Building VoIP-based systems with SIP can be daunting. The entire telecommunications industry is a layered stack of technologies, some from the age of telephones with hand-cranks. Others from the Internet age of packet switching and VPNs.
Over the years, the experts at TelcoBridges have built a knowledge base about underlying telecommunications and VoIP technology, SIP signaling, networking products and design methods. In this event, we pull some of our favorite Frequently Asked Questions from our video library, our forum, Wiki, and your emails, sharing answers and insight that both beginners and advanced designers will find helpful.
A recording of the live webinar is available at:
https://www2.telcobridges.com/videolibrary
2024: Domino Containers - The Next Step. News from the Domino Container commu...
VoIP Frequently Asked Questions
1.
2. 2
Introduction
Alan D Percy
Chief Marketing Officer
alan.percy@telcobridges.com
@AlanDPercy
Luc Morissette
Director of Customer Support
luc.morissette@telcobridges.com
9. 9
FAQ: Session
A1: A “Session” is one call path
traversing through an SBC
SBC
Media Server
10. 10
FAQ: Session
A2: If the call passes through the SBC
twice, it will be 2 sessions
SoftSwitch
SBC
11. 11
FAQ:
Q: Can you explain why some
providers offer SIP over UDP,
while others offer TCP, or TLS?
12. 12
FAQ: SIP Protocols
1. SIP over UDP was first (and still widely used
by operators for SIP Trunking)
2. As SIP messages got larger, operators and
application developers began using TCP
3. With more SIP traffic traversing the Internet,
operators began using TLS to encrypt call
control messaging
14. 14
FAQ: VPN
A: VPN is a good solution – everything
is encrypted, including data
Requires to setup VPN connections to
each destination
15. 15
FAQ:
Q: How does SRTP secure the media?
Q: Can an SBC convert from SRTP to
RTP?
16. 16
FAQ: sRTP
A: SIP over TLS and SRTP work together
to secure call control and media content
SBC
SIP/UDP RTP
Private Network
SIP/TLS SRTP
Public Network
20. 20
Trouble with One Way Audio
Confidential
SMB/Enterprise
IAD/Router
w/ Firewall
Service Provider
SoftSwitch
Common causes for One-way Audio:
1) Firewall closes RTP pin-hole prematurely
2) SBC not configured for remote NAT
3) Codec mis-match
4) RTP port range settings
21. 21
FAQ:
Q: How is VoIP voice quality
measured?
Q: My MOS scores are low, how can I
improve?
22. 22
FAQ: Quality
A:
1. SBC monitors RTP and RTCP traffic for
jitter, latency, lost packets and other errors.
2. Type of codec used (G.711 is 4.3, G.729 is
4.0 and G.723 is 3.6)
3. Compile a reference value at the end of the
call – MOS score (value of 5 maximum)
23. 23
FAQ: Improve Quality
A: Make sure there are no errors on the
RTP streams – fix network if necessary
Use high quality vocoders
26. 26
FAQ: Call vs Packet Routing
A2: Packet routing
SBC
Network#4
Vlan200
Network#3
Vlan100
Second Interface
(Public)
First Interface
(Private)
Untagged
27. 27
FAQ:
Q: How does an SBC protect against
DOS and DDOS attacks?
Q: How about TDOS attacks?
28. 28
FAQ: DOS/DDOS
A: DOS and DDOS are bursts of packets
sent to prevent service
How to protect:
• Efficiently drop packets from bad or unknown sources
• Quickly identify packets from trusted sources and allow to
pass
• Monitor traffic of trusted sources
29. 29
FAQ: TDOS
A: TDOS attacks appear to be legitimate calls.
To block them it requires to analyze the
incoming call and drop invalid ones
SBC
Call validation
Cloud Service Provider
30. 30
FAQ:
Q: What are the differences between
FreeSBC and ProSBC?
Q: What is the upgrade process?
32. 32
FAQ:
A great resource on the basics of SIP
Your training for ProSBC starts at:
https://www2.telcobridges.com/TechTrained
33. Video Library on YouTube
• ProSBC Training Modules
• Recorded webinars
• How-to Tutorials
• Customer interviews
• Frequently Asked Questions
• Recorded podcasts
• And more…
33
youtube.com/telcobridges
34. Enabling the Migration to
Cloud Communications
34
www.telcobridges.com
www.prosbc.com
sales@telcobridges.com
Youtube.com/telcobridges
Some introductions to get started:
I’m Alan Percy, Senior Director of Product Marketing for TelcoBridges and today’s event moderator.
Joining us again is Luc Morissette, Director of Customer Support and one of the founders of TelcoBridges. Luc, thanks for being a part of today’s event.
Before we begin, a little housekeeping: As a live event participant, you’ll have the opportunity to interact with today’s speakers and hope you do pose your questions and comments on today’s topic using the Q/A panel. To pose a question or comment, open the Q/A panel by clicking on the box in the upper left of your screen. We’ll cover your questions toward the end of the session.
We’ve found that some attendees may need to adjust the webinar View Options to see the full slide on your screen. If you are not seeing a full slide, move your mouse to the top of the webinar window and a View Option selection will appear – choose an option that best fits your screen.
Also, today’s event is being recorded and all those that have registered will received a link to the recording for on-demand playback. We hope you share the link with your co-workers and others that would find the discussion valuable.
And we’re glad to have you, our attendees, with us today and encourage you to use the opportunity to interact with our speakers by posing your questions and comments.
Once installed, it is fully integrated in the SBC configuration
Media server is dense and low power
ProSBC will not be using another session
1. The protocol will use segmentation if the SIP packet is too large.
3. Keys must be exchanged prior to setting up a connection for every destination.
It may be mandatory to use TLS with some providers like Microsoft Teams.
RTP is always on UDP
Compare with internet connection – to reach the world, we can't use VPNs
Encryption method for RTP is negotiated in the SIP messages, protected by TLS
Stored in Call Detail Records at the end of the call
Can also be seen in the call trace
Alternatively, the routing can be done with and external service, either with Radius or SIP redirect
Packets are routed automatically according to the call routing programmed
DOS: from one source
DDOS: from multiple sources
Use SIP or APIs to validate the call
TelcoBridges partners with other vendors to validate calls and prevent TDOS attacks
A: Same binary – refreshing the license. No need to install a new server
Tell us you are doing the training and we can get you certified - Quiz