Architecture Essentials
- SBCs front all trunks; terminate TLS/SRTP; enforce topology hiding
- Redundancy with active/active or active/standby trunks across ISPs
- QoS marking (DSCP EF) and bandwidth reservations for media
- Failover using SIP timers, circuit retries, and carrier-diverse routes
Codec Planning
- G.711 for quality; G.729 for constrained WANs
- Prefer Opus for modern endpoints; ensure transcoding capacity
- Standardize packetization timers and jitter buffers
Security Hardening
- Use TLS for signaling and SRTP for media end-to-end
- Restrict source IPs and enforce SIP authentication
- Rate-limit registrations; detect and block toll fraud patterns
- Segment voice VLANs; isolate management interfaces
Operations & Monitoring
- Track MOS, jitter, packet loss, and post-dial delay
- Alert on call failures by cause codes; review CDRs
- Run synthetic tests across all routes regularly
Talk to a Voice Engineer Explore SIP Trunking
