Peer-to-Peer Networks - Skype Hongli Luo CEIT, IPFW
Skype r Reference: An Analysis of the Skype Peer-to-peer Internet Telephony Protocol, S. Baset, H. Schulzrinne, 2004 r Use traffic analysis, shared library and system call interception techniques to analyze the various aspects of the Skype protocol
Voice over IP (VoIP) r VoIP – transport of voice over IP-based networks r Complexity ranges from m Hobbyists using Internet to get free phone calls on peer-to-peer basis to m Full scale PSTN replacement networks r VoIP must address m Types of end user terminals - IP phones, PC clients m Quality of Service – ensure agreed quality m Security risks must be clearly identified m Last mile bandwidth – which affects codec, packetization period and where to use compression to best meet service goals m Signaling protocol must support service set required
VoIP r Quality of Service (Delay, Jitter, Packet loss) m Use RSVP, DiffServ, MPLS, even ATM m RTP is used for media traffic m Signaling protocol: SIP r Video on Skype m Provide video calling on Skype m Need a web camera m Available on computer, mobile, TV
P2P Case study: Skype r A peer-to-peer (P2P) overlay network for VoIP and other applications, developed by founder of KaZaA r P2P (pc-to-pc, pc-to-phone, phone-to-pc) Voice-Over-IP (VoIP) application m also IM r SkypeOut and SkypeIn servers – PC-to-PSTN and PSTN-to-PC r proprietary application-layer protocol (inferred via reverse engineering) r Packet transmission (voice and control packets) are encrypted Skype clients (SC) Supernode (SN) Skype login server
The Skype Network hierarchical overlay
The Skype Network (contd…) r Ordinary host (SC) m A Skype client r Super nodes (SN) m A Skype client m Has public IP address, ‘sufficient’ bandwidth, CPU and memory r Login server m Stores Skype id’s, passwords, and buddy lists m Used at login for authentication m Version : and r Peer uses a variant of STUN protocol to determine the type of NAT and firewall it is behind
The Skype Network (contd…) r NAT and firewall traversal m Public IP address m Port-restricted NAT A port-restricted NAT allows an external host, with source IP address X and source port P, to send a packet to the internal host only if the internal host had previously sent a packet to IP address X and port P. m UDP-restricted firewall r Uses wideband codec to maintain reasonable call quality at an available bandwidth of 32 kbps r Uses TCP for signaling r Uses both UDP and TCP for transporting media traffic
Skype: making a call r User starts Skype Skype login server r SC registers with SN m list of bootstrap SNs r SC logs in (authenticate) r Call: SC contacts SN with callee ID m SN contacts other SNs (unknown protocol, maybe flooding) to find addr of callee; returns addr to SC r SC directly contacts callee, over TCP
Skype Components r Client listens on particular ports for incoming calls r Maintains a table of other Skype nodes called host cache r Wide codec r Buddy list r Encrypts messages end-to-end r Determines whether it is behind a NAT or a firewall
Skype Components r Ports m No default listening port m Randomly chooses a port (P1) on installation m Also opens TCP listener sockets at port 80 (HTTP) for incoming http requests and port 443 (HTTPS)
Skype Components (contd…) r Host cache (HC) m IP address and port number of online Skype nodes (SNs) m Maximum size: 200 entries m Liang, Kumar and Ross. Understanding KaZaA 200 entries for ordinary nodes (ON) m Login server IP address and port number m If unable to establish a connection with any HC entry Connect with one of the seven bootstrap IP address and port pairs hardcoded in the Skype executable m HC Windows location C:\Documents and Settings\All Users\Application Data\Skype\shared.xml
Skype HC
Skype Components (Contd…) r Codecs (GlobalIPSound) m Wide band codecs (50-8,000 Hz) m iLBC (packet size: 20 and 30 ms bitrate: 15.2 kbps and 13.3 kbps) m iSAC (packet size: ms bitrate: kbps) m G.729 for SkypeOut? r Buddy list m Stored in ‘config.xml’ file C:\Documents and Settings\ \Application Data\Skype\ f384d3a0:1 7d1dafc4:1
Skype Functions r Startup r Login r User search r Call establishment r Media transfer r Keep-alive r NAT and firewall traversal r Conferencing
Skype Functions: STARTUP r First time startup m Sent a HTTP 1.1 GET request to the Skype server (Skype.com) m GET /ui/0/97/en/installed HTTP/1.1 r Normal startup m To determine a newer version of Skype is available, during login GET /ui/0/97/en/getlatestversion?ver= HTTP/1.1
Skype Functions: LOGIN r Establishes a TCP connection with SN r Authenticates with the login server and gets a certified public key r Bootstrap super nodes - Hard-coded in Skype r A SC must establish a TCP connection with a SN in order to connect to Skype network r A SC is able to determine at login if it is behind a NAT and a firewall Bootstrap sn IP address and hostnames obtained by a reverse lookup IP address:portReverse lookup resultAuthority section :33033sss1.skype.netns1.hopone.net :33033No PTR resultns1.hopone.net :33033No PTR resultns07.customer.eu.level3.net :33033No PTR result ns3.DK.net :33033rs ev1.net ns2.ev1.net :33033rs ev1.net ns2.ev1.net :33033ev1s ev1servers.net ns1.ev1.net
Skype Functions: USER SEARCH r Claimed by Skype m Guaranteed to find a user if it exists and logged in the last 72 hours r Search results are cached at intermediate nodes r Unable to trace messages beyond SN r Cannot force a node to become a SN m Host cache is used for connection establishment and not for SN selection r User does not exist. How does search terminate? m Skype contacts login server for failed searches r SN searches for a user behind UDP-restricted firewall r Same wildcard (sal*) search query from two different machines initiated at the same time gives different results
Skype Functions: CALL ESTABLISHMENT r Call signaling always carried over TCP and goes e2e r Calls to non buddies=search+call r Initial exchange checks for blocked users r Public-public call m Caller SC establishes a TCP connection with callee SC r Public-NAT m Caller SC is behind port-restricted NAT m Caller---->Skype node (SN) ----> Callee m TCP connection established between caller, callee, and more than one Skype nodes m Unknown: How a node is selected to route calls from caller to callee? Perhaps determined at login r Firewall-firewall call m Same as public-NAT but no in-UDP packets
Skype Functions: CALL ESTABLISHMENT r Caller is behind port-restricted NAT and callee has a public IP address r Caller sent signaling to an online Skype node which forwarded it to callee (both over TCP) r Media flowed directly between caller and callee over UDP
Skype Functions: CALL ESTABLISHMENT r Caller and callee are behind port-restricted NAT and UDP-blocking firewall r Both caller and callee exchange signaling information over TCP with another online Skype node.
Skype Functions: Summary PublicNATFirewall Login10 KB11 KB7 KB Search1-2 KB 5-7 KB Call establishment6 KB8 KB PublicNATFirewall Login3-7 seconds seconds Search3-4 seconds5-6 seconds10-15 seconds
Skype Functions: MEDIA TRANSFER Public-publicNAT-publicFirewall-firewall Packet size bytes bytes30-90 bytes Stream bw5 kilobytes/s 5.5 kilobytes/s TransportUDP TCP r 10/100 Mbps Ethernet r iSAC codec was used (adaptive bit-rate)
Skype Functions: MEDIA TRANSFER r No silence suppression r Silence packets are used to m play background noise at the peer m maintain UDP NAT binding m avoid drop in the TCP congestion window r Putting a call on hold m Send 1 packet/3 seconds to call-peer or Skype node m same reasons as above r Codec frequency range m 50-8,000 Hz (total bw of 3 kilobytes/s) r Reasonable call quality at (4 kilobytes/s)
Skype Functions: KEEP ALIVE r Send refresh message over TCP to SN every 120 seconds r Refresh message size: 2 bytes
Skype Functions: CONFERENCING r A, B, and C have public IP addresses r B and C were sending traffic over UDP to A r A acts as a mixer B CA+B A+C A: 1.6 GHz Pentium4, 512 MB RAM B: 3 GHz Pentium4, 1 GB C: 3 GHz Pentium4, 1 GB
Skype, MSN, Yahoo and Talk Application version Memory usage before call (caller, callee) Memory usage after call (caller, callee) Process priority before call Process priority during call Mouth-to- ear latency Skype MB, 19 MB21 MB, 27 MBNormalHigh96ms MSN7.525 MB, 22 MB34 MB, 31 MBNormal 184ms Yahoo7.0 beta38 MB, 34 MB43 MB, 42 MBNormal 152ms GTalk MB, 9 MB13 MB, 13 MBNormal 109ms