With the recent release of Cloud Connector v2 there’s some great new features and updates to CCE so wanted to summarise the Skype academy video. There’s tons of useful information in here so hope you find it useful.
CCE v2.0.0 was released and straight after Microsoft provided some great content and learning on what’s new. Thanks Microsoft for very speedy information to the community. Check out the resources at bottom of post as well.
Useful links on great info on CCE v2
CCE manual download here
Skype Academy video link here
Lets start the video, the session is presented by Carolyn Blanding from Microsoft
Usual training disclaimer on Office 365 being subject to change and this ther July 2017 edition.
Also a member of extended hybrid voice team and working with developers on CCE since the first release.
CCE v2 bring media bypass ! wohooo
(Great link on Media bypass planning for CCE here
support for 16 CCEs in one pstn site up from 4 ! it now has 4x capacity !
This session assumes you already know about CCE and have an understanding on deployment and management if not there’s a link on further learning here http://aka/ms/sa-cce
What’s new in CCE V2 ?
Wow what a list !!!
- Media bypass
- support for 16 CCEs per one pstn site
- ability to manipulate sip headers for billing and interop
- Hybrid voice flag in mediation server agent for CQD
- Disable SSL 3.0 by default
- automatic installation of .NET 4.5.2 which is dependency on current SfB
- New Cmdlets
More details on each further on. Lets breakdown.
This was top ask from customer
by removing mediation server in path for media we can improve voice quality and reliability by reducing latency, packet loss and points of failure
also reduce number of CCE to support greater number of voice streams
Media bypass requirements
CCE V2 deployed at all sites
tenant admin is required to enable media bypass feature in office 365 tenant this is not enabled by default
media bypass enablement needs to be replicated from office 365 to all CCEs
DNS must be configured to allow client resolution for the media bypass service url
Currently only supported version for CCE media bypass is office 365 pro plus click to run 32 and 64bit version 16.0.7870.2020 or later.
Microsoft Office MSI is not supported ! this again show new features are coming cloud first and the push to move your office installs to office 365 pro plus.
More info on Media bypass with CCE
Plan – https://technet.microsoft.com/en-us/library/mt808733.aspx
Deploy – https://technet.microsoft.com/en-us/library/mt808734.aspx
16 Cloud Connectors appliance per site
previously there was support for 4 CCES per PSTN site in a N+1 config where one CCE was was reversed for HA. Each CCE could support 500 simultaneous calls so totalling 1500 simultaneous calls per pstn site.
Now with 16 CCEs per pstn site in N+1 it provides 7,500 simultaneous calls and that’s without media bypass !!
This means can support more sim calls in single pstn site, for example before V2 if a company needs to support 5000 calls in one DC where CCE is deployed previously they would need to setup 4 pstn sites and split users across pstn sites even though all CCEs were physically located on the data centre, by supporting 7500 its reduced the requirement for more pstn sites and users dont have to be split up. Makes its easier to manage.
Modify SIP headers in CCE V2
Prior to v2 the only way to modify sip[ headers was administrators connecting to mediation servers and modifying sip trunk setting but during upgrades the settings while lost. CCE updates then had to set to manual, CCE then updated and then setting configured back again.
This is now persistent and the following settings if changed are kept during CCE upgrades.
Enablefastfailover timer – default is true, when true the 183 progress must return in 10 seconds. Certain network conditions has caused this to not response in 10 second so this can be set to false.
Forward call history – default is fales, history info useful in sim ring and call forward and refereed by useful for call transfer, this is useful for billing purposes and caller id purposes when sbc to replace caller id.
Forward PAI – default false, when true the P asserted identity headers with sip and tel uri from cce mediation to sip trunks. used when call history not available. please see url below for more info.
Hybrid Voice flag in mediation server agent
Set to unique flag so CCE calls can be easily identified from calls placed by other trunks. The user agent was previously reported as “Mediation Server” which is indistinguishable from other SfB Trunks.
Now it shows unique CCE-MediationServer example above show version number as well.
Examples in online reporting.
This is Call analytics preview in sfb admin centre, in this example a user search is done and a call is selected.
Alex is an online user and Alex uses CCE for PSTN calls, under systems you can see the mediation server that part of CCE, and under user agent we see CCE mediation server agent.
Lets look at session details
searched for Alex again and we can see CCE mediation server agent.
if you look before CCE v2 you will see the old Mediation Server
Disable SSL 3.0 by default
CCE does not use SSL and does not require SSL enabled. Please url for security advisory and recommendation on disabling when not needed.
.Net Framework 4.5.2
.NET Framework 4.5.2 will auto install and is a dependency for CCE v2
CCE host must always have internet connectivity and it required this to download 4.5.2 to host machine so its available.
Admins of large deployments can prepare the vhds with .Net 4.5.2 to speed up deployment times. to do this admins can use convert-ccisotovhdx cmdlet and use pause before update switch this allows admin to connect to base vm and install windows updates and .NET 4.5.2 on the base vhd.
New Cmdlets – Online
The new cmdlet are added to SfB Online one for media bypass and two on network. Please refer.
New Cmdlet – CCE Host
On the CCE Host there is also a new Cmdlet
Used to update configuration, if you update CCE config file. cloudconnector.ini after changes you must use import-ccconfiguration. It does auto run but still best practice after any manual change to use the cmdlet.
Example if you you change config file to use WSUS server.
- Skype for Business administrator role instead of global administrator
- Reduce number of passwords needed when deploying CCE
- user corporate network switch instead of management switch for most tasks
- improvement to auto detection
- change cmdlets
Let breakdown each one
Skype for Business Administrator Role
CCE requires an O365 tenant admin account to manage CCE services online, prior to V2 this required an account that was a global administrator.
With V2 its supported to use a tenant admin account with Skype for Business administrator role is sufficient for managing CCE services online.
If password expiry is set you need to use set-cccredential to update credentials.
To reduce password for CCE in V2 and reduce complexity.
In V2 the following password will be requested
- CCEService – used for CCE service account and domain admin, VMAdmin
- CABackupFile – used to import Root CA when deploying appliances
- ExternalCert – used to import Edge certificate when deploying appliances
- TenantAdmin – used to deploy and maange CCE Online
Note CCEService and CABackupfile must be the same for all CCE per site.
Corporate Management Switch
previously we used the cce management switch for all connectivity between host and vms for PowerShell. feedback to customer was that this was great as it caused network disrupts.
CCE v2 now reduces the amount or connections and disconnections, now only used for new deployment or upgrade.
The SfB CCE Corpnet switch will not be used which reduces the number of connections and disconnections. search of clslogging will now be alot faster as network connections are already established.
Since corpnet switch is used now the network adapter bound the cce corpnet network switch must have an ip address assigned in the same subnet as the CCE corporate network. This can be an alternative ip address. before the management switch was matched on the same subnet.
Improvements to Auto Detection
- There has been some updates to auto detection for CCE recovery to avoid call failures.
- In HA we want to mark any appliance that is down to avoid issues and call failures
- Maintenance you have to out CCE in maintenance mode so its doesn’t.
- All server roles are monitored
Cmdlet Updates – Online
cannot be set from false to true.
with CCE a online dial plan is a hard requirement
Updates to Get-CsHybridPSTNAppliance
Cmdlet Updates – CCE Host
PowerShell verb update from renew-cc to update-cc
You can change domain admin or vmadmin using set-cccredentials as above.
Upgrading to V2
For customer with CCE already deployed to new build
Supported path from version 1.4.2 to version 2 if auto update available then it will autoupdate at scheduled update window.
Manual update process is available if autoupdate disabled.
InPlace upgrades are NOT Supported with version BELOW 1.4.2
In this case you need to unregister appliance, uninstall appliance and deploy new CCE.
To confirm CCE several ways, hyper v console, remote PowerShell and SfB admin centre. more details above.
Update Cloud Configuration File
when upgrading to V2 you need to update cloud connector configuration file with the new sip header setting to cloudconnector.msi.
Copy three lines from sample file
paste into your file, save and import.
If advanced notice is possible or more likely to have auto upgrade off due to trunk config you can modify trunk config file prior to v2 upgrade.
1.4.2 did not prompt for CABackup pasword the domain admin password was used and its used to encrypt root CApassword. It must be the same for all appliances,
If different domain admin password may be in place if password changed after deployment. You can use the get-cccredential. if you have this the steps are listed above.
from 1.4.2 we don’t prompt for CCEService password the VMAdmin password aka local admin password will be used for cce service password. This password needs to to be same so best to confirm password are the same across all appliances.