SIPSwitch Upgrade 30 Apr 2008

Latest news about SIP Sorcery
Post Reply
Aaron
Site Admin
Posts: 4652
Joined: Thu Jul 12, 2007 12:13 am

SIPSwitch Upgrade 30 Apr 2008

Post by Aaron » Wed Apr 30, 2008 12:02 pm

Hi All,

A major'ish upgrade has just been carried out on the sipswitch SIP Proxy software. The upgrade adds rudimentary TCP support to the sipswitch. It is now possible to register and place calls through TCP 213.200.94.182:5060. Please be aware the TCP functionality is only rudimentary at this point and incoming calls to TCP contacts are one thing that is currently not supported.

As this is a major release the unit test results for the major sipswitch components are below. To reiterate the idea behind including these results it's to help ensure that old bugs that have been fixed do not reoccur.

If anyone notices any issues they think may be related to this upgrade please post a comment to this thread.

Image

Image

Image

Regards,

Aaron

User avatar
TheFug
Posts: 914
Joined: Sat Oct 06, 2007 8:23 am
Location: The Netherlands, North-Holland

Post by TheFug » Wed Apr 30, 2008 12:57 pm

Does this mean, that encryption of some sort, is possible ?
Thanks, The Fug.

gear: my ISP's Zyxel Modem/Router in bridge, Sitecom WL309 Router, Siemens Gigaset 301D

Aaron
Site Admin
Posts: 4652
Joined: Thu Jul 12, 2007 12:13 am

Post by Aaron » Wed Apr 30, 2008 1:20 pm

Hi TheFug,

No not yet. However once TCP support is a bit more polished TLS (which is an encrypted SIP channel) will be possible. However in this case it will only be for SIP traffic between your client and the sipswitch. Probably the more critical piece is the encryption of the RTP traffic carrying the audio between your client and your provider. The sipswitch is unlikely to ever be able to help much with that. If you have a client and can find a provider that support secure RTP you can have encrypted calls through the sipswitch right now.

Regards,

Aaron

User avatar
TheFug
Posts: 914
Joined: Sat Oct 06, 2007 8:23 am
Location: The Netherlands, North-Holland

Post by TheFug » Wed Apr 30, 2008 1:43 pm

Okay, because MySipSwitch deals only with the SIP signaling, it will only have effect on that, and since very few providers support encryption it will probaly
never happen :) also because of goverment rulings i guess, because just like with ADSL/internet providers, there must be logs available, to be looked into,
or at least in the near future....
I'm doing some reading about SIP signaling/networking, lately, mainly for the NAT network"features" which i want to have under control...so SIP works like it should be....(not just for the Betamax provides) :)
Thanks, The Fug.

gear: my ISP's Zyxel Modem/Router in bridge, Sitecom WL309 Router, Siemens Gigaset 301D

hkr
Posts: 72
Joined: Sat Dec 15, 2007 10:05 am

Post by hkr » Sat May 10, 2008 10:29 am

Can this eventually lead to VoIP made available using TCP on port 80? ;-)

There are a number of hotspots and firewalls that only allow port TCP/80.

User avatar
TheFug
Posts: 914
Joined: Sat Oct 06, 2007 8:23 am
Location: The Netherlands, North-Holland

Post by TheFug » Sat May 10, 2008 11:10 am

yeah , i guess like the secure layer you have for secure pages, like for transaction pages...
But all included parties and end points must support it. so i guess it's no go...
Thanks, The Fug.

gear: my ISP's Zyxel Modem/Router in bridge, Sitecom WL309 Router, Siemens Gigaset 301D

Aaron
Site Admin
Posts: 4652
Joined: Thu Jul 12, 2007 12:13 am

Post by Aaron » Sat May 10, 2008 12:37 pm

hkr wrote:Can this eventually lead to VoIP made available using TCP on port 80? ;-)

There are a number of hotspots and firewalls that only allow port TCP/80.
Not unless you can find a SIP client multiplex the audio (RTP) and SIP onto the same port and a SIP Provider that will always send RTP from TCP port 80. I have never heard of either.

The whole internet is a series of hacks and then hacks for hacks. In this case firewalls are hacks that were needed because hosts were not capable of securing themselves. However then firewalls cause problems for protocols like SIP (and other real-time protocols such as RTSP) so there's a hack needed to get around the first hack (the firewall). Skype is one piece of software that has done this. Skype tunnels all its traffic through port 443 if it can't get access on its default ports. This is to make it work in a firewalled corporate environment.

In the SIP World it's unlikely there wil be much effort put into trying to circumvent firewalls. Most of the SIP standards and SIP equipment is manufactured are contributed to or manufactured by corporates who are the same people running the firewalls. That's not to say it's right or wrong that's just the situation.

If tunnelling SIP calls through a corporate firewall is something that is a big deal for you then it is possible to do a similar thing to what Skype has done with a custom VPN. OpenVPN is one product I was able to get SIP calls working over port 443 with but the quality was very poor and the configuration effort high so I wouldn't recommend going down that path. Installing Skype would be a lot easier if the ultimate goal is cheaper calls.

Actually I've never investigated the Google IM client, maybe it can tunnel thorugh port 443. There are gTalk-to-SIP gateways so if it can do the tunnel that would be an avenue from a corporate network out to the SIP one.

Regards,

Aaron

User avatar
TheFug
Posts: 914
Joined: Sat Oct 06, 2007 8:23 am
Location: The Netherlands, North-Holland

Post by TheFug » Sat May 10, 2008 8:19 pm

I guess, even if you should have sip or the media encrypted it's also an extra, where things could go wrong, i guess one should be happy, having voip just working, in a save envourment, most of the time, this is also a form of security, one is not far from the other :) and wishing for IPv6 :)
Thanks, The Fug.

gear: my ISP's Zyxel Modem/Router in bridge, Sitecom WL309 Router, Siemens Gigaset 301D

Post Reply