deep dive network requirementsfor enterprise video conferencing
DESCRIPTION
TRANSCRIPT
Network Requirements for Enterprise Video Conferencing
Moderator:
John Bartlett
NetForecast, [email protected]
Blog: www.nojitter.com
©2010, NetForecast, all rights reserved.
Voice/Video Network Issues
Network cleanup
Security
Bandwidth
LAN QoS
WAN QoS
Bandwidth Management
Test tools
Seamus Hourihan – Acme Packets
Mauricio Sanchez, HP
Matt Sherrod – CA/NetQoS
William Choe - Cisco
2
©2010, NetForecast, all rights reserved.
Agenda
Section TimeProblem statement 2:00Cleanup 2:15Security 2:20Bandwidth 2:40QoS in LAN 2:50QoS in WAN 3:10BW Management 3:30Test Tools 3:45Q&A 4:00
3
©2010, NetForecast, all rights reserved.
VoIP & Video Deployment Realities
VoIP & Video are not just another applicationReal-time traffic is differentExpectations of reliability and quality are high
VoIP & Video are difficult to scaleNeed to understand bandwidth requirementsNeed careful and complete QoS deploymentNeed new monitoring methods
QoS must extend over the entire pathWireless, LAN, WAN
Quality of Experience – QoEMeasuring above the network layerUnderstanding and measuring the experience of the user
Slide 4
©2010, NetForecast, all rights reserved.
Real-Time Traffic is Different!
Bursty bandwidth profile
Resilient to loss (TCP/IP)
Graceful degradation when there is bandwidth contention
0
1
2
3
4
5
6
7
8
9
10
0 200 400 600 800 1000
Seconds
Util
izat
ion
(Mbp
s)
Data Traffic
0
50
100
150
200
250
300
350
400
450
500
0 50 100 150 200 250 300 350
Thou
sand
s
Seconds
Ban
dwid
th (K
bps)
Real-Time TrafficFlat, constant bandwidth profile
Not loss resilient (UDP/IP)
Degrades rapidly when there is bandwidth contention
5
©2010, NetForecast, all rights reserved.
Data and Voice Interference
QoS gives priority to the real-time trafficThis holds down the peaks of the data packets, and prevents packet loss and jitter in the real-time streamsThis is a critical first step to delivering high quality voice and video streams
Slide 6
Add QoS
©2010, NetForecast, all rights reserved.
Manage BW with Application
Real-time traffic requires dedicated bandwidthRequires bandwidth for duration of the call (voice or video)If bandwidth becomes constrained, quality suffers
Design the network for the predicted demandAllocate BW for expected concurrent callsConfigure QoS in routers to support it
Manage the bandwidth to stay within designApplication has to implement call admission control
This is quite different than how we manage bandwidth for data applications
7
©2010, NetForecast, all rights reserved.
Quality & Reliability Expectations
The PSTN always worksWe expect dial-tone an connectivityVoice is our emergency service lifelineWe are visual beings, we notice visual faultsTelepresence is used by top executives
There is a high expectation for the availability and quality of voice & video applications
We have to ensure all the underlying infrastructure will support the required service delivery
8
©2010, NetForecast, all rights reserved.
Agenda
Section TimeProblem statement 2:00Cleanup 2:15Security 2:20Bandwidth 2:40QoS in LAN 2:50QoS in WAN 3:10BW Management 3:30Test Tools 3:45Q&A 4:00
9
©2010, NetForecast, all rights reserved.
Implementation Errors
Simple network implementation errors cause constant packet loss in the network
TCP overcomes these problems easilyPacket retry mechanismApplication slows down slightly
Voice & Video use UDPProblems appear as poor voice or video qualityWe usually blame the application first
Clean up the network
10
©2010, NetForecast, all rights reserved.
Clean up the Network
Half/Full Duplex ProblemThis is everywhere!
Noisy Copper Conn. (T1, T3)Long Ethernet cablesCat 3 Ethernet cablesBad fiber splices
Look for layer 2 error reports on the switchCollision, CRC, runts, etc.
Check duplex negotiated on switch and on the endpoint
11
Half!
Full!
©2010, NetForecast, all rights reserved.
Clean up the Network
Overloaded routers (CPU utilization)ACLsDebug modeQoS carried by CPU (slow path)MLPPP
Out of order packetsPaired access links (e.g. NxT1)CEF does not guarantee packet order
Use path-based test tools to find these problemsActive or passive path-based tools will find implementation errorsUse an operational tool to constantly monitor the networkMonitor 7x24, database resultsImplement ongoing quality work to remove errors
Slide 12
©2010, NetForecast, all rights reserved.
Agenda
Section TimeProblem statement 2:00Cleanup 2:15Security 2:20Bandwidth 2:40QoS in LAN 2:50QoS in WAN 3:10BW Management 3:30Test Tools 3:45Q&A 4:00
13
© 2008 Hewlett-Packard Development Company, L.P.The information contained herein is subject to change without notice.
UC&C Security:Network as a KeystoneMauricio SanchezChief Security ArchitectApril, 2010
15
UC becomes a network app……And in doing so exposes its soft underbelly
Old Approach• Offered physical security –
only commonality is at the physical level
New Approach • UC apps exposed to TCP/IP security
risks on data networks
• DoS, Eavesdropping (VOMIT), Spoofing, VoIP fraud (Vishing) VoIP Spam15
16
Voice and Video CollaborationRequires more intelligence in wiring closets
16
VLAN, QoS
RADIUS ?
Multi-service applications creates new challenges1. How to securely authenticate multiple devices on a port ?
2. How to easily deploy device configuration ?
3. How to proactively monitor and deliver a reliable network ?
4. How to demonstrate regulatory compliance ?
Convergence requires more intelligence and control at the edge where users and devices connect
17
What organizations need today1. Leverage capabilities in the network
• More security with less complexity
2. Enable network access control• Mitigate fraud & DoS attacks, by allowing
only trusted clients onto the network
3. Protect the entire wired & wireless network, not just a few strategic points• Unified secure wire & wireless
management
4. Provide automated network response to security attacks• Assure uninterrupted real-time services
17
18
Layer 2 Hardening• Secure management access (SSHv2, SSL, SNMPv3, TACACS+, etc)• Prevent man-in-the-middle attacks (ARP inspection, IP lockdown, DHCP)
Network Access Control (NAC / NAP)• Multi-User, Multi-Role Access Control (802.1X, Web-auth, MAC-auth)• Port-based policy based on centrally deployed NAC / RADIUS
QoS & Bandwidth Limits• Flexible QoS policy engine, with ability to remark 802.1p/DSCP for trust• Guaranteed minimums, maximum bandwidth to limit problem clients
Layer 3• Granular, flexible Access Control List (ACL) policy engine at full wire speed• Best-in-breed threat management solutions distributed within the network
Network Resiliency• Leverage built-in DoS prevention features to limit effect of attacks• Monitoring technologies, such as sFlow, for broad security visibility
Multimedia Security Requirements
18
19
VoIP Security Summary
19
• Leverage security within network devices, to minimize costs
Business Needs
• Use best-in-breed solutions based on open industry standards
Investmentprotection
Maximizeavailability
Affordability
Security Solution
• Use multi-layer security approach to protect the entire network
Regulatory compliance • Log and report network access …
Users, phones, dates/times, usage
©2010, NetForecast, all rights reserved.
Agenda
Section TimeProblem statement 2:00Cleanup 2:15Security 2:20Bandwidth 2:40QoS in LAN 2:50QoS in WAN 3:10BW Management 3:30Test Tools 3:45Q&A 4:00
20
©2010, NetForecast, all rights reserved.
Typical relationship of bandwidth, resolution and fps shown in this table
Higher compute power allows better resolution and fps for the same bandwidth
Choose the right mix for your enterprise applications
Video Bandwidth RequirementsTransport BW Resolution Frame Rate
128 Kbps CIF 15 fps384 Kbps CIF 30 fps512 Kbps 4CIF 15 fps+768 Kbps 4CIF 30 fps1 Mbps HD720 15 fps+2 Mbps HD720 30 fps4 Mbps HD720 60 fps6 Mbps HD1080 30 fps
Bandwidth, Resolution and FPS
21
Voice over IP (VoIP)BW
G.729 85 KbpsG.711 35 Kbps
©2010, NetForecast, all rights reserved.
Bandwidth Calculation
Determine Video and Data traffic for each location
Size WAN access link
Ensure QoS is properlyconfigured
Verify withtesting tools
22
©2010, NetForecast, all rights reserved.
Locating the MCU
The MCU is a bandwidth hotspotAll simultaneous bridged endpoints connect to the bridge concurrentlyHosted MCU at a service provider means a highbandwidth linkto that provider
Owned bridge inData Center demandsenterprise WAN BWCo-location for bridgeputs it in the right placefor large distributed video
23
©2010, NetForecast, all rights reserved.
Multiple WAN Providers
Try to avoid this modelAdds complexity to QoS deploymentCreates a bottleneck at connection pointDoes not scale well with future video conferencing deployments
24
©2010, NetForecast, all rights reserved.
Agenda
Section TimeProblem statement 2:00Cleanup 2:15Security 2:20Bandwidth 2:40QoS in LAN 2:50QoS in WAN 3:10BW Management 3:30Test Tools 3:45Q&A 4:00
25
26
Cisco slides
26
© 2010 Cisco Systems, Inc. All rights reserved. 27
Networking Requirements for VideoWilliam Choe Director, Product ManagementEthernet Switching Technology [email protected]
28
Enterprise Video Network Trends
0
5
10
15
20
25
30
Two yearsago
Last year Current Expected inone year
Expected intwo years
Median percent of total network traffic that is video
0
10
20
30
40
50
60
70
80
90
100
Telepresence
Video conferen
cing
Desktop str
eaming v
ideo
Digital sign
age
Digital security
camera
s
Video chat/click to
call
Will spendmore
Will spendabout thesameWill spendless
Will not spend
Don't know
Video has doubled from 2 years ago and expected to double againa year from now
Companies are likely to say they will spend more on video conferencing, Telepresence, and digital security cameras
Expected spending on video applications in the next year
Source: Cisco Business video study — December, 2009
29
Business Video Increasing demands on the network
0
10
20
30
40
50
Bandwidth
Latency,Loss,Jitter
MulticastDynamic Sessions
Concurrent Sessions
TelePresence
Conferencing
0
10
20
30
40
50
Bandwidth
Latency,Loss,Jitter
MulticastDynamic Sessions
Concurrent Sessions
IP Video Surveillance CCTV
0
1 0
2 0
3 0
4 0
5 0
Bandwidth
Latency,Loss,Jitter
MulticastDynamic Sessions
Concurrent Sessions
Digital Signage
Video on Demand
0
10
20
30
40
50
Bandwidth
Latency,Loss,Jitter
MulticastDynamic Sessions
Concurrent Sessions
Collaboration
WebCam
TelepresenceStreaming Digital Media
Desktop CollaborationIP Video Surveillance
30
Enterprise Video ServicesMedianet Architecture
•End-to-End Architecture
• Intelligent endpoints/apps integrated with the intelligent network
•Any device, anywhere
•Optimized experience
Enable Rich Media
Solutions
Optimize UserExperience
Media AwareRouting
Content virtualization
Media Monitoring
Media Optimization
Medianet Service Interface APIs
Cisco Video & Voice Applications
webex
Seamless Security
SAF
PfR
RSVP
Multicast
QoS
NetFlow
IPSLA
31
Cisco Catalyst QoS ModelQoS is overlooked/challenged with Gig/10G Networks
Classification
• Inspect incoming packets based on ACLs or policy
Policing
• Ensure conformance to a specified rate on an aggregate or individual flow basis
Marking
• Act on policer decision
• Reclass or dropout-of-policy packets
Egress Queue/Schedule
Congestion Control
• SRR (vs WRR) or shaped servicing
• Egress queue shaping• Egress port rate limiting
SRR Benefits:Balanced traffic flow to prevent high priority queues impacting low priority queues
Ingress Queue/Schedule
Congestion Control
• Two queues/port• One queue is
configurable forstrict priorityservicing
• WTD for congestion control (three thresholds per queue)
• SRR to service queues
Ingress Egress
Policer
Policer
Marker
Policer
Policer
Marker
Marker
Marker
SRR SRRClassifyTraffic
Stack Ring
Egress Queues
Ingress Queues
32
Network Traffic vs. Network Capacity
NetworkCapacity
NetworkTraffic
Overprovisioning
Adjust network capacity to accommodate peak traffic
Congestion Control
Adapt elastic traffic flows to their share of network capacity
Admission Control
Reject traffic flows that exceed network capacity or violate policy
33
Cisco’s CAC SolutionPolicy and Differentiation
TelepresenceVideo
DesktopVideo
Call CenterVoice
RoomSystemVideo
VideoVoice TraderVoice
InternalVoice
Direction
by Media Type by Call Type + User Type
34
Service Advertisement Framework (SAF)Simplifying Service Routing with “Call Control Discovery”
IP NetworkCall Agent
Call AgentCall AgentCall Agent
Call Agent
Call Agent
Call AgentCall AgentCall Agent
Call Agent
Call Agent
Call Agent
Call Agent
Call AgentIP Network
Call Agent
Call AgentCall AgentCall Agent
Call Agent
Call Agent
Call AgentCall AgentCall Agent
Call Agent
Call Agent
Call Agent
Call Agent
Call Agent
GK
GK
SAF-enabledIP Network
Call Agent
Call AgentCall AgentCall Agent
Call Agent
Call Agent
Call AgentCall AgentCall Agent
Call Agent
Call Agent
Call Agent
Call Agent
Call Agent
Adv
ertis
e
Con
sum
e
Call agents discover each other through the SAF network by:
Advertising their call control serviceRequesting call control services
Call agents dynamically route calls to remote destinations based on received advertisements
Configuration complexity, Speed of deployment
High operational costs, TCO
Availability, Business Continuity
TodayWith SAF
35
Packet Loss & Video Impairment Test
50/500 ms network outage causes 500/1000 ms impairment
Video streams impacted 2-10X longer than network outages
36
HA Design Considerations
L2/L3 rapid convergence, RSTP and nonstop forwarding, for network disruptions
Resilience via Cross-stack EtherChannel to mitigate switch failover
37
CEO Meeting
Medianet: Making the Video ExperienceResource Reservation and Prioritization, QoS, Context-Aware
High Quality, Real-Time Video Collaboration, Sports Blocked
Introducing: Medianet on Catalyst switching and ISR portfolio
M&A Negotiation
Sports Event
Poor Collaboration ExperienceHigh Business Travel Cost
CEO Meeting
M&A Negotiation
Sports Event
Global Business, WW Offices
38
39
Cisco Slides
39
©2010, NetForecast, all rights reserved.
Agenda
Section TimeProblem statement 2:00Cleanup 2:15Security 2:20Bandwidth 2:40QoS in LAN 2:50QoS in WAN 3:10BW Management 3:30Test Tools 3:45Q&A 4:00
40
©2010, NetForecast, all rights reserved.
Agenda
Section TimeProblem statement 2:00Cleanup 2:15Security 2:20Bandwidth 2:40QoS in LAN 2:50QoS in WAN 3:10BW Management 3:30Test Tools 3:45Q&A 4:00
52
©2010, NetForecast, all rights reserved.
Manage BW with Application
Real-time traffic requires dedicated bandwidthRequires bandwidth for duration of the call (voice or video)If bandwidth becomes constrained, quality suffers
Design the network for the predicted demandAllocate BW for expected concurrent callsConfigure QoS in routers to support it
Manage the bandwidth to stay within designApplication has to implement call admission control
This is quite different than how we manage bandwidth for data applications
©2010, NetForecast, all rights reserved.
Bandwidth Management
54
QoS queues will be set to support video with high priority up to a specified bandwidth per linkOnce the bandwidth limit is reached, the network starts to drop video packetsWe have to manage the amount of high priority traffic in our networks to insure QoS will work as planned
Bandwidth management is done by the gatekeeper or comm. manager, via Call Admission Control (CAC)
Communications Manager
©2010, NetForecast, all rights reserved.
Configure the BW Manager
BW Mgr must know network topologyTypically statically configured
BW Mgr must know BW limits foreach link
Match router configurationsInformation now stored in twolocations
Create a process to insure info stays synchronized
©2010, NetForecast, all rights reserved.
Real-Time BW Pools
Bandwidth Manager only knows the applications it supports
Video Gatekeeper knows videoCall manager knows voiceStreaming manager knows streaming
Typically no coordination between applicationsNeed to allocate separate bandwidth pools to each application
Voice BWVideo BWStreaming BW
Someday we will have a common BW manager(see work Avistar is doing with IBM)
©2010, NetForecast, all rights reserved.
Agenda
Section TimeProblem statement 2:00Cleanup 2:15Security 2:20Bandwidth 2:40QoS in LAN 2:50QoS in WAN 3:10BW Management 3:30Test Tools 3:45Q&A 4:00
57
Network Requirements for Video Conferencing
Tool Time for Network Mechanics
Steven GuthrieSr. Principal, Product [email protected]
Agenda
> Why We Need to Thinking Differently TodayVideo Conferencing Outside the Common Domains– Event/Fault/Incident/Problem Management
– Performance Management
– Customer Experience (Application) Management
– Workload Automation
> Three Areas Critical for Video Conferencing SuccessQuality of Experience
Bandwidth Management
QoS Management
> Merging of Path Visibility and Network TelemetryPath Management
59 Copyright © 2010 CA. All rights reserved.
April 22, 2010
60
Most Infrastructure Tools Don’t Cover Video
Copyright © 2010 CA. All rights reserved.
WAN/WWW
App ServerRouter Firewall Switch Web Servers
Load Balancer
Portal
SAP
PACER
Web Services
Other AppsDatabases
Mainframe CICS
PSFT
Database
USERFRONTEND
MIDDLEWARE
End User
BACKEND
NETWORK
Infrastructure Management
Application Performance Management
PerformanceManagement
Specialty Domains for Managing Video
61 Copyright © 2010 CA. All rights reserved.
1. Quality of Experience Management
2. Bandwidth Analysis3. QoS Management
Quality of Experience Management
> Active MeasurementSynthetic tests between agents, routers and switches
For example, Cisco IP SLA technology
Agent based approaches
> Passive MeasurementEndpoint/phone makes the best probe
See end-to-end picture, last mile
62 Copyright © 2010 CA. All rights reserved.
Monitor the User Experience
> Synthetic/Active TestsIP SLA tests– Simulated UC packets from router to router; great for
trouble shooting problems– Typically requires management platform to consume and
analyze data– Large scale deployments typically use ‘shadow routers’ to
offload the load primary routers– Not universally known/deployed
63 Copyright © 2010 CA. All rights reserved.
Agent-based tests– Proactively sends simulated voice traffic and calculates MOS– In addition to agent, typically requires management
platform to consume and analyze data
Effectively Monitor the User Experience, Cont.
> Actual trafficStats from endpoints or management server– Collect real time delay, loss and jitter stats as reported by
the endpoints
– Poll management server post-session
– Calculate MOS (in real time or post-session)
– Requires specialty management platform to consume and analyze data
64 Copyright © 2010 CA. All rights reserved.
Analyze Bandwidth Usage
> Measure bandwidth usageCall Setup/Signaling, Presence
Voice, Video, Conference, IM
> NetFlow, sFlow, jFlow provide this info and more
65 Copyright © 2010 CA. All rights reserved.
NetFlow data from routers and switches provides bandwidth analysis capability for UC applications
Network Traffic Flow Analysis
66 Copyright © 2010 CA. All rights reserved.
• Flow Data• NetFlow• sFlow• jFlow• IPFIX
• Class of Service• CBQoS• NBAR• RMON
Long-Term Packet Capture
67 Copyright © 2010 CA. All rights reserved.
• TiVo® for your network -storage units up to 288 TB
• Stream reconstruction - audio and video replay
Is This the Real Definition of QoS?
> In the field of telephony, quality of service was defined in the ITU standard X.902 as "A set of quality requirements on the collective behavior of one or more objects". Quality of Service comprises requirements on all the aspects of a connection, such as service response time, loss, signal-to-noise ratio, cross-talk, echo, interrupts, frequency response, loudness levels, and so on.
> Source: http://en.wikipedia.org/wiki/Quality_of_service
> Emphasis added
68 Copyright © 2010 CA. All rights reserved.
Or Is It “Classification”
> In the field of computer networking and other packet-switched telecommunication networks, the traffic engineering term quality of service (QOS), refers to resource reservation control mechanisms rather than the achieved service quality.
> Source: http://en.wikipedia.org/wiki/Quality_of_service
> Emphasis added
69 Copyright © 2010 CA. All rights reserved.
70 Copyright © 2010 CA. All rights reserved.
Or Is It Everything that Makes Up the “Service”?
Data Center
DNS, web servers, etc
PSTN
Gateway
LAN Core Infrastructure
Voice & Net Management1. Voice/Video System2. Wire, wall jack, etc.3. Switching core4. Layer 3 core5. Services6. Voice comm/msg7. Multimedia apps8. IP WAN9. Network/trunks
MPLSIP Backbone
Unified Communication & Messaging Systems
71 Copyright © 2010 CA. All rights reserved.
Managing QoS from Policy Perspective
> Traffic classification and prioritization for reliable VoIP
Time-consuming to configure & troubleshoot
Needs to be monitored for queuing, shaping & drops
> Auto Discover and model QoS classes, policies and behaviors
> Real time monitoring of traffic classes / Router
> Alarm condition hierarchy (critical/major/minor)
Managing Video Service as a Business Service
72 Copyright © 2010 CA. All rights reserved.
Service Dashboards
Service Console - Administration
72
Merging Path Management with Network Telemetry
73
Path and Path Latency
74 Copyright © 2010 CA. All rights reserved.
Path and Path Latency
75 Copyright © 2010 CA. All rights reserved.
Location Drill to Path
76 Copyright © 2010 CA. All rights reserved.
With Device and Application Performance
Path and Path Latency
77 Copyright © 2010 CA. All rights reserved.
Path and Path Latency
78 Copyright © 2010 CA. All rights reserved.
Thank You