H323: Architecture and Issues Christian Benvenuti International Center for Theoretical Physics...

H323: Architecture and IssuesH323: Architecture and Issues

Christian BenvenutiInternational Center for Theoretical Physics (ICTP), Trieste, Italy

[email protected]

Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU

[email protected] Third Andean Workshop on Electronic Communications, 20-24 November 2000, Lima, PERU

ICTP & Developing countriesICTP & Developing countries Developing countries often means

– No 24x7x365 internet connection– Low bandwidth links

Bad phone line quality (PPP problems...)

– Satellite link ? Scientific Computer Section mailstones

– www4mail (Enrique is talking about this) (...)

– Scientific talk– Mbone tools– Streaming– H323 Architecture


ICTP main goalICTP main goal

To Enable the remote collaboration between scientists from developing

countries and not


RealTime multimedia VS StreamingRealTime multimedia VS Streaming

They differ from many point of view: Number of “entities” involved Degree of interaction between the remote ends Protocols involved Hardware needed Network constraints Buffering usage

Realtime multimedia ?=? Remote collaboration Streaming ?=? Distance learning


Real time multimediaReal time multimedia

Most of the time it is 1 to 1– When it is “n” to “m” it can be very expensive

High level of interactionMain constraints: delay and jitterNo bufferingMore hardware needed


StreamingStreaming

Usually 1 to “n” (with “n” >>> 1)

Very small interactionBuffering on the client sideNo specific HW is needed (on the client side)

Asymmetric (client-server)


RT Multimedia VS StreamingRT Multimedia VS Streaming- - Software needed -Software needed -

RT Multimedia– Cheaper (most of the time free) for basic configurations– Netmeeting/DCShare/Sunforum/... /Mbone tools

Streaming– The server (Real Server/Windows media server) can be very

expensive while the client is usually free (Real Player/Windows media player)

Sure stream technology


RT Multimedia VS StreamingRT Multimedia VS Streaming- - Hardware needed -Hardware needed -

RT Multimedia Microphone Speakers/Headphone Whiteboard Webcam Scanners ...

Streaming Speakers


RT Multimedia VS StreamingRT Multimedia VS Streaming- T- Tipical uses -ipical uses -

RT Multimedia Remote collaboration (es. paper writing) Remote application

Streaming Distance learning

– Lectures/Seminars/Training/Univ. degree


RT Multimedia VS StreamingRT Multimedia VS Streaming- - Protocols -Protocols -

RT Multimedia Real Time Protocol /Real Time Control Protocol

(over UDP/IP) Poor UDP/IP

Streaming Real Time Streaming Protocol (RTSP)

– This still uses RTP for live content!

Microsoft ASX– No Clients for Linux (Wine and/or VMWare?)


RT Multimedia VS StreamingRT Multimedia VS Streaming- - Bandwidth usage -Bandwidth usage -

RT Multimedia– It depends very much on the media used

Streaming– Usually the server is able to stream the same

content using different bandwidths depending on the client’s link speed


Let’s focus on RT MultimediaLet’s focus on RT Multimedia

ICTP has recently started working on a streaming project for many reasons ...

ICTP main focus is still RT Multimedia


11stst Rule Rule

Remote collaboration is not (and it does not claim to be) like face to face collaboration and it will probably never be like that – May be one day when virtual reality will not be

only a game anymore … (is it what we want?)


22ndnd Rule Rule

The computer does not have to be seen as a sobstitute to human interaction– It is only an instrument!

Distance/Computer based training will never sobstitute teachers completely! (I HOPE)– This is especially important for young people


Remote collaboration:Remote collaboration:what hardware do we need?what hardware do we need?

Basic configuration– Standard PC – Sound card + Speakers– Microphone

Optional devices– Webcam/camera– Scanner– Tablet (es. Wacom, Mimio, etc)– ... ... ...

NETWORK CONNECTION


What media can we use to What media can we use to collaborate?collaborate?

VoiceVideo (optional?)

ChatWhiteboardFile sharing (easier that mail attach. and ftp)

Application sharing– Web Sharing ...


ICTP main prefixed goalsICTP main prefixed goals

Easiness of use Security under control Possibly no change to the everyday hw/sw

instruments used by the users Cheap hw/sw (opensource/Linux)

... in other words ...

as plug an play as possible!


STANDARDSSTANDARDS

Two main sources:

International Telecommunication Union (ITU)– H323 … (Version 4 just approved [17 Nov. 2000])

http://www.itu.int

Internet Engineer Task Force (IETF)– RTP/RTCP, RTSP, ...

http://www.ietf.org


H323 ArchitectureH323 ArchitectureExampleExample

http://protocols.com/iface/voip/h323arch-b.gif


H323 stackH323 stack


H323 ClientsH323 Clients

O.S. Client Price

Windows NetMeeting +/- free

Unix (Linux) DC-Share nv

Sun Sunforum +/- free

… ... ... ... ... ...

You can find a bigger list at:

http://www.openh323.org/h323_clients.html


H323 GatewayH323 Gateway


H323 GatekeeperH323 GatekeeperMain tasks

Zone control Admission control Call authorization Bandwidth control Address translation … … …

Main issue: Being not hierarchical it does not scale!

– ANNEX H


H323: Gatekeeper zonesH323: Gatekeeper zones


H323 Gatekeeper zones H323 Gatekeeper zones (cont.)(cont.)

H 225.0 - Annex G– It takes advantage by the hierarchical structure

of the DNS (Domain Name System) and the way email addresses are assigned.


H323 GatekeeperH323 GatekeeperRouted call VS Direct callRouted call VS Direct call


Internet Locator Service (ILS) Internet Locator Service (ILS) vsvs

GaekeeperGaekeeper ILS is a Microsoft extension to the LDAP protocol It is used to make it easier for Netmeeting users to

find each other– It is not hierarchical– It is not included in the h323 arch.– It can NOT interoperate with a gatekeeper– It is disappearing


H323 MCUH323 MCU


H323: Main IssueH323: Main Issue

! Firewall !


H323 and firewalls do not H323 and firewalls do not coexist very well yet!coexist very well yet!

The h323 architecture has not been designed taking into account the poor network administrators ...

The use of DYNAMIC PORTS makes it impossible for a standard packet filtering firewall to cleanly allow that protocol!


Common “bad” solutions to Common “bad” solutions to the firewall problemthe firewall problem

Microsoft suggestion: open everything! http://support.microsoft.com/kb/articles/Q158/6/23.asp

NetMeeting uses the following Internet Protocol (IP) ports:

Port Purpose

-------------------------------------

389 Internet Locator Server [Transmission Control Protocol (TCP)]

522 User Location Server (TCP)

1503 T.120 (TCP)

1720 H.323 call setup (TCP)

1731 Audio call control (TCP)

Dynamic H.323 call control (TCP)

Dynamic H.323 streaming [Realtime Transport Protocol (RTP) over User Datagram Protocol (UDP)]


Common “bad” solutions to Common “bad” solutions to the firewall problem the firewall problem (cont.)(cont.)

On the firewall you can open:– Only a given set of internal IPs/Networks

or– Only traffic from a given set of external

IPs/Networks

or– Only a given range of ports


How to solve the firewall How to solve the firewall problem?problem?

Intelligent firewall (Es. Cisco PIX)– $$$$$ most of the time!

Proxy– Es. PhonePatch

Web interface NO T120 HANDLING !

ICTP – h323 proxy (already available)– Linux Firewall with h323 handling?


MBONE ToolsMBONE Tools

Vic (No h323!)

Rat/Vat... ... ...


H323 vs MBONEH323 vs MBONE(For the sake of completeness)(For the sake of completeness)

Scientific VS Commercial CommunitiesArchitecture VS not Architecture orientedSingle suite VS Multiple indipendent tools... ... ...but COMMON RTP USAGE

Can they interoperate ?


H323 vs SIPH323 vs SIP

H323 is a binary protocol (ASN.1) while SIP is text based like HTTP (which means easier to deal with)

SIP is newer SIP is much simpler to implement SIP handles better the firewall problem SIP is more focused on IP telephony

… but … H323 is already the de facto standard!


H323 H323 opensourceopensource software software

http://www.openh323.orghttp://www.opengatekeeper.orgOpenh323proxy (developed at the ICTP)

– http://openh323proxy.sourceforge.net

NO opensource MCUs are available at the moment


H323: a few linksH323: a few links

General H323– You can find many (updated) links in my home

Security point of view (a few interesting articles)

– NetMeeting Security Concerns and Deployment Issues– The Problems and Pitfalls of Getting H.323 Safely Through Firew

alls

– H.323 Proxy Issues

Some others are in the references ...


To summarize ...To summarize ...

Realtime multimedia VS Streaming– Standard Organizations (ITU, IETF)

H323 is still a too fresh architecture – Security issues not completely solved

The ICTP is working on a cheap/PnP solution


ReferencesReferences(where I also took most of the images)(where I also took most of the images)

International Telecommunication Union (ITU)– H.323 (It is NOT on line)

Internet Engineer Task Force (IETF)– RTP/RTCP (RFC 1889) – RSTP (RFC 2326)

WEB – Http://www.protocols.com/voip/– Demystifying Multimedia Conferencing Over the Internet Using the H.323 Set of

Standards– IP Telephony and EIC– A Primer on the H.323 Series Standard– Multimedia Standards - H.323 for Audio Visual Conferencing

Some others are in my homepage (http://shannon.csr.unibo.it/benve/h323.html)

H323: Architecture and Issues Christian Benvenuti International Center for Theoretical Physics...

Documents

Transcript of H323: Architecture and Issues Christian Benvenuti International Center for Theoretical Physics...