Home > Articles > Home & Office Computing

  • Print
  • + Share This
This chapter is from the book

Streaming Through Firewalls

RTP and RTSP are Internet standard protocols in wide use for transport of real-time video. They usually run on top of UDP. However, for many different reasons, UDP is not always an available transport option. One of the major reasons is that many corporate firewalls are designed to block it, on the assumption that allowing it would promote the flooding of the network with high-bandwidth media. In general, UDP is understandably associated with bandwidth-intensive Internet applications, such as Internet telephony, streaming audio, streaming video, and video games. And understandably, corporations trying to prevent nonwork–related web browsing find it simpler to just turn off all UDP traffic at the firewall and internalize any services (such as DNS) that depend on it.

In the late 1990s, each major streaming vendor had systems that worked over UDP and can work (with impaired performance) over TCP. Corporations were beginning to restrict their networks so heavily, however, that even general-purpose TCP would not work; only TCP traffic on port 80 (the normal port for Web traffic) would work. More restrictive proxy firewalls have made it so that often you can't even use TCP—only HTTP traffic is allowed, as shown in Figure 5-22.

Figure 5.22Figure 5-22 Firewalls block all traffic except HTTP.

Would this development be the end of streaming media? Obviously not, but what was the solution? Enter a new concept in all these layers: Protocol encapsulation.

HTTP is a request-response protocol; the client says and the server responds by sending the requested file. This certainly isn't designed to be a stay-on-for-hours protocol, but HTTP does have a feature whereby the same HTTP connection can be kept open and used. This was designed for scenarios in which the user receives multiple files from the same website.

Corporate Protocol Oppression

In response to this "only-HTTP" world created by corporate IT managers, developers had to come up with a way to deliver Internet video into these networks. A technique of tunneling transport protocols within HTTP was developed. With tunneling, all the normal packets that would be sent via UDP are constructed just as they normally would be, but then they are sent over HTTP connections. Figure 5-23 illustrates how this works.

Figure 5.23Figure 5-23 RTSP/RTP sneaks through the firewall by being encapsulated in HTTP.

In essence, the media server pretends to send large web pages in order to trick the corporate firewall into letting the video through!

Looks pretty inefficient, huh? Well, it is. And it's state of the art. However, the brute-force march of progress constantly upgrades the bandwidth and connectivity of the world, the speed of the routers on the Internet, and so on. Thus, structures like this somehow work. Remember, if there is no packet loss and the bandwidth between server and client has more than enough capacity, the video just works.

  • + Share This
  • 🔖 Save To Your Account