Programa IS Expert - NCE / UFRJ Clara Technical Meeting – Caracas 2005 Paulo Aguiar Tel. (0xx21) 2598-3165 e-mail: aguiar@nce.ufrj.br Núcleo de Computação Eletrônica e Departamento de Computação /IM da UFRJ Redes de Computadores - Prof. Moacyr Azevedo
VoIP Call Steps User location Negotiation of call parameters Find IP destination address based on E,164 number or alias Negotiation of call parameters Type of CODEC, etc Establishment of voice media channels UDP ports for sending RTP/RTCP
VoIP Signaling Protocols ITU-T H.323 Standardized by the telecommunications community Focus on interoperability and control IETF SIP (Session Initiation Protocol) Standardized by the Internet community Focus on flexibility and easiness of Web integration Others Skype, MGCP/Megaco/H.248, SIGTRAN
H.323 History Beginning: ITU-T SG-16 (May 1995) H.323 v1, June 1996 H.323 v2, Feb 1998 H.323: Packet-based multimedia communication systems H.323 v3, Feb 2000 H.323 v4, Mar 2001 H.323 v5, Jul 2003
H.323 Elements PSTN Heritage Standardized longer Telephone numbering addressing ISDN signaling messages encapsulation Standardized longer Large number of products (especially among traditional telecommunications equipment manufacturers) Gatekeeper: manages user registration, status and admission (RAS) Gateway H.323/PBX: translates transmission formats and communication procedures between H.323 and the telephone network H.323 Terminal: multimedia communication endpoint Conference server: supports conferences involving three or more terminals
Programa IS Expert - NCE / UFRJ ITU-T H.323 H.225 RAS Call Establishment - Q.931/H.225 Media Control - H.245 Security - H.235 Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ H.225.0 - RAS Requisitions for Registration/Admission/Status Contemplates GK discovery and registration Destination location Call admission and bandwidth changes Status information for resources and calls RAS functionality was introduced in H.323 sometime later and uses UDP to avoid TCP latency Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ Q.931/H.225.0 Uses some ISDN signaling messages: Setup Call Proceeding (optional) Alerting Connect Release complete Status, Status Enquiry (optional) Facility (optional) Messages are sent over a TCP connection Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ H.245 Media control Media description and control Terminal capabilities transfer and negotiation Control of logical channels used for media transportation Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ H.323 Gatekeeper Server used for terminal registration and capable of: RAS messages processing Optionally route H.225/H.245 signaling Optionally route media flows Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ RAS Messages Redes de Computadores - Prof. Moacyr Azevedo
Terminal Registration Programa IS Expert - NCE / UFRJ Terminal Registration Once GK is found (thru RAS or statically configured), terminal registers sending RRQ (Registration Request) RRQ may contain a list of aliases or telephone number the terminal wants to be associated with, and current IP address Registration can be soft state and also indicate call signaling transport address for H.225 RRQ (reg request) UDP port 1719 Redes de Computadores - Prof. Moacyr Azevedo
Terminal Registration in GK
Terminal Registration Programa IS Expert - NCE / UFRJ Terminal Registration GK sends a unique identifier to the terminal in a RCF (Registration Confirm) msg If field “CanMapAlias” is set, GK can alter associated aliases, returning changes in RCF GK can also redirect terminal to other GKs using RRJ (Registration Reject) to reject registration RCF (reg confirm) RRJ Redes de Computadores - Prof. Moacyr Azevedo
Authorization to Start or Accept a Call Programa IS Expert - NCE / UFRJ Authorization to Start or Accept a Call ARQ contains Bidirectional bandwidth estimate, including audio and video if necessary Call signaling model (if direct or routed by GK) Destination information E.164 or alias Call ID (global and unique) Other information ACF returns bandwidth to be used , IP transport address and port for Q.931/H.225 signaling Q.931 ARQ (admission req) UDP port 1719 ACF (admission conf) Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ Authorization Terminal always asks for GK authorization when starting or receiving a call GK performs basic admission control Limit number of calls Limit total bandwidth Redes de Computadores - Prof. Moacyr Azevedo
GK Signaling Models Direct Signaling GK acts redirecting communication to allow terminals to establish call directly (point-to-point)
Direct Signaling Mode
Token Optional parameter, transparently transferred if H.323 entity unaware of it Token can contain a digital signature with call information (destination, gw, etc) Token is copied from LCF and sent in the SETUP msg, allowing gw or GK at the destination to verify its authenticity and authorize operation
Direct Signaling Mode
GK Signaling Models GK Routed H.225 and H.245 signaling go thru GK, which acts as a proxy GK sees and participates in all signaling, being able to change it, without accessing media flows
GK Routed Model
Programa IS Expert - NCE / UFRJ TCP Connections Q.931/H.225 connection or call signaling channel Default port (1720) H.245 connection for control and media negotiation After has been established, the H.225 connection can be released This connection has to be maintained till the end of call Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ Call Basic Flow Terminal A : Cesar Canal de Sinalização de Chamada TCP 1720 Canal de Controle H.245 Canal(is) de Áudio Canal(is) de Vídeo Canal(is) de Dados Canal RAS Alias : Fone, Email ... H.225 : SETUP Call reference : 10 Call Identifier : 45442345 H.323 ID of A : cesar_labvoip Source Type : PC CallType : Point To Point DestinationAddress : bill_microsoft Terminal B : Bill Canal de Sinalização de Chamada TCP 1720 Canal de Controle H.245 Canal(is) de Áudio Canal(is) de Vídeo Canal(is) de Dados Canal RAS Alias : Fone, Email ... SETUP ALERTING CONNECT H.225 : CONNECT Call reference : 10 Call Identifier : 45442345 EndPointType : PC H.245 Address (Ex : 10.2.3.4:8741) Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ SETUP Msg Initial message for call establishment, sent in H.225 signaling TCP (default port 1720) Examples of header fields follows H.225 : SETUP Call reference : 10 Call Identifier : 45442345 H.323 ID of A : cesar_labvoip Source Type : PC CallType : Point To Point DestinationAddress : Bill@dominio2.com.br Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ SETUP Header (I) Type of H.225 msg = (0x05) indicates SETUP Call Reference Value (CRV) (2 bytes) Local unique call reference value, copied in all subsequent messages related to this call Call Identifier 128 bits, globally unique, allowing TCP connection sharing among many calls Sent in UUI field (User-to-user IE) of all H.225.0-Q.931 msg CID – Conference ID Unique for all elements of a conference (used by MCU) Source Type Indicates nature of calling terminal Ex.:PC, Gateway, MCU Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ SETUP Header (II) Source Address List of aliases of caller If caller has only an E.164 number, this number will also appear in the Calling Party field Types of aliases defined in H.323 E.164 , a regular phone number using only characters from the set <<0123456789#*,” H.323-ID, unicode string url-ID transport-ID (ex. 10.2.3.4:1720) Email-ID (ex. Bill@dominio2.com.br) Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ SETUP Header (III) Destination Address E.164 address of destination Also appears in the Called Party Number Information Element DestExtraCallInfo Additional list of E.164 addresses For a H.320 128 kbps connection, the first E.164 address is given in the Destination Address and the second E.164 goes here RemoteExtesionAddress alias(es) of called party Redes de Computadores - Prof. Moacyr Azevedo
SETUP Header (IV) SourceCallSignalAddress EndpointIndentifier H.225 signaling transport address to be used by destination Should not be used behind firewalls/NAT which change TCP ports and IP addresses in packet headers If this field is absent, destination extracts the transport address for returning Q.932 responses from the headers of received packets, (point to NAT) When NAT gets responses to its own address, it replaces headers and forwards them to the source of SETUP, as it should be EndpointIndentifier Used when signaling is GK routed CriptoTokens Used for authentication and message integrity
Programa IS Expert - NCE / UFRJ CONNECT Msg Most important parameter: transport address for H.245 TCP connection Can be sent earlier (Call Proceeding msg) or even in the SETUP Call Reference field (from SETUP) is copied to CONNECT H.225 : SETUP Call reference : 10 Call Identifier : 45442345 H.323 ID of A : cesar_labvoip Source Type : PC CallType : Point To Point DestinationAddress : Bill@dominio2.com.br H.225 : CONNECT Call reference : 10 Call Identifier : 45442345 EndPointType : PC H.245 Address (Ex : 10.2.3.4:8741) Redes de Computadores - Prof. Moacyr Azevedo
Protocol Identification Programa IS Expert - NCE / UFRJ Protocol Identification Campo de identificação do protocolo Protocolos H.323 são objetos na árvore do ITU-T e os identificadores são decimais separados por pontos mostrando o caminho desde a raiz ITU-T (0), ISO(1) | Recomendação (0) | H (8) | 2250,245, etc | versão (0) | 1,2,3,4, etc | msg Exemplos H.225.0 versão 3: 0.0.8.2250.0.3 H.245 versão 6: 0.0.8.245.0.6 Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ Como o TCP é orientado a fluxo (diferente do UDP), existe a necessidade de delimitar as PDUs Isto é feito pelos cabeçalhos TPKT (RFC 1006) ISO transport services on top of the TCP (TPKT) the TPKT encapsulation is necessary in order to define message >boundaries on top of TCP which natively presents a data stream >abstraction to its higher layer. There was recently a discussion on the >h.323implementors forum mailing list around the fact that the reference >to TPKT is not well stated within H.225.0. Not all of RFC1006 is adopted >by H.225.0, basically only the encapsulation with some fairly fixed >header values as I recall. I'm also pretty sure that H.245 also needs >the TPKT encapsulation. Since RAS is UDP based, I think it does not use >TPKT. The media of course is encapsulated in RTP on top of UDP. > >Hal Purdy >AT&T Laboratories >180 Park Avenue >Room E263, Bldg. 103 >Florham Park, NJ 07932 >(973) 360-8636 (w) >(973) 360-8187 (fax) > You can filter TPKT protocols while capturing, as it's always using TCP port 102. Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ H.225 Message Sequence Call Proceeding, Alerting, Connect, or ReleaseComplete can be sent right immediately after receiving SETUP One of them has to be received by caller before SETUP timer expires (4s) After sending Alerting, user has 3 min to accept or reject call Setup Call Proceeding Alerting ReleaseComplete Connect Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ H.245 Control Channel H.245 TCP connection used for Master/slave determination Capabilities determination Opening of unidirectional logical channels Closing of logical channels H.225 TCP can be closed after CONNECT, but H.245 channel must stay open along the whole call H.245 channel is unique for a call between two terminals: known as logical channel 0 Redes de Computadores - Prof. Moacyr Azevedo
H.245 Messages Request Response Command Indication Capability MasterSlaveDetermination MasterSlaveDeterminationAck MasterSlaveDetermination Release TerminalCapabilitySet TerminalCapabilitySetAck TerminalCapabilitySetReject TerminalCapabilitySetRelease Channel Management OpenLogicalChannel OpenLogicalChannelAck OpenLogicalChannelReject OpenLogicalChannelConfirm CloseLogicalChannel CloseLogicalChannelAck CloseLogicalChannelReject EndSession Channel Operations FlowControlCommand Video commands
H.245 Messages Request Response Command Indication Capability MasterSlaveDetermination MasterSlaveDeterminationAck MasterSlaveDetermination Release TerminalCapabilitySet TerminalCapabilitySetAck TerminalCapabilitySetReject TerminalCapabilitySetRelease Channel Management OpenLogicalChannel OpenLogicalChannelAck OpenLogicalChannelReject OpenLogicalChannelConfirm CloseLogicalChannel CloseLogicalChannelAck CloseLogicalChannelReject EndSession Channel Operations FlowControlCommand VideoFastUpdatePicture VideoFastUpdateGOB VideoTemporalSpatialTradeoff VideoSendSyncEveryGOB VideoSendSyncEveryGOB Cancel VideoFastUpdateMB
Master/Slave Determination Programa IS Expert - NCE / UFRJ Master/Slave Determination Useful when terminals can execute same action or function and a conflict may occur (ex. opening logical channels) Master is always responsible With H.235, Master is in charge of media channel cryptographic key distribution to the other terminals masterSlaveDetermination messages contain a terminalType value reflecting its capabilities and a random number, to priorize MCU handling in relation to Gks, for example Redes de Computadores - Prof. Moacyr Azevedo
Capability Negotiation Programa IS Expert - NCE / UFRJ Capability Negotiation H.245 : TerminalCapabilitySet MultiplexCapability capabilityTable : H.261VideoCapability g711Alaw64k,g729 t120 Terminal A : Cesar Canal de Sinalização de Chamada TCP 1720 Canal de Controle H.245 Canal(is) de Áudio Canal(is) de Vídeo Canal(is) de Dados Canal RAS Alias : Fone, Email ... Terminal B : Bill Canal de Sinalização de Chamada TCP 1720 Canal de Controle H.245 Canal(is) de Áudio Canal(is) de Vídeo Canal(is) de Dados Canal RAS Alias : Fone, Email ... TerminalCapabilitySet TerminalCapabilitySetAck TerminalCapabilitySet TerminalCapabilitySetAck H.245 : TerminalCapabilitySet MultiplexCapability capabilityTable : H.261VideoCapability g711Alaw64k t120 Redes de Computadores - Prof. Moacyr Azevedo
Opening Logical Channels Programa IS Expert - NCE / UFRJ Opening Logical Channels Logical channels are unidirectional: from source to receiver Necessary 2 channels for a normal audio conversation and 4 channels for videoconferencing Source sends OpenLogicalChannel with RTCP port for receiving reports ACK from receiver specify UDP port for media and RTCP/UDP port (default next odd port) Receiver Reports (RTCP RR) have to be sent back to source in advertised RTCP port from source Redes de Computadores - Prof. Moacyr Azevedo
Opening Logical Channel from A to B Programa IS Expert - NCE / UFRJ Opening Logical Channel from A to B Terminal A : Cesar Canal de Sinalização de Chamada TCP 1720 Canal de Controle H.245 TCP Canal(is) de Áudio Canal(is) de Vídeo Canal(is) de Dados Canal RAS Alias : Fone, Email ... Terminal A : Bill Canal de Sinalização de Chamada TCP 1720 Canal de Controle H.245 TCP 8741 Canal(is) de Áudio Canal(is) de Vídeo Canal(is) de Dados Canal RAS Alias : Fone, Email ... H.245 : OpenLogicalChannel Logical Channel 1, RR RTCP 7771 g711Alaw 64k Session number, payload type RTP Supressão de silêncio OpenLogicalChannel OpenLogicalChannel OpenLogicalChannelAck OpenLogicalChannelAck H.245 : OpenLogicalChannelAck Logical Channel 1 SR RTCP 9345 / RTP 9344 Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ Conversação Ativa H.323 Terminal A : Cesar Canal de Sinalização de Chamada TCP 1720 Canal de Controle H.245 TCP Canal(is) de Áudio RTP : UDP RTCP : UDP 7771 RTCP : UDP Canal(is) de Vídeo Canal(is) de Dados Canal RAS Alias : Fone, Email ... Terminal B : Bill Canal de Sinalização de Chamada TCP 1720 Canal de Controle H.245 TCP Canal(is) de Áudio RTP : UDP 9344 RTCP : UDP RTCP : UDP 9345 Canal(is) de Vídeo Canal(is) de Dados Canal RAS Alias : Fone, Email ... Fluxo RTP vindo de A para B RTCP RR RTCP SR Mensagens de Controle : LogicalChannel1 (RequestMode, Call Transfer, ... ) Redes de Computadores - Prof. Moacyr Azevedo
Programa IS Expert - NCE / UFRJ Call Ending Close all logical channels with H.245 CloseLogicalChannel msg Close H.245 channel with endSessionCommand Close other TCP connections Send H.225 ReleaseComplete In practice, terminals close only H.245 TCP channel Redes de Computadores - Prof. Moacyr Azevedo
Question: Excessive Latency Round trip time for each of the following interactions ARQ/ACF SETUP/CONNECT H.245 Capability exchange Master/Slave determination Logical channel establishment Additional latency to open H.225 and H.245 TCP connections
FastStart Procedure Send information for opening logical channels in Q.931 messages (Setup, Proceeding or Connect) Allows: Receiving audio before CONNECT Reducing delays related to RTT For calls interacting with PBX is necessary to keep H.245 channel open to get DTMF tones
FastStart IN SETUP (number=+33 12345678, fastStart : OpenLogicalChannel 1 -> receive G.711 RTP port 4432, RTCP port 4433, OpenLogicalChannel 2 -> send G.711, RTCP port 3454 ) SETUP PROCEEDING PROCEEDING ( fastStart : OpenLogicalChannel 1 -> send, RTCP port 6554 OpenLogicalChannel 2 -> receive, RTP port 5634 RTCP port 5635) Network messages (like “dial your code and destination number” can be sent thru logical channel 1 Can answer directly thru logical channel 2 CONNECT CONNECT Call was tranferred and answered, so charging can be started
H.245 tunneling It is the encapsulation of one or more H.245 msgs in h245Control fields of any Q.931 message If called terminal has the capability of handling H.245 encapsulation, all H.245 msgs can be exchanged in this way without the need to open an H.245 separated channel On the contrary, the H.245 channel is open on the normal way
H.245 Tunneling Call Flow H.225 Facility can be used for sending encapsulation if no other H.225 msgs is ready to be sent (very useful when GK is operating as a signaling proxy) SETUP (number=+33 12345678, John’s terminal H245 capabilities) SETUP (number=+33 12345678, John’s H245 terminal capabilities) CALL PROCEEDING CALL PROC. (GW H.245 capabilities, OpenLogicalChannel GW to Terminal) FACILITY (GW H.245 capabilities, OpenLogicalChannel GW to Terminal) FACILITY (OpenLogicalChannelACK, OpenLogicalChannel Terminal to GW) setup FACILITY (OpenLogicalChannelACK, OpenLogicalChannel Terminal to GW) FACILITY (OpenLogicalChannel ACK) FACILITY (OpenLogicalChannel ACK) ALERTING ALERTING CONNECT CONNECT
Directory Gatekeeper
GnuGK Gatekeeper Can operate in GK-Routed mode and as a media proxy Can operate as a directory gatekeeper Manipulates E.164 addressing (rewriting rules) Supports users behind NAT Registration can be based on H.235, LDAP or IP address Ease block of calls to destinations starting with some forbidden digit (like mobile services) Simple call detail record (CDR) generated for each call Has a simple and efficient control mechanism acting on port 7000 that can be used for managing users and configurations http://www.gnugk.org