© Copyright AARNet Pty Ltd Video over IP Working Group QUESTnet 2003 Session 2 – How does it work?

© Copyright AARNet Pty Ltd Contents The core is the ITU-T H323 Standard, with a key goal to support the IETF SIP Standard equally. H.323 Gatekeepers for Video Security for Video to the LAN desktop Conferencing using MCU Directory System QoS ENUM for video Peering with other VoIP networks

© Copyright AARNet Pty Ltd H.323 and the Gatekeepers

© Copyright AARNet Pty Ltd H.323 building blocks Based on ITU H.323 standards

© Copyright AARNet Pty Ltd Gatekeepers These are the domain name Servers for Telephone numbers, eg They also support domain name like calling, eg Strong recommendation that members support their own Gatekeeper for their Video end points, but use the AARNet core gatekeepers for commodity Telephony. On Cisco GK use “show gatekeeper endpoints”, “debug ras” and “debug h225 asn1”.

© Copyright AARNet Pty Ltd H.323 Gatekeeper hierarchy Based on ITU H.323 standards

© Copyright AARNet Pty Ltd Gatekeeper details International roots –There are four. –Each is a redundant pair of Radvision Gatekeepers. Asia pacific Gatekeeper is at the ACT RNO. – Australian Root –Cisco MCM IOS, version 12.2(1a) on a 3640 – Public GK –Cisco MCM IOS, version 12.2(1a) on a 3640 – Configuration template will be available at

© Copyright AARNet Pty Ltd Member Cisco Video Gatekeeper Template Gatekeeper Config for a Member GK under the root GK. gatekeeper zone local terminals-staff domain.edu.au ! This one is a zone for local staff terminals to join zone local terminals-students member.edu.au ! This one is a zone for local students terminals to join zone local terminals-public public ! This one is a zone for the public zone remote aarnet edu.au ! The root GK above this one (default route) ! Protect each of the local zones by restricting what source ip ! address can join. zone subnet terminals-staff /24 enable no zone subnet terminals-staff default enable zone subnet terminals-students /24 enable no zone subnet terminals-students default enable zone subnet public /24 enable zone prefix aarnet * ! The default route, use next GK up in hierarchy no use-proxy terminals-staff default inbound-to terminal no use-proxy terminals-staff default outbound-from terminal ! …..etc etc for each zone….. ! Tell the Gatekeeper not use H.323 proxies for the terminals

© Copyright AARNet Pty Ltd Other Gatekeeper products CISCO IOS based Gatekeeper –Very fast. –Will run as a small background task on most Cisco routers. –Can have rudimentary registration authentication. –Simple call routing policy control. –Excellent for core GKs. –Scale to huge call set up rates! Radvision, Polycom, and Cisco Call Managers. –Are really Call Servers rather than Gatekeepers. –Can do Number Translation. –Can do registration authentication. –Will not route huge numbers of simultaneous calls. –Microsoft Operating System

© Copyright AARNet Pty Ltd The html interface to the AARNet Video GK (a claytons directory service?)

© Copyright AARNet Pty Ltd The Directory Perl programme that telnets to the GK every 10 seconds and builds an html page of registrations and E.164 routing. Uses “show gatekeeper endpoints” and “show run”. Malcolm Caldwell has written an ILS front end using the H.323 Open Source!

© Copyright AARNet Pty Ltd The Directory Watch for developments from the standards committees for an LDAP Directory standard, H.350 for multimedia conferencing for H.323, H.320 and SIP. see

© Copyright AARNet Pty Ltd Security for Desktop Video conferencing

© Copyright AARNet Pty Ltd Security for Video enabled desktops Firewalls are the number one killer of user to user communications, not just for H.323 but also SIP and Access Grids. Solutions for H.323 include: –Use access lists and configure endpoint to keep to a particular port range. –H.323 proxy in parallel with Firewall. –H.323 aware State-full firewall – yet to find one that works without fault ;-(. Cisco PIX, and also check out ridgeway (popular in USA). –Use Back-to-Back gateways. –Put dedicated end points in DMZ. Or Stay in your shell and do not use advanced technology for teaching and collaboration.

© Copyright AARNet Pty Ltd H.323 Gatekeeper hierarchy

© Copyright AARNet Pty Ltd Quality of Service (QoS)

© Copyright AARNet Pty Ltd QoS -Sorting. AARNet treats: -ToS=5 as Telephony. -ToS=4 as Video. Maps nicely for switches with one two queues. -Prioritisation: (appropriate Delay, Jitter and Loss), see which monitors ToS=5, probably indicates QoS performance for Video. which monitors ToS=5 -Policing: who can have it, how much can they have and how to stop those who want to abuse it? Answer: Move to rate limiting transmitted ToS traffic. -How much does it cost? Answer: Free initial amount, subscription for additional pipe size, with a usage charge. -Watch for design for AARNet’s Echidna Network.

© Copyright AARNet Pty Ltd QoS VoIPMonitor This is a Client/Server application written by CSIRO/AARNet. Clients run on each RNO.

© Copyright AARNet Pty Ltd Different Endpoints

© Copyright AARNet Pty Ltd End points Microsoft Netmeeting GnomeMeeting Polycom Via Video Polycom ViewStation Tandburg (uses h.323 version 4) IP Telephones VoIP connected PABXs LeadTek stand alone Video Phone. See

© Copyright AARNet Pty Ltd Billing

© Copyright AARNet Pty Ltd AARNet BILLING Already discussed in IP Telephony Working Group. Possible billing model: Members will be permitted to transmit a “default rate” of QoS marked traffic. Additional QoS capacity will be acquired by a subscription fee. There is likely to be a component of usage charges on the transmitted traffic from the member. The above model replaces the ip access lists in the RNOs and pushes policing back into the Member’s network.

© Copyright AARNet Pty Ltd MCUs and ISDN Gateway

© Copyright AARNet Pty Ltd What the users wanted Video over IP Collaboration for teams. Video over IP for Presentations to 30+ destinations. Telephone Conferencing. Support slow speed WAN links (< 256kbps). Support for Presentation slides (30+). Password protection. What we wanted Beta status Production unit and test unit None, or very little operator control/booking.

© Copyright AARNet Pty Ltd What we missed Video over ISDN support. Booking system. Users wanting permanent numbers.

© Copyright AARNet Pty Ltd Production MCUs are Radvision Radvision viaIP400 (to get beta status with the manufacturer) and a Cisco 3540 (re-badged radvision viaIP400 to ensure the VoIP worked). CSIRO sponsored MCUs with the spare capacity available for AARNet Members. Core to the AARNet V collaboration service. Supports VoiceoIP. IP based technology, Protocol stack is very popular OEM. Both have a 60 MCU card, and a VPS card (rate matching). Both are located at the ACT RNO Both use ToS=4 Production unit uses version 2 There is one T.120 server (60 concurrent). Test unit uses vastly improved version 3 (in beta). Template will be published on AARNet web site.

© Copyright AARNet Pty Ltd Pilot MCU was a Polycom MCU Was Accord, bought by Polycom. TDM based architecture. Need addition software for html user interface. AARNet Video working Group has trialled the Polycom (Accord) MGC MCU through the monthly OzEConfs. Past difference in quality is no longer the case compared to the Radvision MCU with the MVP card (still in beta). Report yet to be published. Watch for a config template.

© Copyright AARNet Pty Ltd ISDN Gateway

© Copyright AARNet Pty Ltd ISDN Gateway Radvison gw – P10. Located at CSIRO Limestone Ave, connected to CSIRO PABX. Configured to support incoming ISDN calls in to the AARNet Video infrastructure. Because of ISDN there is need to carefully configure the MCU, which we have not finished. –So far it supports 384kbps very well. –But if there are any 128kbps ISDN participants the MCU needs to be told to only support 128kbs for the conference.

© Copyright AARNet Pty Ltd Booking System

© Copyright AARNet Pty Ltd MCU Booking system Light weight booking system written in perl by AARNet as part of the joint project with CSIRO. Booking system generates an to the user, the coordinator and the MCU admin staff. If a PIN is requested then the administrator must configure the MCU.

© Copyright AARNet Pty Ltd LOOPBACK TEST NUMBERS

© Copyright AARNet Pty Ltd Test loopback

© Copyright AARNet Pty Ltd CAVE

© Copyright AARNet Pty Ltd CAVE AARNet maintains a list of coordinators who know their local site video environment and can help coordinate video conferences.list of coordinators The coordinator: is an experienced person at the site; knows the technology: video and audio, H.323 and/or Access Grid; knows the local environment; is the internal and external contact for that site; knows how to, and is able to escalate to AARNet support if needed; and is allowed/permitted to control AARNet MCU conferences.

© Copyright AARNet Pty Ltd Thank you