Tuesday, June 7, 2011

A look at SIP:Provider CE v2.2

SIP:Provider Community Edition (SPCE) has recently released the version 2.2. The out-of-the-box VoIP service operating platform added in this version a lot of interesting new stuff.

First is about the upgrade of the operating system to Debian Squeeze. Also Kamailio SIP Server and SIP Express Media Server (SEMS) are integrated with their latest stable branches.

From this point of view, having the latest Kamailio opens the doors to add by yourself any of its features in version 3.1.x directly in the configuration file, such as SIP/SIMPLE presence or secure communication over TLS.

In terms of architecture, the platform was re-sketched from grounds. It runs an instance of Kamailio to guard the other SIP applications, namely the SIP registrar and proxy (another Kamailio instance), the voicemail server (Asterisk) and the back-to-back user agent (SEMS). Besides the role of entry and exit point in the platform, the first instance of Kamailio acts as a load balancer, meaning, for example, that you can add new SIP proxy/registrar servers as you need.

Talking about security, only the Kamailio load balancer is running on public IP, all the rests can run on an internal one, for example 127.0.0.1, making impossible to be accessed from outside, avoiding DoS attacks on them. The load balancer is not using any SQL database, thus is able to absorb impressive amount of SIP traffic, being easy to deal with any kind of attacks. In addition, all the calls are routed through SEMS for SIP signaling topology hiding, protecting the coordinates of core components and the end points.

Caring about security had high priority in this SPCE release, besides those listed above, there are configurable options to protect against scanning and flooding attacks.

A brand new component of the platform is the ngcp-mediaproxy-ng (some notes about it here) which replaces RTPProxy for NAT traversal. The main benefits are in terms of QoS, ngcp-mediaproxy-ng using a kernel module to relay the media packets. The application has been developed in-house, used for many years in production and now released open source under GPLv3 for SPCE.

The web interface got also some fresh air, in particular the administration portal makes more use of web2.0 technologies, improving the user experience.

I am migrating one of the public VoIP services that run Kamailio to SPCE -- then it would be easy to try & feel it quickly. The plan is to go beyond the standard distribution, very likely will have SIP presence and few more features - the targets to be included in the new version of SPCE.

If you want to give it a try by yourself, choose between the APT repository or one of the provided virtual machines images for VMWare of VirtualBox, see details at:
Stay tuned for more updates!

No comments:

Post a Comment