[VOIPSEC] IPv6 and the demise (or not) ofNAT(wasRe: Interactive Connectivity Establishment (ICE))
Hadriel Kaplan
HKaplan at acmepacket.com
Wed Nov 16 15:00:04 CST 2005
> -----Original Message-----
> From: Voipsec-bounces at voipsa.org [mailto:Voipsec-bounces at voipsa.org] On
> Behalf Of Randell Jesup
> >3. SBC for large scale performing media and signaling relay functionality
>
> Except this requires Big Iron telco/cable mentality where the SBCs
> are expensive, chew bandwidth, and really want to live close to the access
> points (both for bandwidth and delay reasons). They enable/force access
> control. Bandwidth might not be huge issue for 8K (payload) G.729
> streams, but for 100-384+K video streams it is.
I wasn't going to jump into this thread since it seemed you guys were mostly
concerned with enterprise needs, but since you're jumping to the carrier
side... I wouldn't lump SBCs used in service providers with SBCs used for
enterprises. The service needs and issues are simply different. (or at
least the way in which the operators want them to be addressed - usually)
Yes, SBCs for service providers are expensive - compared to nothing.
Compared to the edge router's line cards, they're pretty good. And like
them, the greater the capacity and functionality, the more it costs. Of
course they don't replace the edge router, but as a replacement we'd be
comparing them with a TDM switch and we'd be talking a lot cheaper.
They chew bandwidth only in the sense that "local" calls could be
hair-pinned for media. That's not a significant percentage of the traffic
in most cases. Most SBC vendors also can release media for local or even
on-net calls, so it takes none. But if you want CALEA support (and at this
point there's not much choice), then wiretapped calls will need to be
media-relayed. If devices are behind NATs, then the media needs to be
relayed (in general). In that sense they already are a TURN server, they
just use SIP to control it. If endpoints use STUN (and they're not behind
symmetric NATs), then the SBC doesn't need to relay the media.
They really want to live close to the access points for a lot more than
media delay reasons (although that's one of them). The other big ones are
security and QoS. You want the enforcement/policing happening at the
network border: to break up the access domain, filter floods from consuming
bandwidth, etc. And you want to apply QoS rules/policies as soon as you
can. Just like you set router ACLs and policies at the edge routers.
As for available bandwidth, most SBCs can get to at least 2-4Gbps of media
throughput, some much more. The largest I've seen is 32Gbps (aggregate),
but undoubtedly capacity will grow with the market needs. Frankly, the
access edge routers rarely have the capacity to forward that much of data,
let alone voice.
-hadriel
More information about the Voipsec
mailing list