Microsoft ISA Server H.323 Gateway and Gatekeeper - PowerPoint PPT Presentation

benjamin
microsoft isa server h 323 gateway and gatekeeper n.
Skip this Video
Loading SlideShow in 5 Seconds..
Microsoft ISA Server H.323 Gateway and Gatekeeper PowerPoint Presentation
Download Presentation
Microsoft ISA Server H.323 Gateway and Gatekeeper

play fullscreen
1 / 32
Download Presentation
Microsoft ISA Server H.323 Gateway and Gatekeeper
2667 Views
Download Presentation

Microsoft ISA Server H.323 Gateway and Gatekeeper

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Microsoft ISA Server H.323 Gateway and Gatekeeper Overview of IP Telephony, H.323, and ISA Server H.323 Support

  2. Presentation Agenda • IP Telephony Overview • The ITU H.323 Specification • Microsoft ISA Server H.323 Gateway • Microsoft ISA Server H.323 Gatekeeper • Microsoft ISA Server Scenarios

  3. IP Telephony OverviewDefinition • IP Telephony refers to the hardware and software technologies that provide the ability to place telephone calls over IP based networks.

  4. IP Telephony OverviewTraditional Voice Networks – PSTN • The Public Switched Telephone Network • The collection of networking equipment that belongs to the carriers involved in providing telephone service. • The PSTN is a Circuit Switched Network • A virtual circuit is created in the PSTN “Cloud” for each telephone call. The circuit is allocated (64k bps) and maintained for the duration of the call, regardless of the amount of traffic flowing over the circuit.

  5. IP Telephony OverviewPSTN - Basic Network Topology

  6. IP Telephony OverviewTraditional IP Networks – The Internet • Packet Switched Networks • Separate packets from the same communication may take different paths through the cloud. • More efficient use of network resources • No inherent QoS or Security, without special a special implementation to address these issues. • Signaling and Media use the same network

  7. IP Telephony OverviewStandards Bodies • International Telecommunications Union (ITU) • ITU-T division’s H SERIES specs define the Transmission of non-telephone signals. • Specifications must be licensed from the ITU • Internet Engineering Task Force (IETF) • RFC and Internet-Draft specifications are well-known to most IT professionals • Available in the public domain : http://www.ietf.org

  8. IP Telephony OverviewThe 3 competing signaling protocols • H.323 (ITU) • Umbrella specification defining the protocols and codecs to be used by H.323 compliant devices. • SIP (IETF) • Session Initiation Protocol. New, up and coming standard. Similar to H323 mechanically, but text-based and simpler. More closely related to HTTP “on the wire.” • S/MGCP (IETF) • Signaling Gateway Control Protocol / Media Gateway Control Protocol.

  9. IP Telephony OverviewMedia Protocols • RTP/RTCP (IETF) • Real-Time Protocol/ Real-Time Control Protocol. • This is used almost universally for media transport. Both H.323 and SIP specify RTP as the media transport protocol of choice

  10. IP Telephony OverviewBasic VoIP network diagram

  11. The ITU H.323 Specification • H.323 Specification Title: Visual telephone systems and equipment for local area networks which provide a non‑guaranteed quality of service

  12. The ITU H.323 SpecificationImportant Terms • H.323 Entity: Any H.323 component, including • Terminals • Gateways • Gatekeepers • MCs, MPs, and MCUs. • Endpoint: A Terminal, Gateway, or MCU. • Call: Point-to-point multimedia communication between two H.323 endpoints • Multipoint Conference: A conference between three or more terminals

  13. The ITU H.323 Specification H.323 Protocol Stack

  14. The ITU H.323 SpecificationBasic Call Model A typical H.323 Call consists of 5 phases: • Call Setup (Phase A) • Initial communication between endpoints and terminal capability exchange (Phase B) • Establishment of of Audio / Visual communication between endpoints (Phase C) • Request and negotiation of Call Services (Phase D) • Call Termination (Phase E)

  15. The ITU H.323 SpecificationBasic Call in Action

  16. ISA Server H.323 GatewayIntroduction • The ISA Server H.323 Gateway is an application layer H.323 Proxy. • Traditional circuit-layer proxies (Winsock Proxy, ISA Firewall Service) and transparent proxies (NAT, SecureNAT) do not properly handle H.323 traffic because of the Protocol’s complexity.

  17. ISA Server H.323 GatewayProxy History • Proxy Server 2.0 • Winsock Proxy could handle only one outbound H.323 call at a time. • No inbound H.323 calls were possible (No Server Proxy) • Windows 2000 NAT • H.323 / LDAP Protocol Editor allows outbound H.323 Calls (LDAP is needed for ILS lookup) • ISA H.323 Gateway • supports outbound H.323 calls and inbound calls with Gatekeeper assistance

  18. ISA Server H.323 GatewayH.323 Gateway Implementation • The ISA H.323 Proxy is implemented as an ISA Application Filter. • Application Filters can be externally developed using the ISA SDK. • Application filters plug-in to the ISA Firewall Service • Application filters can perform • protocol editing, e.g., H.323 filter • Content inspection, e.g., SMTP filter • Virus scanning, e.g., 3rd Party filter • Other activities enabled by access to the application data stream • Both SecureNAT Clients and Firewall (WSP) Clients can use the H.323 Gateway

  19. ISA Server H.323 GatewayH.323 Gateway Implementation (cont.)

  20. ISA Server H.323 GatekeeperIntroduction • ISA Gatekeeper Functionality • Register Users (directory) • The GK defines an H.323 zone and is referenced when attempting to locate a user or terminal. The GK provides alias to IP address resolution. • Route Calls • Terminals specify a GK if one exists for their zone. The GK will route calls to the appropriate destinations based on routing rules created by an administrator.

  21. ISA Server H.323 GatekeeperScenario Example

  22. ISA Server H.323 GatekeeperServer Properties

  23. ISA Server H.323 GatekeeperServer Properties (cont.)

  24. ISA Server H.323 GatekeeperRegistering Users

  25. ISA Server H.323 GatekeeperCall Routing - Destinations

  26. ISA Server H.323 GatekeeperCall Routing Rules • Rules are used to determine how a GK should help the caller route the call. • 3 Types of Call Routing Rules • Phone Number Rules • Email Address Rules • IP Address Rules • By matching the ID type to a destination, • Phone# calls can be routed to a PSTN Gateway • External IP Addresses, Email addresses, or Names can be routed to external endpoints or GK’s.

  27. ISA Server H.323 GatekeeperRouting Rule Precedence • GK finds matching rules for each destination type. • Matching rules are then sorted by • Quality of match (more matching elements) • If Quality of match is equal, “exact” rule types have precedence over “prefix” (ph#) or “suffix” (domain/IP) rule types. • If Quality and Type match, rule precedence number is used.

  28. ISA Server H.323 GatekeeperRouting Rule Precedence (cont) • Now that rules have been sorted based on matching, there may be equal rules with different destinations. Each destination should be tried in the case that a previous response is negative. e.g., If ILS lookup fails, we should try Active Directory for a match as well (assuming there are rules for each of these destinations)

  29. ISA Server H.323 GatekeeperRouting Rule Precedence (cont) • Destinations are contacted in the following order: • None. This is a “deny rule” and causes processing to cease. • Local Registration Database • Gateway/Proxy • Internet Locator Service (ILS) • Gatekeeper • Multicast Gatekeeper • DNS • Active Directory • Local Network

  30. ISA Server H.323 GatekeeperRouting Rule Precedence (cont) Which Rules get applied? What order are the applied rules processed?

  31. Resources and References • Books • IP Telephony. (Bill Douskalis) • Much of the VoIP and H.323 information in this presentation came from this book • IP Telephony: Packet-Based Multimedia Communications Systems (Hersent, Gurle, Petit) • Web Sites • Databeam. This site has a good primer on H.323 and T.120 • http://www.databeam.com/standards/index.html • Intel. This page describes the problems and pitfalls of getting H.323 through Firewalls • http://support.intel.com/support/videophone/trial21/h323_wpr.htm

  32. Resources and References(cont.) • Specs • ITU-T: • H.323 • T.120 • IETF: • RTP (RFC 1889) ftp://ftp.isi.edu/in-notes/rfc1889.txt