secure data stream.
Firewall filters provide rules that define whether to permit or deny packets that are transiting an interface on a switch
from a source address to a destination address. Firewall filters determine whether to permit or deny traffic before it
enters or exits a port, VLAN, or Layer 3 (routed) interface to which the firewall filter is applied.
A firewall filter filters on source and destination IP addresses, IP protocols, or protocol informationsuch as TCP
and UDP port numbersnearest to the source devices. However, typically applying a firewall filter that filters only
on a source IP address nearest to the destination devices. When applied too close to the source device, a firewall
filter that filters only on a source IP address could potentially prevent that source device from accessing other
services that are available on the network.
Following firewall types are supported:
Port (Layer 2) firewall filter Port firewall filters apply to Layer 2 switch ports. Apply port firewall
filters on a physical port.
VLAN firewall filter VLAN firewall filters provide access control for packets that enter a VLAN,
are bridged within a VLAN, and leave a VLAN. VLAN firewall filters are applied to all packets that are
forwarded to or forwarded from the VLAN.
Router (Layer 3) firewall filter Apply a router firewall filter on Layer 3 (routed) interfaces and routed
VLAN interfaces.
Each filtering criteria consists of the following components:
Match conditionsSpecifies the values or fields that the packet must contain. You can define various match
conditions, including the IP source address field, IP destination address field, Transmission Control Protocol
(TCP) or User Datagram Protocol (UDP) source port field, IP protocol field, Internet Control Message
Protocol (ICMP) packet type, TCP flags, and interfaces.
ActionSpecifies what to do if a packet matches the match conditions. Possible actions are to accept or
discard a packet.
6871018P74A - OCT 2011
4-1
4.1 PTT Switch and Handset Interface Rules

Table 4-1
PTT Switch and Handset Interface Rules

Destination
IP
Destination port
Any handset
ephemeral port
Signaling IP
5060
5060
Handset
private IP
Any handset
ephemeral port
Destination
IP
Destination port
Protocol
Source IP
Source Port
Handset to PTT
switch
UDP
Handset
private IP
PTT switch to
Handset
UDP
Signaling IP
Table 4-2
TCP
TCP
Handset and PTT Switch Interface Rules

Protocol
Source IP
Source Port
Handset to PTT
switch
UDP
Handset
private IP
Any handset
ephemeral port
Media IP
10000-10799,
12000-12799,
14000-14799,
16000-16799,
18000-18799,
20000-20799,
22000-22799,
24000-24799
PTT switch to
handset
UDP
Media IP
10000-10799,
12000-12799,
14000-14799,
16000-16799,
18000-18799,
20000-20799,
22000-22799,
24000-24799
Handset
private IP
Any handset
ephemeral port
4.2 OAMP Traffic Rules

The OAMP procedures assist the operator in planning system capacity.
4.2.1 Provisioning Graphical User Interface Rules

Table 4-3
Operator Browser to PTT server Interface Rules

Protocol
4-2
Source IP
Source Port
Destination IP
Destination
port
Operator Browser
to PTT server
HTTP
Any web browser

IP having access to
Management network
Any ephemeral
port
Management
floating IP
80
Operator Browser
to PTT server
HTTPS
Any web browser

IP having access to
Management network
Any ephemeral
port
Management
floating IP
443
6871018P74A - OCT 2011
4.2.2 Enterprise Administrator Web Server Interface Rules
Table 4-4
PTT Server to Operator Browser Interface Rules

Protocol
Source IP
Source
Port
Destination IP
Destination port
PTT Server to
Operator Browser
HTTP
Management
floating IP
80
Any web browser

IP having access to
Management network
Any ephemeral port
PTT Server to
Operator Browser
HTTPS
Management
floating IP
443
Any web browser

IP having access to
Management network
Any ephemeral port
4.2.2 Enterprise Administrator Web Server Interface Rules

Table 4-5
Operator Browser to PTT Server ( Enterprise Administrator Web Server) Interface Rules
Protocol
Browser to PTT
Server
Table 4-6
Destination
IP
Destination port
Any
ephemeral
port
Web server
floating IP
80
Any
ephemeral
port
Web server
floating IP
443
Source IP
Source Port
HTTP
Any web browser IP having

access to Web server network
HTTPS
Any web browser IP having

PTT server to Operator Browser ( Enterprise Administrator Web Server) Interface Rules
Protocol
PTT Server to
Browser
Source IP
Source
Port
Destination IP
Destination port
HTTP
Web server
floating IP
80
Any web browser IP having Any ephemeral port

HTTPS
Web server
floating IP
443
Any web browser IP having Any ephemeral port

4.2.3 MTAS Client and MTAS Interface on the PTT Server Interface
Rules
The MTAS client is an application in the operator network which provisions the Public Safety Long Term Evolution
Push-to-Talk (PTT) subscribers to the MTAS interface on the Public Safety System.
6871018P74A - OCT 2011
4-3
Table 4-7
MTAS client and MTAS Interface Rules

Protocol
MTAS client and

MTAS
Source IP
Source Port
Destination IP
Destination
port
TCP
Any IP having access

to Management network
(MTAS client)
Any ephemeral
port
Management IP
6827
TCP
Management IP
6827
Any IP having
access to
Management
network (MTAS
client)
Any
ephemeral
port
4.2.4 Operator SNMP Manager and the SNMP Interface on the PTT
Server Interface Rules
Table 4-8
Operator SNMP Manager and the SNMP Interface Rules

Protocol
GET/ SET/
GETNEXT SNMP
operations
Table 4-9
Destination port
Destination IP
Source IP
Source Port
UDP

to Management
network (SNMP
Manager)
Any ephemeral Management floating

port
IP
161, 8001,
8002
UDP
Management floating
IP
161, 8001,
8002
Any
ephemeral
port
Any IP having access to

Management network
(SNMP Manager)
SNMP Traps to SNMP Manager Interface Rules

Protocol
SNMP Traps to
Manager
UDP
Source IP
Management
floating IP
Source
Port
162
Destination IP
Destination port

to Management network
(SNMP Manager)
Any ephemeral port
4.2.5 TL1 Interface Rules

Following table is for accessing the Public Safety Long Term Evolution Push-to-Talk (PTT) system components
using TL1 interface.
4-4
6871018P74A - OCT 2011
4.2.6 SFTP Interface Rules
Table 4-10
TL1 Interface Rules

Protocol
Source IP
Source Port
Destination IP
Destination
port
TCP

Management network
Any
ephemeral
port
Management IP
2361, 2362
TCP
Management IP
2361, 2362
Any IP having
access to
Management
network
Any ephemeral
port
4.2.6 SFTP Interface Rules

This interface is used in synchronization operations in Public Safety Long Term Evolution Push-to-Talk (PTT)
system. Also used in access billing records and to bring in new software loads/patches for upgrades.
Table 4-11
SFTP Interface Rules

Source IP
Source Port
Destination IP
Destination
port
SFTP

Management network
Any
ephemeral
port
Management IP
22
SFTP
Management IP
22
Any IP having
access to
Management
network
Any ephemeral
port
Protocol
4.2.7 SSH Interface Rules

Following table is used for terminal access of the Public Safety Long Term Evolution Push-to-Talk (PTT) system
network elements.
Table 4-12
SFTP Interface Rules

Protocol
6871018P74A - OCT 2011
Source IP
Source Port
Destination IP
Destination
port
SSH

Management network
Any
ephemeral
port
Management IP
22
SSH
Management IP
22
Any IP having
access to
Management
network
Any ephemeral
port
4-5
Transferring Billing Data

The billing records are transferred in the following sequence:
1.
The CCSW sends Call Detail Records (CDR) to the BillingNBI application at the end of the call or
the activity.
2.
The BillingNBI application generates corresponding user data records and writes into a file in CSV format.
3.
Initially when the UDR file is created, it has *.inp extension. The inp extension is removed when the
UDR file is complete.
4.
After 2 minutes, the UDR files are archived to /cluster/amap directory. The UDR files are stored in this
directory for three days after which they are moved to /cluster/arch directory. The UDR files are stored
in this directory for five days.
6871018P74A - OCT 2011
5-1

Poc Net Ip Planning

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Poc Net Ip Planning

Caricato da

Copyright:

Formati disponibili

System Release 1.

PUBLIC SAFETY LTE

2011 Motorola Solutions, Inc. All rights reserved.

European Union (EU) Waste of Electrical and Electronic Equipment

Motorola Solutions Support Center ................................................................................................ xv

About Public Safety LTE Push-to-Talk (PTT) Network

Public Safety LTE

Public Safety LTE

Provides detailed procedures for operators/administrators responsible for

Public Safety LTE

Public Safety LTE

Provides a description of the Public Safety LTE Push-to-Talk (PTT) Software

Public Safety LTE

Resolution of Service Requests

Document banner definitions

General Safety Information

In sequences to be typed in, the angle brackets are omitted to avoid

General Safety Information

Ground the Instrument

Keep away from live circuits

Do not service or adjust alone

Use caution when exposing or handling the CRT

Do not substitute parts or modify equipment

Dangerous procedure warnings

Non-Disclosure and Assistance Information

PoC Security Information

Contacting Motorola Solutions Support

Contacting Motorola Solutions Support

North America Parts Organization

8004202210 (US and Canada Orders)

8006226210 (US and Canada Orders)

Help identifying an item or part number

8004224210 and select choice 3 from the menu

Ordering documents and CD-ROMs

The page number with the error

1.1 PTT Architecture Overview

6871018P74A - OCT 2011

Public Safety Long Term Evolution Push-to-Talk (PTT) System Architecture

6871018P74A - OCT 2011

1.1 PTT Architecture Overview

6871018P74A - OCT 2011

1.2 Public Safety LTE Push-to-Talk (PTT) Port

PTT PS Port Assignment Map

6871018P74A - OCT 2011

System Network Overview

6871018P74A - OCT 2011

6871018P74A - OCT 2011

1.2 Public Safety LTE Push-to-Talk (PTT) Port Assignment Map

Web server in PTT Solution

6871018P74A - OCT 2011

that card to drop.

6871018P74A - OCT 2011

1.2 Public Safety LTE Push-to-Talk (PTT) Port Assignment Map

The mentioned addresses are reachable from handset clients.

The mentioned addresses are reachable from all NNI servers.

6871018P74A - OCT 2011

This is the IP Address for signalling (SIP). This IP floats

The media (RTP/RTCP) on NMHOST01uses this IP

The media (RTP/RTCP) on NMHOST02 uses this IP

The signaling/ media network on the Public Safety Long

All the signaling/ media traffic to reach the clients (VoIP

This is a list of subnets that has access to the

6871018P74A - OCT 2011

The management network on the Public Safety Long Term