Section 7.2. H.323

7.2. H.323

H.323, currently in Version 2, is the ITU-T's recommendation for PBX-styled signaling that supports a packet-based network. H.323 doesn't have to be delivered entirely using an IP network. Certain subrecommendations of H.323 allow for traditional telephony networks to be integrated with seamless signaling across all participating devices. For example, the H.323 suite allows for signaling over POTS on the PSTN using recommendations in H.320 and H.324.

H.323 was originally proposed as a solution for video conferencing using LANs. Later revisions saw it morph into a full-fledged PBX-replacement plan.

H.323 is implemented in Microsoft's NetMeeting conferencing software, as well as in Avaya's MultiVantage and Nortel's Meridian IP-PBX systems. While quite mature and well-documented by the ITU-T, H.323 has been implemented in vendor-specific "flavors" that are, unfortunately , not totally interoperable. This hasn't been a big hindrance to acceptance of H.323 for VoIP applications, however, since most integrators who choose this standard tend to choose a single vendor's implementation across their entire network.

Incompatibility of H.323 implementations is a problem only when trying to link opposing vendors' H.323 systems together. To get around this, many integrators link the systems using legacy trunking methods like T1, because opposing vendors ' implementations of legacy telephony protocols are almost always totally interoperable.

H.323's message packets are compact, and H.323 signaling is very fast, especially compared to SIP, which uses comparatively long and wordy message packets. The design of H.323 is very much rooted in the design philosophy of the PSTN: brevity and availability are striven for. H.323 signals are short. The network is used as little as possible to carry call signaling and as much as possible to carry sound.

7.2.1. H.323 Gatekeeper

The gatekeeper is the host on the network that provides centralized call monitoring and signaling capabilities for H.323 endpoints (called terminals). The gatekeeper's scope may be a particular LAN segment or an entire continent , depending on the designer's intentions.

The scope of the network that a gatekeeper operates within, or the reach of that gatekeeper, is called a zone . IP endpoints may be on the table next to the gatekeeper or on a different continent, 15 router hops away, and all can be considered one zone. This isn't always practical, of course, just possible . There can be only one gatekeeper per zone and one zone per gatekeeper. It is common to refer to an H.323 gatekeeper as a softswitch or softPBX.

7.2.1.1 Registration

In order to be made available for telephony applications, each endpoint and/or gateway in a gatekeeper's zone must undergo a process called registration . This means that each H.323 endpoint must inform the gatekeeper what its unique identifying characteristics (i.e., phone number, IP address, etc.) are. This process can be authenticated, too.

Each H.323 endpoint, or terminal, must either be programmed with the IP address or resolvable hostname of the gatekeeper or be able to discover the gatekeeper's presence using IP multicast to 224.0.1.41:1718. This latter method is most conducive to redundancy, since multiple gatekeepers can be configured to respond to multicast locate requests like failover partners .

The registration process is defined by a unique setup protocol called RAS, which stands for Registration, Admission, and Status. This protocol governs only the registration process, not any call setups.

All components of an H.323 voice network must register if a gatekeeper is utilizedwhich is just about always. It would be difficult to do much more than some dedicated trunk-style channels without employing a gatekeeper.

According to the ITU-T recommendations, a compliant gatekeeper must provide:

• Address resolution via a standard called E.164, discussed later

• Registration authentication

• Bandwidth controls

• Zone management of registration and calling

• Call control signaling

• Call authorization

Endpoints follow a specific procedure when registering:

7.2.2. H.323 Terminal

Each H.323 terminaleither a software endpoint or a hardphonecontains a stack of software elements that cover different aspects of the calling process:

• H.245, which provides capabilities negotiation in order to make sure there's a compatible application and codec running on the calling terminal and the receiving one

• H.225, which provides billing and monitoring functions necessary for reliable call setup and carrier-grade call accounting

• RTP, the IETF standard for transmitting packets of encoded real-time media

• A selection of one or more audio codecs

• Optionally , an H.323 terminal may offer T.120, a protocol for enabling interactive data applications such as white-boarding. A great example of this is NetMeeting's shared drawing board feature

7.2.3. H.323 Gateway

The purpose of a gateway is to interface the IP-based voice channels to legacy signaling and transport technologies such as FXO, FXS, E&M, ISDN BRI and PRI, T1, and DID. A great example of this device is Cisco's modular media gateways, which can be equipped with interfaces that can support all of these legacy technologies and more. An H.323 gateway is required only when an interface to a legacy voice network is necessarywhich is usually the case.

H.323 gateways offer specialized convergence signaling protocols that support certain kinds of legacy circuits:

• H.320 supports packetized voice over ISDN circuits and T1

• H.324 supports packetized voice over POTS using G.711

• Analog ports on the gateway can support old-style analog POTS, too

H.323 gateways must register with a gatekeeper for the zone they serve if calls are to be routed through their media interfaces.

7.2.4. Multipoint Control Units

An MCU is an H.323-specific device that has a single purpose: conferencing multiple H.323 media channels. MCUs are the official prescribed method of doing conference call applications in an H.323 VoIP network, though some proprietary extensions to H.323 exist in this role (hence H.323's less-than - stellar interoperability reputation). An MCU can be a dedicated server, or MCUs can be built into H.323 terminals.

Sometimes, MCUs are referred to as conference bridge servers or DSP farms, because it is via digital signal processing that all parties are able to hear the other parties on an MCU-hosted conference call. DSP is used to converge, or interleave , participants' audio signals into a new, combined audio signal that is sent back out to the participants . (Traditional telephony may also use DSP for conference mixingthis characteristic isn't unique to VoIP.)

The software element within the MCU that actually performs the DSP function in order to aggregate media channels into a conference call is known as an MP, or multipoint processing, element. This is a part of the MCU that is multicodec aware and can handle transcoding if necessary. MCUs are also RTP hosts , as RTP itself is designed to support mixer-controlled conferences.

The second component of an MCU is the MC, or multipoint controllerthis is the part that is signaling-savvy and can negotiate with the endpoints using H.225 and H.245 to get them added, and removed from, conference calls as needed.

7.2.5. The H.323 Call-Signaling Process

There are five general steps in the H.323 signaling process for each leg of a call path : setup/ teardown , capabilities negotiation, open media channel, perform call, and release.

7.2.5.1 Setup/teardown

To initiate an H.323 call, H.225 is required for the setup step. During this step, each endpoint involved in the call is kept apprised of the status of the call setup, expressed in one of H.225's named states, the last of which doesn't happen until the end of the call, of course:

Proceeding

This means that the calling endpoint is trying to establish a network connection with the called endpoint.

Alerting

This means that the called endpoint is being notified that somebody is trying to reach it. In other words, the called endpoint is ringing, and the calling endpoint is receiving ring back , an indication of ringing on the remote end.

Connect

This means that the called endpoint has accepted and a media channel can be established.

Release

This means that one of the endpoints has signaled an end to the call. When release is indicated, the call is actually being torn down, not set up.

7.2.5.2 Capabilities negotiation

After setup, H.245 is enlisted to negotiate the application requirements of the call and select appropriate codecs. H.245 determines:

• What kinds of application media each terminal can support: audio, video, white board, and so on

• What codecs each terminal is capable of and which it may prefer

• How the media channel will be structured, and what packet interval will be used

• Which terminal will be the master and which will be the slave for the duration of the call. Master and slave roles distinguish the client/server role assumptions for future signals during the call and are just a protocol formality

• How best to notify the caller if negotiation fails. Usually the endpoint will display an error code while playing a busy signal. The busy signal is standard when a call cannot be connected on a VoIP network

7.2.5.3 Open media channel

Once capabilities negotiation has succeeded, RTCP (RTP Control Protocol) springs into action to establish a UDP socket for the media channel. Then the RTP media channel is opened, and a stream of encoded UDP packets with RTP payload flows across the network using the negotiated codec and packet interval.

7.2.5.4 Perform call

As the call is in progress, RTCP, which runs alongside RTP (usually on separate, consecutive UDP ports that are selected during call setup), can keep tabs on the media channel, which remains intact via connectionless UDP for the duration. This continues until the call is finished.

7.2.5.5 Release

At the conclusion of the call, H.225 enters its release state, signaling an end to the media channel, an end to the H.245 application capabilities session, and an end to the call-accounting transaction on the gatekeeper. Depending on the endpoint, the caller and callee will hear a dial-tone or a busy signal.

In Figure 7-1, you can see how the RAS and H.225 are used with a gatekeeper to establish a call between two endpoints.

In this example, phone 3001 is attempting to call phone 3002. Once the user had dialed the call:

Figure 7-2 shows a gatekeeper-signaled call, which is identical to the preceding example except that the gatekeeper is a proxy for all of the signaling messages, not just the RAS ones.

Figure 7-2. Gatekeeper-signaled call setup for a call from 3001 to 3002

The difference between gatekeeper-signaled and direct-signaled calls is the role of the gatekeeper in the H.225 session. If a gatekeeper involved, then the call is a gatekeeper-signaled call. Don't confuse this concept with the idea of call paths, which are the paths of the media channels not the setup signaling, which is what we're talking about here. For a refresher on call paths, take a quick look through Chapter 6.

In Figure 7-3, a gateway is added to the signaling process, to facilitate a call from 3001 to a phone on the PSTN.

Figure 7-3. A gateway is an H.323 endpoint's portal to the PSTN

7.2.6. E.164 Address Scheme

E.164 is a convention for assigning telephone numbers to endpoints on a VoIP network. It's also the global convention for numbering of country codes, and is backward-compatible with older ITU recommendations for numbering. The phone numbers you dial on your analog phone when you call the pizza place and the barber shopthose are E.164-compliant numbers. Unlike older recommendations, however, E.164 allows endpoints on a VoIP network to dynamically register their E.164 address (number) from a list of available numbers stored in a database on the gatekeeper.

This database is an administrator- maintained list of Ethernet MAC hardware addresses, each of which corresponds to one or more assigned E.164 addresses. In this fashion, the administrator controls which endpoints are able to use a given E.164 address. In effect, the MAC address becomes the key to the endpoint's phone number, which makes telephone moves easier than they are with traditional telephony: no matter which port the phone moves to on the network, its E.164 address always follows .

Unfortunately, there are drawbacks to using the MAC address as a key for the E.164 address. First, MAC addresses follow a somewhat esoteric hexadecimal convention that isn't user friendly. Unless you're a serious geek, you aren't going to memorize many MAC addresses, so putting new IP phones into the gatekeeper can be a loathsome data-entry task. Second, the MAC address is usually hardcoded into the phone's firmware or network interface CMOS chip. This means it can never be changed.

Of course, MAC addresses are very much necessary: Ethernet wouldn't work without them, but there are better ways to handle alias assignment to a VoIP endpoint. Reliance on MAC addresses, and therefore intrinsic reliance on Ethernet, is one of the biggest drawbacks of H.323 when compared to SIP.

7.2.7. H.245

The H.245 session is established after the gatekeeper has cleared the way for the two endpoints to connect and after the called party has picked up the phone . In an instant, H.245 sets up a master/slave relationship between the endpoints, negotiates an agreeable RTP profile, including port selection, codec selection, frame size , and type of media (voice, video, or data). Then, the RTP/UDP datagrams immediately start to flow, and both parties can speak to and hear each other.

7.2.7.1 Fast-start

Fast-start is an optional parameter sent in the H.225 setup session when placing calls through H.323 gatewaysusually to endpoints that don't support H.245, like those on the PSTN. If the gateway is able to confirm that the switching element (a CO switch or foreign PBX) on the called end supports Q.931, a fast-start-compatible signaling protocol, then H.225 can establish the media parameters immediately, foregoing the H.245 session after the called party has picked up the phone. In this event, the RTP session will be open by the time the called party answers. This is useful in minimizing the perception of lag in call startup when gateways are involved.

7.2.7.2 SoftPBX H.323 implementations

Because H.323 is such a distributed approach (gatekeepers, gateways, MCUs can all be on different hardware), it's tempting not to think of the standard as a way of achieving software-based PBX functionality. But in reality, most softPBX makers who've standardized on H.323 are putting gatekeepers, gateways, and MCUs all in one box and calling it a softPBX. This is an accurate description of what a fully functional H.323 network doesuses software to switch calls across multiple data links using a variety of physical interfaces, the same purpose as a softPBX.

Avaya, Nortel, and others that support H.323 offer most of these functions on a single Ethernet hostoften a server blade that mounts inside their PBX chassis.

Cisco offers a consolidated approach in their media gateways. While they don't offer an MCU, Cisco's media gateways do provide H.323 gatekeeper and gateway functions and therefore are softPBXs in their own right. H.323 terminals can register with a Cisco media gateway if it's running a gatekeeper and place calls through it to the PSTN if it has a POTS or PRI interface with a phone company dial-tone plugged in.

Telephony vendors' use of the term media gateway doesn't necessarily mean an H.323 gateway, a device for connecting VoIP networks to the PSTN. Cisco's media gateways, for example, are modular router/server hybrids that offer some softPBX functionality, often including an H.323 gateway, but not always.

7.2.8. Project 7.1. Build an H.323 Gatekeeper Using Open H.323

7.2.8.1 What you need for this project:

• Open H.323 software

• GnuGK (Gnu gatekeeper) software

• H.323 softphone such as MS NetMeeting

• LAN

Open H.323 is an open source implementation of the H.323 signaling protocol suite, managed by QuickNet Technologies, the same company that makes the Internet Phone Jack line of analog interface cards. Open H.323 is distributed in binary and source code forms for both Linux and Windows, though a crafty hacker should be able to get it running on a BSD-ish OS, too.

This project will allow a Microsoft NetMeeting H.323 softphone and an Open H.323 OhPhone softphone to place calls through an H.323 gatekeeper running on a Linux computer. In this example, we'll use Microsoft NetMeeting on Windows XP and OhPhone on Mac OS X.

Although Open H.323 provides a framework of tools for developing H.323 servers and endpoints, it also natively implements a complete H.323 gateway, MCU, and endpoint. Here's a partial list of software packages that accompany Open H.323:

OpenGK

A simple H.323 gatekeeper server example

OhPhone

An H.323 softphone for Linux and Windows (OhPhoneX is the Macintosh version)

OpenMCU

An H.323 conference bridge server

PSTNgw

An H.323 gateway server

Each of these requires the base distributions of Open H.323 and its prerequisite, PWLib, a project-specific class library.

7.2.8.2 Open H.323's requirements

A machine with specs like those required by Asterisk should be sufficient to run a small-scale H.323 gatekeeper. A Pentium III clocked at 600 mHz will be able to handle this project. The PC should be running Linux (though H.323 is also Windows-compatible). It can be the same PC that runs Asterisk, if you like.

7.2.8.3 Download and compile Open H.323

The best place to get Open H.323 is from its maintainer's web site, http://www.openh323.org/code.html. Compiling all of these elements is pretty straightforward on Linux. If you want to run Open H.323 on Windows, find the precompile executables. That said, these instructions are for Linux.

First, download and install PWLib. Save pwlib_1.5.2.tar.gz (or the filename appropriate for the version you download) to /root as the root user. Then, unzip and untar it:

 #  tar xvzf pwlib_1.5.2.tar.gz  

Now, you'll need to set some environment variables so Open H.323 software knows where to find the PWLib libraries:

 #  PWLIBDIR=$HOME/pwlib  #  export PWLIBDIR  #  OPENH323DIR=$HOME/openh323  #  export OPENH323DIR  #  LD_LIBRARY_PATH=$PWLIBDIR/lib:$OPENH323DIR/lib  #  export LD_LIBRARY_PAT  

If you plan on making this H.323 setup a permanent one, you should add the preceding environment variable commands to .bash_profile in /root . Do this using Pico or your favorite text editor, without the pound signs ( # ) of course. Now, build the PWLib distribution using make:

 #  cd $PWLIBDIR  #  ./configure  #  make opt  #  make install  

Next, download the main Open H.323 file to /root . Then, unzip and untar it, substituting the filename that's appropriate for the version you download:

 #  tar xvzf openh323_1.12.2.tar.gz  

Now, build Open H.323:

 #  cd $OPENH323DIR  #  ./configure  #  make opt  #  make install  

The developers recommend a 128 MB swap partition to complete the build error-free. This need is minimized if you have enough physical RAM256 MB of physical RAM should be plenty. This build could run for 30 minutes or more, so enjoy a delicious beverage.

7.2.8.4 Set up the Gnu gatekeeper (gnugk)

Once the Open H.323 build is finished, you'll need to download and compile the Open H.323 Gatekeeper ( gnugk ) software. Don't confuse this with the opengk that comes as a part of the Open H.323 distribution. This gatekeeper comes from a different source altogether, but is built using the same libraries as opengk . The big difference is that gnugk is a much more complete implementation of a gatekeeper, while opengk is a reference example and not very useful yet.

First, download and save the gnugk source code into /root from http://www.gnugk.org/h323download.html. It will be named gnugk-2.0.8.tgz or something similar. After the download is finished, build the gnugk package:

 #  tar xvzf gnugk-2.0.8.tgz  #  cd openh323gk  #  make opt  

Now, issuing the gnugk command will launch the gnugk gatekeeper. If you receive an error indicating shared libraries cannot be located, make sure you've got those environment path variables set in your login profile. If you run into compiler errors, try grabbing the x86 Linux executable from the gnugk site. Whether you compile it yourself or not, copy the distribution's bin directory's contents into /usr/sbin and its etc directory's contents into /etc as follows:

 #  cd openh323gk  #  cp bin/* /usr/sbin  #  cp etc/gnugk.ini /etc  

To install a sample config file that allows any endpoint to register with the gatekeeper, copy etc/proxy.ini instead:

 #  cp etc/proxy.ini /etc  

proxy.ini is far more permissive than the default configuration file and will allow you to register unauthenticated (i.e., passwordless ) endpoints. Now, you can run the gnugk with the config file in /etc by issuing:

 #  gnugk -c /etc/gnugk.ini  

7.2.8.5 Register an H.323 softphone using OhPhoneX

If you're using a Windows PC, chances are you already have Microsoft NetMeeting. This is a very capable softphone, and it works well with Open H.323. In fact, the next section describes how to set it up.

But since the Open H.323 project produces a phone, too, we'll use it. It's called OhPhone, and it's distributed as an executable for Linux, Windows (http://www.openh323.org), and Macintosh (http://xmeeting. sourceforge .net).

These examples use screen grabs from the Mac OS X version. The Linux and Windows versions have only a text-based UI, but for those platforms, GnomeMeeting and MS NetMeeting make great alternatives.

The first thing you'll need to do with OhPhoneX is access its Preferences menu option. The Gatekeeper tab of the Preferences window will allow you to specify a gatekeeper, username, password, alias, and E.164 address (phone number).

In Figure 7-4, the address of the gatekeeper is 10.1.1.10in prior projects, we've used this address for our experimental Linux VoIP server, so we'll continue in that vein. The ID is a superficial, free-form ID used like caller ID. The User/Alias ID is required only if gnugk is configured for authenticating registration attempts. The Password field is optional; its use is policy dependent, as gnugk accepts blank passwords. Finally, the E.164 Number is the phone number to which the endpoint is registering and, ultimately, the phone number that will be used to route calls to this softphone. Be sure to check the Use Gatekeeper checkbox, too.

When you close the Preferences window, click the Start Phone button, and then click the Console button: you'll see whether the softphone's registration attempt with the H.323 gatekeeper was successful. The console log of OhPhoneX, shown in Figure 7-5, contains the details of the registration attempt.

Figure 7-4. OhPhoneX's Preferences window has all the options an H.323 endpoint could possibly need to register with a gatekeeper

Now, if you register a second softphone from a second PC, you can call back and forth between them using the gatekeeper as the E.164 alias translator. This works the same way with H.323 hardphones. Callers dial the E.164 digits, and the gatekeeper provides the E.164 "resolution" that allows the software in the phone to do its H.225, H.245, and RTP signaling to facilitate the call.

Once a call is in progress, the Connection Statistics window shows the status of the call in excellent detail, as in Figure 7-6.

7.2.8.6 Register an H.323 endpoint using NetMeeting

Microsoft NetMeeting is an H.323 softphone application that comes packaged with Windows Me, 2000, and XP. In order to run it on XP, however, you'll have to perform a slight hack to activate it. Click the Start menu, click Run, type conf , and click

Figure 7-5. OhPhoneX's Console Log can help you troubleshoot the registration process

Figure 7-6. OhPhoneX's Connection Statistics window tells you which codec your call has selected and how much bandwidth it's using

OK. Then, select "Put a shortcut to Netmeeting on my desktop" in the wizard that follows. Once this is done, NetMeeting is activated on Windows XP just as it would normally be on Windows 2000.

To configure NetMeeting to register with the gatekeeper, click NetMeeting's Tools menu, followed by the Options item. This will display the Options dialog, where you can click the Advanced Calling button. The Advanced Calling Options dialog will appear, as in Figure 7-7. Check the "Use a gatekeeper to place calls" and "Log on using my phone number" checkboxes. Enter the address of the gatekeeper, as well as the E.164 address you'd like to use into the Phone number field.

Figure 7-7. The NetMeeting Advanced Calling Options dialog allows you to configure gatekeeper registration

Microsoft NetMeeting is a very worthwhile H.323 softphone, and it's quite customizable. It allows video calling as well as audio calling and has a built-in T.120 whiteboard and instant messaging (text chat) applications. You can tweak the codec selection preferences by choosing Audio from the Options dialog and then clicking Advanced. The codec selection dialog is shown in Figure 7-8. If you're really looking to restrict codec selection, most compliant gatekeepers allow you to do it centrally .

7.2.8.7 Make the call

Once both phones are registered with the gatekeeper, you can call between them using their E.164 numbers since they're on the same zone. Now, if you like, download OpenAM from the Open H.323 project to set up an H.323-based personal message recorder.

Figure 7-8. NetMeeting ships with a selection of five codecs, including G.711 ( m Law/Alaw) and G.726 (ADPCM)