370 likes | 399 Views
Video over IP Working Group. QUESTnet 2003 Session 2 – How does it work?. Contents. The core is the ITU-T H323 Standard, with a key goal to support the IETF SIP Standard equally. H.323 Gatekeepers for Video Security for Video to the LAN desktop Conferencing using MCU Directory System QoS
E N D
Video over IP Working Group QUESTnet 2003 Session 2 – How does it work?
Contents • The core is the ITU-T H323 Standard, with a key goal to support the IETF SIP Standard equally. • H.323 Gatekeepers for Video • Security for Video to the LAN desktop • Conferencing using MCU • Directory System • QoS • ENUM for video • Peering with other VoIP networks
H.323 building blocks Based on ITU H.323 standards
Gatekeepers • These are the domain name Servers for Telephone numbers, eg 61 2 6222 3555. • They also support domain name like calling,eg noc@aarnet.edu.au • Strong recommendation that members support their own Gatekeeper for their Video end points, but use the AARNet core gatekeepers for commodity Telephony. • On Cisco GK use “show gatekeeper endpoints”, “debug ras” and “debug h225 asn1”.
H.323 Gatekeeper hierarchy Based on ITU H.323 standards
Gatekeeper details • International roots • There are four. • Each is a redundant pair of Radvision Gatekeepers. Asia pacific Gatekeeper is at the ACT RNO. • 203.22.212.235 • Australian Root • Cisco MCM IOS, version 12.2(1a) on a 3640 • 203.22.212.242. • Public GK • Cisco MCM IOS, version 12.2(1a) on a 3640 • 203.22.212.245 • Configuration template will be available at http://www.aarnet.edu.au/engineering
Member Cisco Video Gatekeeper Template Gatekeeper Config for a Member GK under the root GK. gatekeeperzone local terminals-staff domain.edu.au! This one is a zone for local staff terminals to joinzone local terminals-students member.edu.au! This one is a zone for local students terminals to joinzone local terminals-public public! This one is a zone for the publiczone remote aarnet edu.au 203.22.212.242! The root GK above this one (default route)! Protect each of the local zones by restricting what source ip! address can join.zone subnet terminals-staff 123.123.123.0/24 enableno zone subnet terminals-staff default enable zone subnet terminals-students 123.123.123.0/24 enableno zone subnet terminals-students default enable zone subnet public 123.123.123.0/24 enablezone prefix aarnet *! The default route, use next GK up in hierarchyno use-proxy terminals-staff default inbound-to terminalno use-proxy terminals-staff default outbound-from terminal ! …..etc etc for each zone…..! Tell the Gatekeeper not use H.323 proxies for the terminals
Other Gatekeeper products • CISCO IOS based Gatekeeper • Very fast. • Will run as a small background task on most Cisco routers. • Can have rudimentary registration authentication. • Simple call routing policy control. • Excellent for core GKs. • Scale to huge call set up rates! • Radvision, Polycom, and Cisco Call Managers. • Are really Call Servers rather than Gatekeepers. • Can do Number Translation. • Can do registration authentication. • Will not route huge numbers of simultaneous calls. • Microsoft Operating System
The html interface to the AARNet Video GK (a claytons directory service?)
The Directory • Perl programme that telnets to the GK every 10 seconds and builds an html page of registrations and E.164 routing. • http://lattice.act.aarnet.net.au/gk/ • Uses “show gatekeeper endpoints” and “show run”. • Malcolm Caldwell has written an ILS front end using the H.323 Open Source!
The Directory • Watch for developments from the standards committees for an LDAP Directory standard, H.350 for multimedia conferencing for H.323, H.320 and SIP.see http://middleware.internet2.edu/video/
Security for Video enabled desktops • Firewalls are the number one killer of user to user communications, not just for H.323 but also SIP and Access Grids. • Solutions for H.323 include: • Use access lists and configure endpoint to keep to a particular port range. • H.323 proxy in parallel with Firewall. • H.323 aware State-full firewall – yet to find one that works without fault ;-(. Cisco PIX, and also check out ridgeway (popular in USA). • Use Back-to-Back gateways. • Put dedicated end points in DMZ. Or • Stay in your shell and do not use advanced technology for teaching and collaboration.
QoS • Sorting. AARNet treats: • ToS=5 as Telephony. • ToS=4 as Video. Maps nicely for switches with one two queues. • Prioritisation: (appropriate Delay, Jitter and Loss), see http://lattice.aarnet.net.au/VoIPMonitor which monitors ToS=5, probably indicates QoS performance for Video. • Policing: who can have it, how much can they have and how to stop those who want to abuse it?Answer: Move to rate limiting transmitted ToS traffic. • How much does it cost? Answer: Free initial amount, subscription for additional pipe size, with a usage charge. • Watch for design for AARNet’s Echidna Network.
QoS VoIPMonitor This is a Client/Server application written by CSIRO/AARNet. Clients run on each RNO.
End points • Microsoft Netmeeting • GnomeMeeting • Polycom Via Video • Polycom ViewStation • Tandburg (uses h.323 version 4) • IP Telephones • VoIP connected PABXs • LeadTek stand alone Video Phone. See http://www.aarnet.edu.au/engineering/guides/video/
AARNet BILLING Already discussed in IP Telephony Working Group. Possible billing model: • Members will be permitted to transmit a “default rate” of QoS marked traffic. • Additional QoS capacity will be acquired by a subscription fee. • There is likely to be a component of usage charges on the transmitted traffic from the member. The above model replaces the ip access lists in the RNOs and pushes policing back into the Member’s network.
What the users wanted • Video over IP Collaboration for teams. • Video over IP for Presentations to 30+ destinations. • Telephone Conferencing. • Support slow speed WAN links (< 256kbps). • Support for Presentation slides (30+). • Password protection. What we wanted • Beta status • Production unit and test unit • None, or very little operator control/booking.
What we missed • Video over ISDN support. • Booking system. • Users wanting permanent numbers.
Production MCUs are Radvision • Radvision viaIP400 (to get beta status with the manufacturer) and a Cisco 3540 (re-badged radvision viaIP400 to ensure the VoIP worked). • CSIRO sponsored MCUs with the spare capacity available for AARNet Members. • Core to the AARNet V collaboration service. • Supports VoiceoIP. • IP based technology, Protocol stack is very popular OEM. • Both have a 60 MCU card, and a VPS card (rate matching). • Both are located at the ACT RNO • Both use ToS=4 • Production unit uses version 2 • There is one T.120 server (60 concurrent). • Test unit uses vastly improved version 3 (in beta). • Template will be published on AARNet web site.
Pilot MCU was a Polycom MCU • Was Accord, bought by Polycom. • TDM based architecture. • Need addition software for html user interface. • AARNet Video working Group has trialled the Polycom (Accord) MGC MCU through the monthly OzEConfs. Past difference in quality is no longer the case compared to the Radvision MCU with the MVP card (still in beta). • Report yet to be published. • Watch for a config template.
ISDN Gateway • Radvison gw – P10. • Located at CSIRO Limestone Ave, connected to CSIRO PABX. • Configured to support incoming ISDN calls in to the AARNet Video infrastructure. • Because of ISDN there is need to carefully configure the MCU, which we have not finished. • So far it supports 384kbps very well. • But if there are any 128kbps ISDN participants the MCU needs to be told to only support 128kbs for the conference.
MCU Booking system • Light weight booking system written in perl by AARNet as part of the joint project with CSIRO. http://www.aarnet.edu.au/services/video • Booking system generates an email to the user, the coordinator and the MCU admin staff. • If a PIN is requested then the administrator must configure the MCU.
Test loopback http://www.aarnet.edu.au/network/testtelephonenumbers.html
CAVE • AARNet maintains a list of coordinators who know their local site video environment and can help coordinate video conferences. The coordinator: • is an experienced person at the site; • knows the technology: video and audio, H.323 and/or Access Grid; • knows the local environment; • is the internal and external contact for that site; • knows how to, and is able to escalate to AARNet support if needed; and • is allowed/permitted to control AARNet MCU conferences.