An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol Salman Baset and Henning Schuzrinne INFOCOMM 2006 Presenter - Bob Kinicki Presenter -

Slides:



Advertisements
Similar presentations
Firewalls and Network Address Translation (NAT) Chapter 7.
Advertisements

CPSC Network Layer4-1 IP addresses: how to get one? Q: How does a host get IP address? r hard-coded by system admin in a file m Windows: control-panel->network->configuration-
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
CS 457 – Lecture 16 Global Internet - BGP Spring 2012.
CS 4700 / CS 5700 Network Fundamentals Lecture 15: NAT (You Better Forward Those Ports) Revised 3/9/2013.
AN ANALYSIS OF THE SKYPE PEER-TO-PEER INTERNET TELEPHONY PROTOCOL Presentation by Andrew Keating for CS577 Fall 2009 By Salman A. Baset and Henning Schulzrinne,
Skype & Network Management Taken from class reference : An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol Salman A. Baset and Henning Schulzrinne.
CS Spring 2011 CS 414 – Multimedia Systems Design Lecture 38 – Voice-over-IP/Skype Klara Nahrstedt Spring 2011.
Voice over IP Skype.
1 An Analysis of the Skype Peer-to- Peer Internet Telephony Protocol Speaker : zcchen.
Review of a research paper on Skype
 Motivation: local network uses just one IP address as far as outside world is concerned :  range of addresses not needed from ISP: just one IP address.
CS Spring 2014 CS 414 – Multimedia Systems Design Lecture 41 – P2P Streaming (Part 5) Klara Nahrstedt.
Week 5: Internet Protocol Continue to discuss Ethernet and ARP –MTU –Ethernet and ARP packet format IP: Internet Protocol –Datagram format –IPv4 addressing.
Network Layer introduction 4.2 virtual circuit and datagram networks 4.3 what’s inside a router 4.4 IP: Internet Protocol  datagram format  IPv4.
IP Address 1. 2 Network layer r Network layer protocols in every host, router r Router examines IP address field in all IP datagrams passing through it.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
What we will cover… Home Networking: Network Address Translation (NAT) Mobile Routing.
Chapter 5 The Network Layer.
NAT: Network Address Translation local network (e.g., home network) /24 rest of Internet Datagrams.
More about Skype. Overview Any node with a public IP address having sufficient CPU, memory and network bandwidth is a candidate to become a super node.
IP Address 1. 2 Network layer r Network layer protocols in every host, router r Router examines IP address field in all IP datagrams passing through it.
Skype & its protocol Aaron Loar CPE 401. Introduction Skype’s Background Topology 3 Node Types Questions.
Network Layer4-1 Chapter 4 Network Layer A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students, readers).
Network Layer session 1 TELE3118: Network Technologies Week 4: Network Layer Basics, Addressing Some slides have been taken from: r Computer Networking:
12 – NAT, ICMP, IPv6 Network Layer4-1. Network Layer4-2 Chapter 4 Network Layer Computer Networking: A Top Down Approach Featuring the Internet, 3 rd.
Network Layer4-1 NAT: Network Address Translation local network (e.g., home network) /24 rest of.
Network LayerII-1 RSC Part II: Network Layer 3. IP addressing (2nd part) Redes y Servicios de Comunicaciones Universidad Carlos III de Madrid These slides.
Adapted from: Computer Networking, Kurose/Ross 1DT066 Distributed Information Systems Chapter 4 Network Layer.
Network Layer Lecture # 2 MAHS. 4: Network Layer 4b-2 Hierarchical Routing scale: with 200 million destinations: r can’t store all dest’s in routing tables!
CS 5565 Network Architecture and Protocols
An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and.
9/11/2015Home Networking1 Bob.test Have Road Runner Unhappy about reports of constant probes of machines Policy decision –I want to prevent unauthorized.
VoIP: Skype architecture & complete call setup Seminar 2 By: Prateek Arora.
 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.
CS 3214 Computer Systems Godmar Back Lecture 24 Supplementary Material.
Skype Bruce Maggs. 2 Gratuitous Quote of the Day "There have been members of the Maggs family in south east Suffolk since the great subsidy of 1327 but.
1 NAT Network Address Translation Motivation for NAT To solve the insufficient problem of IP addresses IPv6 –All software and hardware need to be updated.
Skype P2P Kedar Kulkarni 04/02/09.
Network Layer4-1 DHCP: Dynamic Host Configuration Protocol Goal: allow host to dynamically obtain its IP address from network server when it joins network.
Transport Layer 3-1 Chapter 4 Network Layer Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012  CPSC.
CIS 3360: Internet: Network Layer Introduction Cliff Zou Spring 2012.
1 Chapter 4: Network Layer r 4.4 IP: Internet Protocol m Datagram format m IPv4 addressing m ICMP m IPv6 r 4.5 Routing algorithms m Hierarchical routing.
RSC Part II: Network Layer 3. IP addressing Redes y Servicios de Comunicaciones Universidad Carlos III de Madrid These slides are, mainly, part of the.
Chapter 4, slide: 1 Chapter 4: Network Layer r Introduction r IP: Internet Protocol  IPv4 addressing  NAT  IPv6 r Routing algorithms  Link state 
Network Layer4-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.
1 Network Layer Lecture 15 Imran Ahmed University of Management & Technology.
An analysis of Skype protocol Presented by: Abdul Haleem.
Lectu re 1 Recap: “Operational” view of Internet r Internet: “network of networks” m Requires sending, receiving of messages r protocols control sending,
Page 1 Network Addressing CS.457 Network Design And Management.
Transport Layer3-1 Chapter 4: Network Layer r 4. 1 Introduction r 4.2 Virtual circuit and datagram networks r 4.3 What’s inside a router r 4.4 IP: Internet.
Wide Area Networks and Internet CT1403 Lecture-7: Internet Network Layer (Part-2) 1.
CS 5565 Network Architecture and Protocols Godmar Back Lecture 14.
Data Communications and Computer Networks Chapter 4 CS 3830 Lecture 19 Omar Meqdadi Department of Computer Science and Software Engineering University.
Peer-to-Peer Networks - Skype Hongli Luo CEIT, IPFW.
Wide Area Networks and Internet CT1403 Lecture-5: Internet Network Layer (Part 3) 1.
Skype.
Some slides have been taken from:
Supplementary Material
Network Address Translation
Chapter 4: Network Layer
Supplementary Material
An Experimental Study of the Skype Peer-to-Peer VoIP System
NET323 D: Network Protocols
Skype P2P communication
NET323 D: Network Protocols
Overview The Internet (IP) Protocol Datagram format IP fragmentation
DHCP and NAT.
CS4470 Computer Networking Protocols
DHCP: Dynamic Host Configuration Protocol
Presentation transcript:

An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol Salman Baset and Henning Schuzrinne INFOCOMM 2006 Presenter - Bob Kinicki Presenter - Bob Kinicki

OutlineOutline  Skype Overview  Skype Components  Review of NATs  Experimental Set Up  Skype Functionality –Login, Login Server, User Search, Call Establishment, Conferencing  Super Node Facts  Conclusions Advanced Computer Networks Analysis of Skype

Skype Overview  Developed by Kazaa as an overlay P2P (peer-to-peer) network.  Provides a VoIP client that supports voice calls, instant messaging, audio conferencing and buddy lists. {Currently supports video!}  Uses TCP for signaling and TCP and UDP for transporting media traffic.  Uses 256-bit AES encryption.  Employs wideband codecs (iLBC, ISAC and iPCM) that allow frequencies between Hz. Advanced Computer Networks Analysis of Skype

Skype Network  Ordinary Host –Skype Client (SC)  Super Node (SN) –Skype Client –Must have public IP address –Has sufficient capacity, CPU and memory  Skype Login Server Advanced Computer Networks Analysis of Skype

Skype Overview  Ordinary hosts (SC) must connect through a super node (SN) and authenticate itself via the Skype login server.  Skype handles ordinary hosts behind a port- restricted NAT (Network Address Translation) and/or a UDP-restricted firewall.  Authors infer from experimentation that variant of STUN (Session Traversal Utilities for NAT [RFC5389) protocol is used by non- centralized Skype servers to determine the type of NAT and firewall the SC is behind. Advanced Computer Networks Analysis of Skype

Skype Components  SC randomly selects UDP listening port at install.  SC also opens ports 80 and 443 to listen for incoming HTTP and HTTP- over-TLS* requests, respectively. * Transport Layer Security supersedes and is an extension of SSL. Advanced Computer Networks Analysis of Skype

SC Ports Advanced Computer Networks Analysis of Skype

Host Cache Advanced Computer Networks Analysis of Skype  Local table contains IP address, port pairs for reachable SNs {max is 200 entries}. –Host cache is populated on the first login. – SNs are periodically added/dropped as Skype runs. [Keating 09]

NAT: Network Address Translation local network (e.g., home network) /24 rest of Internet Datagrams with source or destination in this network have /24 address for source, destination (as usual) All datagrams leaving local network have same single source NAT IP address: , different source port numbers Computer Networks Network Layer Computer Networks Network Layer9

 Motivation: local network uses just one IP address as far as outside world is concerned: –range of addresses not needed from ISP: just one IP address for all devices. –can change addresses of devices in local network without notifying outside world. –can change ISP without changing addresses of devices in local network. –devices inside local net not explicitly addressable, visible by outside world (a security plus). NAT: Network Address Translation Computer Networks Network Layer Computer Networks Network Layer10

Implementation: NAT router must: –outgoing datagrams: replace (source IP address, port #) of every outgoing datagram to (NAT IP address, new port #)... remote clients/servers will respond using (NAT IP address, new port #) as destination address. –remember (in NAT translation table) every (source IP address, port #) to (NAT IP address, new port #) translation pair –incoming datagrams: replace (NAT IP address, new port #) in dest fields of every incoming datagram with corresponding (source IP address, port #) stored in NAT table. NAT: Network Address Translation Computer Networks Network Layer Computer Networks Network Layer11

NAT: Network Address Translation S: , 3345 D: , : host sends datagram to , 80 NAT translation table WAN side addr LAN side addr , , 3345 …… S: , 80 D: , S: , 5001 D: , : NAT router changes datagram source addr from , 3345 to , 5001, updates table S: , 80 D: , : Reply arrives dest. address: , : NAT router changes datagram dest addr from , 5001 to , 3345 Computer Networks Network Layer Computer Networks Network Layer 12

Computer Networks Network Layer NAT Traversal Problem  client wants to connect to server with address –server address local to LAN (client can’t use it as destination addr) –only one externally visible NATted address:  Solution 1: statically configure NAT to forward incoming connection requests at given port to server –e.g., ( , port 2500) always forwarded to port NAT router Client ? 13

Computer Networks Network Layer NAT Traversal Problem  Solution 2: Universal Plug and Play (UPnP) Internet Gateway Device (IGD) Protocol. Allows NATted host to:  learn public IP address ( )  add/remove port mappings (with lease times) i.e., automate static NAT port map configuration NAT router IGD 14

Computer Networks Network Layer NAT Traversal Problem  Solution 3: relaying (used in Skype) –NATed client establishes connection to relay –External client connects to relay –relay bridges packets between to connections Client NAT router 1. connection to relay initiated by NATted host 2. connection to relay initiated by client 3. relaying established 15

Skype Experimental Setup  Performed traffic analysis on Windows Skype version and Linux Skype version in November-December  Windows XP machines (3 GHz Pentium 4 CPU, 1GB RAM) with 10/100 Mbps Ethernet card connected to 100 Mbps network.  (Wireshark) Ethereal network protocol analyzer –Captures all traffic passing over a network.  NetPeeker –Used to tune capacity levels. Advanced Computer Networks Analysis of Skype

Experimental Setup Advanced Computer Networks Analysis of Skype Taken from INFOCOMM06 Presentation [Keating 09]

Skype Functionality Login Login Server User Search Call Establishment Conferencing Advanced Computer Networks Analysis of Skype 2006

Skype Login Advanced Computer Networks Analysis of Skype  On the first login, Skype client establishes UDP connection with Bootstrap SuperNode (BN). –Hard-coded into Skype client application.  Logins routed through a SuperNode. –If no SuperNodes are reachable, login fails.  Attempts to use Ports 80 and 443 if behind firewall.

Login {Public IP and NAT} Advanced Computer Networks Analysis of Skype  SC->BN UDP Connection  SC->SN TCP Connection  SC->Login Server Auth  3-7 seconds [Keating 09]

Skype ver 1.4 Login Experiment  Copy of SC uninstalled; Windows registry cleared of Skype entries; new copy of SC installed. new copy of SC installed. Advanced Computer Networks Analysis of Skype

Mystery ICMP Packets Advanced Computer Networks Analysis of Skype USA Sweden Australia Japan

Login Server  Login Server is ONLY central component in Skype P2P network.  After SC connects to SN, SC authenticates with Login Server.  Experiments show SC exchanging data over TCP with or (Login Servers). Advanced Computer Networks Analysis of Skype

Skype User Search  Uses Global Index technology.  Skype guarantees it will find any user logged in (public or private IP) in last 72 hours.  Search depends on where SC resides.  Experiments show SC performs user information caching at intermediate nodes. Advanced Computer Networks Analysis of Skype

User Search from Public IP/NAT Advanced Computer Networks Analysis of Skype b 101b TCP UDP … [Keating 09]

User Search from UDP–Restricted Firewall Advanced Computer Networks Analysis of Skype [Keating 09]  SuperNode performs search TCP 16B 52B 406B 1104B …

Call Establishment  Skype uses buddy list.  Call signaling carried out with TCP.  Initial message exchanges uses a “challenge-reponse” mechanism. Advanced Computer Networks Analysis of Skype

Caller and Callee Public IP Addresses Advanced Computer Networks Analysis of Skype

Caller behind NAT Advanced Computer Networks Analysis of Skype

Caller and Callee behind NAT Advanced Computer Networks Analysis of Skype Users generally do not like that arbitrary traffic can flow across their machine!!

Media Transfer  Internet Speech Audio Codec (iSAC)  Frequency range: Hz  Public IPs communicate directly. –NAT/firewall users use an SN relay node.  Uses UDP Transport if possible. –5 kilobytes/sec –UDP-restricting firewall users communicate over TCP  Does not perform Silence Suppression. Advanced Computer Networks Analysis of Skype

Skype Conferencing Advanced Computer Networks Analysis of Skype  A: 2GHz P4 w/ 512MB RAM  B, C: 300MHz P2 w/ 128MB RAM  A acts as mixer for both B and C

Skype Super Nodes Advanced Computer Networks Analysis of Skype

Super Node Behavior Advanced Computer Networks Analysis of Skype [Guha 06]

Super Node ‘Churn’ Advanced Computer Networks Analysis of Skype [Guha 06]

Super Node Bandwidth Consumption Advanced Computer Networks Analysis of Skype [Guha 06]

ConclusionsConclusions  Skype can work behind NATs and firewalls using STUN protocol.  Skype architecture relies on Super Nodes with public IP addresses.  Skype uses TCP for signaling and prefers to use UDP for media transfer.  Skype packets are encrypted and Skype uses a central Login Server to authenticate Skype users. Advanced Computer Networks Analysis of Skype

ReferencesReferences  [Guha 06] S. Guha, N. Dawani and R. Jain, “An Experimental Study of the Skype Peer to Peer VoIP System”, The Fifth International Workshop on Peer-to-Peer Systems (IPTPS06), Santa Barbara, CA, February  [Keating 09] Andrew Keating presentation in CS577 Fall Advanced Computer Networks Analysis of Skype

Thanks! Questions? Advanced Computer Networks Analysis of Skype 2006