Author: Martin

Breaking the Radio Silence with VoIP

In cellular networks, the primary rule for voice telephony is efficiency, efficiency, efficiency. Translated into practice, this means that the mobile device patiently waits till it receives a paging for an incoming call or until the user wants to establish an outgoing call. In the time between, there is complete radio silence, except for occasional short signaling exchanges once every few hours to confirm to the network that the device is still switched on. With always on mobile Internet devices, this is going to change significantly, as the following example shows:

In previous blog entries, I’ve described how well the SIP VoIP client works on the Nokia N95. It blends in very nicely with the rest of the phone’s functionality and I can’t tell the difference between a cellular call and a VoIP call over Wifi. On the radio layer, however, things could not be more different.

While the cellular telephony application remains silent while no call is ongoing, the VoIP part remains quite active on the IP layer. Per minute, there are at least 10 message exchanged between the mobile and the network for various reasons such as keeping communication ports open on NAT firewalls. While it doesn’t seem to be an issue for battery capacity, as there is still ample capacity left in the evening despite being logged into the SIP server over Wifi all day,  it does have implications for cellular networks once VoIP is used there, too. While not all messages exchanged over Wifi will appear in cellular networks, at least 6 of those 10 are relevant for that scenario as well.

Today, each cell serves about 2000 users. For the network, this is not a problem since most mobiles are dormant. In a world where most mobile devices are IP enabled and use a standard SIP VoIP client, 2000 x 6 (or even more) message exchanges per minute means 12,000 message exchanges per minute over a single cell for more or less nothing.

To stay with the SIP VoIP example, here’s an overview of what I traced with my Wifi Tracer during a typical 60 seconds time interval while the SIP client is running and the phone is connected to a Wifi network:

  • At 7 seconds into the minute, the N95 wakes up because it receives a notification from the access point that an IP packet has arrived. It sends ‘power save poll’ management frame and receives an IP packet from the STUN server or the SIP server. In total, the mobile transmits 4 frames and receives 4 frames during this message exchange (including acknowledgments at the MAC layer).
  • At 11 seconds into the minute, The N95 decides to return the polling gesture and sends 1 packet to the STUN server and 1 packet to the SIP server. The STUN server sends a confirmation. Afterwards, the mobile enters the Wifi sleep state and informs the network with a corresponding management frame. In total, the mobile transmits 4 frames and receives 3 frames.
  • At 12 seconds into the minute, the mobile has to turn on it’s transmitter again because there is some data waiting again. It sends a poll frame and receives an ARP broadcast as the access point queries all IP addresses in the subnet. The mobile answers the ARP request and goes back to sleep. In total, the mobile transmits 7 frames and receives 6 frames.
  • At 16 seconds into the minute, the mobile feels a sudden urge to check that the MAC address of the router is still valid. This is as unnecessary as the ARP request from the router at 12 seconds, but it’s happening at least once a minute. The mobile transmits 2 frames and receives 2 frames.
  • At 22 seconds into the minute, a keep alive frame is received from the SIP or STUN server. I stop counting frames at this point.
  • At 34 seconds into the minute, the router runs another ARP request for all IP addresses in the subnet.
  • At 35 seconds, the SIP/STUN server sends a keep-alive frame.
  • At 37 seconds, the mobile returns the favor.
  • At 46 seconds, the mobile returns to sleep state and signals this to the Wifi Access Point.
  • At 49 seconds, the SIP/STUN server sends a keep alive frame.
  • Silence until 4 seconds into the next minute.

And now imagine you have a push eMail client and Instant messenger running, which will create even more traffic and 2000 other mobiles in the cell doing the same.

Standards bodies seem to have become aware of this issue, at least to some degree and have started to specify radio interface enhancements to counter the challenge. In case of UMTS and HSPA, the following come to mind:

I am not sure how LTE and WiMAX handle such very low speed but persistent message exchanges on the MAC layer. If anyone can give me pointers to that, I’d really appreciate.

The Origin of the Nokia Tune

Each and every of the billions of Nokia mobile phones that has been shipped in the last decade comes with it: The now famous Nokia tune. But do you know where it originally comes from?

Believe it or not, the few notes now known to most people around the globe are from the Valse Grande by Francisco Tárrega, a Spanish composer who lived in Spain between 1852 and 1909. For the details see the Wikipedia entry on Francisco Tárrega and the Nokia Tune.

Thanks to Guy Daniels of Telecom TV, who made me aware of it in his movie ‘Mobile Planet‘, which has been released last week in London. And here’s a link to the trailer, where you can hear, of course, the Nokia tune.

Web 2.0 Community Now Also Doing The Advertising For Products They Like?

Here is an interesting blog entry on the Nokia Beta Labs Blog: Tommi reports about the recent coverage of Nokia SportsTracker (which I like very much by the way) in Newsweek and about a YouTube advertising video that came out of the blue. Looks like it was not being done by Nokia!? Is the web 2.0 community now also coming up with the advertising for products they like? Incredible!

Sniffing Wifi Packets and Exploring Retransmission Behavoir

Since I figured out how to configure my eeePC for Wifi tracing with Wireshark, I’ve gained a number of interesting insights which go far beyond what you can read in literature on the topic. Standards are one thing, how they are implemented in devices are quite another sometimes. Here are some results I thought I’d share with you:

Wifi_retransmit
As a wireless medium is prone to transmission errors, each frame has to be acknowledged by the receiver. If the frame is not received it is automatically retransmitted. So how do devices do this in practice and how often does it happen? I’ve been able to do some pretty interesting traces with a Siemens Access point and a Nokia N95. The two devices are quite different in their radio characteristics as the antenna in the mobile device is far from ideal, especially if there is a wall separating the two devices as was the case in my test. Also, the behavior on the air interface is quite different, which has nothing to do with the antenna configuration.

The Siemens Access point is quite conservative concerning the use of modulation and coding schemes for a packet. The majority of packets are never sent with the maximum speed of 54 MBit/s, but instead with 36 MBit/s or even less. As a consequence, most packets are received correctly and are immediately acknowledged. In case there is no acknowledgement, the access point immediately reduces the modulation and coding by a step for the retransmission. As a result I haven’t seen many cases in which a frame has not been acknowledged after the second try.

The N95 on the other hand is pretty aggressive concerning modulation and coding scheme. It usually always starts with 54 MBit/s and even uses this setting for the first retry. If the first transmission has failed, the second usually does as well. Only for the third transmission is the modulation and coding scheme lowered to 48 MBit/s, then to 36 MBit/s and finally to 24 MBit/s. For subsequent frames, 36 MBit/s seems to be used for about 500 ms before the N95 Wifi chipset tries to go back to 54 MBit/s.

Also interesting is the repetition time in case no acknowledgment is received. On average, a packet is resent after around 0.5 ms. In case a packet is retransmitted 3 times, the resulting delay is about 2 ms. As a single frame usually carries 20 ms voice data, this time is negligible on the application layer and is far less than the jitter introduced on the way through the public Internet.

If you think three repetitions is a lot, you are right. However, I’ve seen cases in which the frame was transmitted 7 times before it was finally acknowledged. In this case, the backoff algorithm even allowed other stations to send their frame before the device could try all retransmissions. Pretty impressive.

The figure on the left shows how such a trace looks like in practice. Frame 6420 is sent but no acknowledgment is received. It is then resent as frame 6421 and then as 6422, after which an ack. is finally received. 6426, 6427 and 6430 are all the same frame, only acknowledged after the second retry. In between is 6428, a frame from another device together with its acknowledgment, 6429.

So that’s how it works in practice 🙂

Are We Going to See a Shootout between DVB-H and DVB-T?

Once the Nokia N96 hits the shelf it will probably be one of the first DVB-H (Digital Video Broadcast – Handheld) devices being shipped in large numbers. Not that DVB-H capable handsets haven’t sold for about two years now. However, DVB-H is only available in a few European countries such as Italy, and reception is not free. Maybe it is this fact coupled with licensing issues and access to the required spectrum that prevents mobile TV from taking off?

T-Mobile and Vodafone might think just that and have decided to launch DVB-T (Digital Video Broadcast – Terrestrial) capable handsets before the European football championship this year. The advantage: The DVB-T receiver in the mobile receives the non encrypted standard digital television signal for TVs. No subscription is required and there are no doubts concerning the programming, since users know it from their TV set at home.

Note that opening up the mobile platform to receive standard terrestrial programming is nothing new. In Japan, mobile TV seems to be quite popular, maybe just because among other things, there is also no subscription required to receive the program via the 1seq, the technology used there.

Critics say the DVB-T receiver chip is likely to consume more energy than the mobile optimized DVB-H chip. That’s probably true but the big question will be if it really matters…

Small Screen Web Browsing and Other Definitions

In the mobile world, words like ‘free’, ‘open’ and ‘unlimited’ have pretty much lost their original intrinsic meaning. Instead, these words have become mere marketing shells which make it difficult to compare different offers. In many cases a free, open and unlimited mobile Internet access offer usually means that it is only intended for use on the mobile phone, most services are blocked and a cap is put into place if the user manages to consume more than the unlimited data in the offer. So how could one realistically call such offers? How about:

  • Small screen web browsing within reasonable limits

or, in case eMail is included:

  • Small screen web browsing and eMail access within reasonable limits

To many marketing departments the Internet and the web seem to be the same thing. But please take note: The (world wide) web is just one of many applications using the Internet as a bearer. Therefore only allowing web browsing and eMail is not an Internet offer, it’s a web browsing and eMail offer!

But then, we are all free to give any word unlimited meanings and should be open for other opinions 🙂 Long live the fine print!

Intercepting VoIP Calls with Wireshark

Wireshark_call_trace
In case you have an Nokia N95 or similar SIP capable 3G / Wifi / VoIP phone and wondered why the little icon during a VoIP call shows an ‘open lock’, the answer is simple: The encoded voice data is not end-to-end encrypted. That means that anyone on the network between you and the other party who can intercept the data packets can listen to your conversation.

Sounds difficult to do in practice? Well, not really. I recently discovered that Wireshark, a free network monitoring tool, can decode G.711 PCM encoded speech data of SIP VoIP calls as shown in the picture on the left.

Just to be clear, this is not the fault of Nokia as I haven’t seen any other SIP client in practice yet that encrypts the voice data stream. In a public Wifi hotspot, intercepting the call and listening to the conversation is very simple, as the data packets are not encrypted between the device and the Wifi access point. In home networks, things get more difficult because most people nowadays have encryption between their devices and the Wifi access point enabled. But do you know what happens on the other side of your DSL connection…?

Orange France, the Small Screen Internet and Prepaid

Good news for mobile Internet use in France! Orange France has started to offer the same small screen Internet add-ons for prepaid and postpaid users. In addition to the ‘Découverte Multimédia’ option, which includes 5 MB worth of data for €3.-, Orange now also offers the ‘Internet Max’ add-on for €9.- a month to prepaid users.

What one can do with it: The offer includes mobile phone based web browsing and sending/receiving eMail from/to any POP/IMAP/SMTP server. Email transfers are limited to 10 MB a month.

What one can NOT do with it: The fine print states that Orange reserves the right to throttle transmission speeds if use exceeds 200 MB a month. The offer also excludes ‘peer-to-peer’, VoIP, and ‘newsgroups’ (whatever that is). Furthermore, the use of the mobile phone as a PC modem is not allowed. I am not sure if instant messaging is possible and whether only specific TCP ports are open for communication as the T&C’s don’t mention that specifically. To me, that looks like some sort of deep packet inspection is performed in the network. Should be fun play around with the option a bit to see what’s enforced in practice.

Despite the limitations I generally think this is good news since the price and availability with prepaid SIMs opens the mobile Internet to a wider audience. For the details, have a look on the Prepaid Wireless Internet Wiki.

3GPP Moves On: LTE-Advanced

LTE is not yet even deployed and the 3GPP  Third Generation Partnership Project) is already  thinking about how to further evolve the technology. A main driver is probably the ITU (International Telecommunication Union), who will in due time release their requirements for so called IMT-Advanced 4G wireless systems.

It is quite certain that in terms of bandwidth, LTE and all other beyond 3G wireless systems such as the current WiMAX 802.16-2005 (802.16e) specification will fall short of the ITU requirements, which will probably be in the range of 100 MBit/s to 1 GBit/s. A very ambitious goal. Earlier this month, 3GPP hosted an IMT-Advanced workshop in Shenzen to which 170 representatives of network vendors and network operators from all over the world attended.

Not much has been reported about it yet in the news or on blogs, so one could think they are working in the shadows. But far from that, the 3GPP website reported on it here and all papers presented during the workshop and a report can be downloaded from here. Tons of information! Compared to other standards bodies that keep their proceedings to themselves, it is great to see 3GPP is so openly distributing their information. They set a good example!

The following bullets list some of the first ideas for LTE-Advanced presented during the meeting to comply with the likely requirements of IMT-Advanced. During the meeting it was decided to officially gather and approve them in 3GPP TR 36.913 over the coming months:

  • LTE advanced shall be backwards compatible to LTE (i.e. like HSPA is backwards compatible to UMTS)
  • Primary focus should be on low mobility users in order to reach ITU-Advanced data rates.
  • Use of channel bandwidths beyond 20 MHz currently standardized for LTE (e.g. 50 MHz, 100 MHz).
  • Increase the number of antennas for MIMO beyond what is currently specified in LTE
  • Combine MIMO with beamforming.
  • Further increase in Voice over IP capacity
  • Further improved cell edge data rates
  • Improved self configuration of the network

Very ambitious goals, given that vendors are still working on the challenges of LTE. But then, what would the world be without ambitious goals?

Thanks to Zahid Ghadialy and his post on his ‘3G and 4G Wireless Blog’ for the pointer!