1 / 31

H.323 Gatekeepers

H.323 Gatekeepers. Lucent Technologies - elemedia. Agenda. I. Introduction Overview of Gatekeeper Functions Why are Gatekeepers Useful? Gatekeeper Concepts and Functions Signaling Flows Implementation Issues/Examples Gatekeepers and H323v2 Gatekeeper Toolkit Example. II. III. IV.

bryangriffith
Télécharger la présentation

H.323 Gatekeepers

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. H.323 Gatekeepers Lucent Technologies - elemedia

  2. Agenda I. Introduction • Overview of Gatekeeper Functions • Why are Gatekeepers Useful? Gatekeeper Concepts and Functions • Signaling Flows • Implementation Issues/Examples Gatekeepers and H323v2 Gatekeeper Toolkit Example II. III. IV.

  3. INTRODUCTION: GATEKEEPER FUNCTIONS H.323 Components • Terminal • Gateway (GW) • Gatekeeper (GK) • Multipoint Control Unit (MCU) • Multipoint Controller (MC) • Multipoint Processor (MP) Terminal 1 Terminal 2 Gatekeeper 1 Gatekeeper 2 Gatekeeper 3 MC MC MC MP LAN Gateway 1 Gateway 2 Gateway 3 MCU 1 MCU 2 MC MC MP MC MP MC GW, GK & MCU can be a single device

  4. INTRODUCTION: GATEKEEPER FUNCTIONS Gatekeeper in H.323 • Gatekeepers are optional • Mandatory functions if present: • Address translation (routing) to determine destination address of H.323 endpoint for a call • Admission control to determine whether to allowendpoints to originate and terminate calls • Bandwidth control to determine the amount of bandwidth allowed for a call • Zone management

  5. INTRODUCTION: WHY ARE GATEKEEPERS USEFUL? Why are Gatekeepers Useful? • Centralized Management • Authentication, routing, call detail recording, etc. • Isolate Endpoints from Network Internals • Knowledge of naming structures, gateway routing algorithms, etc, stays in network • Interface to Network Databases • LDAP directories, RADIUS servers, etc. • Interfaces to Other H.323 Networks • Calls between service providers

  6. INTRODUCTION: GATEKEEPER STANDARDS Gatekeeper Standards • Standards specify the communications between H.323 entities and Gatekeepers (RAS messages) • Standards specify the services a Gatekeeper must provide • BUT • Standards DO NOT specify how the Gatekeeper should provide those services • Standards DO NOT specify how Gatekeepers locate other Gatekeepers

  7. CONCEPTS AND FUNCTIONS: ZONES H.323 ZONE • Simply defined as the collection of H.323 devices managed by a singlegatekeeper • Boundaries of a zone can be based on administrative, naming structure, geographic, engineering (or other) criteria • Calls between endpoints in a zone handled by a single gatekeeper • Calls between endpoints in different zones might involve gatekeepers from both zones

  8. INTRODUCTION: SIGNALLING MODELS Direct Endpoint Call Signalling Terminal Gateway Call Signalling (Q.931) Call Control (H.245) Media Stream (RTP) Address Translation Admission Control Bandwidth Control (RAS) GK

  9. CONCEPTS AND FUNCTIONS: SIGNALLING MODELS Direct Endpoint Call Signalling • Gatekeeper participates in call admission but has limited direct knowledge of connected calls • Due to limited involvement, single gatekeeper can process large number of calls • Limits service management functions: gatekeeper cannot determine call completion rates, for example • Limits call detail recording function: gatekeeper depends on endpoint(s) for call duration information, for example

  10. CONCEPTS AND FUNCTIONS : SIGNALLING MODELS Gatekeeper Routed Call Signalling (Q.931) Terminal Gateway Call Control (H.245) Media Stream (RTP) Address Translation Admission Control Bandwidth Control (RAS) GK Call Signalling (Q.931)

  11. CONCEPTS AND FUNCTIONS: SIGNALLING MODELS Gatekeeper Routed Call Signalling (Q.931) • Gatekeeper aware of connection state of call but not media usage (no access to H.245 signalling) • More load on gatekeeper as it must process Q.931 messages and maintain Q.931 signalling channel • Service management functions can include connection statistics but not media usage • Call detail recording functions enhanced by direct knowledge of connection state

  12. CONCEPTS AND FUNCTIONS : SIGNALLING MODELS Gatekeeper Routed Call Signalling (Q.931/H.245) Terminal Gateway Media Stream (RTP) Address Translation Admission Control Bandwidth Control (RAS) GK Call Signalling (Q.931) Call Control (H.245)

  13. CONCEPTS AND FUNCTIONS: SIGNALLING MODELS Gatekeeper Routed Call Signalling (Q.931/H.245) • Gatekeeper aware of connection state of call and media channels in use • Highest load on gatekeeper as it must process Q.931 and H.245 messages and maintain the corresponding signalling channels • Service management functions can include connection and media usage statistics • Call detail recording functions further enhanced by direct knowledge of media usage

  14. CONCEPTS AND FUNCTIONS : DISCOVERY Endpoint/GK Discovery (1) Who is my GK? (2) I can be your GK (1) GRQ Endpoint GK (2) GCF/GRJ GatekeeperRequest ::= SEQUENCE{ requestSeqNum protocolIdentifier nonStandardData OPTIONAL rasAddress endpointType gatekeeperIdentifier OPTIONAL callServices OPTIONAL endpointAlias OPTIONAL ... alternateEndpoints OPTIONAL (security) OPTIONAL } GatekeeperConfirm ::= SEQUENCE { requestSeqNum protocolIdentifier nonStandardData OPTIONAL gatekeeperIdentifier OPTIONAL rasAddress ... alternateGatekeeper OPTIONAL (security) OPTIONAL }

  15. CONCEPTS AND FUNCTIONS: DISCOVERY Endpoint/GK Discovery Processing • Discovery can be multicast (most useful for LAN environments) or unicast based on endpoint configuration data • Possible acceptance criteria to be used by gatekeeper: • IP address (or IP subnet) of endpoint • Gatekeeper ID supplied by endpoint • Aliases supplied by endpoint • Gatekeeper load • Gatekeeper might need to consult external database (e.g. LDAP directory)

  16. CONCEPTS AND FUNCTIONS: REGISTRATION Endpoint/GK Registration (2) OK (1) Here are my aliases and IP address (1) RRQ Endpoint GK (2) RCF/RRJ RegistrationRequest ::= SEQUENCE { requestSeqNum protocolIdentifier nonStandardData OPTIONAL discoveryComplete callSignalAddress rasAddress terminalType terminalAlias OPTIONAL gatekeeperIdentifier OPTIONAL endpointVendor ... alternateEndpoints OPTIONAL timeToLive OPTIONAL (security) OPTIONAL keepAlive endpointIdentifier OPTIONAL willSupplyUUIEs } RegistrationConfirm ::= SEQUENCE { requestSeqNum protocolIdentifier nonStandardData OPTIONAL callSignalAddress terminalAlias OPTIONAL gatekeeperIdentifier OPTIONAL endpointIdentifier ... alternateGatekeeper OPTIONAL timeToLive OPTIONAL (security) OPTIONAL willRespondToIRR preGrantedARQ OPTIONAL }

  17. CONCEPTS AND FUNCTIONS: REGISTRATION Endpoint/GK Registration Processing • Gatekeeper might authenticate endpoint • H323v1 must use ad hoc/proprietary methods such as supplied aliases, IP address, etc. • H323v2 can use encrypted password or certificates • Gatekeeper might authorize endpoint • Validate list of supplied aliases • Associate aliases with the IP address for later location • Gatekeeper assigned and returns Endpoint ID to be used in subsequent messages

  18. CONCEPTS AND FUNCTIONS: SETUP Example: Reservation Authorization via LDAP Needs to authorize aliases Register: johnDoe +16145551212 RRQ GK RCF/RRJ LDAP SEARCH: Filter: e164=16145551212 AND h323ID=johnDoe LDAP SEARCH RESULT: Entry: e164=16145551212 h323ID=johnDoe status=active LDAP Directory containingsubscriber data

  19. AdmissionRequest ::= SEQ { requestSeqNum callType callModel OPT endpointIdentifier destinationInfo OPT destCallSignalAddress OPT destExtraCallInfo OPT srcInfo srcCallSignalAddress OPT bandwidth callReferenceValue nonStandardData OPT callServices OPT conferenceID activeMC answerCall ... canMapAlias callIdentifier srcAlternatives OPT destAlternatives OPT gatekeeperIdentifier OPT (security) OPT transportQOS OPT willSupplyUUIEs } CONCEPTS AND FUNCTIONS: ADMISSION Call Admission (1) Can I call +16145551212 using 16 Kb/sec? (2) Yes, contact this IP address Endpoint (1) ARQ GK (2) ACF/ARJ AdmissionConfirm ::= SEQ { requestSeqNum bandwidth callModel destCallSignalAddress irrFrequency OPT nonStandardData OPT ... destinationInfo OPT destExtraCallInfo OPT destnationType OPT remoteExtensionAddress OPT alternateEndpoints OPT (security) OPT transportQOS OPT willRespondToIRR uuiesRequested }

  20. CONCEPTS AND FUNCTIONS: ADMISSION Call Admission Processing • Gatekeeper might authenticate endpoint to ensure it is registered and check if it is authorized to make call • Gatekeeper must determine call model • Endpoint can ask for preference but gatekeeper will decide • Gatekeeper might check for bandwidth • If direct signalling, gatekeeper supplies destination endpoint address (discussed later) • If gatekeeper routed signalling, it supplies its own address and can defer routing

  21. CONCEPTS AND FUNCTIONS: SETUP Q.931 SETUP (1) Connect me to +16145551212 (2) Determine gateway (2) Start PSTN origination Endpoint SETUP SETUP GK GW SETUP message: Setup-UUIE ::= SEQUENCE Call reference value { Message type protocolIdentifier Typical IEs: h245Address OPTIONAL -Bearer capability sourceAddress OPTIONAL -Display sourceInfo -Calling party number destinationAddress OPTIONAL -Called party number destCallSignalAddress OPTIONAL -User-to-User destExtraCallInfo OPTIONAL destExtraCRV OPTIONAL activeMC conferenceID conferenceGoal callServices OPTIONAL callType sourceCallSignalAddress OPTIONAL remoteExtensionAddress OPTIONAL callIdentifier (security) OPTIONAL fastStart OPTIONAL fastCap OPTIONAL canOverlapSend }

  22. CONCEPTS AND FUNCTIONS: SETUP Setup Processing • Gatekeeper associates Setup with previous admission using Conference ID • Destination determined using Calling Party Number or destination alias(es) • External databases might be consulted to determine destination endpoint: • Map full destination alias to a terminal • Map leading digits of E.164 number to gateway(s) • Setup message is forwarded to destination

  23. CONCEPTS AND FUNCTIONS: SETUP Example: Endpoint Location Via LDAP (2) Query LDAP Directory (3) Start PSTN origination (1) Connect me to +16145551212 Endpoint SETUP SETUP GK GW LDAP SEARCH:Filter: E164=1614 OR E164=1614555 LDAP SEARCH RESULT: IP=135.7.26.68 STATE=IS IP=135.7.26.102 STATE=IS LDAP DIRECTORY

  24. CONCEPTS AND FUNCTIONS: SETUP REMAINING CALL SETUP Gatekeeper Gateway Terminal CALL PROCEEDING CALL PROCEEDING ACF ARQ ALERTING ALERTING CONNECT CONNECT

  25. CONCEPTS AND FUNCTIONS: SETUP Remaining Call Setup Processing • Gatekeeper processes terminating admissions request doing potential authorization and bandwidth checks • Gatekeeper primarily a “pipe” for Q.931 messages but might authorize some fields (e.g. Display) • Gatekeeper substitutes its own address in “h245address” fields if it wishes to route H.245

  26. CONCEPTS AND FUNCTIONS: STABLE CALL Stable Call Processing • Gatekeeper verifies endpoints/calls are alive using one of the following techniques: • Wait for periodic IRRs (as requested in the ACF) • Periodically send an IRQ, expecting an IRR • Periodically send a Q.931 Status Enquiry, expecting a Status • Gatekeeper might receive bandwidth changes requests (BRQ) and must allow (BCF) or deny (BRJ) the request

  27. CONCEPTS AND FUNCTIONS: TEARDOWN CALL TEARDOWN Gatekeeper Gateway Terminal RELEASE COMPLETE RELEASE COMPLETE DRQ DRQ DCF DCF

  28. CONCEPTS AND FUNCTIONS: TEARDOWN Call Teardown Processing • Gatekeeper processes Release Complete, noting the time and forwards it to the other endpoint • Gatekeeper processes DRQ from both endpoints and releases any allocated bandwidth • Gatekeeper might create call detail record for the call, recording endpoint information and Connect and Release times for example

  29. H323v2 and Gatekeepers H323v2 Features Related to Gatekeeper • Authentication Framework • Tokens (password or certificate based) for RAS • TLS (certificate based) for Q.931 • Negotiated H.245 security • H.323 defines the framework - need profiles to nail down specific choices of algorithms • Mechanism to specify alternative gatekeepers to endpoints • Registration “keep alive” similar to conference IRR “keep alive”

  30. H323v2 and Gatekeepers H323v2 Features Related to Gatekeeper • RAS Transport Improvements • IRR ACK/NAK • Request In Progress (RIP) to ask for more time • Signalling changes • Excuse endpoints from Admission Requests • Fast call setup / tunneled H.245 • Gatekeeper can request Q.931 information be forwarded to it on direct routed calls

  31. Internet Multimedia Communications Software ... integrating voice, fax, data and video ... integrating voice, fax, data and video For information on elemedia’s H.323 Gateway Toolkits and H.323 Gatekeeper Toolkits, please contact us at: 888-elemedia (1-888-353-6334) (U.S. and Canada) +1 732-949-2184 (international) Email: elemedia@lucent.com http://www.elemedia.com

More Related