Presentation done at AstriCon 2014, Las Vegas, USA - how relevant can be SIP signaling traffic in a Real Time Communications platform and where pure SIP signaling servers such as Kamailio can be used.
Kamailio combined with Asterisk creates and incredibly robust and durable VoIP framework. With scalability and security, adding Kamailio to an asterisk deployment makes sense and saves money.
Cluecon 2015
Use of external controller applications to fetch the next routes and let Kamailio handle the SIP layer.
Example with Node.js external application and evapi+rtjson modules in Kamailio
Presentation done at Kamailio World 2014, Berlin, Germanu - several methods to do asynchronous SIP routing via Kamailio configuration file. Blend modules such as tm, tmx, mqueue, rtimer, async, evapi, etc. to suspend routing of current SIP request and resume that once processing of additional tasks has finished.
IIT RTC Conference 2015, Chicago - talk on optimizations for SIP singaling traffic in mobile 3G/4G environments and how Kamailio can be used for such situations.
Kamailio combined with Asterisk creates and incredibly robust and durable VoIP framework. With scalability and security, adding Kamailio to an asterisk deployment makes sense and saves money.
Cluecon 2015
Use of external controller applications to fetch the next routes and let Kamailio handle the SIP layer.
Example with Node.js external application and evapi+rtjson modules in Kamailio
Presentation done at Kamailio World 2014, Berlin, Germanu - several methods to do asynchronous SIP routing via Kamailio configuration file. Blend modules such as tm, tmx, mqueue, rtimer, async, evapi, etc. to suspend routing of current SIP request and resume that once processing of additional tasks has finished.
IIT RTC Conference 2015, Chicago - talk on optimizations for SIP singaling traffic in mobile 3G/4G environments and how Kamailio can be used for such situations.
Kamailio 5.0 allows writing full routing logic in Lua scripting language, opening the door for easy integration with external services and increasing the flexibility of optimizing SIP routing.
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Fred Posner
Presentation from AsteriskWorld 2017 at ITEXPO. Discussion of how I started with Asterisk and Kamailio as well as how to build Reliability, Scalability, and Security into your telephony platform.
Asterisk is an Open Source PBX - but how does it support larger installations? Can you scale it up to thousands of users, with hundreds of simultaneous calls? What about failover, backups and the famous blinking lamps? Olle Johansson goes through various models and describes where some of his current projects with strange names - Pinefrog, Pinana, Pinetree and Bufo fits into this picture.
Getting started with SIP Express Media Server SIP app server and SBC - workshopstefansayer
How to configure a SEMS instance for offering common media services such as announcements, voicemail, audio conferencing and IVR menus, and how to use the powerful and flexible SBC application, the "Swiss Army Knife of call stateful SIP processing".
Build HA Asterisk on Microsoft Azure using DRBD/HeartbeatSanjay Willie
This was presented during Microsoft Azure's BootCamp on April 25 2015 at Microsoft Malaysia. This particular session was about using OSS Asterisk on Azure with HA capabilities.
A talk about me discovering new architectures, new ways of building scalable realtime platforms #SIP #WebRTC #Kamailio #MQTT #NODERED
Watch it live at https://www.youtube.com/watch?v=BbfUXUWtxIg
Performance comparison between different versions of Asterisk and different channels.
Presentation at Astricon 2017
Online Trainings
Complete Asterisk PBX Training Coupon http://bit.ly/2E6U7fP
Understanding and Troubleshooting SIP http://bit.ly/2WZKkzy
VoIP Design Training Coupon http://bit.ly/2tlLFmG
VoIP Hacking Training Coupon http://bit.ly/2X4Pjz7
Quick Start to OpenSIPS Coupon http://bit.ly/2Bt72XJ
Books
Complete Asterisk Training Paperback and Kindle Book https://amzn.to/2tm7TFb
Complete Asterisk Training eBook PDF http://bit.ly/2UUebHG
Building Telephony Systems with OpenSIPS http://bit.ly/2SsUt9a
Treinamento Online
SIP em Profundidade Coupon de Treinamento http://bit.ly/2GpatTq
Asterisk Essencial Coupon de Treinamento http://bit.ly/2BzCjs1
Livros:
Guia e Configuração do Asterisk Paperback e Kindle https://amzn.to/2S2lwmZ
Guia de Configuração do Asterisk eBook PDF http://www.asteriskguide.com
SIP and DNS - federation, failover, load balancing and moreOlle E Johansson
SIP use DNS to find a server for a specific URI, like sip:alice@example.com. With DNS a SIP service can provide failover, load balancing and much more. SIP without DNS is a broken solution. SIP and DNS rocks!
Kamailio 5.0 allows writing full routing logic in Lua scripting language, opening the door for easy integration with external services and increasing the flexibility of optimizing SIP routing.
Using Asterisk and Kamailio for Reliable, Scalable and Secure Communication S...Fred Posner
Presentation from AsteriskWorld 2017 at ITEXPO. Discussion of how I started with Asterisk and Kamailio as well as how to build Reliability, Scalability, and Security into your telephony platform.
Asterisk is an Open Source PBX - but how does it support larger installations? Can you scale it up to thousands of users, with hundreds of simultaneous calls? What about failover, backups and the famous blinking lamps? Olle Johansson goes through various models and describes where some of his current projects with strange names - Pinefrog, Pinana, Pinetree and Bufo fits into this picture.
Getting started with SIP Express Media Server SIP app server and SBC - workshopstefansayer
How to configure a SEMS instance for offering common media services such as announcements, voicemail, audio conferencing and IVR menus, and how to use the powerful and flexible SBC application, the "Swiss Army Knife of call stateful SIP processing".
Build HA Asterisk on Microsoft Azure using DRBD/HeartbeatSanjay Willie
This was presented during Microsoft Azure's BootCamp on April 25 2015 at Microsoft Malaysia. This particular session was about using OSS Asterisk on Azure with HA capabilities.
A talk about me discovering new architectures, new ways of building scalable realtime platforms #SIP #WebRTC #Kamailio #MQTT #NODERED
Watch it live at https://www.youtube.com/watch?v=BbfUXUWtxIg
Performance comparison between different versions of Asterisk and different channels.
Presentation at Astricon 2017
Online Trainings
Complete Asterisk PBX Training Coupon http://bit.ly/2E6U7fP
Understanding and Troubleshooting SIP http://bit.ly/2WZKkzy
VoIP Design Training Coupon http://bit.ly/2tlLFmG
VoIP Hacking Training Coupon http://bit.ly/2X4Pjz7
Quick Start to OpenSIPS Coupon http://bit.ly/2Bt72XJ
Books
Complete Asterisk Training Paperback and Kindle Book https://amzn.to/2tm7TFb
Complete Asterisk Training eBook PDF http://bit.ly/2UUebHG
Building Telephony Systems with OpenSIPS http://bit.ly/2SsUt9a
Treinamento Online
SIP em Profundidade Coupon de Treinamento http://bit.ly/2GpatTq
Asterisk Essencial Coupon de Treinamento http://bit.ly/2BzCjs1
Livros:
Guia e Configuração do Asterisk Paperback e Kindle https://amzn.to/2S2lwmZ
Guia de Configuração do Asterisk eBook PDF http://www.asteriskguide.com
SIP and DNS - federation, failover, load balancing and moreOlle E Johansson
SIP use DNS to find a server for a specific URI, like sip:alice@example.com. With DNS a SIP service can provide failover, load balancing and much more. SIP without DNS is a broken solution. SIP and DNS rocks!
Kamailio is the leading Open Source SIP Server - a SIP proxy, registrar, location server, presence server, IMS server and much more. Find out more by viewing this quick presentation! (Updated June 2014)
A presentation about new functionality in SIP that is really needed for Hosted PBX services, SIP on mobile phones and more situations. #SIP #Kamailio #Asterisk #TLS #MoreCrypto
A video with this presentation is available on YouTube at
https://www.youtube.com/watch?v=uqFNlqB_Ssw
Fosdem 2016, Brussels, Belgium
A developer perspective of the components in the C code that impact the performances of the signaling servers, applied for Kamailio (https://www.kamailio.org), reflecting how they can be tuned from configuration file to increase the capacity of a SIP server.
Spoofing is a growing problem on the Internet. More spoofed attacks keep occurring over new mediums, DNS, NTP, SNMP etc. Detecting the source of these attacks is challenging, however is often hard or impossible to trace back. This talk covers some of the challenges and views the detection of some spoofed packets.
As presented at LinuxCon/CloudOpen 2015 Seattle Washington, August 19th 2015. Sagi Brody & Logan Best
This session will focus on real world deployments of DDoS mitigation strategies in every layer of the network. It will give an overview of methods to prevent these attacks and best practices on how to provide protection in complex cloud platforms. The session will also outline what we have found in our experience managing and running thousands of Linux and Unix managed service platforms and what specifically can be done to offer protection at every layer. The session will offer insight and examples from both a business and technical perspective.
SAP Mobile infrastructure consists of multiple systems such as SAP Mobile Platform (formerly Sybase Unwired Platform) also SAP Afaria MDM solution, Sybase SQL Anywhere Database, and hundreds of SAP's mobile applications. They even have their own store for mobile apps that can be developed by third parties. This talk highlights how one can hack SAP Mobile.
In this popular platform, we have discovered a lot of typical vulnerabilities - XSS, XXE, hardcoded static encryption keys, and vulnerabilities that are specific to this platform - logic vulnerabilities and privilege escalations. As a result, after compromising the SAP Mobile platform, we demonstrated how to get access to compromised mobile phones.
NetFlow Monitoring for Cyber Threat DefenseCisco Canada
Recent trends have led to the erosion of the security perimeter and increasingly attackers are gaining operational footprints on the network interior. For more information, please visit our website: http://www.cisco.com/web/CA/index.html
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...Aman Kohli
The power of Gatling is the DSL it provides to allow writing meaningful and expressive tests. We provide an overview of the framework, a description of their development environment and goals, and present their test results.
Source code available https://github.com/lawlessc/random-response-time
This presentation was given to the Dublin Node (JS) Community on May 29th 2014.
Presented by: Chris Lawless, Kevin Yu Wei Xia, Fergal Carroll @phergalkarl, Ciarán Ó hUallacháin, and Aman Kohli @akohli
SIPLABS CEO Mikhail Rodionov discusses current projects, contributions back to the Kazoo platform, and challenges in the market for his emerging company.
OpenNebulaConf 2016 - Networking, NFVs and SDNs Hands-on Workshop by Rubén S....OpenNebula Project
In this 90-minute hands-on workshop, some of the key contributors to OpenNebula will walk attendees through the configuration and integration aspects of the networking subsystem in OpenNebula. The session will also include lightning talks by community members describing aspects related to Networking, NFVs and SDNs with OpenNebula:
- Deployment scenarios
- Integration
- Tuning & debugging
- Best practices
Dangerous demo at TAD Summit 2016, in Lisbon. Running Kamailio on Ubuntu Phone, turning it into a SIP routing platform for large number of requests per second. The demo was done by stressing with sipp at a rate of 2000req/sec while audience was able to make calls between them.
!0 Years SER Conference, 2011, Berlin Germany - awards granted to several people that had relevant contributions for development of SIP Express Router (SER) (continuing afterwards with Kamailio).
Presentation given at SIP Conference 2004, Paris - a proposal to define telephony charging plans using XML in a fashion similar to CPL (Call Processing Language)
Presentation given at Amoocon 2009 - details about SIP Router Project, that aimed to get SER and Kamailio projects together, which ended by 2012 when Kamailio completely integrated SER.
Presentation done at Astricon 2013, Atlanta, USA - a look at Kamailio and SIP proxy server concept from the perspective of a media server and PBX such as Asterisk
Presentation done at Kamailio World 2013, Berlin, Germany - several options for scalability of SIP routing with Kamailio, from configuration file tricks to stateless and stateful load balancing with dispatcher module.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Kamailio - SIP Servers Everywhere
1. kam ailio
sip servers everywhere
Daniel-Constantin Mierla
@miconda
www.asipto.com
www.kamailio.org
AstriCon 2014 - Las Vegas, USA
2. WHOIS KAMAILIO
2
Let's Speak SIP = E Kama'ilio SIP
Sep 2001 2002 Jun 2005 Jul 2008 Aug 2008 Nov 2008
Sep 2011
SIP Express Router (SER)
OpenSER Kamailio
Other Forks...
Oct 2009 Jan 2010
Same application:
Kamailio - SER
v3.0.0
Integration
Completed
v1.5.0
First
Line
Of
Code
Open
Source !
GPL
FhG
Fokus
Institute
rename
Awarded
Best Open
Source
Networking
Software
2009
By InfoWorld
Oct 2014
………. v4.2.0
10
Years
Jun 2012
ITSPA
UK
Award
v3.3.0
Mar 2013
v4.0.0
Dec 2013
Kamailio
v4.1.0
4. !
SIP signalling routing
• fast
• reliable
• flexible
4
GROUND ZERO
In other words
• not initiating calls
• not answering calls
• no audio-video processing
5. DON’T PANIC
!
5
Real Time Communications
multimedia notifications
telephony
video conferences
file transfer
desktop sharing
gaming
instant messaging
presence
alerts
monitoring
mobility
6. INTER-NET-WORKING
!
6
Real Time Communications
multimedia notifications
telephony
video conferences
file transfer
desktop sharing
gaming
instant messaging
presence
alerts
monitoring
mobility
Internet of Humans Internet of (Every)Things
7. THE INVISIBLE SIGNALLING
!
7
Real Time Communications
you get on the net
telephony
video conferences
file transfer
desktop sharing
gaming
• Registrations
• Authentication challenges
• NAT keepalives
• Servers monitoring
• Gateway hunting
• Re-routing
• Session updates
8. !
8
THE IMPACT OF SIGNALLING
typical day for a person
morning
at
home
work
not at
home
evening
at
home
going out with friends is work duty
9. !
9
THE IMPACT OF SIGNALLING
typical home phone activity
morning
3-5
calls
work
0-2
calls
evening
3-5
calls
no football game last evening
10. 10
SIP CALL SIGNALLING
INVITE
100
180
183
INVITE
INVITE
ACK
BYE
200 OK
200 OK
200 OK
200 OK
INVITE
407
11. 11
SIP REGISTRATION SIGNALLING
REGISTER
REGISTER
OPTIONS
401
200 OK
200 OK
OPTIONS
200 OK
REGISTER
NAT
keepalive
!
every 20 sec
every 3600 sec
12. THE IMPACT OF SIGNALLING
!
12
a day on the wire
user actions device actions
12 msg x 10 (calls) 4 msg x 24 (regs)
6 msg x 60 x 24 (ka)
120 8736
8856
13. 13
SIP SIGNALLING
taking over facebook subscriber base
msgs/day
1 000 x 9 000 = 9 000 000
…
1 000 000 x 9 000 = 9 000 000 000
14. 14
SIP SIGNALLING
taking over facebook subscriber base
estimated bandwidth / day
1000 phones: 9 000 000 x 1kB = ~ 9GB
…
1000000 phones: 9 000 000 000 x 1kB = ~9TB
16. 16
SIP SIGNALLING
your friendly scanners
extra traffic
100 requests/seconds => 200 messages/second
200 x 60 x 60 x 24 = 17 280 000 msgs/day
17GB/day
17. 17
SIGNALLING REMARKS
can be a significant source of processing
(both network and application layer)
!
can be a lot even with small subscriber base
(your online friends don’t let you rest)
!
numbers estimated for very basic usage model
(imagine instant messaging, presence, mwi, blf, …)
20. !
dispatcher module
• list of balancing nodes from file or database
• monitoring of nodes (activate/inactivate
automatically)
• re-route in case of failure
• various algorithms: hashing, weight distribution, round
robin, call load distribution, priority routing
• reload list of nodes without restart
20
LOAD BALANCER
# Dispatch requests
route[DISPATCH] {
# round robin dispatching on gateways group '1'
if(!ds_select_dst("1", “4")) {
send_reply("404", "No destination");
exit;
}
xdbg("--- SCRIPT: going to <$ru> via <$du>n");
t_on_failure("RTF_DISPATCH");
route(RELAY);
exit;
}
# Re-route in case of failure
failure_route[RTF_DISPATCH] {
if (t_is_canceled()) {
exit;
}
# next node - only for 500 or local timeout
if (t_check_status(“500") || (t_branch_timeout() && !t_branch_replied())) {
if(ds_next_dst()) {
t_on_failure("RTF_DISPATCH");
route(RELAY);
exit;
}
}
}
21. !
LEAST COST OR DID ROUTING
plenty of options
• lcr module
• carrierroute module
• prefix_route module
• drouting module
• combinations: mtree + dispatcher
21
route[LCR] {
if (!load_gws("1")) {
send_reply("503", "Error loading gateways");
exit;
}
if (!next_gw()) {
send_reply("503", "No available gateways");
exit;
}
t_on_failure(“RTF_LCR");
route(RELAY);
exit;
}
# Re-route in case of failure
failure_route[RTF_LCR] {
if (t_is_canceled()) {
exit;
}
# next node - only for 500 or local timeout
if (t_check_status(“500") || (t_branch_timeout() && !t_branch_replied())) {
if(next_gw()) {
t_on_failure("RTF_LCR");
route(RELAY);
exit;
}
}
}
pstn
provider
pstn
provider
pstn
provider
lcr DID
routing
22. !
block DOS or dictionary attacks
part of default kamailio.cfg
• htable module
• pike module
• detect high volume of traffic from same source and
block it for a specific interval of itme
22
SIP FIREWALL
# ip ban htable with autoexpire after 5 minutes
modparam("htable", "htable", “ipban=>size=8;autoexpire=300;")
…
route[SAFEGUARD] {
# flood detection from same IP and traffic ban for a specific interval
# be sure you exclude checking trusted peers, such as pstn gateways
# - local host excluded (e.g., loop to self)
if(src_ip!=myself) {
if($sht(ipban=>$si)!=$null) {
# ip is already blocked
xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)n");
exit;
}
if (!pike_check_req()) {
xlog("ALERT: pike blocking $rm from $fu (IP:$si:$sp)n");
$sht(ipban=>$si) = 1;
exit;
}
}
if($ua =~ "friendly-scanner") {
sl_send_reply("200", "OK");
exit;
}
}
23. core and tm module
• set transport in R-URI or outbound proxy address
• force transport via dedicated function
!
23
TRANSPORT LAYER GATEWAY
# Force UDP
route[TOUDP] {
# round robin dispatching on gateways group '1'
record_route();
$du = “sip:nexthop.com:5060;transport=udp”;
force_send_socket(“udp:10.1.1.10:5080”);
route(RELAY);
exit;
}
tls
web socket
udp
udp udp
IPv6
bridging networks
• public to private networks and back
• IPv4 to IPv6 and back
• any transport layer to another one and back