The topic of today's post was preempted in a comment I received on Friday 10th July. In it, Digital Chalk's Tony McCune wrote:
...I think that the technology decision has to include consideration of the client capabilities of the audience you are serving as well as the network you will ultimately be streaming into and their openness to the ports and protocols. Most enterprise networks close the streaming ports.
Communications and collaboration using streaming media platforms only work if the client side has the facility to access the content. If you or your organization has a requirement to deliver content (on-demand courseware or a pre-sales demo, for example ) to a customer, you are probably familiar with the refrain " I can't see the content" from the prospective attendee or viewer. There are many reasons why this may occur, but all other things being equal, the probability is that the client cannot access the content because their firewall is blocking the data delivery.
According to Wikipedia, a firewall is
a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all (in and out) computer traffic between different security domains based upon a set of rules and other criteria.
To control the flow of data, numbered ports in the firewall are either opened or closed to specific types of packets. The firewall reviews two pieces of information in each arriving or departing packet: the protocol through which the packet is being delivered and the port number to which it is being sent. If the firewall is configured to accept the specified protocol through the targeted port, the packet is allowed through. The most commonly-known example of this process is probably Port 80, the access point for TCP, UDP, and the Hypertext Transfer Protocol (HTTP).
Firewall policy management is beyond the remit of this blog, but suffice it to say that most organizations are understandably cautious about providing 'open house' access to their networks. The downside of this caution is that when a legitimate need arises to provide access via a rarely-used port, most organizations' IT departments have reservations (to say the least) about granting access.
Table 1 describes all of the ports needed to facilitate the delivery of unicast streaming via Microsoft Media Server 9.
Table 1 Delivering a Unicast Stream via MS Media Serve 9
| Application Protocol | Protocol | Port | Description |
| RTSP | TCP | 554 (In/Out) | Used for accepting incoming RTSP client connections and for delivering data packets to clients that are streaming by using RTSPT. |
| RTSP | UDP | 5004 (Out) | Used for delivering data packets to clients that are streaming by using RTSPU. |
| RTSP | UDP | 5005 (In/Out) | Used for receiving packet loss information from clients and providing synchronization information to clients that are streaming by using RTSPU. |
| MMS | TCP | 1755 (In/Out) | Used for accepting incoming MMS client connections and for delivering data packets to clients that are streaming by using MMST. |
| MMS | UDP | 1755 (In/Out) | Used for receiving packet loss information from clients and providing synchronization information to clients that are streaming by using MMSU. |
| MMS | UDP | 1024-5000 (Out) | Used for delivering data packets to clients that are streaming by using MMSU. Open only the necessary number of ports. |
| HTTP | TCP | 80 (In/Out) | Used for accepting incoming HTTP client connections and for delivering data packets to clients that are streaming by using HTTP. |
Table 1 only represents a small portion of Windows Media Server 9’s requirements, the platform has separate port access requirements for:
- Delivering a multicast stream
- Streaming from an encoder
- Distributing content
- Administering the server remotely
Apple, on the other hand, provides proxy server software to get around firewalls, by the IT department maintaining the firewall must install the proxy software.
The Flash Streaming Server platform uses what Michael Topic (2002) calls a "drastic solution" to negotiate this problem: HTTP tunneling
Where [Real Time Protocol] RTP packets are wrapped inside ordinary HTTP packets so that they can pass through the firewall.
(p.99)
"Unfortunately" he notes, this approach adds "significant overhead to the stream" taking up more bandwidth. Adobe Systems solution to this issue (and the one implemented by Digital Chalk, as well as a broad range of e-learning vendors and other enterprises and institutions) is to implement the proprietary Real-Time Messaging Protocol for streaming audio, video and data over the Internet, between a Flash player and a server..
According to Adobe
The Real-Time Messaging Protocol (RTMP) was designed for high-performance transmission of audio, video, and data between Adobe Flash Platform technologies, including Adobe Flash Player and Adobe AIR. RTMP is now available as an open specification to create products and technology that enable delivery of video, audio, and data in the open AMF, SWF, FLV, and F4V formats compatible with Adobe Flash Player.
The protocol works by a client (such as the Flash Player) communicating with a Flash Communication Server (for example via a corporate Adobe Connect solution) using RTMP protocol over port 1935. If that fails, it will try again over ports 443 and 80 in an attempt to get around firewall policies within an organization, which prevent TCP/IP connections over non-standard ports.
According to Adobe this approach allows "approximately 96% of all users to access publicly accessible Flash Communication servers."
More…
___________
References:
Adobe DevNet (2009). Real-Time Messaging Protocol (RTMP) specification. [Internet] Available from: http://www.adobe.com/devnet/rtmp/ Accessed 11th July 2009
Adobe TechNote (2009). HTTP Tunneling protocols [Internet] Available from: http://kb2.adobe.com/cps/166/tn_16631.html Accessed 11th July 2009
Nelson, D. (2007) Firewall Information for Windows Media Services 9 Series. [Internet] Available from: http://www.microsoft.com/windows/windowsmedia/forpros/serve/firewall.aspx Accessed 11th July 2009
Topic, M. (2002) Streaming Media Demystified. McGraw-Hill Professional. eBook, United States.
Wikipedia (2009) Firewall. [Internet] Available from: http://en.wikipedia.org/wiki/Firewall Accessed 11th July 2009
--
No comments:
Post a Comment