krish-sri avatar image
krish-sri asked ·

RingCentral Network Requirements - Extended


The purpose of this document is to provide RingCentral customers with customer site network requirements and recommendations to ensure that the RingCentral unified communications solution operates properly. These requirements include constraints for network capacity, quality of service, firewall configuration, and unsupported devices and configurations. Chapter 3 introduces the RingCentral Unified Communications Reference Architecture, which can be used to understand the context of the network requirements stated in later chapters.


The following acronyms are used in this document:

     ACL - Access Control List

     ALG - Application Layer Gateway

     BW - Bandwidth

     BWH-Data - Headroom bandwidth for data traffic

     BWH-Video - Headroom bandwidth for data traffic

     BWH-VoIP - Headroom bandwidth for VoIP traffic

     BWM-Data - Maximum bandwidth needed for data traffic

     BWM-Video - Maximum bandwidth needed for video traffic

     BWM-VoIP - Maximum bandwidth needed for VoIP traffic

     BWR-Data - Bandwidth required for date traffic plus headroom for future growth

     BWR-Total - The aggregate bandwidth required for VoIP, video, and data traffic

     BWR-Video - Bandwidth required for video traffic plus headroom for future growth

     BWR-VoIP - Bandwidth required for VoIP traffic plus headroom for future growth

     DHCP - Dynamic Host Configuration Protocol

     DMZ - Demilitarized Zone

     DPI - Deep Packet Inspection

     DSCP - Differentiated Services Code Point

     DSL - Digital Subscriber Line

     EF - Expedited Forwarding

     GW - Gateway

     HD - High Definition

     HQ - High Quality

     IP - internet Protocol

     ISP - internet Service Provider

     ISP-WAN-CAP - Capacity required on the ISP WAN link for data plus VoIP traffic

     ICMP - internet Control Message Protocol

     ITSP - internet Telephony Service Provider

     LAN - Local Area Network

     M-Video - Expected maximum number of concurrent video calls

     M-VoIP - Expected maximum number of concurrent VoIP calls

     ms - Milliseconds

     NTP - Network Time Protocol

     PoE - Power over Ethernet

     PSTN - Public Switched Telephone Network

     QoS - Quality of Service

     RTP - Real-time Protocol

     SIP - Session Initiation Protocol

     SPI - Stateful Packet Inspection

     TCP - Transport Control Protocol

     UDP - User Datagram Protocol

     VLAN - Virtual LAN

     VoIP - Voice over IP

     VQ - Voice Quality

     WAN - Wide-Area Network

     WiFi - Set of standards for wireless communication

Unified Communications Reference Architecture

Figure 1 provides the Unified Communications Reference Architecture for RingCentral. The top of the diagram indicates the call control function, a media server function, and carrier telephony interfaces. This functionality is implemented in two data centers. No details are provided of this functionality, because they are not important for the customer-site requirements stated in this document. The figure provides representative sample designs of customer sites.

The functionality in the Reference Architecture is color-coded as follows:

  • RingCentral provided functionality including call controller, voice and video media servers, and carrier interfaces are illustrated in orange. Note that customers sometimes retain existing desk phones, in which case it cannot be designated as RingCentral provided.
  • Customer functionality is blue.

A customer network may include one or more of the following functional components:

  • Firewall: Allows TCP and UDP port control, Access Control List (ACL) or port triggering (opening of ports for the time needed to exchange information with a remote server). The firewall includes a Wide-Area Network Interface that may be of Ethernet, DSL, or cable modem type.
  • Router: Provides routing(advertisements of IP networks), packet forwarding, ping and traceroute ICMP support and may support packet prioritization, bandwidth management, and Smart Packet Inspection.
  • Ethernet Switch: Performs Ethernet frame switching, and may support configuration of VLANs, control of Ethernet ports, Power over Ethernet (PoE), and Green Ethernet.
  • Desktop Telephone: The phones perform two main functions:
  1. Call Control: Registration, call set up, call control, and call tear down, and user interface call progress indications and call-handling features.
  2. Voice Processing: Analog-to-digital and digital-to-analog conversion, sidetone injection, voice framing, jitter buffering, echo cancellation, speaker and microphone functionality.
  • Computer: May be serialized with the phone and run the RingCentral for Desktop softphone, RingCentral Meetings,or many other types of RingCentral API plug-ins (Google, Salesforce, Zendesk, etc.).

(click to enlarge)

Implementation variations that may occur at customer sites are:

  • One or multiple ISP WAN links (not illustrated in the figure).
  • One or more firewalls may be present, e.g., to demarcate a DMZ.
  • The Wide Area Network interface, firewall, router, and switch may be implemented as:
- Individual devices. This implementation is used at larger enterprise sites.

- Integrated into fewer or even into a single modem device. In the latter case it is referred to as an all-in-one modem, as a (DSL or cable) modem, or as a router. All-in-one modems are typically only used at small customer sites.

  • One or more levels of routers or Ethernet switches may be present. This is typically the case at large enterprise sites.
  • Sites may have desk phones, softphones, application integrated dialers (e.g.,for Google Chrome) or a combination thereof depending on user needs.
  • Computers running RingCentral applications may or may not be serialized with desk phones.

A full-featured all-in-one modem device has a (DSL or cable) network interface, and router and firewall capabilities. Such a device may connect to the customer network switch. It may also be configured to operate in bypass mode. In bypass mode, a separate firewall and router located behind the modem are provided to provide more advanced firewalling and routing capabilities.

In general, customer network implementations are site dependent. For example, large offices will have a more advanced firewalling, routing, and switching architecture than small branch-office sites. Also, the number and type of phone is more likely to vary at larger sites.

Voice and video calls can be made between phones at a single customer site via the internet, between phones at different customer sites via the internet,involve a Media Server (e.g., for conference calls or to store/retrieve voice mail), or calls may connect to an ITSP or PSTN gateway. The Call Controller registers the phones and handles call orchestration between the various components. To support these types of calls:

  • Call control connectivity must exist between the local VoIP LAN at the customer site,the internet, and the RingCentral Call Controller.
  • Media path connectivity must exist between the VoIP LAN at the customer site, the internet,the Media Server, and to the ITSP and PSTN gateway.

Required and Recommended Devices and Configurations

RingCentral requires that the customer network supports a minimal set of features to ensure a high-quality VoIP service: 

Tested Routers:

A set of WAN routers has been validated to work properly with the RingCentral VoIP service. The list of routers that have been tested can be found at It is recommended to use these routers.

Other firewalls and routers have not been tested in an end-to-end RingCentral VoIP solution and may or may not work properly.

Traffic Prioritization:

RingCentral hard- and softphones use Differential Services Expedited Forwarding, EF [46], marking for VoIP and video signaling and media packets. In this way, routers in a customer network prioritize these types of traffic over data traffic.

For reliable media traffic transport, all customer network IP routers must support and enable QoS: routers need to be configured such that VoIP and video traffic is handled with Expedited Forwarding (EF) DSCP 46.

More specifically, to ensure proper call connectivity, and voice and video quality, QoS traffic prioritization must be configured for both inbound and outbound traffic of the following types:

  • Signaling SIP/UDP
  • Media RTP/UDP
  • Media Secured SRTP/UDP

This must be configured for the port ranges indicated in all firewall port tables in section 6.1.

Bandwidth Management: 

If routers support bandwidth management, then it is advised to enable this feature and set the bandwidth dedicated for VoIP traffic to the number stated in chapter 7.


If VLANs are supported by network switches, then it is recommended (but not required) to define a VLAN specifically for VoIP and video traffic to logically separate these types of traffic from data traffic. This simplifies management of the unified communications infrastructure.

Unsupported Devices

Some types of device, device configurations, and network configurations are not supported by the RingCentral unified communications solution, as they are known to cause continuous or intermittent voice quality issues.

Unsupported Devices:

RingCentral does not support use of any of the following devices and network configurations to provide VoIP service:
  • Load Balancers routing VoIP traffic concurrently across more multiple WAN links
  • WAN Accelerators

Use of load balancers can cause out-of-order packet arrival, which can result in intermittent or continuous voice quality issues. WAN accelerators use compression and data duplication to reduce generated traffic. For VoIP, this can lead to packet loss and extra jitter.

Device Configurations:

For proper support of the RingCentral VoIP service, the following device settings must be disabled on routers, firewalls, and Ethernet switches:

  • Session Initiation Protocol Application Layer Gateway(SIP ALG)
  • Deep Packet Inspection (DPI)
  • Stateful Packet Inspection (SPI)
  • WAN Acceleration
  • SIP Transformation on SonicWall Security Appliance
  • Green Ethernet for power saving

Note that the enabling these device settings may result in intermittent call problems related to phone and call connectivity (phone registration or call feature operation) or excessive voice quality impairments (high latency and jitter).

Firewall Access

To allow call control and media path connectivity, outbound and inbound firewall ports must be opened between the internal customer network and the ISP WAN for the following applications:

  • Telephone provisioning and registration
  • Call control (SIP signaling)
  • RTP media
  • Auxiliary services (NTP and Directory Services)
Firewall Ports:

The next tables summarize the TCP and UDP ports to be opened in firewalls and routers at the customer site by using either port triggering or configuration of Access Control Lists (ACLs). For ACLs additional requirements are stated in section 6.2.

The customer firewall ports directions mentioned in the table are defined from the perspective of the customer site:

  • Source Port: The port used by the hard/softphone.
  • Destination Port: The port used on the public ISP WAN after firewall NAT traversal.

The type of phone to which the table pertains is indicated at the bottom of each table. Customer sites may only deploy particular phone types (hard phone, softphones, or both. Ports need to be opened depending on the types of phone deployed. In all tables, signaling traffic includes SIP messaging and registration of the phones.

There are no separate ports necessary for Busy Lamp Appearance. BLA uses the signaling ports and uses standard SIP NOTIFY packets.It will use whatever ports all the other messages are using (INVITE, BYE, REGISTER, etc.).

(click to enlarge)

(click to enlarge)

(click to enlarge)

Access Control Lists

Enterprise-level routers and firewalls usually support Access Control Lists (ACLs) of which the rules can be configured to allow or deny inbound or outbound network traffic based on a combination of IP address and port numbers:

  • Inbound: if from RingCentral (IP address, port number) X, then allow
  • Outbound: if to RingCentral (IP address, port number) X, then allow

where the IP addresses are specified below and the port numbers are specified in the previous tables. Use of any / any ACL rules must be avoided to allow opening too many ports.

To allow inbound and outbound traffic, for signaling and media traffic the ACLs must be set to the next IP origination and destination IP address ranges:



  • CIDR notation /21 corresponds to a netmask of
  • CIDR notation /22 corresponds to a netmask of
Bandwidth and LAN/WAN Link Capacity Determination

Several artifacts need to be collected to be able to calculate the bandwidth needed for VoIP, Video over IP, and data traffic at a given customer site. The results of the calculation can be used to determine the capacity needed for the LAN links and the ISP WAN link.

VoIP Traffic Bandwidth 

The following procedure can be used to determine the required VoIP bandwidth across the ISP WAN link and LAN links:

1.  Determine the maximum number of simultaneous calls, M-VoIP, at the customer site. This number may be smaller than the number of telephones deployed at the customer site. Solutions used with call centers will result in a higher maximum number of simultaneous calls compared to remote office operation and may be equal to the number of deployed telephones phones. The M-VoIP number can be obtained in various ways depending on whether the VoIP solution superseded a previous(non-)VoIP solution and on the specific use of the solution:

  • Replaced Legacy Telephony Solution: In this case, a previous telephony solution(PBX, Centrex, or other vendors VoIP solution) was present before the RingCentral system was installed. The maximum number of simultaneous calls BWM-VoIP can be determined if call logs are still available.
  • Completely New VoIP Solution: In this case, no history information is available to determine the number of voice calls that will be made from/to the site and the RingCentral solution has not been operational long enough to determine the maximum number of simultaneous calls. Determine the number or hard/softphones that will be deployed at the site by interviewing the customer or obtaining the information from the Network Information spreadsheet filled out by the customer. A representative percentage of this number should give the expected maximum number of simultaneous calls that will be made to/from the site.
  • Operational RingCentral Solution: In this case, the RingCentral VoIP solution has been operational (ideally) for several weeks. Determine from the RingCentral Admin Web application or the RingCentral Service Web interface call log the maximum number of simultaneous calls BWM-VoIP that occur at the site by examining the call logs over a representative number of business days.

2.  Take into account that RingCentral Mobile softphone applications may be used as well. Mobile apps can be used in two ways:

  • On the customers Wi-Fi network. In this case, it will affect the required ISP WAN link capacity. Therefore, the maximum number of mobile applications using Wi-Fi needs to be known and be included in M-VoIP.
  • On public mobile phone network. With this option, the customer network bandwidth calculation on the customer network is not directly affected.

3.  Calculate the bandwidth for each call direction, BWM-VoIP, based on the maximum number of simultaneous calls as:

BWM-VoIP = M-VoIP x100 kbit/s

The 100 kbit/s bandwidth includes signaling and media traffic.

4.  To accommodate future growth of the user population at the customer site, add some headroom (BWH-VoIP) for VoIP calls. It is useful to configure some headroom to prevent frequent changes in either Bandwidth Management or the ISP interface capacity required. Use a factor of 10% of the number of simultaneous calls in cases where the expected growth is unknown.

5.  The required bandwidth in each direction, BWR-VoIP, to carry VoIP traffic on a customer network on each LAN link and the WAN link,is given by:


Video Traffic Bandwidth: 

RingCentralMeeting users may use different communication options:

  • Two-party sessions or group sessions involving at least three parties.
  • If a user does not join the audio portion of a RingCentral Meetings session but calls in via a separate phone connection, then no audio is transferred (transmitted/received) on the users PC. However, video is still transferred.

The bandwidth used for the RingCentral Meetings application depends on the communication mode:

  • The total audio bandwidth used is similar for a phone (100 kbit/s) orPC joining (60 kbit/s) a RingCentral Meeting session. The differences are due to the used audio codecs.For bandwidth calculations, 100 kbit/s should be used for transmit and received direction(see also group audio conferencing below).
  • Group audio conferencing:
          - Transmit: 100 kbit/s
          - Receive: 100 kbit/s

  • Two-party HQ video calls:
  • Transmit: 600kbit/s
  • Receive: 600kbit/s
  • Two-party HD video calls:
  • Transmit: 2 Mbit/s
  • Receive: 2 Mbit/s
  • Group HQ video calls:
  • Transmit: 600kbit/s
  • Receive: 2 Mbit/s

The following procedure can be used to determine the required Video over IP bandwidth across the ISP WAN link:

1.  Determine the maximum number of simultaneous video calls, M-Video, at the customer site. This number may be smaller than the number of users at the customer site.

2.  Calculate the bandwidth for each call direction, BWM-Video, based on the maximum number of simultaneous calls as:

BWM-video = M-video x 2.1 Mbit/s

The 2.1 Mbit/s bandwidth used in the calculation assumes that all users used HD video and that a separate audio connection is used for audio. 

3.  To accommodate future growth of the user population at the customer site, add some headroom (BWH-Video) for video calls. Use a factor of 10% of the number of simultaneous calls in cases where the expected growth is unknown.

4.  The required bandwidth in each direction, BWR-Video, to carry video traffic on a customer network on each LAN link and the WAN link, is given by:

BWR-Video = BWM-Video + BWH-Video

Data Traffic Bandwidth:  

The following procedure can be applied to determine the bandwidth for data traffic on each LAN/WAN link used to carry VoIP traffic:

  • Measure the current maximum amount of data traffic bandwidth, BWM-Data, on the physical links that are also traversed by VoIP and video traffic.
  • Add some extra bandwidth headroom(BWH-Data) to ensure that future growth of data traffic is accommodated.
  • The possible data traffic bandwidth on a given LAN/WAN link is:
BWR-Data = BWM-Data + BWH-Data

Total Required Bandwidth:

The total required bandwidth on LAN links and WAN link is equal to

BWR-Total = BWR-VoIP + BWR-Video = BWR-Data

Note that this number may vary per link.

LAN and WAN Link Capacity:

Using the calculated total bandwidth, BWR-Total, the required capacity, ISP-WAN-CAP on the ISP WAN link at a customer site can be determined. If the required bandwidth for BWR-Total, is smaller than the capacity provided by the ISP, then it is clear that the ISP WAN link capacity must be increased to at least the BWR-Total to provide enough bandwidth to support all traffic. If not enough capacity is available, then additional capacity needs to be purchased by the customer from the ISP.

A similar capacity assessment procedure can be used to determine the required capacity or any LAN link inside the customer network which carries VoIP, video and data traffic.


For more information on the RingCentral unified communications solutions, please consult:


1 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

0 Answers

· Write an Answer

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Customer Spaces