This section examines the role of physical separation in the provision of reliable and secure links for real-time traffic.

In many cases equipment can be directly connected together without being also plugged into the campus LAN directly. This can be especially beneficial when equipment is dedicated to a task – such as videoconferencing equipment – that operates stand-alone, i.e. is not part of a desktop PC used for normal network access/applications.
Direct physical connection of the equipment can be arranged to a suitable point, usually to a dedicated switch or even directly connected to the SAR (Site Access Router). The actual topology will depend on a number of factors such as the equipment available, the distance between equipment and the topology that will be most beneficial for the type of traffic involved.

Providing dedicated physical links to distant equipment would previously have necessitated the installation of dedicated cable runs from source to destination. With the advent of structured cabling installation, this process has become far simpler. It is still dependent, however, on the availability of cables between patch panels and the overall distance between equipment — Fast Ethernet limits cable length to about 100 metres. The Welsh Video Network used physical separation of equipment in their deployment of studios across Wales. Not all studios could be directly patched, but those that could were connected to a dedicated switch directly connected to the SAR (see Figure 6 (below) for details). This topology lets the H.323 traffic bypass the core of the network, so avoiding any potential campus network issues impacting on H.323 videoconferences. It also allows work to be done on the campus network without impacting on scheduled videoconferences. Figure 6: Physical separation.A number of refinements can be made to this topology if, as in the case with the Welsh Video Network, the gatekeeper is also capable of proxying H.323 traffic. To increase security, and in those cases where sites may wish to use private IP address space for videoconferencing endpoints, the gatekeeper/proxy can be moved to be in line between the switch and the site access router, as in Figure 7 (below).

It would also be possible to put a switch between the site access router and the gatekeeper/proxy. In the scenario above there would be little benefit, but this can be useful if you need to connect into the campus network.

Figure 7: Dual-homed gatekeeper/proxy.