[VOIPSEC] IPv6 and the demise (or not) ofNAT(wasRe: Interactive Connectivity Establishment (ICE))

Wed Nov 16 18:38:06 CST 2005

> -----Original Message-----
> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> Behalf Of Volker Tanger
> ...and firewalls usually have even less. Especially when talking about
> small packets which are usual for "live" connections like voice.
> "Gbit/s" firewalls often are marketing bubbles - the worst I've seen
> claimed 2 Gbit/s throughput - while only being equipped with 10/100
> interfaces. Rrriiight. But even the "real" Gbit/s ones rarely approach
> the 1 Gbit/s limit under realistic VoIP circumstances.

Those are firewalls, and probably enterprise ones.  Most if not all carrier
SBCs handle the media in hardware.  I know the top 3 do it in hardware and
can do at least 2Gbps or more each direction (2 in, 2 out).  Of course they
all sell 10/100 interfaces as well as the GigE, but that's a customer
choice.  Randell's concern was Video over IP, so I'm not sure "realistic
circumstances" applies to this discussion.  :)

> So if heading towards that order of throughput one should better think
> about parallelizing/clustering and decentralizing of all systems
> involved.

Totally - another reason for the "distribute to edge" mantra. 

> Let's do some rough calculation: taking for example Voice, GSM codec
> (13kbit/s), SIP, RTP+RTCP, thus ~60kbit/s total bidirectional traffic
> for each conversation (including overheads). Thus a 1Gbit/s (eth
> interface) system will probably max out at around 10.000 simultaneous
> calls ethernet-wise. Pretty much suitable for the very most companies
> and campuses.

Umm... I don't know of that many companies/campuses in the world that need
10k simultaneous call capacity at one site. (I think it's ~13k calls, BTW;
g711/20ms is ~10k calls on a 1Gige)  In the legacy PSTN world that would
imply a greater than OC-12 TDM uplink from the PBX.  I think most carriers
would translate 10k concurrent calls to between 100k-200k subscribers.
(although averaging it is not realistic - it's different for every
application)

> For current video telefphony (Cisco Video Link) data only is 384kbit/s,
> thus with overhead probably a bit above 2 Mbit/s, thus maxing out the
> Gbit-link around 300 simultaneous calls. Which is a bit limiting,
> especially for bigger companies.
> 
> Switching to 10Gbit/s interfaces will raise the numbers by one magnitude
> - but 3000 simultaneous video calls are not overly excessive -
> especially not if we're talking about the current upper technical limit.

I think you extrapolated some number I don't get.  I just checked a capture
of a H.263 video call and the video portion takes ~400Kbps at the Ethernet
level, although there are peaks that reach 500Kbps.  So let's say 500Kbps.
For a GigE, that's 2000 video calls.  For a 10GigE it's 20,000.  No?

Regardless, the point I was making is at the access edge of the network the
IP transport doesn't reach that high very often.  10Gig uplinks from the
edge are only recently occurring, and presumably quite a bit of that will
remain data - not voip.  Thus SBCs do media release if they can, but most
calls go off-net and will traverse the SBC path anyway.  So even without the
SBC, you don't have a big enough transport to handle more than 10-20k voip
calls. (at the edge)  Of course I'm totally generalizing, but I'm not trying
to push any specific SBC vendor's product/approach (I think), even though I
work at one.

-hadriel