K. Stoeckigt, [email protected] Secure real-time audio/video communication – H.350, Encryption &...

K. Stoeckigt, [email protected]

Secure real-time audio/video communication – H.350, Encryption & Gatekeeper/Proxy – using H.323 (…and a bit SIP)

Tutorial/workshop session

- Introduction to VC technology and H.323 -

19th APAN MeetingBangkok, Thailand

January 2005


Outline

• What is videoconferencing and why should you use it?– motivating example– H.323 around the world

• H.323 – The standard• A recipe for successful H.323 videoconferencing


What is videoconferencing and why should you use it?

• A motivating example– Videoconferencing

comes in all sorts of flavors, colors, languages, and and and….

Canadian Style Hungarian Dutch McD or US flavor

JapaneseAustralian StyleGerman

Slovenian



• What standards are available right now?– Several!!

• H.323 (VC over IP)– mostly used for videoconferencing

• H.320 (VC over ISDN) – still widely used; good as backup option

• SIP – show up on Stephen’s and Quincy’s Workshop tomorrow– mostly used for IP telephony

• AccessGrid – next door– High bandwidth, multicast applications

• other MBone tools

– Since this workshop is dealing with H.323, we are just talking about H.323…ok…a bit SIP will be in at the end



• Videoconferencing is IP telephony with pictures • A better definition

• Point-to-point or multipoint?– a point-to-point connection only includes two

participating sides, whereas multipoint can connect n-many participating sides

A videoconference is a virtual meeting of two or more participants (singlepersons, groups) at different locations who communicate in real-timevia a bidirectional audio/video link. Digital audio, video and text can beshared (and edited) between the participants.

Point-to-point Multipoint



• VC is a modern communication medium• It can support

– Education, e.g. K-12, Universities, etc.• Guest lectures can give talks without traveling• No need to skip lectures if the lecturer is away• Inter-cultural experience, e.g. in language classes with other countries• Best example for this scenario: Megaconference Jr.

http://megaconferencejr.cciu.org

– Collaborative work/research• Work/research with other people/groups in other countries/at different locations

– e.g. group meetings, etc.

– Students• use of modern technology• “connection to the rest of the world”…maybe a connection home for international

students

– Many more scenarios….



• Does it work, and H.323 around the world?– YES IT DOES– Megaconference - http://www.megaconference.org/

• Annual worlds largest videoconference

• Initiated by Dr. “Bob”, OSU

• Last years event (December 2004):– 372 participation sites around the world– All continents, except Antarctica– Many Screenshots at http://ag.triumf.ca/megac04/ – Streams on the web page– [email protected]


What is videoconferencing and why you should use it?

• H.323 around the world– Cascaded MCUs of last years

event (picture on the right)

– What else?• Vide, http://www.vide.net , but

Egon will talk about Vide a bit later today

– As you can see, H.323 is widely used, so you should use it too


H.323 – The standard

• H.323 is an ITU standard, first introduced in 1996• It is an umbrella standard, covering some of the following standards

– H.225.0

– H.245

– H.235

– ….

• Current version in V.5 (most systems however still use V.4)– Draft versions of the standard can be downloaded at

http://www.packetizer.com/voip/h323/standards.html

• The H.323 standard describes terminals and other entities that provide multimedia communication services over packet based networks (PBN). H.323 does not guarantee Quality of service.



• Requires– Video

• H.261 (CIF (352x288), QCIF (176x144))

– Audio• G.711 (~ Telephone quality)

– Data formats• H.225 (Call signaling)

• H.245 (Control protocol)

• Options– Video

• H.263, H.263+, H.264,…

– Audio• G.722,…

– Data• T.120 Now you know why its called “umbrella” standard



• Entities of H.323 are:– Terminals (I will refer to it as endpoint(s))

• Terminals are a voice/video endpoint, such as an IP-Phone, a videoconferencing system (Viavideo, Netmeeting®, other systems)

• Terminal has to support the mandatory requirements

– MCUs• Multipoint Conference Units commonly used if more than 2 participants

want to ‘conference’ with each other

• MCU consist of two parts– Multipoint controller (MC): controls the call signaling– Multipoint processor (MP): responsile for media handling, such as switching,

synchronization, etc.



• Entities of H.323 are:– Gateways

• “Bridging” to other communication networks such as the ISDN world, OPBTPS (“old plain boring telephone system”)

– Gatekeepers• Address translation (“Which IP is 00498932996006?”)• Call control• Bandwidth control• Zone control• Admission control



• Explains several different call scenarios– Endpoint ↔ Endpoint– Endpoint ↔ GKdirect ↔ Endpoint– Endpoint ↔ GKrouted ↔ Endpoint– Endpoint ↔ GK{direct|routed} ↔ GK{direct|routed} ↔ Endpoint– several other scenarios

• Four examples should demonstrate how H.323 partners communicate with each other– Endpoint ↔ Endpoint (communication without Gatekeeper)– Endpoint ↔ GKdirect ↔ Endpoint (communication using a Gatekeeper)– Endpoint ↔ GKrouted ↔ Endpoint (communication using a Gatekeeper in

routed mode)– Endpoint ↔ GKproxy ↔ Endpoint (communication using a Gatekeeper/Proxy

(this is not specified in the H.323 standard))



• ARQ: Admission request• ACF: Admission confirm• ARJ: Admission reject• RRQ: Registration request• RCF: Registration confirm• RRJ: Registration reject• DRQ: Disengage request• DCF: Disengage confirm• DRJ: Disengage reject

• BRQ: Bandwidth request• BCF: Bandwidth confirm• BRJ: Bandwidth reject• All the messages are also called

RAS message (Registration Admission Status)

Useful abbreviations for the next few slides



• Endpoint ↔ Endpoint (Three phases)– Phase 1: Call connect

• A sends B a setup request• If B accepts the request a connect is

returned. Until then an alert is return (like the ring tone until some one picks up the phone)

– Phase 2: Running call• The media streams (udp, red lines) are

interchanged between the terminals directly

• A H.225/H.245 control channels are maintained between A and B

– Phase 3: Hang up• A sends be a DRQ• B returns a DCF and the connection will

be terminated



• Endpoint ↔ GKdirect ↔ Endpoint (usually 5 Phases, or 3 + 2)

– Phase 1 (Call connect)• A sends a ARQ to the Gatekeeper• Gatekeeper then return ACF/ARJ A

sends setup message to B• B sends a ARQ to the Gatekeeper• Gatekeeper returns ACF/ARJ• B sends a connect or alert to A

– Phase 2 (Running call)• A and B exchanged RAS messages

and media streams directly between each other. Signals are routed by the Gatekeeper

– Phase 3 (Call termination)• A sends DRQ to GK• GK sends DRQ to B• B returns DCF/DRJ to GK• GK returns DCF/DRJ to A



• Endpoint ↔ GKrouted ↔ Endpoint

– The phases are similar to the Endpoint ↔ GKdirect ↔ Endpoint communication, however, in routed mode, the GK also routes the RAS messages



• Endpoint ↔ GKproxy ↔ Endpoint

– This scenario is not in the standard

– Similar to the routed scenario, but the GK also routes the media streams → you can bypass a firewall (more about it later)



• All described scenarios can be extended to– Endpoint ↔ GK{direct|routed|proxy} ↔ GK{direct|routed|proxy} ↔ … ↔ Endpoint

– Signaling will be the same for multipoint conferences via MCUs

• How do the endpoints find each other (assuming you dial an E.164 number)?– If both endpoints are on the same gatekeeper, the gatekeeper looks

up the IP address in a local stack, or a back-end (DB, LDAP, etc.)– If the endpoints are on different Gatekeeper, LRQ (Location requests)

are send to other known Gatekeeper (this is how GDS works → wait for Egon’s talk about GDS)



• some other extra features– Support for cascading MCUs– Far-end camera control– QoS information in H.460.9; the Gatekeeper could then change the

route, if the endpoint reports a “bad quality”– Ability to utilize other network services, such as ENUM, DNS, LDAP,

etc.– many other features

• http://www.packetizer.com • http://www.h323forum.com• http://videnet.unc.edu • http://commons.internet2.edu/h323/


A recipe for successful H.323 videoconferencing

• You need– about 2 to 12kg of computer– 20g to 5kg of webcam or videoconferencing system– ca. 50MB of Software– 1 IP address, if possible without NAT(s)– 1 fast piece of internet (if DSL min. 512kbit/s up/down-link)– if you want you can add a gatekeeper, an MCU or ISDN gateways– Put it together, let it settle for a couple of minutes in normal room

temperature, one restart, and there you go…

K. Stoeckigt, [email protected] Secure real-time audio/video communication – H.350, Encryption &...

Documents

Transcript of K. Stoeckigt, [email protected] Secure real-time audio/video communication – H.350, Encryption &...