Posts Tagged ‘sip’
Digium D40 and D70 Phone Unboxing
Today I received a couple of phones from Digium; the D40 and D70. I’ll be using these phones for testing and documentation in the 4th edition of Asterisk: The Definitive Guide (which Jim Van Meggelen, Russell Bryant and myself are working on right now).
Here is my unboxing of the phones and some commentary about my initial impressions of the hardware itself.
Phones arrived in some nice looking boxes.
Digium D40
Comes with a little pamphlet to help you get the phones setup on your network.
Comes with all the little things you need to get the phone up and running, including a network cable. I was just using POE to power the phone, so I didn’t end up with the 5VDC power adapter.
Nice looking base. Easy to put onto the phone. Just uses friction to hold the phones on the base. Not sure how well that’ll work over time, but this isn’t something that should be getting attached and detached a lot. The space for cables in the base is also quite large.
Lots of space for my hand to plug in cables. Much nicer than any of the Polycom bases where I usually give up and just remove it.
Booting up with the Digium logo.
The tab on the back here is well designed so that you don’t require a tool to pull out and flip around. I prefer to have the hook for the handset so it doesn’t fall off the base easily. On the Polycoms (which have the same type of setup) it’s nearly impossible to remove with your fingers
.Size comparison between the D40 and IP335.
Digium D70
I don’t quite get the base with the wall mount holes, but impossible mounting angles on the base. Must have something to do with the manufacturing process and not having separate molds for footing.
Update: Michael pointed out that the A-frame is actually two separate pieces, so with a (separately purchased) piece, you can attach it to the base and make the system wall mountable. With the number of phones I’ve actually wall mounted in deployments (I think the number is only one or two), I think I prefer the 2 options for steep and shallow angles. Neat idea.
Side cut outs for cables that I didn’t even notice the first time through. Michael pointed out they are for cable management. Nice!
Oh my! So much space! Very roomy š
Side by side comparison of the D70 vs the IP650 w/ sidecar.
Front to back comparison of the D70 vs IP650 w/ sidecar.
Recent SIP Attacks from Amazon EC2
Recently (over the weekend and continuing into today) there have been several attacks from Amazon EC2 hosts running scanners looking for open SIP accounts. I’ve gathered a couple of links that I think are useful in knowing more about the attacks, along with methods of stopping the attacks. The Joshua Stein blog has a very clever way of stopping the attacks that impressed me.
http://jcs.org/notaweblog/2010/04/11/properly_stopping_a_sip_flood
http://www.voiptechchat.com/voip/457/amazon-ec2-sip-brute-force-attacks-on-rise/
http://www.stuartsheldon.org/blog/2010/04/sip-brute-force-attack-originating-from-amazon-ec2-hosts/
Update (2010/04/18): It seems the story has made it at least as far as Slashdot now. I seriously can’t believe the lack of response has gone on for so long. I figured by now we’d have some sort of official story stating that they are searching for the attacker, or that they have been shut down and that additional security precautions have been implemented, but thus far, nothing is being done. The status quo on something like this from Amazon is actually quite surprising.
http://it.slashdot.org/story/10/04/17/2059256/SIP-Attacks-From-Amazon-EC2-Going-Unaddressed
Using a Nokia E71 with Asterisk (3G or WiFi)
There was some talk in one of the IRC chat rooms today about someone trying to get their E61i working with Asterisk. I haven’t had an issue getting that phone or my E71 phone working, but regardless he was having issues. I figured I might as well spend a little bit of time today going through my configuration, both for my own reference, and so that other people can get their Nokia’s setup with Asterisk as well.
I’ll be using the native SIP client, although I’ve had just as good of luck using the Fring application. The advantage to the Fring application is that you can use it with Skype, along with multiple IM clients, and also video! I especially like that the application makes use of the video camera on the front of the phone so that you can use it as a videophone. Using the video on a phone like the iPhone or Nexus One seems useless to me (but I digress!).
First, lets get our Asterisk configuration setup in sip.conf. We’ll need to make sure we’ve setup a realm in sip.conf as our phone will require it. If you don’t, then the default realm is ‘asterisk‘.
sip.conf:
[general] realm=pbx.my_asterisk_box.com disallow=all allow=ulaw allow=alaw srvlookup=yes pedantic=yes maxexpiry=360 minexpiry=120 defaultexpirey=120 videosupport=yes [leifmadsen_cell] type=friend secret=super_secret_password context=devices nat=yes canreinvite=no qualify=no mailbox=100@default callerid=Leif Madsen <571> insecure=invite,port subscribecontext=subscriptions disallow=all allow=g729 allow=ulaw
Service profile: IETF
Default access point: Select either a wifi connection or 3G connection. In my case I’m selecting “Rogers Internet”
Public user name: sip:leifmadsen_cell@pbx.my_asterisk_box.com (notice how leifmadsen_cell is the same as what we configured in sip.conf)
Use compression: No
Registration: Always on (you can set this to ‘When needed’ if you only want to place outbound calls via VoIP sometimes)
Use security: No
Proxy server address: pbx.my_asterisk_box.com
Realm: pbx.my_asterisk_box.com
Username: leifmadsen_cell
Password: super_secret_password
Allow loose routing: Yes
Transport type: UDP
Port: 5060 (unless you’ve changed this yourself on your Asterisk box)
(fill this information out exactly like the Proxy server section)
INVITE sip:8500@pbx.my_asterisk_server.com;user=phone SIP/2.0 Route: Via: SIP/2.0/UDP 10.10.10.84:5060;branch=z9hG4bKlq60dckmalhc6vap06nosen;rport From: ;tag=mh5gdciapphc6m6506no To: Contact: Supported: 100rel,sec-agree CSeq: 1252 INVITE Call-ID: rdw6Iy8zoIfKxg6LzJ7FSPdgBvIb8y Allow: INVITE,ACK,BYE,CANCEL,REFER,NOTIFY,OPTIONS,PRACK Expires: 120 Privacy: none User-Agent: E71-2 RM-346 400.21.013 P-Preferred-Identity: sip:leifmadsen_cell@pbx.my_asterisk_server.com Max-Forwards: 70 Content-Type: application/sdp Accept: application/sdp Content-Length: 447 v=0 o=Nokia-SIPUA 63437257072703500 63437257072703500 IN IP4 10.10.10.84 s=- c=IN IP4 10.10.10.84 t=0 0 m=audio 49152 RTP/AVP 96 0 8 97 18 98 13 a=sendrecv a=ptime:20 a=maxptime:200 a=fmtp:96 mode-change-neighbor=1 a=fmtp:18 annexb=no a=fmtp:98 0-15 a=rtpmap:96 AMR/8000/1 a=rtpmap:0 PCMU/8000/1 a=rtpmap:8 PCMA/8000/1 a=rtpmap:97 iLBC/8000/1 a=rtpmap:18 G729/8000/1 a=rtpmap:98 telephone-event/8000/1 a=rtpmap:13 CN/8000/1
So beyond that, there shouldn’t be anything else you need to do. Using the same configuration in sip.conf for Asterisk should also work with Fring. Perhaps I’ll create another blog post in the future about using Fring with E71 if there is interest in that. Anyone who wants to try testing out some video calls through my Asterisk box using their Fring video enabled phone, just let me know offline and we’ll set something up!
Musings about ENUMplus and ISNs
Recently I’ve been playing around with a couple of technologies that I haven’t used in quite a while; ENUM and ISN. First, a little information on what these technologies are about.
ISNs and ITADs
First, lets talk about ISN (ITAD Subscriber Number) and ITAD (Internet Telephony Administrative Domain). I think the http://www.freenum.org website does a good job ofĀ succinctlyĀ describing the problem attempting to be addressed:
“The Freenum/ISN system is 12-digit-keypad (telephone handset) friendly method of providing mapping between users. While the eventual use of email-style URI pointers is the eventual goal for communications identifiers, it is still the case that the majority of the world’s telephony users are trapped using a 12-digit keypad for extended numeric entry, and it is for the purposes of these devices that the Freenum system and ISN dialing was designed as a “stopgap” which may last many years. Using ENUM-like methods and IETF standards but not using telephone numbers, the Freenum/ISN dialing system is designed to initially allow SIP-capable proxies and iPBX systems to connect to each other in a free, open, and protocol agnostic manner over the Internet. Initially focused on SIP voice communications, the platform is hoped to eventually extend to other communications methods as those protocols become more widespread.” — freenum.org
An ISN is a number that looks like: Ā 100*460
The ITAD part of that ISN is the number 460 where you can think of the 460 as the domain. If we used an email address (or SIP URI for that matter) as an example, we’d have something like leif@leifmadsen.com where leifmadsen.com would be the domain, and the number 460 would be the equivalent of that. The number 100 would be the unique identifier within that domain, which would represent ‘leif’ prior to the email ‘at’ symbol. And finally, you can think of the asterisk in the ISN as the ‘at’ symbol (@) in the ISN. We could then read 100*460 as “extension 100 at ITAD 460”. And the 100*460 would then map to the SIP URI of sip:leif@leifmadsen.com (for example).
This allows a stopgap measure of permitting traditional telephony devices to dial VoIP addresses from their keypad. Because of the nature of VoIP and how a simple URI can actually ring multiple devices, enter into a queue, or an auto-attendant, it doesn’t always make sense to utilize a telephone number to represent a SIP URI (see more information about this below in the ENUM section). Perhaps you are a small company with approximately 20 devices, but only 2-3 phone numbers. It doesn’t make sense to obtain multiple phone numbers for your company just as a method of dialing a SIP URI from a traditional keypad. In this way, you can assign numbers any which way it makes sense in your company with ISNs.
The company with 20 extensions could then assign ISNs to each device such as: Ā 201*460, 202*460 … 220*460. The operator could be 0*460, and perhaps the auto-attendant could be 1*460. There are no set mechanisms or best practices (yet), but as time evolves, perhaps these will come to fruition.
I’m not sure if ISNs will catch on with the general public, as historically things like ENUM and other services of this nature haven’t progressed as much as they likely should, but the idea is sound, and certainly makes more sense to me than having to remember several phone numbers for each extension or location.
As this is simply an overview about ISNs, I’ll stop here. Future articles will delve into the configurations and testing for outbound and inbound calls with Asterisk, setting up DNS, etc. For now, see the http://freenum.org website for more information about configuring these aspects. Unfortunately the Asterisk information is out of date (in terms of utilizing the best features of the dialplan). I’d be happy to update the information if enough requests and interest is generated.
ENUMplus
ENUMplus (http://www.enumplus.org) is a site which takes the information from several ENUM databases and allows you to perform a single lookup using cURL. Since there is a lot of technology going on in that sentence, lets step back and define each of these aspects.
I think the wikipedia entry about ENUM does more justice about what it is than what I could do, so lets quote a resource š
“Telephone number mapping is the process of unifying theĀ telephone number system of theĀ public switched telephone network with theĀ Internet addressing and identificationĀ name spaces. Telephone numbers are systematically organized in theĀ E.164 standard, while the Internet uses theĀ Domain Name System for linkingĀ domain names toĀ IP addresses and other resource information. Telephone number mapping systems provide facilities to determine applicable Internet communications servers responsible for servicing a given telephone number by simple lookups in the Domain Name System.
The most prominent facility for telephone number mapping is the E.164 NUmber Mapping (ENUM) standard. It uses specialĀ DNS record types to translate a telephone number into aĀ Uniform Resource Identifier or IP address that can be used in Internet communications.” — wikipedia entry at http://en.wikipedia.org/wiki/Telephone_Number_Mapping
And cURL is a technology that allows you place a request via a website, and have information returned. It is most typically used by programmers to get information from a website without having to parse through the entire site.
So by marrying these two technologies, ENUM and cURL together, ENUMplus has created a one-stop-shop for performing ENUM lookups. By performing an ENUM lookup prior to placing a call from your Asterisk system, is that if a telephone number has been registered with one of the ENUM organizations and has a SIP URI to point to, then we can utilize that SIP URI instead of calling over the PSTN, which can save toll costs, and free up a circuit for other calls.
I originally wrote a section of dialplan while testing out the service (which is very quick!) and added it to the ENUMplus wiki page for the configuration of Asterisk 1.6 systems. Originally I had this done as a separate path for dialing that would utilize a prefix of 7 prior to dialing out in order to do an ENUM lookup, and then you could dial without the prefix if you didn’t want the lookup (or if the lookup failed). I’ve since realized that this method is the wrong approach for obvious reasons (who wants to dial the number twice?), so I have since modified my dialplan to always utilize ENUM lookups prior to placing a call via the PSTN.
I want to show you the following example from my dialplan, which I’ll eventually clean up and add to the ENUMplus wiki.
exten => _+1NXXNXXXXXX,1,Set(X=${EXTEN:1}) exten => _+1NXXNXXXXXX,n,Goto(setCID,1) exten => _+NXXNXXXXXX,1,Set(X=1${EXTEN:1}) exten => _+NXXNXXXXXX,n,Goto(setCID,1) exten => _1NXXNXXXXXX,1,Set(X=${EXTEN}) exten => _1NXXNXXXXXX,n,Goto(setCID,1) exten => _NXXNXXXXXX,1,Goto(1${EXTEN},1) exten => setCID,1,NoOp() exten => setCID,n,Set(CALLERID(name)=LM Enterprises) exten => setCID,n,Set(CALLERID(num)=4164790259) exten => setCID,n,Goto(lookup,1) exten => lookup,1,Verbose(2,Looking up direct dial via ENUM from ENUMPlus: ${X:1}) exten => lookup,n,Playback(silence/1&doing-enum-lookup) exten => lookup,n,Set(CURL_RESULT=${CURL(${GLOBAL(G_ENUMPLUS_API)}/${X:1},key=${GLOBAL(G_ENUMPLUS_KEY)})}) exten => lookup,n,GotoIf($[${ISNULL(${CURL_RESULT})}]?no_result,1) exten => lookup,n,Goto(dial,1) exten => dial,1,Verbose(2,Lookup returned: Ā ${CURL_RESULT}) exten => dial,n,Playback(enum-lookup-successful) exten => dial,n,Dial(${CUT(CURL_RESULT,|,1)},30) exten => dial,n,Hangup() exten => no_result,1,Verbose(2,ENUMPlus returned no data.) exten => no_result,n,Playback(silence/1&enum-lookup-failed) exten => no_result,n,Set(OUTBOUND_ROUTE=SIP/${DEFAULT_ITSP_ROUTE}) exten => no_result,n,Dial(${OUTBOUND_ROUTE}/${X}) exten => no_result,n,Hangup()
Load testing SIP registrations with SIPp
Today I had a need to go and load a bunch of registrations into Asterisk for a bug I was working on. Since I’ve had this need a couple of times now, and I keep going and having to redevelop it, I think I’ll just write about it here, and then when I need it again, I can just look it up. Maybe this will be useful for someone else as well.
First of all, this is all based on the post I found on the SipX wiki. You can read the page I based this all off of here. Lots of good info there. All I’m really adding of value is the PHP scripts I used to generate the peers in the database, and the register_client.csv file.
First, lets load a bunch of peers into Asterisk. I’m loading peers numbered 101 –> 199.
<?php if (!$link = mysql_connect('localhost','asterisk','asterisk')) { echo "Could not connect\n"; die(mysql_error()); } if (!mysql_select_db('asterisk',$link)) { echo "Could not get into database\n"; die(mysql_error()); } for($counter = 100; $counter <= 199; $counter++) { $sql = "INSERT INTO sipfriends (type,name,username,secret,context,canreinvite,nat,host,mailbox,dtmfmode,disallow,allow) VALUES ('friend','$counter','$counter','welcome','start','no','yes','dynamic','$counter@default','rfc2833','all','ulaw')"; echo $sql."\n"; $result = mysql_query($sql,$link); if (!$result) { echo "DB error " . mysql_error(); exit; } } mysql_close($link); ?>
Next, we need to generate the register_client.csv file in order to tell SIPp which peers to authenticate, and how.
<?php $myFile = "register_client.csv"; $fh = fopen($myFile, w); for ($counter = 100; $counter <= 199; $counter++) { $data = "$counter;example.com;[authentication username=$counter password=welcome];\n"; fwrite($fh, $data); } fclose($fh); ?>
And finally, here is the line used to send a bunch of registrations to Asterisk. If you want to do a load test, you may need to adjust the numbers so it does a better job of “blasting” the end point you want to test.
sipp -sf register_client.xml -inf register_client.csv -r 10 -trace_err -trace_stat -nd -fd 1 -i <source_ip> <destination_ip>
If you have any questions, just ask, and I’ll try to comment here. This post is potentially light on specifics since these are notes for my future reference.
You must be logged in to post a comment.