Tuesday, November 30, 2010

FreeSwitch as Media Server and SBC for Kamailio 3.1

There is a new version of step by step tutorial about using FreeSWITCH and Kamailio together for large VoIP platforms.

Besides upgrade to use latest Kamailio major stable release, v3.1.0, there are couple of new features added in the architecture of the VoIP platform:

  • along with providing media services (voicemail, conferencing, a.s.o.), FreeSwitch is used now also as SBC for topology hiding and media relay (this helps for transconding needs, playing audio messages during the early session or NAT traversal)
  • Kamailio config has added features to detect DoS/DDoS and scanning attacks, secure SIP communication over TLS, IP authentication and a bunch of neat things that help for an easier maintenance and update of parameters such as database connectivity details, local IPs, etc.

The link to tutorial is:

Sunday, November 28, 2010

Asterisk 1.6 and Kamailio 3.1 Realtime Integration Tutorial

A new version of the tutorial about Asterisk and Kamailio realtime integration is out, upgraded to use the latest stable release of Kamailio, v3.1.0. You can find it at:
Besides making it work for v3.1.x, the Kamailio config file has some new features included:
  • IP authentication - can be enabled via define WITH_IPAUTH
  • TLS support - can be enabled via define WITH_TLS - TLS to UDP translation and vice-versa is done automatically by Kamailio in case you configure Asterisk on UDP
  • detection of DoS attacks - can be enabled via define WITH_ANTIFLOOD - banning automatically traffic from attacker IP addresses for a specific time interval
  • restructuring of configuration file for better modularity and highlighting of functionalities such as registrar, location server, within-dialog request routing

Thursday, November 18, 2010

Experiences from 18 Hours of SIP Scanning Attack

During the testing period of Kamailio 3.1.0, while running it at voipuser.org, I had the chance to watch live and analyze a SIP scanning attack.

Yesterday I noticed another one by looking at Siremis 2.0 charts, therefore I wrote an article with some hints about what you can use to protect your SIP services within Kamailio configuration file.

You can read it at:

Wednesday, November 17, 2010

SIP Routing Logic in Lua with Kamailio

A tutorial showing a complex SIP routing logic implemented with latest Kamailio development version has been made available at:

Practically shows how to use Lua scripting language instead of Kamailio’s native configuration language to route SIP requests, taking care of of services such as authentication, registration or user location.

While is not intended as a replacement for Kamailio’s configuration language, Lua, by its nature of small and fast embedded language, is a perfect choice for enhancing SIP routing capabilities. It has dozens of extensions that you can use, including libraries to connect to social networks such as Twitter, allowing you to send notifications from your SIP server configuration.

Saturday, November 6, 2010

Best of New in Kamailio 3.1.0 - #11: Asynchronous message queues in config file

One of the main problems while trying to interact with other systems direct from your SIP server was that most of the time such operations are done in blocking mode.

Whether you want to do an http query, send an email, write to a storage system for a specific SIP event, that uses the time and resources of your SIP routing engine and you cannot afford blocking all application processes that handle SIP traffic.

There are a lot of reason you would like to do such operations, for example:
  • monitoring activity - notify when the rate of incoming SIP requests exceed a threshold - alert on flood
  • real time notifications to twitter, facebook or classic email for events such as missed calls or a particular user becomes online
  • logging purposes - write details about various situations to a storage system
Kamailio v3.1.0 pushed out a new module mqueue, which is message queue system that can be used directly in the configuration file. You can define as many queues as you want, read and write operations are safe even when done from different application processes. You can write a message from a process and read in another one.

For example, a typical usage is to start dedicated processes to consume messages from the queues. You can do that in configu using rtimer module - start separate processes that execute periodically a route block from config, where you process messages from queues.

Next is an example of usage:
  • the sip worker process writes in queue "alert" when pike modules triggers alert due to high traffic rate from same IP
  • process checks every 5 seconds checks if there are message in queue 'alert' and writes to syslog all the messages in the queue
modparam("rtimer", "timer",  "name=ta;interval=5;mode=1;")
modparam("rtimer", "exec", "timer=ta;route=QMALERT")
modparam("mqueue", "mqueue", "name=alert")

route {
...
if (!pike_check_req())
{
mq_add("alert", "$si:$sp", "pike flood detected [$rm] $fu => $ru");
exit;
}
...
}

route[QMALERT] {
while(mq_fetch("alert"))
{
xlog("L_ALERT","ALERT: src [$mqk(alert)] - $mqv(alert)\n");
}
}
Here you find the online documentation for mqueue module:

Tuesday, November 2, 2010

Kamailio Advanced Training, Jan 24-26, 2011, Irvine, CA, USA

Next US and North America edition of Kamailio Advanced Training will take place in Irvine, CA, USA, Jan 24-26, 2011.

Last stable series of Kamailio SIP Server, the 3.1.x (Oct 06, 2010, see release notes), continues the work done within SIP-Router.org project. Among brand new features in v3.1.0, starting with the previous major version, 3.0.0, you can run mixed Kamailio (OpenSER) and SIP Express Router (SER) modules in the same SIP server instance, giving you the most powerful tools to build stable, very performant and features rich VoIP and Unified Communication platforms.

The class is organized by Asipto in collaboration with Flowroute and will be taught by Daniel-Constantin Mierla, co-founder and core developer of Kamailio SIP Server project.

Read more details about the class and registration at:

http://www.asipto.com/index.php/kamailio-advanced-training-usa/

Monday, November 1, 2010

Siremis v2.0.0 Released

Siremis v2.0.0 is out – the web management interface for Kamailio (Openser) v3.1.0 and SIP Express Router (SER).

This is a major release, with countless improvements and new features since v1.x series, among them:

  • major re-factoring of web interface
  • better accessibility
  • simplified menu structure
  • completely new look
  • dashboard with the map of all available tools
  • developed on top of Cubi and PHPOpenBiz v2.4 frameworks
  • web installation wizard
  • added new modules: xcap, dialog, new lcr
  • usage of separate database for siremis itself
  • management of users that can login to siremis
  • management of menu can be done from web interface
  • building Apache conf and htaccess file can be done by Makefie
  • charts to monitor location transport layers

Step by step installation tutorial, screenshots and demo are available on the web at:

Siremis is used during Kamailio Advanced Training classes for management of SIP server, a good oportunity to learn about Siremis itself, next locations are: