GÉANT: Delivering Global Real-Time Video Communication ...©ter Szegedi - GEANT... · •STUN (Session Traversal Utilities for NAT) is a standardized set of methods and a network

Networks ∙ Services ∙ People www.geant.org

Peter Szegedi

HEAnet Conference 2015

GÉANT: Delivering Global Real-Time Video Communication Services

Cork, Ireland

GÉANT Amsterdam


• Why WebRTC could potentially be disruptive for R&E

• How GÉANT is engaged in WebRTC

• GÉANT federated STUN/TURN service

• GÉANT federated WebRTC infrastructure

• GÉANT federated directory and service verification

2

Outline

Networks ∙ Services ∙ People www.geant.org 3

Use cases for WebRTC in HEI

• Enable rich, high quality, RTC applications to be developed for the browser, mobile platforms, and IoTdevices, and allow them all to communicate via a common set of protocols.

• WebRTC is an API definition drafted by the World Wide Web Consortium (W3C) that supports browser-to-browser applications for voice calling, video chat, and P2P file sharing without the need of either internal or external plugins.

• WebApp integartion is the key:a) Real-time communication

b) In-context communication


Rendez-vous at RENATER

• Based on Jitsi Meet

• Brings RTC to your browser

• Integrates with document and desktop sharing, Prezi, chat and others...

Let’s flip the class...


In-context communication


Fun and less fun...


Mock-up idea for R&E

• ownCloud software has got some penetration into our community

• Enable WebRTC into the ownCloud web client

• Share the file or folder of learning materials and discuss with your students

• Share your research results and analyse them with your colleagues

File-based sync&share service with real-time communication component


To make it happen you need a piece of infrastructure!

8


STUN/TURN service

Telecom R&D: Steps for building and deploying WebRTC solution

• WebRTC is peer-to-peer but...

• STUN (Session Traversal Utilities for NAT) is a standardized set of methods and a network protocol to allow an end host to discover its public IP address if it is located behind a NAT.

• TURN (Traversal Using Relays around NAT) is a protocol that assists in traversal of network address translators (NAT) or firewalls for multimedia applications.


GÉANT federated STUN/TURN service

STUN/TURN Server potential users

• SIP User Agents• VoIP• Telepresence / VideoConference• Long Term Credential auth mechanism

• XMPP/Jabber/Jingle/COLIBRI Clients.• Long Term Credential auth mechanism

• Web Applications (WebRTC)• Time limited Long Term Credential (REST API)• OAuth token/assertion auth

Benefits for the community

• Better firewall traversal experience for end-users

• Smooth IPv6 transition for end-users

• IETF standard based firewall traversal instead of tunnels

• Reliable distributed STUN service for GÉANT community services• For reflexive address detection

• Reliable distributed TURN service for GÉANT community services• For media relaying


Jitsi infrastructure

JipoproJIRECONfreeswitch JIGASI Jitsi Meet

JICOFO

VideobridgeVideobridge

IDPshibboleth

XMPP XMPPSIP

RTP

ACCESS LAYER

APPLICATIONLAYER

MEDIA LAYER

RTP

• Jitis Meet is the application.

• Jitsi Video ridge is a WebRTCcompatible Selective Forwarding Unit (SFU) that allows for multi-party video communication

• Jiti COnference FOcus (JICOFO) is mandatory component of JitsiMeet conferencing system. It is responsible for managing media sessions between each of the participants and the videobridge

• ice4j.org is an ICE implementation which is used to provide NAT traversal capabilities, and assistsIPv4 to IPv6 transition


Multi-NREN deployment

Jitsi Meet Video-bridgeJICOFO Video-bridge Video-bridge

VPN: Private addressesRENDEZ-VOUS Out-of-band management/

network-mangement VPN

INTERNET

Video-bridge

DIRECT ACCESS TO INTERNET:SECURITY MANAGEMENT SITE BY SITE

Public addresses

Monitoring/discovery Containers OrchestrationLogsConf

managerReporting

REST ACCESS

Jitsi MeetGEANT

VideobridgeRENATER

JICOFOGEANT

VideobridgeNIIF

Video-bridge

Video-bridge

Video-bridge

Video-bridge

Create a multi-NREN, robust and scalable Jitsi infrastructure for facilitating first-hand experience with WebRTC technology and application piloting.

GÉANT WebRTC Infrastructure


Application network over secure MD-VPN...

Open API for application developers

• Access to the infra back-end

• Get a snippet for your webapp

• Integrate applications


GÉANT eduCONF federated directory

• eduCONF directory for video conferencing rooms, crafted together with the monitoring service

• Integration of directories• 2-stage policy adjustment: local

and central

• XML export engines: easiest way to export by remote parties

• multiple other export engines (possible: FTP, SFTP, API, JSON, ...)

• central administration


GÉANT federated directory for WebRTC support

• Skype/MS, Facebook, Google, Apple, Telcos, etc... all have a directory• Everyone wants to OWN the

directory

• They have NO interest in sharing their directories

• They have no interest in federation / interoperability betweendirectories

• Rendez-vous is federated and eduGAIN-enabled but requires an e-mail address to identify admin user.• Some IdPs do not release e-mail

address....


• Simple, reliable, one-click, plugin-free WebRTC service for R&E (~50M) to fall back to

• In-context application integration with WebRTC via open API

• Support infrastructure bits and pieces• Federated STUN/TURN service

• Multi-NREN Jitsi infrastructure

• Federated directory and service verification

Come and talk to TF-WebRTC task force of GÉANT!https://wiki.geant.org/display/WRTC/TF-WebRTC+Task+Force+on+WebRTC

https://lists.geant.org/sympa/subscribe/webrtc

16

Summary

https://wiki.geant.org/display/WRTC/TF-WebRTC+Task+Force+on+WebRTC

https://lists.geant.org/sympa/subscribe/webrtc


Thank you and any questions


17

[email protected]

Documents

GÉANT: Delivering Global Real-Time Video Communication ...©ter Szegedi - GEANT... · •STUN (Session Traversal Utilities for NAT) is a standardized set of methods and a network