Contents
Introduction
ICE System Components
Third Party Kubernetes Components
Architectural Design Goals
Simplified System Diagram
ICE OS
LinuxKit
Kubernetes
Benefits of Kubernetes
Drawbacks of Kubernetes
Kubernetes Deployment Models
On-Prem or Cloud-Hosted
Single Node Cluster (ICE OS)
Multi-Node Cluster
Loss of a Data Center
Distribute the nodes of a single cluster between data centers
Create two clusters and configure Instant Connect to replicate data between them
Choosing a deployment model
IP ports used by the system
Ports used by ICE Telephony
Ports used by external static reflectors and patch servers
Cluster load balancing
Geographic Redundancy
Single Cluster Georedundancy
Multi-Cluster Georedundancy
Cluster Partitioning
What happens to audio?
Problems associated with long-lasting partitions
ICE Server
Client Connections to ICE Server
Client Connection Process
Determination of User Presence
Determination of User Location
Client Reconnection Behavior
Establishing an initial connection
Detecting a connection interruption
Reconnecting after a connection interruption
Special considerations for ICE Desktop for Web
Application Limitations
Browser Limitations
Use of Older Browsers
Mobile Browsers
HTTPS is Required
Connection Limitations
Rallypoint Failover
Certificate Concerns
ICE Server architecture
Messages
Services
Models
Tactical and Enterprise Modes of Operation
Sharing User Presence in Tactical Mode
Mission File Format Specification
Mission Object
Meta object
Group object
Address object
Transmit audio object
Presence object
Rallypoint object
Host object
Serialization Specification
Automatic Mission and Group ID Generation
ICE Media Engine
Encryption
Symmetric Encryption
Asymmetric Encryption
Symmetric Key Derivation
Traffic Encryption
Required Network Quality of Service
Network Bandwidth Considerations
Packet Streams
Multicasting
Unicasting with Rallypoints
Bandwidth Calculations
Packet Structure
A Variety Of CODECs
Packet Overhead
Packet headers
Encryption overhead
Packet Framing
Comparing UDP and TCP
Bandwidth Utilization Tables
Unicast (Rallypoint) Bandwidth Utilization
Multicast Bandwidth Utilization
Rallypoint Meshing
Satellite Server Components
Satellite deployment models
Leader election
How a Member Server is Elected Leader
Ballot messages
Ballot delivery
Rallypoint
IGMP Multicast
Choosing a Leader
Quorum
None
Majority
N minus 1
Election Priority and Out-of-Service
Interpreting election results
Election State Descriptions
active
standbyOutOfService
standbyQuorumNotAchieved
standbyGettingReady
standbyNotWinner
Additional Statuses Displayed in the User Interface
Special considerations
Date and time synchronization
Loss of connection to ICE Server
ICE Agent
ICE Rallypoint
Rallypoint Meshing
A Note About Peer Rallypoint Peer Connections
Federated Peers
Virtual IPs
ICE Gateway
Interface with a Call Manager
Call Setup with ICE Clients
ICE Patch Server
Patch Limitations
Preventing Audio Loops
Audio Bridging
External Patch Server Deployment
ICE Static Reflector
External Reflector Deployment
A Word about Multicast Interfaces
Multicast and Docker
ICE Operations
Contents
Introduction
ICE System Components
Third Party Kubernetes Components
Architectural Design Goals
Simplified System Diagram
ICE OS
LinuxKit
Kubernetes
Benefits of Kubernetes
Drawbacks of Kubernetes
Kubernetes Deployment Models
On-Prem or Cloud-Hosted
Single Node Cluster (ICE OS)
Multi-Node Cluster
Loss of a Data Center
Distribute the nodes of a single cluster between data centers
Create two clusters and configure Instant Connect to replicate data between them
Choosing a deployment model
IP ports used by the system
Ports used by ICE Telephony
Ports used by external static reflectors and patch servers
Cluster load balancing
Geographic Redundancy
Single Cluster Georedundancy
Multi-Cluster Georedundancy
Cluster Partitioning
What happens to audio?
Problems associated with long-lasting partitions
ICE Server
Client Connections to ICE Server
Client Connection Process
Determination of User Presence
Determination of User Location
Client Reconnection Behavior
Establishing an initial connection
Detecting a connection interruption
Reconnecting after a connection interruption
Special considerations for ICE Desktop for Web
Application Limitations
Browser Limitations
Use of Older Browsers
Mobile Browsers
HTTPS is Required
Connection Limitations
Rallypoint Failover
Certificate Concerns
ICE Server architecture
Messages
Services
Models
Tactical and Enterprise Modes of Operation
Sharing User Presence in Tactical Mode
Mission File Format Specification
Mission Object
Meta object
Group object
Address object
Transmit audio object
Presence object
Rallypoint object
Host object
Serialization Specification
Automatic Mission and Group ID Generation
ICE Media Engine
Encryption
Symmetric Encryption
Asymmetric Encryption
Symmetric Key Derivation
Traffic Encryption
Required Network Quality of Service
Network Bandwidth Considerations
Packet Streams
Multicasting
Unicasting with Rallypoints
Bandwidth Calculations
A Variety Of CODECs
Packet Overhead
Packet headers
Encryption overhead
Packet Framing
Comparing UDP and TCP
Bandwidth Utilization Tables
Unicast (Rallypoint) Bandwidth Utilization
Multicast Bandwidth Utilization
Rallypoint Meshing
Satellite Server Components
Satellite deployment models
Leader election
How a Member Server is Elected Leader
Ballot messages
Ballot delivery
Rallypoint
IGMP Multicast
Choosing a Leader
Quorum
None
Majority
N minus 1
Election Priority and Out-of-Service
Interpreting election results
Election State Descriptions
active
standbyOutOfService
standbyQuorumNotAchieved
standbyGettingReady
standbyNotWinner
Additional Statuses Displayed in the User Interface
Special considerations
Loss of connection to ICE Server
ICE Agent
ICE Rallypoint
Rallypoint Meshing
A Note About Peer Rallypoint Peer Connections
Federated Peers
Virtual IPs
ICE Gateway
Interface with a Call Manager
Call Setup with ICE Clients
ICE Patch Server
Patch Limitations
Preventing Audio Loops
Audio Bridging
External Patch Server Deployment
ICE Static Reflector
External Reflector Deployment
A Word about Multicast Interfaces
Multicast and Docker