modern services of data network part ii software presented by: dr. mohsen kahani ferdowsi university...
Post on 21-Dec-2015
222 views
TRANSCRIPT
Modern Services of Data Modern Services of Data NetworkNetwork
Part IIPart IISoftwareSoftware
Presented by:Presented by:
Dr. Mohsen KahaniDr. Mohsen Kahani
Ferdowsi University of Mashhad
http://www.um.ac.ir/~kahani
Table of ContentsTable of Contents
Instant MessagingInstant Messaging VideoVideo Conferencing Conferencing Video On DemandVideo On Demand
IM OverviewIM Overview
Enables a user to Enables a user to determine the determine the online online availability of availability of another useranother user
Allows a user to Allows a user to exchange exchange messages messages instantly with instantly with another useranother user
IM combines the IM combines the urgency of the urgency of the telephone with telephone with the functionality the functionality of e-mailof e-mail
Components Of An Components Of An IM NetworkIM Network
FirewallsFirewallsIM RoutersIM Routers
ActiveActive
DirectoryDirectory
ActiveActive
DirectoryDirectory
IM Home ServersIM Home ServersClientsClients
Clients register their Clients register their
Online status with home Online status with home
servers, which areservers, which are
user-specificuser-specific
IM Routers route IM Routers route queries to user-specific queries to user-specific home servers, after home servers, after consulting the Directoryconsulting the Directory
Maps users to home serversMaps users to home servers
HTTP Proxy HTTP Proxy ServerServer
IM AddressingIM Addressing
E-mail addresses versus URLsE-mail addresses versus URLs Users use existing e-mail (SMTP) addresses – Users use existing e-mail (SMTP) addresses –
e.g.,e.g., [email protected] [email protected] IM system uses only URLs IM system uses only URLs
e.g., e.g., http://im.microsoft.com/instmsg/aliases/alicehttp://im.microsoft.com/instmsg/aliases/alice
ConversionConversion Through DNS SRV recordsThrough DNS SRV records
SRV records convert SMTP domain (SRV records convert SMTP domain (microsoft.commicrosoft.com) to IM ) to IM domain (domain (im.microsoft.comim.microsoft.com))
Fallback mechanism (client-side)Fallback mechanism (client-side) If SRV lookups fail, clients use the e-mail domain portion as the If SRV lookups fail, clients use the e-mail domain portion as the
IM domainIM domain E.g., E.g., [email protected]@im.microsoft.com equivalent to equivalent to
[email protected]@microsoft.com
IM Home Servers IM Home Servers And RoutersAnd Routers Home Servers host specific usersHome Servers host specific users
Maintain online state and authenticate usersMaintain online state and authenticate users Maintain tracking listsMaintain tracking lists Server-specific URLs: Server-specific URLs: http://DINO/instmsg/alicehttp://DINO/instmsg/alice
(“Physical URLs”)(“Physical URLs”) IM Routers are general-purposeIM Routers are general-purpose
Unify IM namespaceUnify IM namespace Route IM traffic Route IM traffic Server-independent URLs: Server-independent URLs:
http://im.microsoft.com/instmsg/alice http://im.microsoft.com/instmsg/alice (“Logical URLs”)(“Logical URLs”)
RoutingRoutingRedirection and GatewayingRedirection and Gatewaying
Every user has both a logical and physical URL Every user has both a logical and physical URL (both could be identical)(both could be identical) Each IM-enabled account has two IM URLs, stored on the Each IM-enabled account has two IM URLs, stored on the
Active DirectoryActive Directory™™
IM Routers employ two routing mechanisms:IM Routers employ two routing mechanisms: RedirectionRedirection
HTTP 302 redirects – e.g., HTTP 302 redirects – e.g., http://im.microsoft.com/instmsg/alicehttp://im.microsoft.com/instmsg/alice to to http://DINO/instmsg/alice http://DINO/instmsg/alice
For requests internal to networkFor requests internal to network GatewayingGatewaying
For externally-originating requests – added security layerFor externally-originating requests – added security layer
Sending An IM Sending An IM Intra-orgIntra-org
FirewallsFirewallsIM RoutersIM Routers
ActiveActiveDirectoryDirectory
ActiveActiveDirectoryDirectory
IM Home ServersIM Home ServersClientsClients
HTTP Proxy HTTP Proxy ServerServer
[email protected] sends an IM to [email protected]@microsoft.com sends an IM to [email protected]
http://im.microsoft.com/aliases/mikehttp://im.microsoft.com/aliases/mike
http://im.microsoft.com/aliases/http://im.microsoft.com/aliases/marymary
im.microsoft.comim.microsoft.comNOTIFY NOTIFY http://im.microsoft.com/http://im.microsoft.com/aliases/maryaliases/mary
REDIRECT http://dino/REDIRECT http://dino/aliases/maryaliases/maryDINODINO
LASSIELASSIE
NOTIFY http://dino/NOTIFY http://dino/aliases/maryaliases/mary
DNSDNS
DNS SRV:DNS SRV:““microsoft.com” microsoft.com” im.microsoft.comim.microsoft.com
Sending An IM Sending An IM Inter-orgInter-org
[email protected] [email protected] sends an IM to sends an IM to [email protected]@acme.com
microsoft.commicrosoft.comF
irew
all
Fir
ewa
llhttp://im.microsoft.com/aliases/mikehttp://im.microsoft.com/aliases/mike
bigisp.combigisp.com
Fir
ewa
llF
irew
all
im.acme.comim.acme.com
Fir
ewa
llF
irew
all
acme.comacme.comhttp://im.acme.com/aliases/alicehttp://im.acme.com/aliases/alice
Fir
ewa
llF
irew
all
ITGPROXYITGPROXY
IM DeploymentIM Deployment
Number of IM DomainsNumber of IM Domains
IM Domains should correspond to externally IM Domains should correspond to externally visible SMTP domain namesvisible SMTP domain names Microsoft will have one IM domain: Microsoft will have one IM domain:
im.microsoft.comim.microsoft.com us.example.com and jp.example.com us.example.com and jp.example.com
im.us.example.com and im.jp.example.comim.us.example.com and im.jp.example.com Use of the “im” prefix recommended, but not Use of the “im” prefix recommended, but not
mandatorymandatory Enables end-user connectivity from some remote Enables end-user connectivity from some remote
organizationsorganizations
Number and types of IM serversNumber and types of IM servers
Number of Number of onlineonline users users One Home Server for 10,000 One Home Server for 10,000 onlineonline users users One Router for 20,000 One Router for 20,000 onlineonline users users Assumed config: Dual proc 400/256 MBAssumed config: Dual proc 400/256 MB
Number of IM domainsNumber of IM domains Each IM domain must have at least one IM Router Each IM domain must have at least one IM Router
named after itnamed after it Geographical distributionGeographical distribution
IM Home Server(s) in each WAN “island” – IM Home Server(s) in each WAN “island” – e.g., in each continente.g., in each continent
Inbound Internet connectivityInbound Internet connectivity
All IM traffic arrives on port 80All IM traffic arrives on port 80 Inbound firewalling is optionalInbound firewalling is optional Packet FiltersPacket Filters
Must allow traffic to IM RoutersMust allow traffic to IM Routers
DMZsDMZs IM Routers kept in DMZIM Routers kept in DMZ DMZ will need access to Active DirectoryDMZ will need access to Active Directory Auth request can not be Gatewayed between Routers Auth request can not be Gatewayed between Routers
and Home serversand Home servers
HTTP Reverse ProxiesHTTP Reverse Proxies Must answer to IM domain name(s)Must answer to IM domain name(s) Forward inbound IM traffic to IM router(s)Forward inbound IM traffic to IM router(s)
Outbound Internet connectivityOutbound Internet connectivity
Direct connectivityDirect connectivity Packet filtersPacket filters
Need to allow outbound port 80 trafficNeed to allow outbound port 80 traffic Winsock proxiesWinsock proxies HTTP proxiesHTTP proxies
Can use existing Web proxiesCan use existing Web proxies IM clients use Internet Explorer 5.0 proxy logicIM clients use Internet Explorer 5.0 proxy logic May need to exclude internal IM hosts in May need to exclude internal IM hosts in
Internet Explorer 5.0 Proxy Exclusion List Internet Explorer 5.0 Proxy Exclusion List (WPAD auto-detect recommended)(WPAD auto-detect recommended)
Small BusinessSmall Business Simplest IM topologySimplest IM topology
Small number of usersSmall number of users One locationOne location Firewalls optionalFirewalls optional
ISPs routinely provide ISPs routinely provide packet filter capabilitiespacket filter capabilities
One Home ServerOne Home Server No separate IM Router neededNo separate IM Router needed
IM Home ServerIM Home Server
Clie
nts
Clie
nts
im.smallbiz.comim.smallbiz.com
InternetInternet
Educational institutionEducational institution Typical configuration:Typical configuration:
Moderate number of usersModerate number of users Usage profile: “Heavy”Usage profile: “Heavy” One locationOne location
IM Home ServersIM Home Servers
Clie
nts
Clie
nts
InternetInternet
im.foouniv.eduim.foouniv.edu
imhome1imhome1
imhome2imhome2
IM RouterIM Router
No firewallsNo firewalls Multiple Home ServersMultiple Home Servers One IM RouterOne IM Router
Enterprise Enterprise StandardStandard Large number of users Large number of users Very high ratio of online usersVery high ratio of online users Multiple Home ServersMultiple Home Servers
Multiple IM RoutersMultiple IM Routers Firewalls (inbound)Firewalls (inbound) HTTP proxies (outbound)HTTP proxies (outbound)
....
IM Home ServersIM Home Servers
Clie
nts
Clie
nts
InternetInternet
imhome1imhome1
imhome2imhome2
IM RoutersIM Routers
imhomenimhomen
im.corp.comim.corp.com
HTTP Proxy(s)HTTP Proxy(s)
Firewall(s)Firewall(s)
im.corp.comim.corp.com
Enterprise Enterprise DMZDMZIM Routers in “De-Militarized Zone” have IM Routers in “De-Militarized Zone” have Internet connectivityInternet connectivity
IM Home ServersIM Home Servers
Clie
nts
Clie
nts
InternetInternet
imhome1imhome1
imhome2imhome2
IM RoutersIM Routers
imhomenimhomen
im.corp.comim.corp.com
HTTP Proxy(s)HTTP Proxy(s)
im.corp.comim.corp.com
DMZDMZ
Enterprise Enterprise HTTP reverse proxyHTTP reverse proxy
Inbound firewalling through HTTP reverse proxiesInbound firewalling through HTTP reverse proxies Reverse proxy answers externally to im.corp.com and forwards to IM RoutersReverse proxy answers externally to im.corp.com and forwards to IM Routers
....
IM Home ServersIM Home Servers
Clie
nts
Clie
nts
InternetInternet
imhome1imhome1
imhome2imhome2
IM RoutersIM Routers
imhomenimhomen
im.corp.comim.corp.com(Internal)(Internal)
HTTP ProxyHTTP Proxy(Regular-(Regular-
Outbound)Outbound)
im.corp.comim.corp.com(Internal)(Internal)
HTTP Reverse ProxyHTTP Reverse Proxyim.corp.comim.corp.com
(External)(External)
ISP (Hosted)ISP (Hosted) Typical configuration:Typical configuration:
Very large number ofVery large number ofusers (up to several Million)users (up to several Million)
Low ratio of online usersLow ratio of online users Multiple Home ServersMultiple Home Servers
Multiple IM RoutersMultiple IM Routers DNS Round-Robining/DNS Round-Robining/
WLBS for IM RoutersWLBS for IM Routers Could have multiple IM DomainsCould have multiple IM Domains
....
Clie
nts
Clie
nts
imhome1imhome1
imhome2imhome2
IM RoutersIM Routers
im.bigisp.comim.bigisp.comim.bigisp.comim.bigisp.com
InternetInternet
ActiveActiveDirectoryDirectory
ActiveActiveDirectoryDirectory
FirewallFirewall
ProxyProxy
Enterprise Enterprise Geographically DispersedGeographically Dispersed
....IM Home ServersIM Home Servers
Clie
nts
Clie
nts
InternetInternet
imhome1imhome1
imhome2imhome2IM RoutersIM Routers
im.corp.comim.corp.com
Firewall(s)Firewall(s)
im.corp.comim.corp.com
imhomenimhomen
Imhomen+Imhomen+
Routers can all be Routers can all be centrally locatedcentrally located
(Headquarters, etc.)(Headquarters, etc.)
NORTH AMERICANORTH AMERICA
EUROPEEUROPE
Bandwidth ConsiderationsBandwidth Considerations
Acceptable for corporate useAcceptable for corporate use 1000 users: 56 kbit/sec average traffic 1000 users: 56 kbit/sec average traffic
Traffic concentrated at IM *Servers* - not Traffic concentrated at IM *Servers* - not on entire network!on entire network!
Traffic at servers scales linearly with Traffic at servers scales linearly with number of number of onlineonline users users
Based on Corporate user profileBased on Corporate user profile
Video ConferencingVideo Conferencing
Why VC?Why VC?
Save moneySave money Save timeSave time Build relationshipsBuild relationships Communicate “face to face” where Communicate “face to face” where
it would otherwise be impossibleit would otherwise be impossible Avoid parking hasslesAvoid parking hassles TeachTeach CollaborateCollaborate
Why VC? - ContinuedWhy VC? - Continued
In many situations, video conferencing is the next best thing to a face to face meeting.
In many situations, video conferencing is the next best thing to a face to face meeting.
The History of VCThe History of VC
The first video conferenceThe first video conference The first public videoconference was The first public videoconference was
held in April 1930, between AT&T held in April 1930, between AT&T headquarters and their Bell headquarters and their Bell
Laboratory in New York City.Laboratory in New York City. H.320 introduced in 1990. H.320 introduced in 1990.
Not IPNot IP ExpensiveExpensive Managed environmentManaged environment
H.323 introduced in 1996H.323 introduced in 1996 IPIP Lower costLower cost Less managedLess managed
Limitations of VCLimitations of VC
FirewallsFirewalls Port BlockingPort Blocking
NATNAT Hidden IP AddressHidden IP Address
BandwidthBandwidth NOT!NOT! Dial Up Modem Dial Up Modem MAYBE…MAYBE… Cable Cable
Modem/DSLModem/DSL
Requirements for VCRequirements for VC Endpoints (for you and remote party)Endpoints (for you and remote party) IP connectivityIP connectivity
384 Kbps minimum (exception: H.264)384 Kbps minimum (exception: H.264) No NAT of NAT workaroundNo NAT of NAT workaround
Integrated into some endpointsIntegrated into some endpoints Ridgeway will resolve this issueRidgeway will resolve this issue
No firewall OR routed through firewall No firewall OR routed through firewall Integrated into some endpointsIntegrated into some endpoints Ridgeway will resolve this issueRidgeway will resolve this issue
EndpointsEndpoints
There are four There are four basic types of basic types of endpoints:endpoints: Desktop with Desktop with
software onlysoftware only
Desktop with Desktop with hardware codechardware codec
Conference room Conference room unitunit
Classroom unitClassroom unit
Endpoints – Desktop – Endpoints – Desktop – Software OnlySoftware Only Works best with newer computersWorks best with newer computers OptionsOptions
camera and headsetcamera and headset Microsoft NetMeeting (free and unreliable) with Microsoft NetMeeting (free and unreliable) with
a USB camera and handset/headseta USB camera and handset/headset
+ +
Endpoints - Desktop with Endpoints - Desktop with hardware codechardware codec Use this solution for older, slower Use this solution for older, slower
computers. computers. OptionsOptions
Polycom ViaVideoPolycom ViaVideo VCON VIGOVCON VIGO
Endpoints – Conference Room Endpoints – Conference Room UnitUnit OptionsOptions
Polycom 500Polycom 500 VCON HD3000 VCON HD3000 Tandberg 550 -Tandberg 550 - Polycom VSX7000Polycom VSX7000
Endpoints – Classroom UnitEndpoints – Classroom Unit
OptionsOptions
Polycom VS 4000Polycom VS 4000
Tandberg 6000 Tandberg 6000
What is on the Network?What is on the Network? GatekeeperGatekeeper
Allows assignment of static numbersAllows assignment of static numbers Allows use of MCUs, and GatewaysAllows use of MCUs, and Gateways
MCUMCU Allows more than two participants to be Allows more than two participants to be
in the call at the same time.in the call at the same time. GatewayGateway
Allows calls to and from telephones.Allows calls to and from telephones. Ridgeway SeverRidgeway Sever
Firewall/NAT solution.Firewall/NAT solution.
VC EtiquetteVC Etiquette Place the camera next Place the camera next
to the monitorto the monitor Be aware of a live Be aware of a live
microphonemicrophone Prepare the graphics Prepare the graphics
for televisionfor television Properly frame the Properly frame the
speakerspeaker Be sure to set up the Be sure to set up the
microphonemicrophone In groups, frame up on In groups, frame up on
the speakerthe speaker
Use proper lightingUse proper lighting Make sure the Make sure the
equipment is equipment is workingworking
Designate one Designate one person to be the person to be the facilitatorfacilitator
Arrange for an on-Arrange for an on-site facilitatorsite facilitator
Remember to be Remember to be preparedprepared
Video On Demand Video On Demand (VoD)(VoD)
the Visionthe Vision Digitized content streamed to Digitized content streamed to
your locationyour location Access from anywhereAccess from anywhere Drill down to specific info in the Drill down to specific info in the
videovideo
the Systemthe System
VoD Overview.jpg
Delivering Streams to the Delivering Streams to the ClientClient
Protocols across the NetworkProtocols across the Network
True StreamingTrue Streaming
HTTP StreamingHTTP Streaming
Progressive DownloadProgressive Download
Is it Live or is it Video-On-Demand (VOD)Is it Live or is it Video-On-Demand (VOD)
Even More Protocols…Even More Protocols… HTTP over TCP/IPHTTP over TCP/IP
Serving Web pagesServing Web pages Progressive Download of MediaProgressive Download of Media Streaming through firewallsStreaming through firewalls
RTSP over RTP/IPRTSP over RTP/IP Serving Real-time MediaServing Real-time Media Open Source Open Source QuickTime and RealQuickTime and Real
MMS over UDP/IP or TCP/IP or HTTP+TCPMMS over UDP/IP or TCP/IP or HTTP+TCP MMS: Microsoft Media ServicesMMS: Microsoft Media Services UDP: User Datagram ProtocolUDP: User Datagram Protocol
A Simple Streaming ExampleA Simple Streaming Example
Client requests
a media file
Compressed media file resides on the media server
Web Server
Client
Media file is streamed back to client
Request passed
to Media Server
Media Server
Media is decompressed and played on the client
NB: the Web Server and Media Server may, in fact, be different processes running on the same machine
A Simple Streaming ExampleA Simple Streaming Example
TCP/IP
HTTP Web Server
Client
RTP over IPUDP over IPHTTP over IP (through firewall)
TCP/IP
Media ServerRTSP MTSP
Live vs. VLive vs. Video-on-Demandideo-on-Demand
Web Server
Client Media Server
Encoder
Live Webcasting connects encoder, server and clients
All in real-time
VOD uploads and archives media files on the media server
Content Delivery NetworksContent Delivery Networks
Unicast, point-to-point connectionsUnicast, point-to-point connections
Multicast, one-to-many connectionsMulticast, one-to-many connections
Distributed networksDistributed networks
A Simple Server-Client A Simple Server-Client ConnectionConnection
Router
Router
Router
RouterRouter
RouterRouter
Router
Client
Servers
UnicastingUnicasting
Client
Media Server
Client
Client
Client
4 x 100Kb/s simultaneous clients requires 400Kb/s connection from server
Each client gets a different stream even if they’re watching the same movie
A Multicast Enabled NetworkA Multicast Enabled Network
Router
Router
Router
RouterRouter
RouterRouter
Router
Client
Servers
Client
Client
Client
Multicast Enabled Routers
MulticastingMulticasting
Client
Media Server
Client
Client
Client
4 x 100Kb/s simultaneous clients requires 100Kb/s connection from server
Each client gets the same stream
Distributing ContentDistributing Content
Reduces load on any given server and decreases bottlenecks due to internet traffic
Distribute the same content to multiple servers around the world
Factors Affecting Quality of Factors Affecting Quality of Streaming Media TodayStreaming Media TodayQuality of the source video prior to compressionQuality of the source video prior to compressionThe processing and codecs applied to the video and The processing and codecs applied to the video and
audio filesaudio filesProtocols used to serve the streaming mediaProtocols used to serve the streaming mediaThe (real) network connection between server and The (real) network connection between server and
clientclient
Technical IssuesTechnical Issues Bandwidth Bandwidth Security – AuthenticationSecurity – Authentication Statistics – who, when, what and (from) Statistics – who, when, what and (from)
wherewhere Formats – MPEG-1, RealFormats – MPEG-1, Real Access point – Standard web browserAccess point – Standard web browser
ENDEND