Uploaded bystefansayer
5,140 views

SIP Express Media Server SBC application as powerful SBC and SIP toolbox

The document presents an overview of the SIP Express Media Server (SEMS) and its features as a Session Border Controller (SBC), developed by Frafos GmbH since 2010. It outlines the functionalities, use cases, and programmable capabilities of SEMS, emphasizing its application in telecom environments and real-time communication. The document also discusses integration with WebRTC and various programmability options for managing SIP traffic and sessions.

Embed presentation

Downloaded 45 times
SIP Express Media Server SBC KamailioWorld 2014 Stefan Sayer, CTO FRAFOS GmbH stefan.sayer@frafos.com VoIP Services Consulting and Development email/xmpp:stefan.sayer@gmail.com
2 Contents ● The SIP Express Media Server ● SEMS SBC …....................... snip …....................... ● #MoreCrypto
3 SEMS ● Originates from the same team as SER (Kamailio/OpenSER/...) at Fraunhofer FOKUS ● SIP Media and Application Server ● Developed at various related companies (iptelorg, IPTEGO, ...) ● Since 2010 mainly at FRAFOS ● Open Source community since 2003
4 FRAFOS ABC SBC ● Full-fledged SBC, turn-key solution ● Border security, monitoring, SIP control and mediation, registration offload, transcoding etc ● Software only, on FRAFOS-provided hardware or virtualized deployment (incl EC2) ● HA with active-hot standby (SIP+RTP) ● 100% rule based administration through GUI ● Application offloading and integration through open APIs and programming platform ● WebRTC gateway
5 ABC SBC - GUI
6 SEMS project focus ● Telecoms applications, carrier environment  High volume prompts, voicemail, conferencing, …  B2BUA / SBC ● Speed and reliability ● Only SIP, not multi-protocol (almost) ● Versatile and easy to use app server for SIP networks ● Built for purpose
7 SEMS use cases
8 SEMS SBC application ● B2BUA, completely transparent to fully opaque ● Handles SIP and (optional) RTP ● Flexible and programmable ● ”The Swiss Army Knife of call stateful SIP processing”
9 SEMS SBC features ● B2BUA, network separation ● SIP message manipulation & mediation, header/message filter ● SIP NAT handling, TCP/UDP, DNS SRV w/failover ● SST enforcement ● Registration Caching ● SIP client auth ● CDR generation, call timer, parallel call limits, prepaid, ...
10 SBC: media features ● RTP relaying ● Near & far end NAT traversal ● Codec filter, SDP filter ● Transcoding
11 SBC: Profile based control SEMS SBC # U 210.13.3.122:5080 -> 210.13.3.100:5060 INVITE sip:+49123@osbc1.mynet.net SIP/2.0 From: “John” <sip:+431556221@mynet.net>;tag=12 To: “Clara” <+49123@mynet.net> Call-ID: 3cde5d1a960a-dez6oz34llo4 ... # U 210.13.3.100:5060 -> 213.192.59.75:5060 INVITE sip:+49123@sbc1.mypeer.net SIP/2.0 From: <+431556221@mynet.net>;tag=3213 To: <sip:+49123@mypeer.net> Call-ID: 3cde5d1a960a-dez6oz34llo4_leg2 ... URI=$tU@sbc1.mypeer.net From=<$fU@mynet.net> To=<sip:$tU@mypeer.net> Call-ID=$ci_leg2 enable_rtprelay=yes set_fromto.sbcprofile.conf known SER pseudo-variables
12 SBC example: auth_b2b ● Identity change ● SIP auth upstream ● Set e.g. In headers  $P(name) selects name from P-App-Param RURI=sip:$rU@$P(d) From=""$P(u)" <sip:$P(u)@$P(d)>" To=""$rU" <sip:$rU@$P(d)>" enable_auth=yes auth_user=$P(u) auth_pwd=$P(p) auth_b2b.sbcprofile.conf Test:
13 Some profile options RURI=$r From=$f To=$t Contact=<sip:$Ri> Call-ID=$ci_leg2 outbound_proxy=sip:192.168.5.106:5060 force_outbound_proxy=yes next_hop=192.168.5.106:5060 outbound_interface=extern enable_reg_caching=yes min_reg_expires=3600 max_ua_expires=60 dlg_nat_handling=yes enable_rtprelay=yes rtprelay_force_symmetric_rtp=yes aleg_rtprelay_interface=intern rtprelay_interface=default header_filter=blacklist header_list=P-App-Param,P-App-Name sdp_filter=whitelist sdpfilter_list=g729,g723,ilbc,speex,gsm append_headers="P-Src-IP: $sirn" enable_session_timer=yes session_expires=120 minimum_timer=90 enable_auth=yes auth_user=$P(u) auth_pwd=$P(p) …
14 SBC: programmability ● Modules included e.g.  Blacklist from REDIS: bl_redis  SIP/feature control from http (REST) API: rest ● Simple Call Control API - start()/connect()/end() ● Extended Call Control API  Control each message in detail  Switch call legs PBX style, e.g. Mid-call prompts  Program also with DSM script
15 SBC programmability example switch B2B to local media processing
16 E stands for Express? USE_THREADPOOL=yes MAX_RTP_SESSIONS=... Makefile.defs: ● Excellent signaling performance ● RTP: fills 2x1 GbE to ~55% line rate (G711)  Limit: high PPS (loss NIC-kernel)  Perf testing without packet loss detection is meaningless! ● tuning: session_processor_threads=32 media_processor_threads=32 rtp_receiver_threads=32 sip_server_threads=16 /etc/sems/sems.conf: ulimit -n 100000 /etc/init.d/sems: start with cores x 2 ● HT on/off
17 #MoreCrypto - Motivation ● Too much centralization of power is dangerous  e.g. see Joseph Nacchio case ● Who is going to participate in society and politics in a 100% controlled Orwellian state with ubiquituous surveillance? ● I want to live in a free society under rule of law  Secret laws with secret courts are NOT rule of law ● Where people also contribute to common good  Not only to the interests of rich & powerful few
18 #MoreCrypto - WebRTC ● Widespread consumer use of encryption with DTLS-SRTP ● Great VoIP UA stack in browser and mobile  e.g. webrtc for android app anyone? ● FRAFOS ABC SBC  WebRTC-gateway (to vanilla-SIP)  TLS, SDES/SRTP & DTLS-SRTP, ICE in SEMS
19 #MoreCrypto - RedPhone ● Android VoIP app with ZRTP from Open Whisper Systems (makers of TextSecure) ● Elegant app, doesn't get in your way ● Signaling: HTTP-websocket-ish relay.whispersystems.org HTTPS Initiate: (GET +491234567) Google CGM or SMS Initiate via PUSH or SMS: GET +491234567 rtprelay1 ... rtprelay1.whispersystems.org 200 OK rtprelay1 ... NAT open (UDP) NAT open (UDP) HTTPS: Ringing ... ZRTP ZRTP
20 #MoreCrypto - RedPhone-SIP-GW ● Based on SEMS, DSM, mod_httpd ● Challenges  Extend libmicrohttpd with websockets  Testing on real Android instead of simulator  Will have to implement codec (PT) negotiation ● WIP – need help!  Join OWS ML, join dev @github/sanchi/, PM
21 #MoreCrypto - #redecentralize ● Need to decentralize signaling (as in p2psip)  Each user her own DNS domain too complex  Location DB on P2P overlay (MaidSafe?) ● Distributed NAT handling (ICE, TURN)  Use friend's, or FOAF's server as turn server? ● Call hash(pubkey) instead of name/telnr ● Keys from namecoin, DNS, keyserver, webfinger, QR-code, NFC … ● Add to Freedombox, ArkOS?
22 Questions? Thanks for your attention.
23 Links and References ● SEMS homepage: http://iptel.org/sems ● Code: sems repo at git.sip-router.org ● DSM documentation http://git.sip-router.org/cgi-bin/gitweb.cgi?p=sems;a=tree;f=doc/dsm ● FRAFOS website: www.frafos.com

More Related Content

PDF
Getting started with SIP Express Media Server SIP app server and SBC - workshop
bystefansayer
 
PPTX
Sangoma SBC Training Presentation
byEmpatiq İletişim Teknolojileri AŞ.
 
PPTX
Multicast in OpenStack
byVikram G Hosakote
 
PPT
Understanding and Troubleshooting ASA NAT
byCisco Russia
 
PPTX
Sangoma SS7 Gateway Training
byEmpatiq İletişim Teknolojileri AŞ.
 
PPTX
Building a new ecosystem for interoperable communications
byPaloSanto Solutions
 
PDF
SIP Testing with FreeSWITCH
byMoises Silva
 
PPT
FreeSWITCH Modules for Asterisk Developers
byMoises Silva
 
Getting started with SIP Express Media Server SIP app server and SBC - workshop
bystefansayer
 
Sangoma SBC Training Presentation
byEmpatiq İletişim Teknolojileri AŞ.
 
Multicast in OpenStack
byVikram G Hosakote
 
Understanding and Troubleshooting ASA NAT
byCisco Russia
 
Sangoma SS7 Gateway Training
byEmpatiq İletişim Teknolojileri AŞ.
 
Building a new ecosystem for interoperable communications
byPaloSanto Solutions
 
SIP Testing with FreeSWITCH
byMoises Silva
 
FreeSWITCH Modules for Asterisk Developers
byMoises Silva
 

What's hot

PDF
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
byAlessandro Polidori
 
PDF
Kamailio :: A Quick Introduction
byOlle E Johansson
 
PPT
VoIP - Cisco CME &amp; IP Communicator
bychinmaypadhye1985
 
PPT
2+ipt+configuring cisco-cme
byYves Jean Louis
 
PPT
02 asterisk - the future of telecommunications
byTran Thanh
 
PDF
Kamailio - SIP Servers Everywhere
byDaniel-Constantin Mierla
 
PPTX
How to Use GSM/3G/4G in Embedded Linux Systems
byToradex
 
PDF
VYOS & RPKI at the BGP as edge
byFaelix Ltd
 
PDF
Troubleshooting Firewalls (2012 San Diego)
byCisco Security
 
PPTX
Cipc
byashiesh0007
 
PDF
Astricon 10 (October 2013) - SIP over WebSocket on Kamailio
byCrocodile WebRTC SDK and Cloud Signalling Network
 
PDF
Kamailio - Large Unified Communication Platforms
byDaniel-Constantin Mierla
 
PPTX
NETCONF & YANG Enablement of Network Devices
byCisco DevNet
 
PDF
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
byNagios
 
PDF
Webrtc overview
byOlle E Johansson
 
PDF
VoIP security: Implementation and Protocol Problems
byseanhn
 
PDF
Develop Smart Solutions with Raspberry Pi and EnableX Live Video API
byEnablex io
 
PDF
FOSS Sthlm: Realtime Communication Update
byOlle E Johansson
 
PDF
WebRTC and Janus intro for FOSS Stockholm January 2019
byOlle E Johansson
 
PDF
SIPCORE - presentation of SIP and DANE (IETF #89)
byOlle E Johansson
 
Asterisk WebRTC frontier: make client SIP Phone with sipML5 and Janus Gateway
byAlessandro Polidori
 
Kamailio :: A Quick Introduction
byOlle E Johansson
 
VoIP - Cisco CME &amp; IP Communicator
bychinmaypadhye1985
 
2+ipt+configuring cisco-cme
byYves Jean Louis
 
02 asterisk - the future of telecommunications
byTran Thanh
 
Kamailio - SIP Servers Everywhere
byDaniel-Constantin Mierla
 
How to Use GSM/3G/4G in Embedded Linux Systems
byToradex
 
VYOS & RPKI at the BGP as edge
byFaelix Ltd
 
Troubleshooting Firewalls (2012 San Diego)
byCisco Security
 
Cipc
byashiesh0007
 
Astricon 10 (October 2013) - SIP over WebSocket on Kamailio
byCrocodile WebRTC SDK and Cloud Signalling Network
 
Kamailio - Large Unified Communication Platforms
byDaniel-Constantin Mierla
 
NETCONF & YANG Enablement of Network Devices
byCisco DevNet
 
Nagios Conference 2011 - Mike Weber - Training: Choosing Nagios Plugins To Use
byNagios
 
Webrtc overview
byOlle E Johansson
 
VoIP security: Implementation and Protocol Problems
byseanhn
 
Develop Smart Solutions with Raspberry Pi and EnableX Live Video API
byEnablex io
 
FOSS Sthlm: Realtime Communication Update
byOlle E Johansson
 
WebRTC and Janus intro for FOSS Stockholm January 2019
byOlle E Johansson
 
SIPCORE - presentation of SIP and DANE (IETF #89)
byOlle E Johansson
 

Viewers also liked

PPTX
FreeSWITCH as a Kickass SBC
byMoises Silva
 
PDF
Baby Steps: A WebRTC Tutorial
byTsahi Levent-levi
 
PPT
Ngn
byZoulou Adams
 
PDF
Gadgeon profile
bySREERAJ NAIR
 
PDF
Streaming Media Server Setup Manual
byWilliam Lee
 
PDF
Kamailio - Surfing Big Waves Of SIP With Style
byDaniel-Constantin Mierla
 
PPTX
Fiber Optics Course
byAhmed OM
 
PPTX
Application of fiber optic communication
bylaksh333
 
PDF
Kamailio Updates - VUC 588
byDaniel-Constantin Mierla
 
PDF
8 the path to voice over lte - vo lte
byCPqD
 
PDF
Webinar NETGEAR - Prosafe Smart Switch, caratteristiche e funzionalità
byNetgear Italia
 
PPT
Welcome to IP Surveillance 101
bygrantsupplies
 
PPT
MWC Barcelona WebRTC Meetup 2015 - Scaling WebRTC with Media Servers
byDialogic Inc.
 
PPTX
Arxtech Line Card -En
byArxtech Canada
 
FreeSWITCH as a Kickass SBC
byMoises Silva
 
Baby Steps: A WebRTC Tutorial
byTsahi Levent-levi
 
Ngn
byZoulou Adams
 
Gadgeon profile
bySREERAJ NAIR
 
Streaming Media Server Setup Manual
byWilliam Lee
 
Kamailio - Surfing Big Waves Of SIP With Style
byDaniel-Constantin Mierla
 
Fiber Optics Course
byAhmed OM
 
Application of fiber optic communication
bylaksh333
 
Kamailio Updates - VUC 588
byDaniel-Constantin Mierla
 
8 the path to voice over lte - vo lte
byCPqD
 
Webinar NETGEAR - Prosafe Smart Switch, caratteristiche e funzionalità
byNetgear Italia
 
Welcome to IP Surveillance 101
bygrantsupplies
 
MWC Barcelona WebRTC Meetup 2015 - Scaling WebRTC with Media Servers
byDialogic Inc.
 
Arxtech Line Card -En
byArxtech Canada
 

Similar to SIP Express Media Server SBC application as powerful SBC and SIP toolbox

PPT
From MSS to TelScale - Mobicents Summit 2011
bytelestax
 
PDF
Distributed IP-PBX
byBangladesh Network Operators Group
 
PPTX
SIP - Introduction to SIP Protocol
byLivePerson
 
PDF
Scaling Open Source Applications with SBCs
byTelcoBridges Inc.
 
PDF
VoLTE Flows and CS network
byKarel Berkovec
 
PPT
3GPP IMS
byChris Venteicher
 
PPTX
Kamailio World 2014 - Kamailio - The Platform for Interoperable WebRTC
byCrocodile WebRTC SDK and Cloud Signalling Network
 
PDF
WebRTC Summit November 2013 - WebRTC Interoperability (and why it is important)
byCrocodile WebRTC SDK and Cloud Signalling Network
 
PDF
Current trends and innovations in voice over IP
byALTANAI BISHT
 
PDF
IMS Services
bySebastian Schumann
 
PPT
Internet multimedia
bySaleem Almaqashi
 
PPTX
Session Initiation Protocol - In depth analysis
bychinmaypadhye1985
 
PDF
Fosdem2012 sayer-sems-sbc
bystefansayer
 
PDF
WebRTC meetup barcelona 2017
byJuan De Bravo
 
PDF
LinuxCon North America: SIPPing from the Open Source Well
byMatt Bynum
 
PPT
Sinnreich Henry Johnston Alan Pt 2
byCarl Ford
 
PPTX
Scaling Open Source Applications with SBCs
byAlan Percy
 
PPTX
Rich communication suite
byALTANAI BISHT
 
PPTX
FutureComm 2010: LTE and RCS
byRADVISION Ltd.
 
PPTX
Ip transformation by altanai
byALTANAI BISHT
 
From MSS to TelScale - Mobicents Summit 2011
bytelestax
 
Distributed IP-PBX
byBangladesh Network Operators Group
 
SIP - Introduction to SIP Protocol
byLivePerson
 
Scaling Open Source Applications with SBCs
byTelcoBridges Inc.
 
VoLTE Flows and CS network
byKarel Berkovec
 
3GPP IMS
byChris Venteicher
 
Kamailio World 2014 - Kamailio - The Platform for Interoperable WebRTC
byCrocodile WebRTC SDK and Cloud Signalling Network
 
WebRTC Summit November 2013 - WebRTC Interoperability (and why it is important)
byCrocodile WebRTC SDK and Cloud Signalling Network
 
Current trends and innovations in voice over IP
byALTANAI BISHT
 
IMS Services
bySebastian Schumann
 
Internet multimedia
bySaleem Almaqashi
 
Session Initiation Protocol - In depth analysis
bychinmaypadhye1985
 
Fosdem2012 sayer-sems-sbc
bystefansayer
 
WebRTC meetup barcelona 2017
byJuan De Bravo
 
LinuxCon North America: SIPPing from the Open Source Well
byMatt Bynum
 
Sinnreich Henry Johnston Alan Pt 2
byCarl Ford
 
Scaling Open Source Applications with SBCs
byAlan Percy
 
Rich communication suite
byALTANAI BISHT
 
FutureComm 2010: LTE and RCS
byRADVISION Ltd.
 
Ip transformation by altanai
byALTANAI BISHT
 

More from stefansayer

PDF
The FRAFOS ABC SBC WebRTC gateway
bystefansayer
 
PDF
FRAFOS ABC Session Border Controller
bystefansayer
 
PDF
Understanding Session Border Controllers
bystefansayer
 
PDF
Frafos ABC SBC - Secure peering
bystefansayer
 
PDF
FRAFOS Secure Session Border Control
bystefansayer
 
PDF
12 vladimir.broz-sems-sbc
bystefansayer
 
PDF
WebRTC: Why and How?
bystefansayer
 
The FRAFOS ABC SBC WebRTC gateway
bystefansayer
 
FRAFOS ABC Session Border Controller
bystefansayer
 
Understanding Session Border Controllers
bystefansayer
 
Frafos ABC SBC - Secure peering
bystefansayer
 
FRAFOS Secure Session Border Control
bystefansayer
 
12 vladimir.broz-sems-sbc
bystefansayer
 
WebRTC: Why and How?
bystefansayer
 

Recently uploaded

PDF
Mobile Onboarding UX 11 Best Practices for Retention (2026).pdf
byDesign Studio UI UX
 
PDF
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
PPTX
SRWE_Module_14_SRWE_ccna_basics_routing_concepts.pptx
byahmedmahmoudece
 
PPTX
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
PPTX
Visual Foxpro-VFP9-Access-Report-Variable-Outside-the-report.pptx
bymanojbkalla
 
PPTX
Building Real-Time Voice AI — Udaiappa Ramachandran
byUdaiappa Ramachandran
 
PDF
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
PPTX
Lecture 05. API Security for DevSecOps Eng.pptx
byvinocol222
 
PDF
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
PDF
SEO in Charleston SC | Local SEO Strategies to Grow Your Business.pdf
bycustomdigitalsolutio1
 
PPTX
DATALIVA-Presentation-EN_2026 Budgeting SAP Odoo ERP
byMustafa Kuğu
 
PDF
The Cost of Missing Critical Connections in Data - Suspicious Behavior Detect...
byEnterprise Knowledge
 
PPTX
Sensors-and-Actuators-in-IoT-Systems.pptx
byMuhammedNihal54
 
PDF
DataLiva-LivaGRC- Business Software for Governance, Risk, and Compliance
byMustafa Kuğu
 
PDF
threat-hunters-cookbook for cybersecurity
bylobster6719
 
PPTX
ICT Entrepreneur Quiz for grade 7...........
bykayramos6
 
PDF
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
PDF
splunk-peak-threat-hunting-framework.pdf
bylobster6719
 
PDF
The CISO_Transformation_Playbook From Cost Centre to Chief Trust Officer
bysajjasridhar1990
 
PDF
The_Boardroom_Cyber_Playbook_Research_Edition
bySaraDavis91
 
Mobile Onboarding UX 11 Best Practices for Retention (2026).pdf
byDesign Studio UI UX
 
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
SRWE_Module_14_SRWE_ccna_basics_routing_concepts.pptx
byahmedmahmoudece
 
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
Visual Foxpro-VFP9-Access-Report-Variable-Outside-the-report.pptx
bymanojbkalla
 
Building Real-Time Voice AI — Udaiappa Ramachandran
byUdaiappa Ramachandran
 
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
Lecture 05. API Security for DevSecOps Eng.pptx
byvinocol222
 
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
SEO in Charleston SC | Local SEO Strategies to Grow Your Business.pdf
bycustomdigitalsolutio1
 
DATALIVA-Presentation-EN_2026 Budgeting SAP Odoo ERP
byMustafa Kuğu
 
The Cost of Missing Critical Connections in Data - Suspicious Behavior Detect...
byEnterprise Knowledge
 
Sensors-and-Actuators-in-IoT-Systems.pptx
byMuhammedNihal54
 
DataLiva-LivaGRC- Business Software for Governance, Risk, and Compliance
byMustafa Kuğu
 
threat-hunters-cookbook for cybersecurity
bylobster6719
 
ICT Entrepreneur Quiz for grade 7...........
bykayramos6
 
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
splunk-peak-threat-hunting-framework.pdf
bylobster6719
 
The CISO_Transformation_Playbook From Cost Centre to Chief Trust Officer
bysajjasridhar1990
 
The_Boardroom_Cyber_Playbook_Research_Edition
bySaraDavis91
 

SIP Express Media Server SBC application as powerful SBC and SIP toolbox

  • 1.
    SIP Express MediaServer SBC KamailioWorld 2014 Stefan Sayer, CTO FRAFOS GmbH stefan.sayer@frafos.com VoIP Services Consulting and Development email/xmpp:stefan.sayer@gmail.com
  • 2.
    2 Contents ● The SIPExpress Media Server ● SEMS SBC …....................... snip …....................... ● #MoreCrypto
  • 3.
    3 SEMS ● Originates fromthe same team as SER (Kamailio/OpenSER/...) at Fraunhofer FOKUS ● SIP Media and Application Server ● Developed at various related companies (iptelorg, IPTEGO, ...) ● Since 2010 mainly at FRAFOS ● Open Source community since 2003
  • 4.
    4 FRAFOS ABC SBC ●Full-fledged SBC, turn-key solution ● Border security, monitoring, SIP control and mediation, registration offload, transcoding etc ● Software only, on FRAFOS-provided hardware or virtualized deployment (incl EC2) ● HA with active-hot standby (SIP+RTP) ● 100% rule based administration through GUI ● Application offloading and integration through open APIs and programming platform ● WebRTC gateway
  • 5.
  • 6.
    6 SEMS project focus ●Telecoms applications, carrier environment  High volume prompts, voicemail, conferencing, …  B2BUA / SBC ● Speed and reliability ● Only SIP, not multi-protocol (almost) ● Versatile and easy to use app server for SIP networks ● Built for purpose
  • 7.
  • 8.
    8 SEMS SBC application ●B2BUA, completely transparent to fully opaque ● Handles SIP and (optional) RTP ● Flexible and programmable ● ”The Swiss Army Knife of call stateful SIP processing”
  • 9.
    9 SEMS SBC features ●B2BUA, network separation ● SIP message manipulation & mediation, header/message filter ● SIP NAT handling, TCP/UDP, DNS SRV w/failover ● SST enforcement ● Registration Caching ● SIP client auth ● CDR generation, call timer, parallel call limits, prepaid, ...
  • 10.
    10 SBC: media features ●RTP relaying ● Near & far end NAT traversal ● Codec filter, SDP filter ● Transcoding
  • 11.
    11 SBC: Profile basedcontrol SEMS SBC # U 210.13.3.122:5080 -> 210.13.3.100:5060 INVITE sip:+49123@osbc1.mynet.net SIP/2.0 From: “John” <sip:+431556221@mynet.net>;tag=12 To: “Clara” <+49123@mynet.net> Call-ID: 3cde5d1a960a-dez6oz34llo4 ... # U 210.13.3.100:5060 -> 213.192.59.75:5060 INVITE sip:+49123@sbc1.mypeer.net SIP/2.0 From: <+431556221@mynet.net>;tag=3213 To: <sip:+49123@mypeer.net> Call-ID: 3cde5d1a960a-dez6oz34llo4_leg2 ... URI=$tU@sbc1.mypeer.net From=<$fU@mynet.net> To=<sip:$tU@mypeer.net> Call-ID=$ci_leg2 enable_rtprelay=yes set_fromto.sbcprofile.conf known SER pseudo-variables
  • 12.
    12 SBC example: auth_b2b ●Identity change ● SIP auth upstream ● Set e.g. In headers  $P(name) selects name from P-App-Param RURI=sip:$rU@$P(d) From=""$P(u)" <sip:$P(u)@$P(d)>" To=""$rU" <sip:$rU@$P(d)>" enable_auth=yes auth_user=$P(u) auth_pwd=$P(p) auth_b2b.sbcprofile.conf Test:
  • 13.
  • 14.
    14 SBC: programmability ● Modulesincluded e.g.  Blacklist from REDIS: bl_redis  SIP/feature control from http (REST) API: rest ● Simple Call Control API - start()/connect()/end() ● Extended Call Control API  Control each message in detail  Switch call legs PBX style, e.g. Mid-call prompts  Program also with DSM script
  • 15.
  • 16.
    16 E stands forExpress? USE_THREADPOOL=yes MAX_RTP_SESSIONS=... Makefile.defs: ● Excellent signaling performance ● RTP: fills 2x1 GbE to ~55% line rate (G711)  Limit: high PPS (loss NIC-kernel)  Perf testing without packet loss detection is meaningless! ● tuning: session_processor_threads=32 media_processor_threads=32 rtp_receiver_threads=32 sip_server_threads=16 /etc/sems/sems.conf: ulimit -n 100000 /etc/init.d/sems: start with cores x 2 ● HT on/off
  • 17.
    17 #MoreCrypto - Motivation ●Too much centralization of power is dangerous  e.g. see Joseph Nacchio case ● Who is going to participate in society and politics in a 100% controlled Orwellian state with ubiquituous surveillance? ● I want to live in a free society under rule of law  Secret laws with secret courts are NOT rule of law ● Where people also contribute to common good  Not only to the interests of rich & powerful few
  • 18.
    18 #MoreCrypto - WebRTC ●Widespread consumer use of encryption with DTLS-SRTP ● Great VoIP UA stack in browser and mobile  e.g. webrtc for android app anyone? ● FRAFOS ABC SBC  WebRTC-gateway (to vanilla-SIP)  TLS, SDES/SRTP & DTLS-SRTP, ICE in SEMS
  • 19.
    19 #MoreCrypto - RedPhone ●Android VoIP app with ZRTP from Open Whisper Systems (makers of TextSecure) ● Elegant app, doesn't get in your way ● Signaling: HTTP-websocket-ish relay.whispersystems.org HTTPS Initiate: (GET +491234567) Google CGM or SMS Initiate via PUSH or SMS: GET +491234567 rtprelay1 ... rtprelay1.whispersystems.org 200 OK rtprelay1 ... NAT open (UDP) NAT open (UDP) HTTPS: Ringing ... ZRTP ZRTP
  • 20.
    20 #MoreCrypto - RedPhone-SIP-GW ●Based on SEMS, DSM, mod_httpd ● Challenges  Extend libmicrohttpd with websockets  Testing on real Android instead of simulator  Will have to implement codec (PT) negotiation ● WIP – need help!  Join OWS ML, join dev @github/sanchi/, PM
  • 21.
    21 #MoreCrypto - #redecentralize ●Need to decentralize signaling (as in p2psip)  Each user her own DNS domain too complex  Location DB on P2P overlay (MaidSafe?) ● Distributed NAT handling (ICE, TURN)  Use friend's, or FOAF's server as turn server? ● Call hash(pubkey) instead of name/telnr ● Keys from namecoin, DNS, keyserver, webfinger, QR-code, NFC … ● Add to Freedombox, ArkOS?
  • 22.
  • 23.
    23 Links and References ●SEMS homepage: http://iptel.org/sems ● Code: sems repo at git.sip-router.org ● DSM documentation http://git.sip-router.org/cgi-bin/gitweb.cgi?p=sems;a=tree;f=doc/dsm ● FRAFOS website: www.frafos.com