Nokia 6300i: WLAN and VoIP move to Mid-Range Phones

I just saw Nokia’s announcement of the 6300i and had to take a closer look. While I am more of a fan of their Nseries devices, the announcement nevertheless caught my eye since the 6300i includes WLAN for browsing and VoIP.

While Nokia’s website doesn’t (yet) confirm that VoIP equals a SIP client (and not UMA), it looks very much like it since the WLAN doesn’t seem to be inside for UMA and can be used as a standard Internet connection.

Interesting how fast those two high end features have moved to the mid-range sector and another sign VoIP over Wifi might soon become the norm rather the exception. I hope carriers are starting to think of a couple of alternatives to removing the VoIP functionality in their firmware version soon. Here are some suggestions.

Also on board of the S40 based phone is Nokia Maps as a Java application, another high end feature moving down to a mid-range phone at the lower end with a recommended retail price of around 200 euros (according to Teltarif).

Does anyone have experience with the S40 music player? If it’s good I can very well imagine this phone addressing a large audience.

Tracing the N95’s VoIP Implementation

Sip_nokia
A couple of days ago I posted an entry on my experiences with the N95’s SIP VoIP implementation. While the overall result was very positive, I continue to see the strange 30 seconds dial out delay with my Wifi/DSL setup in Paris. To get to the bottom of this I have started a little tracing session to see at which point things go wrong.

To have a positive example for a comparison, I traced the SIP behavior of the N95 in my Wifi network in Germany where everything works fine. For the purpose I have put a hub in between the DSL modem and the Wifi access point to trace the messages going back and forth between the SIP server, the voice gateway and the N95. Here are some interesting results which I didn’t expect:

STUN Implementation

Once the SIP client on the phone is registered, it communicates once every 30 seconds with the STUN (Simple Traversal of UDP over NAT) server on the Internet. This is required due to the Network Address Translation feature of DSL and cable modems that allow using many devices in the local network despite only having a single IP address. While I knew that the SIP client has to ping the STUN server every now and then to keep the UDP ports open on the NAT firewall in the DSL router, I didn’t expect to see it every 30 seconds. Seems to be a normal behavior as a Windows XP SIP Client behaves the same.

Registration Interval And Impact Of Signaling on the Network

To keep the UDP session with the SIP Registar and Proxy alive, the
SIP client on the N95 registers with the service every 5 minutes. This
is probably also a precaution or necessity to keep the UDP port open
for incoming signaling messages in the NAT firewall. In Wifi/DSL/cable
networks, this frequent communication together with the 30 seconds STUN
updates is not a problem. It also doesn’t seem to have a big impact on
battery performance as I discovered already in my earlier blog entry.
For cellular networks however, such behavior is quite problematic. Just
imagine 2000 VoIP capable devices hanging on each cell and sending SIP
and STUN signaling messages over it every 30 seconds… Thats over 66
uplink resource requests per second just for SIP and STUN signaling.
Bye bye Idle state… Looks like the combination of NAT and SIP over cellular networks on a large scale is a no go!

STUN Before The Invite

When dialing out or before accepting an incoming call, the Nokia SIP implementation also pings the STUN server once before proceeding with the call. The Windows XP SIP client doesn’t do that so it seems to be a precaution on Nokia’s side.

One RTP Packet Opens the NAT

When dialing out, the Nokia SIP implementation sends an RTP packet to open the NAT firewall for incoming RTP speech packets. Further outgoing RTP packets are only sent when the other side picks up. So that first (and only packet) is definitely sent for this purpose.

Supported Speech Codecs

According to the Session Description in the Invite message the Nokia VoIP client supports the following speech codecs: G.711 PCM a-law and my-law, Adaptive Multirate (AMR), iLBC and G729. With the SipGate voice gate to the standard phone network, the G.711 PCM codec is selected so no speech transcoding is required at the gateway. Good for the gateway and good for speech quality but this requires 10 kbyte/s bandwidth in the uplink or downlink. Not very resource efficient 🙂

Summary

Some of the things I have described here can also be seen in the screenshot at the top of this blog entry. Click on the image to get the full sized version. Next week, I’ll be in Paris again and will check out things there. More news then.

T-Mobile And The Asus eeePC

28022008015001_2
At the CeBIT kick-off press conference today, T-Mobile Germany and Asus announced an interesting cooperation: T-Mobile will start selling the eeePC in Germany and Austria with access to their Wifi and 3G networks. The 3G offer will include an HSPA USB stick. I’ve just recently bought an eeePC myself and time will tell how often it will be preferred over taking a full notebook with me. But I think chances are fairly high since it nicely fits into a bag and weighs almost nothing compared to the notebook.

For those who prefer using their mobile phone as a 3G "modem" for the eeePC (like me) instead of being locked to a single operator, here’s a link that explains how to do this as well. I tried with an N95, a Nokia 6680 and a Motorola V3xx and they all worked fine.

Your Nokia S60 phone as a WLAN Gateway to the Internet

Already back in 2006 I have speculated about Wifi/3G devices becoming gateways to the Internet for Wifi only devices (notebooks, etc.) by acting as Wifi access points. Looks like we are very close to such a  solution now with JoikuSpot. JoikuSpot is a piece of software for Nokia S60 phones which is able to relay HTTP and HTTPS web page requests from notebooks and other Wifi devices to the Internet via a 3G connection.

According to the description, the software sets the phone’s Wifi interface into unencrypted ad-hoc mode (not in Access Point mode) which means that everybody in range can use the gateway. This is a bit of an issue from a security and usage control point of view. Another current downside is the limit to HTTP and HTTPS which limits the use of the gateway to web surfing. eMail and other Internet applications. An interesting step, let’s hope they continue to work on the feature set in the future.

Via Teltarif

Wifi Printing becomes En Vougue

Wifiprint1
Recently, I had to get a new printer as the old one is slowly wearing out and an integrated scanner/copier would be a nice thing, too. Quite some things have changed since I last went to the computer store to buy a printer. Half of the printer/scanner/copier solutions starting from €120.- had built in Wifi so it can be used by all computers in the household. Looks like the Wifi chip has finally become cheap enough to make it into these sorts of devices. I wonder when/if digital cameras will be equipped with Wifi as well.

Wifiprint2
After some back and forth I decided to go for an HP C7280 for around 270 euros. A really impressive device with lots of functions. Setup was straight forward, input of the Wifi WPA key and it was part of the network. A bit of configuration in the Wifi access point to ensure it always gets the same IP address and the network was ready, too. The PictBridge USB port also supports USB sticks for direct printing and Bluetooth dongles to print directly from a mobile phone. I tried it with the Bluetooth dongle I usually use with my PC and the printer detected and used the Bluetooth stick without any manual configuration. Once the phone has sent the picture via Bluetooth the print starts automatically. Very nice. Printing from a PC via the Wifi network works just as quickly as over Ethernet or USB cable except for a somewhat long startup time of 20 seconds or so before the first page is printed. Subsequent pages, however, are printed without delay.

While I am very impressed with the printer I am VERY disappointed with the PC software of HP. I installed it on two computers and both, after rebooting, had a nasty task running in the background which consumed 100% of the processing power. Looks like I am not the only person with that problem so fortunately the Internet provided quick help. HP, how can such a glitch happen? Also, the software is not really light on CPU resources. While the printer is online some tasks in the background keep loading my CPU. Not that I would bother too much but the fan on my notebook runs almost permanently. Again, HP, what were you thinking? I’ve fixed the problem with a little hack, i.e. by killing the tasks running in the background and only activating them when I want to print something.

Despite the flaky HP software the printer integrates nicely in my home network due to the built in Wifi chip. No longer do I have to use memory sticks or to carry a notebook around when I want to print out something from a computer which is not close to the printer.

Being a Mobile Network Operator For a Day

Plugs
When you go to a lot of meetings at other people’s locations you learn over time to take two indispensable things with you to stay connected: First, a multiple socket outlet with a long extension cable as there are usually only two power sockets for 20 people. This has the nice side effect that other people are usually more than grateful for your seemingly bright idea (see picture on the left). Second, I bring my own Internet access as either there is no Wifi or Ethernet cable available or a firewall blocks my IPsec connection back to the home network.

Ap
Last week, I hosted an internal meeting at one of our locations for a number of employees coming to town from all over the world. Usually, our Wifi network works quite well except, of course, when you need it. So the local Wifi went on strike as soon as our two day meeting started. But we are an R&D lab, so we have Wifi Access Points around that can take over in times of crisis. So I became a mobile network operator for a day.

Traffic1
The Linksys WRT-54 Access Point with OpenWRT has a nice graphical network traffic analysis tool which I used throughout the meetings to see how much the network was used. Most of the time there were around 15 people connected to the access point, mostly for keeping up to date with their eMail and browsing the web a bit (the split attention syndrome). Even in the breaks when usage increased I was quite surprised that the usage of the network rarely went beyond an average of 10-20%. In other words, most of the time 80-90% of the capacity was not used.

Traffic2
I would have guessed before the experiment that utilization would be much higher as people often report from conferences that Wifi access at some point comes to a standstill. Looks like my conference was too small and my visitors less demanding despite some YouTube videos being streamed during the breaks 🙂

On the left are some graphics which show how the network was used during high times. The time recorded on the graph is around 4 minutes.

I-WLAN for IMS access over Wifi

I’ve taken a look at IMS lately and ways to access the IMS from non 3GPP networks such as Wifi hotspots and Wifi at home. Looks like 3GPP TS 23.234 and TS 33.234 contains everything required for the purpose. The first major building block of I-WLAN (Wireless Local Area Network interworking) is how the subscriber database of a 2G/3G network can be used to authenticate Wifi users that have a device with built in GSM/UMTS SIM card. For this purpose EAP/AKA or EAP/SIM is used. For EAP-SIM I’ve written a blog entry some time ago. The standard also foresees methods for the access point to deliver billing information to the 3GPP network.

What I didn’t realize at that time was that the second building block in those two documents is a method to establish an IPSec encryption tunnel between a mobile device and a gateway between an external network (e.g. the Internet) and the 3GPP core network which hosts an IMS. This gateway is called the Packet Data Gateway (PDG). The standard even says that the IPsec tunnel setup can be used without the above mentioned EAP-SIM authentication step. That’s good news as the EAP-SIM authentication requires support of the Wifi Access point while the tunnel establishment is transparent to the Wifi access point.

So let’s see maybe we’ll see 3G+/Wifi IMS devices with the ability to establish an IPSec tunnel over Wifi to the IMS of their wireless operator. Great stuff for mobile operators with DSL assets.

Devicescape Makes Use of Wifi Hotspots Easier With Mobile Devices

Jukka over at the Nokia Web Server blog made me aware of an interesting new service from Devicescape which will be bundled with Nokia Nseries and Eseries phones that makes using Wifi hotspots easier in the future.

You probably know the hassle. You sit down at the airport but before you can use the local Wifi network a user name and password has to be entered on a web page to get access to the Internet. While inconvenient with a notebook it’s still manageable since you have a keyboard available. With a mobile device however, typing in user names and passwords on a web page becomes a real pain.

Devicescape has an elegant solution for this. A little program, that has to be installed on the phone, checks all Wifi networks and automatically logs into those it knows. Usernames and passwords are stored on a centralized server so the user never has to type them in on the mobile device. When accessing the network from a Wifi hotspot they are downloaded automatically and entered into the web page by the program.

I was a bit puzzled at first. How can they store passwords remotely? Usually, access to the Internet is only possible once one the username and password have been entered on the web page. Devicescape uses an interesting trick to circumvent this. They piggyback their server interaction on DNS (Domain Name Server) queries which are required to resolve a URL (e.g. http://mobilesociety.typepad.com) into a numeric IP address. This works even before full access to the Internet is granted. The DNS server system has a treelike structure so a DNS query to a Devicescape URL will end up on the central Devicescape server. The server then checks the request and returns the username and password in the answer.

Pretty sleek!

More On User Installable Certificates for Wifi (And WiMAX)

Screenshot0011
Some days ago I have speculated how a WiMAX world might look like without SIM cards. It’s likely that certificates are going to be used to authenticate terminals and users to the network (and vice versa). The big open question is whether these certificates are pre-installed and can not be changed, i.e. the device is locked to the network, or if they can be installed by the user. This would have the advantage that a device can be used in any network that allows user installable certificates.

Wireless LAN already uses user installable certificates in WPA-enterprise mode and larger organizations are already making use of this. Here’s an example from a university that uses PEAP. To my surprise, my Nokia N93 phone already seems to support a large number of different EAP authentication methods today, see the picture on the left.

What’s worrying me a bit is the many different types of EAP methods. That’s going to create the heck of an issue for non-tech end users. Also, how do you keep a (software) certificate save? With a SIM card that’s much easier since it is a piece of hardware.

Wireshark Now Supports WPA Decryption

Good to see that Wireshark, my favorite network analysis tool is now able to decrypt Wifi WPA protection. Starting with release 0.99.5, WPA information can be entered as shown here. It’s important that the trace also includes the authentication sequences for all mobiles in the network. This is necessary as each connection uses different session keys which are negotiated when a device enters the network.

Most of the time, it’s the beacon frames and other management information that is important when tracing Wifi. This is possible even without decrypting the conntent of the package. However, once packets are decrypted their content can be analyzed by Wireshark and frames are marked in different colors in the main window. This makes it very simple for example to detect Wifi retransmissions due to missing ACKnolwedgement frames for example. Without the different colors such retransmissions are much harder to spot.