Planning for Media Manager services
This topic provides an overview of peer-to-peer and n-way voice and video communication in IBM® Sametime®. It describes the Sametime servers and server components, and third party components, used in voice and video.
Audio and video components
- SIP Proxy/Registrar
- Manages location services and forwards SIP messages to their destinations. The Sametime SIP Proxy/Registrar maintains the registry between all users and their location, and maintains the registration of conferences. The SIP Proxy/Registrar routes all SIP messages inside Sametime. Every voice or video message to a user goes through the SIP Proxy/Registrar. The following components know to consult the registrar: Sametime Media Manager, SIP-based calling, and Sametime Unified Telephony. It requires access to LDAP.
- Conference Manager
- Administers all conferences, including point-to-point and multipoint. The Sametime Conference Manager works with the client to establish a SIP session for the call. It also hosts the internal Telephony Conferencing Service Provider Interface (TCSPI) adapter and an optional external TCSPI adapter. The TCSPI integrates with the Video MCUs and bridges. The Conference Manager works with the client to establish the SIP session for the call. The Conference Manager manages the state of audio and video calls. All audio and video features, both one-to-one A/V chat and multi-way A/V chats, depend on this component.
- Video Manager
- Distributes audio and video communications among the servers within a Sametime deployment according to routing rules that you
define. The IBM
Sametime Video Manager manages the scaling and
distribution of audio and video conferences, through MCU pools and cascading. It also manages
attributes for conferences, such as maximum line-rate, and the following tasks:
- Multi-way audio and video conferencing (requires Sametime Conference Manager)
- Multimedia transport and bandwidth control
- Call server routing based on dial plan
- Creates meeting rooms based on template
The Video Manager cannot be clustered, but you can have multiple servers with a load balancer in front. The Video Manager must be installed on a dedicated server.
- Video MCU
- Serves as the focal point for audio calls by connecting multiple users to a single conference. The Sametime Video MCU enables multi-way, audio and video conferences with continuous presence and multiple client layouts. It serves as a switch for scalable audio- and video-streams, delivering to different clients the streams that have been requested. It's not used for one-to-one sessions. This server cannot be clustered, but you can have multiple servers with a load balancer in front. The Sametime Video MCU must be installed on a dedicated server.
- Sametime Bandwidth Manager: Optimizes bandwidth by calculating the call route for each call as it is initiated, and reserving the required bandwidth for the duration of that call. If sufficient bandwidth is not available, the call is either modified (through codec, bandwidth, or media reduction), or it is not allowed and the user is presented with a "resources in use" message. You can create policies that assign default bandwidth settings for users.
- Sametime TURN Server: Directs client audio and video communications across a NAT (Network Address Translator) or firewall when direct peer-to-peer communications are not possible.
- Sametime Community Server
- Sametime Proxy Server
- Sametime Meeting Server
- Sametime Media Manager:
- Sametime SIP Proxy/Registrar
- Sametime Conference Manager (with TCSPI adapter)
- Sametime Video Manager
- Sametime Video MCU
- Sametime Bandwidth Manager
- LDAP and Media Manager: TCP
- Community Server and Sametime Proxy Server: TCP
- Community Server and Media Manager: TCP
- Bandwidth Manager and Video Manager
- Internal client and Community Server: VP
- Internal client and Meeting Server: TCP
- Internal client and Sametime Proxy Server: TCP
- Internal client and Video Manager and SIP Proxy Registrar: UDP
How calling with audio and video works in Sametime
Calling with audio and video in Sametime uses either peer-to-peer for one-to-one messages, or the Media Manager and the Meeting Server for multi-way conversations.
In peer-to-peer communication, at login, a user's information goes to the SIP Proxy/Registrar component to establish identity and location. The SIP Proxy/Registrar is effectively a digital PBX that answers the questions who's available, who can I call, and who's calling me.
Users can send a SIP invite request to SIP Proxy/Registrar. For example, Alice sends information via the Session Description Protocol (SD) about her IP and port number and what type of call she wants to have. Bob receives the invitation, and determines what hardware he has that can support the call. Bob replies with his SDP and port number. The call begins with the media stream now flowing peer-to-peer through IPs and ports negotiated. Peer-to-peer is ideal for two-way messaging because there's less network latency when an intermediary server is involved.
What about conference calls with more than two people? A conference requires the Meeting Server. Each user contacts the Meeting Server to initiate a SIP invitation with the server. The Conference Manager (another component of the Media Manager) figures out who's on which calls. Once connected, each user begins a media stream to the Video MCU. The Video MCU sends these streams to all participants in the conference. All the media traffic goes through the Video MCU.
NAT challenges
- The SIP REGISTER request contains the private address. If the SIP Proxy/Registrar tries to send SIP messages to that private address, it will fail.
- The SDP includes the private address. If the peer will try to send a media stream to that private address, it will fail.
Another challenge to A/V is the DMZ firewalls. The DMZ adds security to the organization's network by preventing outside users from connecting to inside network. This is another layer of routing that needs to be traversed to get to users in the network.
Supported fixed bandwidth codecs
- SAC (Siren-LPR Scalable)
- Siren-LPR
- G.722.1C
- G.722.1
- G.711
- H.263
- H.264
- H.264-SVC (Scalable Video Codec)
Audio and video uses either UDP or TCP protocols for transport. What's the difference between the protocols TCP and UDP? TCP is what networking people call a reliable connection. It's mathematically reliable. UDP is not acknowledged. With UDP, there's no authentication or reliability, no guarantee that the packets get to the target. Most audio and video codec use UDP. When your routers are congested, and router use is 95%, the router will drop packets. It will drop UDP packets first by design. UDP is more sensitive to network conditions and latency. TCP will say I didn't get that and will you send it again. UDP is commonly used because it's thousands and thousands of packets. UDP is about 2 bytes so a loss is not as bad.
Clients and other components used in audio and video
Sametime Clients
- Sametime Connect Client
- Sametime Embedded Client
- Rich meeting client or browser-based client
- Mobile client
Other components
- HTTP Reverse Proxy Server
- The HTTP Reverse Proxy Server is not something that Sametime provides, but it is required for all HTTP clients to get from outside the firewall to inside the network
- Community Mux
- A Mux server is a multiplexer that can significantly increase the number of connections to the Community Server.
- IBM SIP Edge Proxy Server
- The SIP Edge Proxy Server acts as a relay between clients and the SIP Proxy/Registrar in Media Manager. When clients first register, they register with the SIP Edge Proxy Server. This connection becomes persistent. The client then connects to the SIP Proxy/Registrar through the SIP Edge Proxy Server. The SIP Edge Proxy Server supports SIP Outbound to ensure that outgoing messages get delivered over existing connections whenever available.
- TURN Server
- The TURN server has two main functions: assist the client in finding its public, visible (NAT'ed) address, and provide an extension to the client, a relay, in a different network when peer to peer communication is not possible. The TURN Server is compliant with the Interactive Connectivity Establishment (ICE) procedures defined by the IETF. These procedures allow two endpoints to discover the most efficient path for media, which may sometimes be through a relay. The two endpoints can either be two clients, or a client and a server.
The following graphic shows an edge server deployment made up of Sametime servers behind a firewall in the intranet. The Sametime Proxy Server, WebSphere® HTTP Proxy Server, TURN Server, and the IBM SIP Edge Proxy Server are in the DMZ for access by external and internal clients.
- LDAP Server
- DB2®
- Community Server
- Sametime System Console
- Meeting Server
- Media Manager
- Sametime Proxy Server
- WebSphere Proxy Server
- Sametime TURN Server
- IBM SIP Edge Proxy Server
- LDAP and Community Server: TCP 389 or 636
- LDAP and Media Manager: TCP 389 or 636
- Community Server and Sametime Proxy Server: TCP 1516
- Community Server and Media Manager: TCP 1516
- Sametime Proxy Server to Apple Push Notification Service: TCP 2195, 2196
- Internal client and Community Server: VP 1533
- Internal client and Meeting Server: TCP 80 or 443
- Internal client and Sametime Proxy Server: TCP 80 or 443
- Internal client and TURN Server: TCP or UDP 3478, UDP 49152 to 65535
- External client and WebSphere Proxy Server: TCP 80 or 443
- External client and TURN Server: TCP or UDP 3478
- External client and Sametime Proxy Server: TCP 80 or 443
- Internal client to Media Manager in the intranet:
- TCP 5080 / TLS 5081
- UDP bidirectional - (both audio and video)
- 40000 to 49999 UDP - (Starting with S9 GA until OpenSSL Security Bulletin released in September, 2015)
- 49152-59151 UDP - (Starting with OpenSSL Security Bulletin released in September, 2015)
- UDP bidirectional - 20830 to 20930 (both Audio and Video)
- SIP-based calling allows users to make and receive SIP-based phone calls from their installed Sametime clients with a third party audio/video bridge.
- This feature does not include incoming call routing, device hand-off, and so on.
- It relies on the Media Manager. No new servers required. Configure SIP trunks from the SIP Proxy/Registrar component.