CS 414 - Spring 2011 CS 414 – Multimedia Systems Design Lecture 38 – Voice-over-IP/Skype Klara Nahrstedt Spring 2011Administrative MP3 final demonstrations today, Friday, April 29 2-4pm in 216 SC – non-competition groups (see email from TA about ordering of groups) 5-7pm in 216 SC – Google competition groups (see email from TA about ordering of groups 7-8 pm in 3403 SC Announcement of winners Refreshments CS 414 - Spring 2011Outline Voice-over-IP Basic Principles Skype – first VoIP over Peer-to-peer Infrastructure CS 414 - Spring 2011Voice over IP (VoIP) VoIP – transport of voice over IP-based networks Complexity ranges from Hobbyists using Internet to get free phone calls on peer-to-peer basis to Full scale PSTN (Public-Switched Telephone Network) replacement networks VoIP must address Types of end user terminals - IP phones, PC clients Quality of Service – ensure agreed quality Security risks must be clearly identified Last mile bandwidth – which affects codec, packetization period and where to use compression to best meet service goals Signaling protocol must support service set required CS 414 - Spring 2011Next Generation VoIP Network (MSF – Multi-service Switching Forum Example) CS 414 - Spring 2011MSF VoIP Access Services Signaling protocol and network service signaling protocol: SIP Use RTP packets for telephony events Transport DTMF(Dual-tone multi-frequency signaling) tones out of band using the signaling protocol such as SIP Quality of Service (Delay, Jitter, Packet loss) Use RSVP, DiffServ, MPLS, even ATM RTP is used for media traffic CS 414 - Spring 2011Skype Source: An Analysis of the Skype Peer-to-peer Internet Telephony Protocol, S. Baset, H. Schulzrinne, 2004 Rapid Identification of Skype Traffic Flows P. Branch et al. , NOSSDAV 2008 CS 414 - Spring 2011Skype Overview Peer-to-peer (P2P) overlay network for Voice-over-IP (VoIP) and other application Developed by Niklas Zennstrom and Janus Friis (founders of KaZaA, file-sharing company) Users see Skype as an Instant Messaging (IM) software Free on-net VoIP service and fee-based off-net SkypeOut service (allows calling to PSTN and mobile phones) Runs on Windows, Linux, Pocket PC, … CS 414 - Spring 2011Skype Network Super Nodes: Any node with a public IP address having sufficient CPU, memory and network bandwidth is candidate to become a super node Ordinary Host: this host needs to connect to super node and must register itself with the Skype login server CS 414 - Spring 2011Components of Skype Ports Skype client (SC) opens TCP and UDP listening port configured in its connection dialog box Host Cache (HC) List of super node IP address and port pairs that SC builds and refreshes regularly SC stores HC in the Windows registry Codecs Wideband coded allowing frequencies between 50Hz-8KHz (one of the codecs is implemented by Global IP Sound) CS 414 - Spring 2011Skype Ports on which Skype listens for incoming connections CS 414 - Spring 2011Skype Host Cache List CS 414 - Spring 2011Components of Skype Buddy List Skype stores buddy information in Windows registry Buddy list is digitally signed and encrypted, local to machine and not on a central server Encryption Skype uses 256-bit AES encryption Skype uses 1536 to 2048bit RSA to negotiate symmetric AES keys NAT and Firewall SC uses variations of the STUN and TURN protocols to determine type of NAT and firewall CS 414 - Spring 2011Skype Architecture CS 414 - Spring 2011STUN and TURN STUN (Simple Traversal of UDP through NAT) Client-server protocol TURN (Traversal Using Relay NAT) Increase latency and packet loss CS 414 - Spring 2011Techniques used in Skype Firewall and NAT traversal Global decentralized user directory Intelligent routing Security Super-simple UI CS 414 - Spring 2011Login During login process SC: Authenticates its user name and password with login server Advertises its presence to other peers and its buddies Determines type of NAT and firewall it is behind Discovers online Skype nodes with public IP addresses Login server is the only central component in Skype network CS 414 - Spring 2011Skype Login Algorithm CS 414 - Spring 2011Skype Login Process After installation and first time startup, HC was observed empty Bootstrap super nodes: After login for the first time after installation, HC was initialized with seven (IP,port) pairs Bootstrap (IP,port) information either Hard coded in SC Encrypted and not directly visible in Skype Windows registry, or One-time process to contact bootstrap node CS 414 - Spring 2011Skype Login Process First time Login Process SC sends UDP packets to some bootstrap SNs SC establishes TCP connection with bootstrap SNs that respond SC perhaps acquires address of login server from SNs SC establishes TCP connection with login server, exchanges authentication information Subsequent Login Process Similar to first-time login process SC uses login algorithm to determine at least one available peer and establishes TCP connection HC was periodically updated with new peers’ (IP,port) CS 414 - Spring 2011Skype Login Process Comparison of three network setups Exp A: both Skype users with public IP address Exp B: one Skype user behind port-restricted NAT Exp C: both Skype users behind port-restricted NAT and UDP-restricted firewall Message flows for first time login process Exp A and Exp B are roughly the same; Exp C only exchange info over TCP CS 414 - Spring 2011User Search Skype uses Global Index technology to search for a user Skype claims that search is distributed and is guaranteed to find a user if it exists and has logged in during last 72 hours Search results are observed to be cached at intermediate nodes CS 414 - Spring 2011Call Establishment and Teardown Call signaling is always carried over TCP For user not present in buddy list, call placement is equal to user search plus call signaling If caller is behind port-restricted NAT and callee is on public IP, signaling and media flow through an online Skype node which forwards signaling to callee over TCP and routes media over UDP If both users are behind
View Full Document