CS 414 – Multimedia Systems Design Lecture 38 – Voice-over-IP/SkypeAdministrativeOutlineVoice over IP (VoIP)Next Generation VoIP Network (MSF – Multi-service Switching Forum Example)MSF VoIPSkypeSkype OverviewSkype NetworkComponents of SkypeSkype Ports on which Skype listens for incoming connectionsSkype Host Cache ListSlide 13Skype ArchitectureSTUN and TURNTechniques used in SkypeLoginSkype Login AlgorithmSkype Login ProcessSlide 20Slide 21User SearchCall Establishment and TeardownMedia Transfer and CodecConferencingImpact of SkypeImpact of SkypeConclusionCS 414 - Spring 2011CS 414 – Multimedia Systems Design Lecture 38 – Voice-over-IP/Skype Klara Nahrstedt Spring 2011AdministrativeMP3 final demonstrations today, Friday, April 292-4pm in 216 SC – non-competition groups(see email from TA about ordering of groups)5-7pm in 216 SC – Google competition groups(see email from TA about ordering of groups7-8 pm in 3403 SC Announcement of winnersRefreshments CS 414 - Spring 2011OutlineVoice-over-IP Basic PrinciplesSkype – first VoIP over Peer-to-peer InfrastructureCS 414 - Spring 2011Voice over IP (VoIP) VoIP – transport of voice over IP-based networksComplexity ranges from Hobbyists using Internet to get free phone calls on peer-to-peer basis to Full scale PSTN (Public-Switched Telephone Network) replacement networks VoIP must addressTypes of end user terminals - IP phones, PC clientsQuality of Service – ensure agreed qualitySecurity risks must be clearly identifiedLast mile bandwidth – which affects codec, packetization period and where to use compression to best meet service goalsSignaling protocol must support service set requiredCS 414 - Spring 2011Next Generation VoIP Network (MSF – Multi-service Switching Forum Example) CS 414 - Spring 2011MSF VoIPAccess Services Signaling protocol and network service signaling protocol: SIP Use RTP packets for telephony events Transport DTMF(Dual-tone multi-frequency signaling) tones out of band using the signaling protocol such as SIPQuality of Service (Delay, Jitter, Packet loss) Use RSVP, DiffServ, MPLS, even ATMRTP is used for media traffic CS 414 - Spring 2011SkypeSource: An Analysis of the Skype Peer-to-peer Internet Telephony Protocol, S. Baset, H. Schulzrinne, 2004Rapid Identification of Skype Traffic FlowsP. Branch et al. , NOSSDAV 2008CS 414 - Spring 2011Skype Overview Peer-to-peer (P2P) overlay network for Voice-over-IP (VoIP) and other applicationDeveloped by Niklas Zennstrom and Janus Friis (founders of KaZaA, file-sharing company)Users see Skype as an Instant Messaging (IM) softwareFree on-net VoIP service and fee-based off-net SkypeOut service (allows calling to PSTN and mobile phones) Runs on Windows, Linux, Pocket PC, …CS 414 - Spring 2011Skype Network Super Nodes: Any node with a public IP address having sufficient CPU, memory and network bandwidth is candidate to become a super nodeOrdinary Host: this host needs to connect to super node and must register itself with the Skype login serverCS 414 - Spring 2011Components of SkypePortsSkype client (SC) opens TCP and UDP listening port configured in its connection dialog boxHost Cache (HC)List of super node IP address and port pairs that SC builds and refreshes regularlySC stores HC in the Windows registry CodecsWideband coded allowing frequencies between 50Hz-8KHz (one of the codecs is implemented by Global IP Sound)CS 414 - Spring 2011Skype Ports on which Skype listens for incoming connectionsCS 414 - Spring 2011Skype Host Cache ListCS 414 - Spring 2011Components of SkypeBuddy ListSkype stores buddy information in Windows registryBuddy list is digitally signed and encrypted, local to machine and not on a central server Encryption Skype uses 256-bit AES encryptionSkype uses 1536 to 2048bit RSA to negotiate symmetric AES keysNAT and FirewallSC uses variations of the STUN and TURN protocols to determine type of NAT and firewallCS 414 - Spring 2011Skype ArchitectureCS 414 - Spring 2011STUN and TURNSTUN (Simple Traversal of UDP through NAT)Client-server protocolTURN (Traversal Using Relay NAT)Increase latency and packet lossCS 414 - Spring 2011Techniques used in SkypeFirewall and NAT traversal Global decentralized user directoryIntelligent routingSecuritySuper-simple UICS 414 - Spring 2011Login During login process SC:Authenticates its user name and password with login serverAdvertises its presence to other peers and its buddiesDetermines type of NAT and firewall it is behindDiscovers online Skype nodes with public IP addressesLogin server is the only central component in Skype network CS 414 - Spring 2011Skype Login Algorithm CS 414 - Spring 2011Skype Login ProcessAfter installation and first time startup, HC was observed emptyBootstrap super nodes: After login for the first time after installation, HC was initialized with seven (IP,port) pairsBootstrap (IP,port) information eitherHard coded in SCEncrypted and not directly visible in Skype Windows registry, or One-time process to contact bootstrap nodeCS 414 - Spring 2011Skype Login ProcessFirst time Login ProcessSC sends UDP packets to some bootstrap SNsSC establishes TCP connection with bootstrap SNs that respondSC perhaps acquires address of login server from SNsSC establishes TCP connection with login server, exchanges authentication informationSubsequent Login ProcessSimilar to first-time login processSC uses login algorithm to determine at least one available peer and establishes TCP connectionHC was periodically updated with new peers’ (IP,port) CS 414 - Spring 2011Skype Login ProcessComparison of three network setupsExp A: both Skype users with public IP addressExp B: one Skype user behind port-restricted NATExp C: both Skype users behind port-restricted NAT and UDP-restricted firewallMessage flows for first time login processExp A and Exp B are roughly the same; Exp C only exchange info over TCPCS 414 - Spring 2011User Search Skype uses Global Index technology to search for a userSkype claims that search is distributed and is guaranteed to find a user if it exists and has logged in during last 72 hoursSearch results are observed to be cached at intermediate nodesCS 414 - Spring 2011Call Establishment and TeardownCall signaling is
View Full Document
Unlocking...