Appendices; Ip Network Requirements For Videocommunication; Nat - Firewall Interoperability - Aethra Vega X3 Use And Installation Manual

Appendices

IP Network Requirements for Videocommunication

The network requirements for point-point connections between IP videoconferencing terminals are as
follows.
The complete network path connecting two IP terminals must have a constant available bandwidth for the
whole duration of the connection. The effective bandwidth used on LAN/WAN Full-Duplex network
connections is equal to the sum of the Audio Rate and Video Rate, plus approximately 20% for TCP/IP
overhead.
In the case of Half-Duplex LAN/WAN networks, the aforementioned bandwidth is doubled. For example, if
it is necessary to guarantee a 384K connection for the video and a 64K for the audio, the bandwidth
allocated must be at least (384+64) *1.2 ≈ 540K for each Half-Duplex connection. In case of dial-up WAN
links, it should be underlined that their efficiency in terms of "useful" bandwidth is approximately half the
total available bandwidth.
It is always preferable to use mechanisms such as QoS for WANs because they take into account the total
bandwidth required for a videoconference, rather than relying exclusively on over-dimensioning the
network. This is necessary for the handling of increasing numbers of simultaneous connections or a
network that is already loaded.
The network needs to be set up so that latency and jitter are as low as possible. Extended times for
latency and variable jitter can create serious problems, especially in video quality.
It is always preferable for IP terminals to be connected to switched type LAN connections to avoid the
traffic generated by terminals being superposed on the normal traffic present on the network.
It is preferable to avoid using NAT-type protocols on router interfaces that route IP packets, since NAT
protocols often do not allow the correct routing of connections.
If NAT, firewall or access list implementations are to be used, they must be IP compatible.
NAT – FIREWALL Interoperability
Introduction
There are many strategic advantages for companies that succeed in making all traffic converge from voice
applications, video and data to one IP network infrastructure.
Unfortunately, the drive to concentrate all IP communications onto one single network has reduced. The
connection between a company's corporate network and the Internet world is accomplished with firewalls
and devices using NAT (Network Address Translation), which block voice and video calls via IP. Firewalls
block IP traffic for video and voice by preventing any unsolicited communication from the outside. Devices
implementing NAT block IP traffic because all equipment on the internal network uses private IP
addresses, and can therefore not be contacted from outside the local domain.
There are several solutions to the problem of getting IP communications past NAT and firewalls: bypassing
the firewall or NAT device, upgrading the network infrastructure with an Application Level Gateway (ALG),
and going out through the firewall or NAT using semi-tunneling connections.
Going around the firewall or NAT device is not the best solution for most companies. Removing the firewall
or placing videoconferencing equipment on an unshielded section of the network could seriously
compromise the network's security.
Using these devices is very expensive and besides this an access policy for Firewalls and NATs would be
needed. These devices should be located along the communication path at every point where a NAT and
Firewall are present.
92