Presentation on theme: "Real Time Communications Protocols and Applications Tyler Johnson Acting Director Telecommunications R&D."— Presentation transcript:
Real Time Communications Protocols and Applications Tyler Johnson Acting Director Telecommunications R&D
Full Service VVoIP Architecture Gateway Farm Gatekeeper Cluster MCU Farm Messaging Servers PSTN Trunks H.323 FABRIC Endpoints Services Embedded, Distributed, Load Balancing NT / Unix / VxWorks Embedded, Distributed, Load Balancing NT / Unix / VxWorks Embedded, Distributed, Load Balancing NT / Unix / VxWorks Win2000 Cluster Management Server (Directory Services) Unix
What is RTC ? Voice Video Instant Messaging Presence Data Collaboration Any network, any device
H.323 Protocol Stack Physical Layer Link Layer Network Layer (IP) UDP TCP RTP G.711 G.728 H.261 H.263 RTCPRASH.225H.245T.120 AudioVideoTerminal Control and ManagementData
Audio Codecs ITU G.7x series –G.711 64 kbs PCM (only required codec) –G.723 –G.728 Transcoded in gateways –but why ?? Physical Layer Link Layer Network Layer (IP) UDP TCP RTP G.711 G.728 H.261 H.263 RTCPRASH.225H.245T.120 AudioVideoTerminal Control and ManagementData
Video Codecs ITU H.26x series codecs –H.261 (most common) –H.263 DCT-based algorithms Typical speeds (-64kbs audio) –384 kbs –768 kbs –1536 kbs –1920 kbs Physical Layer Link Layer Network Layer (IP) UDP TCP RTP G.711 G.728 H.261 H.263 RTCPRASH.225H.245T.120 AudioVideoTerminal Control and ManagementData
RTP / RTCP Real-time Transport Protocol –Time stamps in packets allows stream re- assembly Real-time Control Protocol –Feedback channel to RTP server UDP for media streams Physical Layer Link Layer Network Layer (IP) UDP TCP RTP G.711 G.728 H.261 H.263 RTCPRASH.225H.245T.120 AudioVideoTerminal Control and ManagementData
H.245 Media Control Capabilities Exchange –Handshake to determine supported codecs Physical Layer Link Layer Network Layer (IP) UDP TCP RTP G.711 G.728 H.261 H.263 RTCPRASH.225H.245T.120 AudioVideoTerminal Control and ManagementData
RAS Registration, Admission and Status Registers endpoint with gatekeeper Version 2.0 –h323-ID –dialedDigits –URL-ID –transportID –email-ID –partyNumber –mobileUIM Physical Layer Link Layer Network Layer (IP) UDP TCP RTP G.711 G.728 H.261 H.263 RTCPRASH.225H.245T.120 AudioVideoTerminal Control and ManagementData
H.225 Call control –Initiate –Setup –Tear down Derived from Q.931 –ASN.1 coding in payload Physical Layer Link Layer Network Layer (IP) UDP TCP RTP G.711 G.728 H.261 H.263 RTCPRASH.225H.245T.120 AudioVideoTerminal Control and ManagementData
T.120 Data Collaboration –Screen scraping (limited bit depth) –Shared Mouse De facto NetMeeting T.120 server to scale up Dissatisfaction Out of band D/C Physical Layer Link Layer Network Layer (IP) UDP TCP RTP G.711 G.728 H.261 H.263 RTCPRASH.225H.245T.120 AudioVideoTerminal Control and ManagementData
For Decision in 2000 Annex C “H.323 on ATM” Annex D “FAX over H.323” Annex E “Multiplexed Call Signaling Transport” Annex F “Simple Endpoint Type” Annex G “Text Conversation and Text Set” Annex H “User and Service Mobility” Annex I “Terminal Mobility” Annex J “Security for SET” Annex K “HTTP based Service Control” Annex L “Stimulus Signaling” Annex M.1 and M.2 “Tunneling of QSIG and ISUP“ Annex O “H.323 URL” H. 3 2 3 H.323 Annexes
H.323 URL Annex O Editor: Orit Levin, RADVision Form h323:firstname.lastname@example.org Enables clickable dialing Eliminates dial plan routing issues Will be the primary served object for white pages
Security H.235 Security and Encryption –Annex D UserID / password pair Hop by hop authentication –Annex E PKI Endpoint to endpoint authentication –Requires both gatekeeper and endpoint support
In-Zone Dialing EP1 EP2 GK1 EP1 dials 3333 2222 3333 GK1 establishes call to EP2 Media streams flow between endpoints Call control flows through gatekeeper
Inter-Gatekeeper Communication EP1 EP2 GK1 GK2 EP1 dials 3333 2222 3333 GK1 LRQs to GK2 for EP2GK2 establishes call to EP2
Dialing With DNS EP1 EP2 GK1 GK2 DNS EP1 dials email@example.comDNS lookup on gk2.domainDNS returns IP of GK2GK1 calls GK2 for EP2GK2 connects EP2 2222 3333
ENUM (IETF) EP1 EP2 GK1 GK2 DNS w/ENUM 2222 3333 EP1 dials 3333ENUM lookup 3333ENUM returns h323:firstname.lastname@example.orgDNS lookup on gk2.domainDNS returns IP of GK2GK1 calls GK2 for EP2GK2 connects EP2
Location Services Location of endpoints is a general problem Not limited to RTC Each endpoint is a server, different than client server model NAT issues P2P is another approach
How Does SIP Differ ? SIP handles only location, authentication and call initiation Not only media neutral, but application neutral Very extensible, but creates interoperability problems Ratified by IETF Primary direction of RTC services
What is the problem? Artifacts are often observed in video or voice applications, but it is generally not clear whether the cause is in the protocol (i.e. application) or in the network Artifacts are gone before network or protocol engineers can examine problem Difficult to deploy test equipment to myriad geographically disparate sites Will this link work for the application before I deploy equipment? Most measurement tools are snapshots, and do not emulate media streams, thus missing important events.
Scouting Out Problems Public Health Outreach Project Remote Health Clinic connected back to Internet2 via xDSL Original diagnosis was h.323 problem ISP refused problem ownership until presented with test results
E2M Security Pros –Ensures nobody steals service provider’s resources –Ensures you pay your bill Cons –Doesn’t all you to access resources in other realms –Doesn’t provide caller ID –Doesn’t recognize true people to people nature of application Call Server
E2E Security Pros –Confirms your identity to the called party –Works across realms Cons –Requires common authentication across reams –Other applications don’t use this approach –Administrative cost to identity verification Incoming Call From: Dr. Thomas Gray Radiology Duke University Internet2 Call Server
How Does Federation Help E2E security features Still implement your own authentication methods Recognizes the world is a messy place Call Server Incoming Call From: Dr. Thomas Gray Radiology Duke University Internet2 DukeUNC Internet2 Federation Provider AProvider B FCC Federation
This Changes Everything Access to many service providers Not necessarily required to pre-establish accounts Call signaling and networks can be un-secured Incoming Call From: Sarah McAllister VISA 123456 Provider A FCC Duke Hospital UNC Hospital Federation Provider AProvider B FCC Federation MCU Provider VoIP Provider VoIP Provider PTA Fundraiser
Directory Services Directories are a key enabler of video teleconferencing. Essentially not useful without. Directories are a key management tool for tracking and supporting users Directory can be a portal for related information e.g. account requests, support, user information updates, etc. Canonical data source is essential for scalability
Endpoints What end user has H.323 Terminals: –Desktop videoconferencing (VCON, Viavideo, etc) –Room videoconferencing (Polycom, Tandberg, etc) –Multi-point control unit (MCU) SIP User Agents: –IP Telephony –Desktop (Messenger, CGU client…)
Call Servers - Management H.323 Gatekeeper SIP Proxy Both have lists of users, do call routing, enforce usage policies, do logging for any billing….
Enterprise Directory Central stores of information about people associated with an institution Authoritative (eg: Human Resources, Registrar; Telecommunications) ONE consolidated list – identities resolved (SSN!) Benefits: –Correct and current –Single location to disable account –Single location to reset password Video/VoIP manager – reinvent this wheel?
H.350 Directory Standardized LDAP schema that represents application-specific information for multimedia including these protocols: –SIP –H.323 –H.235 –H.320 –Non-standard (eg: Access Grid, VRVS, MPEG2). Designed to require minimal changes to the enterprise directory.
White Pages Look up person – find video/voip address Standardized – works with multiple vendors’ hardware and software Makes “Directory of Directories” searching possible (a global multimedia directory) Supports ‘clickable’ dialing Prototype/Testbed H.350 directory –https://videnet.unc.eduhttps://videnet.unc.edu
Endpoints Implementing H.350 can… Based on EndpointID, email address, etc., lookup correct configuration information and load it. - Solves big user support issue! No matter what protocol or brand, necessary data can be managed in an organized way. Do white pages search via LDAP protocol – receive answers; ‘click to dial’ if supported.
Endpoints supporting H.235 can… User/Endpoint Validation –Do enterprise authentication –Obtain videoconferencing credentials –Use VC credentials to obtain CORRECT configuration –Logging now suitable for usage tracking/billing
Call Servers Implementing H.350 can… Pull information from canonical store –Solves manual data entry problems –Can convert canonical to proprietary if needed on the fly Use XIdentityServiceLevel attribute to provide levels of authorization Scale up video/voip operations
What problems did we want to solve? Use existing identity management (authoritative enterprise directory) – avoid replicating into proprietary directories Standardize storage for protocol-specific data to ease updates/migrations; one central store for multiple protocols Leverage identity management for reliable multimedia authentication and authorization
Other drivers We wanted solution to be implemented by vendors. Therefore, adoption as a standard was necessary H.323/SIP already had existing security protocols – use those, without requiring modifications Be useful for non-standards based conferencing (MPEG2 / Access Grid / VRVS) Evaluate utility of federated administration model for managing videoconferencing/voip
International Telecommunication Union The ITU is an inter-governmental organization under the umbrella of the United Nations (www.itu.int)www.itu.int –currently has over 450 members from industry –has more than 2800 Recommendations in force Study Group 16 –multimedia service definition and multimedia systems, including the associated terminals, modems, protocols and signal processing. –Multimedia Services, Systems and Terminals –e-business and e-commerce –Selected Recommendations H.320 H.323 H.264 H.350 US Representation through US State Department
Why Standardization Process Was Helpful Caused the academic community to be extremely thorough –In terms of accuracy, scope and scenario development –Forced examination of real world implementation hurdles –Important linking between researchers and technologists –Implementation not valued in the computer science community Leads to less rigour Higher education thus abandons its voice Private industry not shy to speak up, but may not deliver desired results Diverse expert input Thorough review by many eyes Difficulty getting enterprise acceptance without standardization (i.e. we’ll munge our own) Difficulty getting vendor acceptance because each implementation different Educational community not a large enough market segment to drive development Paves the way for other vendor partnerships –An interesting alternative to open source