<%BANNER%>

Record for a UF thesis. Title & abstract won't display until thesis is accessible after 2014-05-31.

DARK ITEM
Permanent Link: http://ufdc.ufl.edu/UFE0044242/00001

Material Information

Title: Record for a UF thesis. Title & abstract won't display until thesis is accessible after 2014-05-31.
Physical Description: Book
Language: english
Creator: Batra, Gautam
Publisher: University of Florida
Place of Publication: Gainesville, Fla.
Publication Date: 2012

Subjects

Subjects / Keywords: Electrical and Computer Engineering -- Dissertations, Academic -- UF
Genre: Electrical and Computer Engineering thesis, M.S.
bibliography   ( marcgt )
theses   ( marcgt )
government publication (state, provincial, terriorial, dependent)   ( marcgt )
born-digital   ( sobekcm )
Electronic Thesis or Dissertation

Notes

Statement of Responsibility: by Gautam Batra.
Thesis: Thesis (M.S.)--University of Florida, 2012.
Local: Adviser: Latchman, Haniph A.
Electronic Access: INACCESSIBLE UNTIL 2014-05-31

Record Information

Source Institution: UFRGP
Rights Management: Applicable rights reserved.
Classification: lcc - LD1780 2012
System ID: UFE0044242:00001

Permanent Link: http://ufdc.ufl.edu/UFE0044242/00001

Material Information

Title: Record for a UF thesis. Title & abstract won't display until thesis is accessible after 2014-05-31.
Physical Description: Book
Language: english
Creator: Batra, Gautam
Publisher: University of Florida
Place of Publication: Gainesville, Fla.
Publication Date: 2012

Subjects

Subjects / Keywords: Electrical and Computer Engineering -- Dissertations, Academic -- UF
Genre: Electrical and Computer Engineering thesis, M.S.
bibliography   ( marcgt )
theses   ( marcgt )
government publication (state, provincial, terriorial, dependent)   ( marcgt )
born-digital   ( sobekcm )
Electronic Thesis or Dissertation

Notes

Statement of Responsibility: by Gautam Batra.
Thesis: Thesis (M.S.)--University of Florida, 2012.
Local: Adviser: Latchman, Haniph A.
Electronic Access: INACCESSIBLE UNTIL 2014-05-31

Record Information

Source Institution: UFRGP
Rights Management: Applicable rights reserved.
Classification: lcc - LD1780 2012
System ID: UFE0044242:00001


This item has the following downloads:


Full Text

PAGE 1

ADISTRIBUTEDFEATURE-RICHIPTELEPHONYSYSTEMTOWARDSACHIEVINGHIGHAVAILABILITYByGAUTAMBATRAATHESISPRESENTEDTOTHEGRADUATESCHOOLOFTHEUNIVERSITYOFFLORIDAINPARTIALFULFILLMENTOFTHEREQUIREMENTSFORTHEDEGREEOFMASTEROFSCIENCEUNIVERSITYOFFLORIDA2012

PAGE 2

c2012GautamBatra 2

PAGE 3

Tomyparents 3

PAGE 4

ACKNOWLEDGMENTS IwouldliketoexpressmysinceregratitudetomyadvisorProf.HaniphA.Latchmanforgivingmetheopportunitytoworkonthisproject.Withouttheinsightfulguidanceandhelpheprovidedateverystage,thisthesiswouldnothavebeenpossible.IwouldalsoliketothankProf.JohnSheaandProf.JaniseMcNairforbeingonmysupervisorycommittee.AspecialthanksgoestoMr.DanielOcenoforhelpingmewiththecongurationoftheprovisioningsystem.Finally,Iwanttothankmyfamilyfortheirpatienceandunconditionalsupportinallmyendeavors. 4

PAGE 5

TABLEOFCONTENTS page ACKNOWLEDGMENTS .................................. 4 LISTOFTABLES ...................................... 8 LISTOFFIGURES ..................................... 9 ABSTRACT ......................................... 10 CHAPTER 1INTRODUCTION ................................... 12 1.1PrivateBranchExchange ........................... 13 1.1.1GenerationsofPBXs .......................... 13 1.1.1.1Firstgeneration ....................... 13 1.1.1.2Secondgeneration ...................... 14 1.1.1.3Thirdgeneration ....................... 14 1.1.1.4Fourthgeneration ...................... 14 1.1.2ComponentsofaConventionalPBX ................. 14 1.1.2.1Commoncontrol ....................... 15 1.1.2.2Switchingmatrix ....................... 15 1.1.2.3Trunkandlineinterfaces .................. 15 1.1.2.4Terminalequipment ..................... 16 1.2FiveNinesAvailabilityinaLegacyPBX ................... 16 1.3LimitationsoftheTraditionalPBX ....................... 18 1.4TheInternetProtocolPrivateBranchExchange ............... 19 2AVAILABILITYANDTHEFIVENINESCRITERION ............... 22 2.1WhatisAvailability? .............................. 22 2.1.1Heartbeat ................................ 24 2.1.2NetworkIssues ............................. 24 2.2HighAvailabilitySystemsforIPTelephony .................. 24 2.3N+1Redundancy ................................ 25 2.4Cisco'sFive-NinesSolution .......................... 25 2.5ShoreTel'sFive-NinesSolution ........................ 27 3COMMUNICATIONPROTOCOLSUSEDINIPTELEPHONY .......... 29 3.1SessionInitiationProtocol ........................... 29 3.2RealTimeProtocol ............................... 32 3.3SessionDescriptionProtocol ......................... 33 3.4TelephoneNumberMapping(ENUM) .................... 34 5

PAGE 6

4COMPONENTSOFTHEPHONESYSTEM .................... 37 4.1OverviewofaCompleteVOIPSystem .................... 37 4.1.1SIPProxy ................................ 37 4.1.2UserAdministrationandProvisionPortal .............. 38 4.1.3PSTNGateway ............................. 38 4.1.4MediaServer .............................. 38 4.1.5MediaProxy ............................... 38 4.1.6MonitoringTools ............................ 39 4.2AlpineLinux ................................... 39 4.3Kamailio ..................................... 40 4.3.1Scalability ................................ 41 4.3.2KamailioArchitecture .......................... 41 4.3.3TheCongurationFile ......................... 42 4.3.3.1Globaldenitions ...................... 42 4.3.3.2Modules ........................... 43 4.3.3.3Modulesconguration .................... 43 4.3.3.4Mainroutingblock ...................... 43 4.3.3.5Secondaryroutingblocks .................. 43 4.3.3.6Replyroutingblocks ..................... 44 4.3.3.7Failureroutingblocks .................... 44 4.3.4RoleofKamailiointheVOIPPhoneSystem ............. 44 4.4FreeSWITCH .................................. 45 4.4.1ArchitectureofFreeSWITCH ..................... 45 4.4.2BasicOperation ............................. 46 4.4.3SessionBorderController ....................... 48 4.5TheProvisioningServer ............................ 50 5WORKINGOFTHECOMPLETESYSTEM .................... 55 5.1Overview .................................... 55 5.2ProcessingofCalls ............................... 56 5.2.1InternalCalls .............................. 58 5.2.2ExternalCalls .............................. 58 5.2.3MusiconHold .............................. 60 5.2.4Voice-mail ................................ 60 5.2.5ConferenceCalls ............................ 61 5.2.6AutomatedAttendant .......................... 62 5.3MakingtheSystemSecure .......................... 62 5.4TowardsAchievingHighAvailability ...................... 63 6CONCLUSION .................................... 65 APPENDIX ATHEKAMAILIOCONFIGURATIONFILE ..................... 66 6

PAGE 7

BTHEFREESWITCHDIALPLAN ........................... 81 REFERENCES ....................................... 86 BIOGRAPHICALSKETCH ................................ 88 7

PAGE 8

LISTOFTABLES Table page 2-1Downtimesfordifferentvaluesofavailability .................... 22 3-1SIPresponsecodes ................................. 32 4-1PopularFreeSWITCHmodules[ 1 ] ......................... 46 8

PAGE 9

LISTOFFIGURES Figure page 1-1RedundancyinatraditionalPBX .......................... 17 2-1Causesofdowntime[ 2 ] ............................... 23 2-2Cisco'sveninessystem[ 3 ] ............................ 26 2-3Effectofredundantpowersupplies,discsandfans[ 4 ] .............. 27 3-1SIPregistrationprocess ............................... 30 3-2SIPmaincomponents[ 5 ] .............................. 31 3-3TriangulartopologybetweentheSIPproxy,UASandUAC ............ 31 3-4RTPmessageformat ................................ 33 3-5OperationofENUM ................................. 35 4-1ComponentsofacompleteVOIPsystem ..................... 37 4-2TheFreeSWITCHdefaultconguration[ 6 ] ..................... 48 4-3FreeSWITCHhidingthenetworktopology ..................... 50 4-4FreeSWITCHasaB2BUA .............................. 51 4-5Theprovisioningprocess .............................. 53 4-6Conguringtheprovisioningserver ......................... 54 5-1StructureoftheVOIPphonesystem ........................ 57 5-2Callhandlingprocess ................................ 59 5-3Flowchartoftheproposedsystem ......................... 64 9

PAGE 10

AbstractofThesisPresentedtotheGraduateSchooloftheUniversityofFloridainPartialFulllmentoftheRequirementsfortheDegreeofMasterofScienceADISTRIBUTEDFEATURE-RICHIPTELEPHONYSYSTEMTOWARDSACHIEVINGHIGHAVAILABILITYByGautamBatraMay2012Chair:HaniphA.LatchmanMajor:ElectricalandComputerEngineeringVoiceoverInternetProtocol(VOIP)isincreasinglygainingpopularityoverthePublicSwitchedTelephoneNetwork(PSTN)becauseofitsadvancedfeaturesandexibility.AcrucialfactorinthesuccessofaVOIPsystemisitsreliability.VOIPsystemsmustattainreliabilitylevelscomparabletothePSTN,whichhasveninesavailability.ThisthesisdescribesthedesignandimplementationofafullyfunctionalVOIPsystemthatiswellsuitedforahighavailabilitydesign.ForacomprehensiveunderstandingoftheIPbasedPBX,theworkingoftraditionalPBXsandtheirevolutionhasbeendescribed.Adiscussiononhighavailabilityandhowtheexistingsystemsachieveithasalsobeengiven.Theprotocolsandindividualcomponentsofthedesignedsystemhavealsobeendescribedindetail.ThefullyfunctionalVOIPsystemwassuccessfullydesignedandimplementedfrombasicelements.andiscompletelydevelopedfromopensourcesoftware.ItusesKamailio,aSessionInitiationProtocol(SIP)routerforthesettingupandroutingofcalls.ItalsocontainsFreeSWITCH,whichactsasaSIPaccessorytoprovideextrafeaturessuchasmusic-on-hold,voice-mail,automatedattendantandconferencecalls.CallstothePSTNaresupportedwiththehelpofFreeSWITCH,whichalsofunctionsastheSessionBorderController(SBC).AlpineLinuxistheoperatingsourceusedasitishighlyconduciveforrunningVOIPsystems.Thesystemimplementedisexibleand 10

PAGE 11

canevenbeaccessedthroughanaloglegacyphoneswiththehelpofAnalogTelephoneAdapters(ATAs).Thesystemcanbescaledtoprovidethousandsofcallsetupspersecond.ItusesamodulardesignandDNSbasedtelephonenumbermapping.ThismakesithighlyfavorabletoachievehighavailabilitybyaddingredundantcomponentsandmanagingfailoverswiththehelpofDNSServiceResource(SRV)records. 11

PAGE 12

CHAPTER1INTRODUCTIONReliabilityofserviceisthedeningaspectofatelephonesystem.Forseveraldecades,providersofthetraditionalPublicSwitchedTelephoneNetwork(PSTN)voiceswitcheshavebeendeliveringhighlyreliableservices.InorderfortheIPtelephonysolutionstobecommerciallysuccessfulandprovetobeaviablealternative,theymustatleastmatchthelevelofreliabilityofthePSTNsystems.Theymustbeabletotacklepotentialfailuresinservicearisingbecauseofanypossiblecausesuchashardware,software,network,linkorcongurationerrors,asthesecausethereliabilityofthesystemtodecrease.Themetricusedtodescribethereliabilityofatelephonysystemisavailability.Insimpleterms,availabilityisameasureoftheprobabilitythatasystemisfunctioningnormally.Thetraditionaltelephonesystemsconsistentlyprovide99.999%availability,i.e.,thesystemisup99.999%ofthetime.Thisisknownasve-ninesavailabilityandimpliesthatthesystemisdownforonly5.26minutesinayear(detailsoncalculatingtheavailabilityofasystemaregiveninchapter 2 ).Thisisahighlychallenginggoaltoachieve,moresointhecaseofIPtelephonybecauseofunexpectedfaultsintheInternetandLocalAreaNetworks(LANs),andirregularityinthebehaviorofsoftwareingeneral.However,tobesuccessful,internettelephonyprovidersmuchmatchthisstandard.SeveralorganizationsintheIPtelephonymarketareworkingtowardsachievingthisstandard.CiscoandShoreTelhavereleasedsystemswhichundercertainconditionsachieveve-ninesavailability[ 3 7 8 ].Oursystemisafeature-rich,opensourcefullyfunctionalVoiceOverInternetProtocol(VOIP)systemdevelopedinamannerthatwillhighlysuittheadditionofbackupcomponentswhichcantaketheplaceoffailedcomponentifrequired,therebyleadingtoahighlyavailableopensourcesystem.ItismanagedbyaSessionInitiationProtocol(SIP)routercalledKamailiorunningonAlpineLinux,withadditionalfeatureslikemusiconhold,conferencecall,automatedattendantandvoice-mail.Themedia 12

PAGE 13

functionsareprovidedbyFreeSWITCH,whichcanalsoactastheSessionBorderController(SBC).Weaimtoachieveve-ninesavailabilitywiththeproposeddesignusinganInternetstyleredundancyandfailovermodel.Beforedescribingthesystemanditsfeaturesindetail,itwouldbebenecialtounderstandtheworkingofconventionalPrivateBranchExchanges(PBXs)usedinPSTN,andhowtheyachieveve-ninesavailability.ThestudyofPSTNsystemwillgiveaninsightintohowve-ninesavailabilitycanbeachievedinaVOIPsystemaswell.ItswillalsohelpinmotivatingthebenetsofaswitchtoIPtelephony. 1.1PrivateBranchExchangeTherstPrivateBranchExchange(PBX)becameoperationalin1879,intheOldSoldiers'HomeinDayton,Ohio,butthiswasnotverydifferentfromcompanyCentralOfceswitchesthatalreadyexisted.In1902,AT&TcameupwithastandardPBX(No.1PBX)[ 9 ].ThiswasthebeginningoftherstgenerationPBX,ortheNo.1PBX.FourgenerationsofPBXshaveevolvedsincethen.Abriefdescriptionofthisevolutionfollows.Themajortechnologicaladvancementsineachgenerationhavebeendiscussed. 1.1.1GenerationsofPBXs 1.1.1.1FirstgenerationTherstgenerationPBXsupportedonlyvoicetrafc.Itwasintroducedinthe1930storeplacemanualswitchboardsandmadeuseofstep-by-steptechnology.Itwaslaterenhancedtoprovideextrafeatures.Directintra-ofcedialingandplacingofoutgoingcallswereautomatedasaresultofthisinnovation.Instep-by-stepswitching,eachdialeddigitresultedinaswitchingstep.Ithassomedrawbacks,suchashighswitchingdelaysandnoisymedium.Asaresult,thiswasnotsuitablefordatatrafc.Scalabilitywasalsoaproblemasitwasbulky,andaddingnewhardwareinvolvedheavyexpenditure.Step-bystepswitchingdoesnothaveanymechanismofgoingbacktothepreviousswitchingstateincaseofablockedroute,leadingtolargenumbersofdropped 13

PAGE 14

calls.Thenextdevelopmentwastheintroductionofcrossbartechnologytoreplacetheswitchboards,whichsurfacedinthe1950s[ 10 ].Acrossbarsystemcouldprovidestationtransfer,eliminatingtheneedforamanualswitchboardoperator.Conferencecallswerealsomadepossiblewiththeintroductionofcrossbartechnology. 1.1.1.2SecondgenerationSecondgenerationPBXsawtheintroductionofsupportfordatatrafcinadditiontovoice.ThisgenerationhadsoftwareswitchingandElectronicCommonControl(ECC).FullydigitalPBXsarrivedin1975.However,thedatarateswereverylow,andcallshadtobeblockedforthetransmissionofdatatrafcasdedicateddataportsresultinginveryhighholdingtimes. 1.1.1.3ThirdgenerationBytheearly1980s,thethirdgenerationPBXsallowedvoiceanddataintegrationwithouttheblockingofvoicecalls.Allconnectionspassedthroughatimedivisionbus.Directdigitalswitchingwasintroducedinthisgeneration.Digitaltelephoneswerealsoavailable,resultinginacompletedigitalsystem.Distributedarchitecturewasalsointroduced,relievingtheCPUofitsworkload.StoredProgramControl(SPC),orsoftwareswitchingwasfullyfunctionalinthisgeneration,leadingtoautomaticrouteselectionandcallaccounting.ThesePBXsallowedtheuseofwide-bandchannelsduringlowtrafchours. 1.1.1.4FourthgenerationThisgenerationincludestheInternetPBX(IPBX),whichisfullydigital,LANbased,andsupportsVOIP.Itisthemaincomponentofourphonesystemasisdescribedindetailinsection 1.4 1.1.2ComponentsofaConventionalPBXAconventionalPBXprimarilyconsistsofacircuit-switchingmatrix,whosepurposeistoconnectvoicecalls.AlargenumberofstationsetsareservedbyasinglePBX,andvoiceterminalsaregenerallyservedthroughwiredconnections.Themaincomponents 14

PAGE 15

ofaPBXincludepowersupply,commoncontrol,memory,switchingmatrix,trunkinterfaces,lineinterfacesandterminalequipment. 1.1.2.1CommoncontrolThisisasetofstoredprogramlogicthatcontrolstheactivitiesofthesystemandallofitsvariouselements.Itconsistsofmicroprocessorswhichhavepre-denedprogramsinstalled.Likeallmicroprocessors,thesecontaintheirownmemory,input/outputequipmentandsoftware.TheCentralProcessingUnits(CPUs)areresponsibleforfunctionssuchascallsetup,callmaintenance,callrelease,performancemonitoring,systemdiagnosticsandstorageofoperationaldataforanalysisandreportpresentation.Thesefunctionsmaybedistributedamongmultiplemicroprocessors.Tomakethesystemreliable,processorredundancyisadopted.PBXsincludestandbyprocessors,whichcanalmostinstantaneouslytakeovertheprocessingincasetheprimaryprocessorfails(adetaileddiscussionofredundancyinPBXsisgiveninthenextsection).PBXsystemshavemoreadvancedfeaturesascomparedtoatypicalkeysystem.Someoftheseincludeautomaticrouteselection,callpick-upgroups,callforwarding,conferencecallingandcalldetailrecording. 1.1.2.2SwitchingmatrixPBXsemployPulseCodeModulation(PCM)andTimeDivisionMultiplexing(TDM).Theseprocessesareusedtosamplemultipleanalogconversation,convertthemtodigitalformat,andtransmitoverasharedelectricalbusorcommonphysicalpath. 1.1.2.3TrunkandlineinterfacesThesearespecializedcircuitboardsusedtointerfacethePBXswitchtotrunks,connectingittootherswitches.ThereareseveraldifferenttypesoftrunksthatthePBXswitchisconnectedtowiththehelpofthesetrunkinterfaces.Thesetrunksdifferinthetypeofcall,therouteofcall,thedirectionofcall,andthetypeofbilling,amongotherthings.Theyareusuallymultichannel,hencesupportingmultiplesimultaneouscalls.Havingmultiplechannelsthroughasingletrunkprovestobemuchmorecost-effective 15

PAGE 16

thanhavingalargenumberofsinglechanneltrunks.ExamplesofsuchmultichanneltrunksaretheT-carrierandtheE-carrier.Trunksmaybeunidirectional,supportingcommunicationonlyinonedirections,orbidirectional.Theyareusuallycombinedintotrunkgroupsbasedontheirdirectionalproperties. 1.1.2.4TerminalequipmentThesearegenerallyintheformofatelephoneset,butoftenforaPBXthatsupportsdatatransfer,thesemaybedataterminals.Examplesincludeattendantconsoles,maintenanceandadministrationterminals,etc. 1.2FiveNinesAvailabilityinaLegacyPBXAconventionalPBXachievesve-ninesavailabilitybymeansofredundantcomponents.Incaseacomponentfails,theback-upcomponenttakesitsplace,leadingtouninterruptedservice.SuchredundantcomponentsareusuallyintroducedintheCommonControlandtheSwitchingMatrixofthePBX.Inthecommoncontrol,redundantprocessorsandmemoryareputinplace.ThisisshowninFigure 1-1 .TheSwitchingMatrixintroducesredundancyintheformofmultipleTDMbuses.Inadditiontothis,aback-uppowersupplyisalsoinstalled.Hence,thePBXisprotectedfromfailurestotheCPU,theMemory,theSwitchingMatrixandthePowersupply.Thesystemwillonlygodowniftheprimaryandback-upbothfail,whichisarelativelyunlikelyevent.TheseredundantcomponentsbringthePBXclosertowardtheve-ninestarget.Itmustbenoted,however,thatthereisnoredundancyatthelineandtrunkinterfacelevel.Thus,incaseofalineortrunkinterfacefailure,thecorrespondingterminalequipment,whichcouldbeaphoneoratrunk,experiencesdisruptedservice.ThesefailuresarenotincludedintheavailabilitycalculationsofthePBX.Therefore,ve-ninesreliabilityinconventionalPBXsisnotanendtoendguarantee.ItisguaranteedforthePBXalone.AnyfailuretothelineortrunkinterfacesisnotconsideredtoaffecttheavailabilityofthePBX.CiscohasdemonstratedaveninesavailableIPtelephonysolutiononsimilarlines[ 3 ].Thisapproachwillbediscussedinchapter 2 16

PAGE 17

Figure1-1. RedundancyinatraditionalPBX Protectionfrompowerfailuresisalsoprovidedbyafeaturecalledpowerfailuretransfer,orpowerfailurecut-through.Byvirtueofthisfeature,incaseofacommercialpowerfailure,adirectconnectionismadewithananalogtrunkfromtheCentralOfce(CO).Thisconnectionisusuallyestablishedwithcertainpre-decidedemergencyanalogphones.TheCOgenerallyhasmultiplepowerbackupoptionsandhencetheseanaloglinesareextrememlyreliableevenintheeventofacommercialpowerfailure.Powerfailurecut-throughinthiswayguaranteessomeformofconnectionwiththeCOevenintheeventthattheback-uppowersuppliesfail.Inadditiontothetechniquesmentionedabove,conventionalPBXsareprogrammedwithback-uproutingoptions,whichtakeeffectincasethepreferredtrunkisbusy,oroutoforder.ThisincreasestheendtoendavailabilityofthesystemandnotjustthePBX.ThisfeaturecanbeseeninthecaseofInterexchangeTrunks,whichprovidedirectroutestolongdistancecarriers.FailuretothesetrunksresultsinthecallstoberoutedthroughtheCO,whichhasseparateaccesstothelongdistancecarriers[ 9 ].Having 17

PAGE 18

theseback-uproutingoptionsincreasestheavailabilityofthePBXsubstantially,andtosomeextentcompensatesfortheabsenceofredundantlineandtrunkinterfaces. 1.3LimitationsoftheTraditionalPBXTheconventionalPBXs,althoughhighlyreliable,sufferfromcertaindrawbacks,whichopenthedoorforalternatetechnologies.Amajorconcerninthisareaisthemaintenanceandupgradationproceduresinvolved.ThenumberofendsystemsaPBXcansupportislimited,andwiththeconstantincreaseinsubscribers,thelimitisinvariablyexhausted.Increasingthecapacityinvolvesinstallationofnewequipment,whichtranslatestoheavyexpenditureandalotofinconvenience.AlthoughcompletereplacementoftheequipmentcanbeavoidedbyjustexpandingthecapacityofthecurrentPBXbyaddinglineandtrunkcards,thelimittowhichisexpansioncanbedoneisnite,afterwhichtheonlyoptionisacompletereplacement.Moreover,hardwareadditionsareusuallyextremelyexpensive.RealizingthenitecapacityofthePBXisnottheonlyscenarioinwhichthehardwaremustbereplaced.Theconstantresearchandadvancementintheeldoftelecommunicationresultsinthedevelopmentoffasterandmoreefcienttechnology.Asaresult,thehardwarebecomesobsoleteapproximatelyeveryveyears,andmustbereplacedirrespectiveofwhetherthecapacityintermsofnumberofusershasbeenreachedornot.This,onceagain,leadstohighexpenditure.PulseCodeModulation(PCM)isemployedtosamplethevoicedata.ItisthentransmittedonacommonbususingTimeDivisionMultiplexing(TDM),intotheswitchingmatrixofthePBX.Voicecommunicationrequiresaminimumlevelofcontinuity,whichimplieshavinglowlatencyanddelay.Thecommunicationisbasedonacircuitswitchednetwork.WhentransmissionisthroughTDM,averyhighlevelofsynchronizationisrequiredacrossthecircuitsandswitchesonthecommunicationlink.Circuitswitchednetworksarerequiredtoreservetheresourcesbeforeacallcanbeestablished.Theseresourcesareunavailabletootherusersfortheentiredurationofthecall, 18

PAGE 19

evenduringthenumerousperiodsofsilenceduringtheconversation.Mostofthetimeduringaphoneconversationthecommunicationisonlyinonedirection,buttheresourcesforduplexcommunicationareengaged.TDMswitchesarenotsuitedfordatacommunicationeither.Hencethenetworkcannotbeputtouseasaneffectivedatacommunicationnetworkevenwhenthevoicetrafcislow.Allthesefactorsleadtoandinefcientuseofthenetworkresources.ApacketswitchednetworkwithQualityofService(QoS)guaranteewillresolvethesedrawbacks.AnInternetbasedPBXisapossiblesolutioninthisdirection. 1.4TheInternetProtocolPrivateBranchExchangeAnInternetProtocolbasedPrivateBrancheXchange(IPPBX),orsimplyIPBXreliesonapacketswitcheddatanetworkforthepurposeofvoicecommunication,andalsohasinteroperabilitywiththePSTNnetwork.ItisthecentralcomponentofaVoiceoverInternetProtocol(VOIP)systemandovercomesmanyofthelimitationsoftheTDMbasedcircuitswitchedPBXsdescribedintheprevioussection.AlotoftheinfrastructurethatanIPbasedPBXmakesuseofisshared.Thisincludestransmissionmedia,ethernetswitches,routersandservers.ThenetworkthattheIPBXmakesuseofisusuallyapre-existingLANorInternetbasedWAN,wherevoiceanddataaretransmittedoverthesameconnection.ThecommunicationisbasedonpacketswitchingviatheIPnetwork.Thevoicedatacanbecompressed,andredundancyinthevoicesamplescanberemovedbeforetheyarebufferedattheIPgatewayfortransmission,leadingtoaveryefcientuseofbandwidth.Forexample,usingtheG.723.1compressionalgorithm,160samplesof125sofvoicedataisencapsulatedinanIPdatagram[ 9 ],whichismuchmoreefcientthantheTDMbasedswitching.Thecontrolandsignalingfunctionsarealsotakencareofbythegateway,forwhichH.323orSIPmaybeused.TheuseofanIPbasednetworkalsomakesitextremelyconvenienttonetworkmultipleIPBXsandinexpensivelycreatea 19

PAGE 20

distributednetwork,withouttherequirementofspeciallongdistancetrunks.Theloadcanseamlesslybesharedamongstmultipledatabaseservers.TheconventionalPBXsarehighlyproprietaryandcentralized.Mostofthepoliciesofthenetwork,theparametersandthecongurationisdecidedbythecentralserver.Theendsystemareusuallydumbterminalandalltheintelligenceisinthemiddleofthenetwork,intheCPUsofthePBX.Asaresult,alotofrestrictionisimposedbytheserverontheusers.InaVoiceoverIPsystembasedonanIPBX,theserversusuallyruncommerciallyavailableoperatingsystemlikeWindowsorLinux,andmanyatime,areopensource.UnlikethecentralizedserversinthelegacyPBXs,incaseofaVOIPsystem,theintelligenceresidesattheedgeofthenetwork.Therearenoimpositionsbytheserver,andtheendsystemsareintelligentIPphonesorsoftphonesthatcontroltheirownpresenceandavailabilityinthenetwork.Theyalsocontrolparameterslikecallforwardingrulesandvoice-mailtime-outsamongothersettings.PerhapsthebiggestadvantageofIPBXsistheexibilitythattheyprovidetothephonesystem.Mostoftheupdatesandenhancementstotheserveraresoftwarebased.TheadministratorcanaccesstheserverremotelythroughtheInternetoranotherIPbasednetwork.Changestothesystem,likemodicationofcertainparameters,additionofnewsubscribers,orchangingtheprivilegesofexistingsubscriberscanbemadeextremelyconvenientlywiththehelpofuser-friendlywebcongurationutilities.Upgradingtheserverisalsousuallyasoftwareoperationandhenceprovestobeinexpensive.IPBXsarealsohighlyscalablebecauseoftheirmodulardesign.Extramodulescanbeaddedatreasonablecosts.Theusersalsobenetfromtheexibilityofthesystem.TheIPbasednetworkgivestheusersportability.TheycanaccessthephonenetworkfromanywhereintheworldwhereandInternetconnectionisavailablebyusingasoftphone.AllthatisrequiredistheIPaddressoftheserverandtheauthenticationinformationoftheuser. 20

PAGE 21

Apartfromalltheseadvantages,thecallcostsusingIPtelephonyarealsoconsiderablylowerthanthePSTNcallingrates.VOIPthushasalotofadvantagestoofferovertraditionalcircuitswtichednetworks.ThemainchallengethatstillremainsistheavailabilityofIPtelephonysystems.Manyvendors,includingCiscoandShoreTelhavecomeupwithhighavailabilitysolutionsforIPTelephony.Someofthem,asmentionedbefore,claimtobeve-ninesavailable.AvailabilityofInternettelephonysystemsisdiscussedindetailinthenextchapter. 21

PAGE 22

CHAPTER2AVAILABILITYANDTHEFIVENINESCRITERION 2.1WhatisAvailability?Availabilitycanbedenedastheprobabilitythataproductorservicewillbeoperatingnormallywhenrequired.Itcanbecalculatedusingthefollowingequation, A=MTBF MTBF+MTTR(2)WhereAisthedegreeofavailability,expressedasapercentage,MTBFisthemeantimebetweenfailures,andMTTRisthemaximumtimetorepairtheproblem.MTBFdenesthelengthoftime,onanaverage,forwhichasystemisexpectedtofunctionfailurefree.MTTRdenesthelengthoftime,ontheaverage,requiredtogetthesystemtoworkagainwhenitdoesfail.Fiveninescriterionmeansanavailabilityof99.999%.Accordingtoequation 2 ,thistranslatesadowntimeof5minutesand15secondsorlessinoneyear.AcomparisonofdifferentvaluesofavailabilityisgiveninTable 2-1 Table2-1. Downtimesfordifferentvaluesofavailability AvailabilityDowntimeperyearDowntimeperweek 98%7.3days3hours,22minutes99%87hours,40minutes1hour41minutes99.9%8hours45min10minutes5seconds99.99%52.6minutes1minute99.999%5minute15seconds6seconds99.9999%31.6seconds0.6seconds Higherthelevelofavailabilitydesired,higherwillbethecostofthesystem.AswemovedownarowinTable 2-1 ,thecostincreasesbyabout5to10times,andthemultiplieralsoprogressivelyincreases[ 2 ].Downtimeofasystemmaybecontributedbyawidevarietyoffailures.TheseareshowninFigure 2-1 .Inahighlyavailablesystem,itisindespensablethatthereisnosinglepointoffailureintheentiresystem.Allthepossiblefailuresmustbestudiedindetail,andupperboundsfortheirrecoverytimesshouldbeascertained.Forthosefailuresthatrequireaconsiderabletimetorecoverorrepair,back-upoptionsaredened.Theseback-upsmayeitherbeanalternatemethodof 22

PAGE 23

Figure2-1. Causesofdowntime[ 2 ] achievingthefunctionalityofthefailedcomponent,suchasanalternaterouteincaseofafailuretoatrunk,ortheycouldbeintheformofaredundantcomponent,whichtakestheplaceofthefailedcomponentalmostinstantaneously.Theswitchingoverfromafailedcomponenttoaredundantcomponentisknownasfailover.Afailovershouldbequickandshouldrequireminimalmanualintervention.Thisrequiresthattheprimaryandsecondarycomponentscommunicatewitheachotherregularly,sothatthesecondarycomponentisabletodetectwheneverafailureoccursandtakeover.Thiscommunicationisknownasheartbeat.Itmustalsobeensuredthatthecriticalinformationoftheprimarycomponentmustalsobepresentinthesecondary.Afterafailovertheusersshouldnothavetomakeanycongurationchanges,suchasserveraddresses.Thechangeinserveroranyothercomponentshouldnotaffecttheuserinanymanner.Animportantfactorthatmustbekeptinmindistheportabilityoftheapplicationsrunningontheprimaryserverontothesecondaryserver.Thesimplestsolutionforthisismakingtheoperatingsystem,andtheversionsofdifferentsoftwareonthetwoservers,whichwillguaranteethattheconcernedapplicationswillruncorrectlyoneitherofthem. 23

PAGE 24

2.1.1HeartbeatAsmentionedpreviously,heartbeatnetworksareessentialfortheprimaryandsecondaryserverstokeeptrackofeachother.Byvirtueofthesenetworks,messages,orheartbeatsareexchangedperiodically.Iftheheartbeatfromaserverstops,itmayhavefailed,andthesecondarywilltakeitsplace.However,thestoppingoftheheartbeatscouldalsobecausedduetootherreasons,suchasafailednetworkcable,ornetworkinterfacecard.Forthispurpose,redundancyintheheartbeatnetworksmayalsobeintroduced.Itmustbeensuredhowever,thattheredundantheartbeatnetworkusesadifferentphysicalpath. 2.1.2NetworkIssuesDuringafailover,networkandMACaddressesmayhavetobemovedfromtheprimarytothesecondaryserver.TheMACaddressisuniqueforeachpieceofequipment,andsoitmaybecomplicatedfortheuserstochangetheMACaddressesthatintheirconguration.Onewayofdealingwiththisissueistojustleaveeverythingasitis,andlettheusersdiscoverthechangeinMACbyexperiencingatimeout.Thishowever,willintroduceanincreaseintheMTTR.Tosolvethis,thesecondaryserver,aftertakingover,maysendagratuitousARPtoinformtheusersaboutthenewIP-MACmapping,andtheclientscanthusupdatetheirrecords. 2.2HighAvailabilitySystemsforIPTelephonyIPtelephonysystemsmaybeofdifferentcategories.TheymayhaveevolvedfromtraditionalPBXplatforms,fromtraditionaldataswitchplatforms,ortheymaybedesignedspecicallyforIPbasedcommunication.Eachofthesecategoriescanbedesignedasahighavailabilitysystemofvaryingdegree,andvaryingcost[ 7 ].AcommontechniqueofachievinghighavailabilityintheindustryisthroughN+1redundancy. 24

PAGE 25

2.3N+1RedundancyInthismethodofredundancy,insteadofacentralcomponenttomanagetheentiresystem,theloadisdistributedamongstmultipleunits.Ifthenumberofunitsisn,thenincaseofafaultinanyoneunit,only1=nthoftheusersareaffected.Nowifanotheroneisadded,thenthesystembecomesn+1redundant,whichbecomespartofthesamesystem.Incaseoneoftheunitsfails,theloadisdistributedamongsttherest.Incaseofa1:1redundancymodel,theentiresetuphastobeduplicated.Outofthesetwosystemsonlyoneisactiveatatime,andonlyifitfailsdoesthesecondonecomeintothepicture.TheadvantageofN+1redundancyisthatthereisnosinglepointoffailurelikeina1:1redundancymodel.ThesereasonsmakeN+1redundancyabetterapproachtowardsprovidingveninesreliabilityinIPtelephony[ 7 ]. 2.4Cisco'sFive-NinesSolutionCiscowasabletoachieveveninesavailabilityusingonelevelofredundancy,workingonthelinesoftheavailabilitydenitionsintraditionalPBXsystems[ 3 ].Thesesystemsignoretheaccesslevelcomponentsinthedenitionoftheavailabilityofthesystem.AdiagramrepresentingthesystemisshowninFigure 2-2 .Ciscoclaimthattheredundancyshowninthegurecanachieveve-ninesreliability.Thecomponentsoutsidethedottedlinehavebeenleftoutoftheavailabilityanalysis.ThecomponentsincludedintheanalysisweretheAccessswitches,thedistributionswitches,thePSTNgateways,andthecallmanagercluster[ 3 ].Theendpointsofthenetworkwerenotincluded.Theyanalyzedtheavailabilityoftheirsystemindifferentareaslikehardware,software,link/carrier,power,environmentandnetworkdesignreliability.ThehardwarereliabilityiscalculatedusingtheTelcordiapartscountmethod.Thehardwareavailabilityofalinkisgivenas Asystem=nYi=1A(i)(2) 25

PAGE 26

Figure2-2. Cisco'sveninessystem[ 3 ] WhereAdenotesavailability,andi=numberofcomponentsfromitonalongthelink.Incaseofasecondfailureduringtherepairoftherstfailure,theparallelavailabilityoftheredundantcomponentsisconsidered, ParallelAvailability=1)]TJ /F5 11.955 Tf 11.95 0 Td[((nYi=11)]TJ /F5 11.955 Tf 11.96 0 Td[(componentavailabilityi))(2)Forthehardwareavailabilitycalculations,theMTTRvaluewaschosentofourhours,asisthenormintraditionalPBXcalculations,andtheMTBFvaluesofeachcomponentwasdeterminedusingcalculationsinthebooktitledHighAvailabilityNetworkingFundamentalspublishedbyCisco.ForanalyzingpowerreliabilityCiscohasuseddatafromAPCcorporationtoestimatethepoweroutagedurationsfordifferentregionsinNorthAmerica.TheyhaverecommendedtheuseofaUPSandageneratorbackuptoachievehighavailability.The 26

PAGE 27

availabilitycalculationsthusobtainedbyanalyzingeachthedifferentkindsoffailureswerecombinedusingequation 2 2.5ShoreTel'sFive-NinesSolutionShoretelhasalsodesignedahighavailabilityVOIPsystem,asdescribedintheirwhitepaper[ 4 ].Theirsystemusesadistributedcallcontrolcomponentandcontainsmoduleswithrelativelysmallernumberofcomponents,makingitlessvulnerabletofailures.Theyalsoarguethattheirmodulardesignmakesthecomponentseasiertorepair,takingtheMTTRvaluetounder4hours,thestandardvalueusedforavailabilitycalculations.Theyalsostatethataddingredundantpowersupplies,discdrivesandfansreducesthereliabilityofthewholesystemsasthesearehighlypronetofailuresbecauseofwearandtearfromtheirmovingparts.TheircalculationsareshowninFigure 2-3 [ 4 ].TheMTBFoftheirmodulesiscalculatedusingtheBellcore Figure2-3. Effectofredundantpowersupplies,discsandfans[ 4 ] TR322standard.Theredundancymodelusedisn+1redundancy,whichremovesthepossibilityofasinglepointoffailure.Thedistributedcallcontrolcomponentalsohelpsinincreasingthenetworkavailability.ThisisbecausethesystemrelieslessonWANandalltheprocessingofcallsishandledbythenearestcallcontrolcomponent.SoeveninthecaseofWANfailuretheindividualsubcomponentsareselfsufcient. 27

PAGE 28

Inthecaseofahardwareornetworkfailure,separatefailovertrunkscandothejobofroutingthecalls.Therearealsoprovisionsforanalogtrunksincasethedigitaltrunksfail.AnotherfeaturetoprotectthesystemfromnetworkfailuresisitsabilitytousethePSTNevenforinternalcalls.Therefore,eveniftheIPnetworkfails,theinternalcallsareroutedouttothePSTN,andtheninturntothedestinationusingDirectInwardDialing(DID).Thewhitepaperbrieytalksaboutsoftwarereliability,butstatesthatenoughdatatosupportthecalculationswasnotavailableatthetimeofitspublishing. 28

PAGE 29

CHAPTER3COMMUNICATIONPROTOCOLSUSEDINIPTELEPHONY 3.1SessionInitiationProtocolTheSessionInitiationProtocol(SIP)isoneofthemostpopularprotocolsusedforsettingupVOIPcallsandisthecruxofourphonesystem.Itisresponsibleforinitializing,modifyingandtearingdownsessions[ 11 ].TheaddressingforthesesessionsisbasedonUniformResourceIdentiers(URI)oftheinvolvedpartiesandnottheterminalsthattheyareusing.Thisleadstoportabilityandhelpsinsupportingmobileusers.Itisatextbasedapplication-layerprotocolanditssyntaxisverysimilartotheHypertextTransferProtocol(HTTP).Itdoesnotactasamediagatewayandisonlyresponsibleforthesignaling.Themediamaybetransmittedusinganysuitableprotocol.SIPdoesnotdenethemediatransferprotocoltobeused.ItcanbeusedovereitherTCPorUDP,andbydefaultusesportnumber5060.ThesimilarityofSIPtoHTTPallowscompatibilitywithwebbrowsers.TheSIPmessagecanbeofanyformat.SoanykindofinformationmaybetransmittedviaSIP.ItmaycontainmessagesfromotherprotocolssuchasRealTimeProtocol(RTP),SessionDescriptionProtocol(SDP),ResourceReservationProtocol(RSVP)andRealTimeStreamingProtocol(RTSP).SIPisresponsiblefordeterminingthelocationoftheendpointtobeusedbasedontheURI,withthehelpofaDNSserver.Italsodeterminestheavailabilityofthecalledusersandtheirwillingnesstoestablishthecommunicationlink.EstablishmentofcallsisalsoundertakenbySIP.Duringcallestablishment,userparametersarenegotiatedbeforeactualmediacanstartowingbasedonthoseparameters.Oncethecallhasbeenestablished,SIPhandlescalltransfers,andholds.Finally,afteroneoftheusershangsup,SIPterminatesthesession.ASIPserveracceptsrequestsfromaUserAgentClient(UAC)andsendsbackresponses.Theservermayactasaproxyserver,inwhichcaseitcanactasaclientandforwardrequeststoanotherserveronbehalfofaclient.Anotherrolethattheserver 29

PAGE 30

canplayisthatoftheregistrar.Byvirtueofthisrole,itacceptsREGISTERrequests,andchecksiftheUACisauthorizedtoregisterwiththenetwork.AusercanonlymakeacallthroughaSIPproxyifhe/sheisregistered.TheregistrationprocessisshowninFigure 3-1 [ 5 ].Usuallythedutiesoftheproxyserverandregistrarareperformedbythesamemachine.CorrespondingtoUACs,thereexistsUserAgentServers(UAS),whichacceptSIPrequestsandrespondonbehalfoftheenduser.UASandUAChandlesignalingandmedia,unlikeservers,whichonlyhandlesignaling.ThecomponentsofSIPareshowninFigure 3-2 .TheSIPProxyserverformsatriangulartopologywiththeuseragentserverandclientasshowninFigure 3-3 [ 5 ].TheproxyserverreceivesrequestsfromtheUAC,anddecideswheretoforwardthatrequest.ItmayeitherforwardittoaUAS,asshowninthegure,ortoanotherserver.Theresponsealsofollowsthesamepathinreverse.Incasetheserverndsmultipledestinationfortherequests,itcanforktherequestandsendittoallofthem. Figure3-1. SIPregistrationprocess SIPusessixmessagetypes,ormethods,whichtakecareofallthefunctionsdescribedintheprevioussection.Theseare: 30

PAGE 31

Figure3-2. SIPmaincomponents[ 5 ] Figure3-3. TriangulartopologybetweentheSIPproxy,UASandUAC 31

PAGE 32

INVITE:ThisistherequestsentbyaUACwhenitwishestoestablishacallwithanotheruser.ItincludestheparametersanddescriptionofthemediainthetheSDPformat.SDPhasbeenexplainedinasubsequentsection. ACK:ThisisthemessageusedtoacknowledgethereceiptoftheresponsetoanINVITEmessage.Itisthelastmessagesendduringtheinitialestablishmentofthecall. OPTIONS:Thisisthemessageusedtoqueryaboutthecapabilityofanotheruseragent. BYE:Thisisthemessagesentwhenauseragentwishestoterminatethecall. CANCEL:Thisisthemessageusedtocancelapendingrequest. REGISTER:ThisisthemessageusedtoregistertoaSIPserverasexplainedearlier.Therequestslistedabovegenerallyresultinaresponsecode.ThedifferentresponsecodesareshowninTable 3-1 Table3-1. SIPresponsecodes ResponsecodeNameMeaning 1xxInformationalRequestreceived,processing2xxSuccessActionsuccessful(actsasACK)3xxRedirectionFurtheractionrequired4xxClientErrorCurrentservercannotprocessrequest5xxServerErrorServerfailedtoprocessrequest6xxGlobalFailureNoservercanprocessrequest 3.2RealTimeProtocolTheRealTimeProtocol(RTP)takescareoftransferofaudioandvideodatainrealtimeduringacall.Inorderforthedatatobetransported,ithastobepacketizedbyacodec.RTPallowsthespecicationoftimingandcontentrequirementsofthemediatransmissionfortheincomingandoutgoingpacketsusing: Sequencenumber Time-stamps Packetforwardwithoutretransmission Sourceidentication 32

PAGE 33

Contentidentication SynchronismThedefaultportusedbyRTPis5004.RTPdoesnotguaranteein-orderorreliabledelivery.Itreliesonthelowerlayerprotocolstoprovidetheseservices.Itdoesnotprovideanytimingguaranteeeither.TheformatoftheRTPmessageisshowninFigure 3-4 [ 12 ].VstandsforversionandMformarker,whichisusedfordemarcatingstreamboundaries.PTspeciesthepayloadtypeandCCspeciesthenumberofcontributingsourceidentiersofthemessage.TheRealTimeControlProtocol(RTCP)monitorstheRTPpacketsandmeasuresdelayandjitter.RTCPpacketsaresentperiodicallyalongthesamepathastheRTPtrafcbutonadifferentport.Thesepacketsinformtheserverandclientaboutthequalityofservicesbeingachievedintherealtimecommunication,thuskeepingtrackofthequalityofthecall. Figure3-4. RTPmessageformat 3.3SessionDescriptionProtocolBeforethetransmissionofvoice/videodatastarts,thecodechastobespecied,andthequalityandparametersofthesessionhavetobenegotiatedbetweentheuseragents.SessionDescriptionProtocol(SDP)isresponsibleforthis[ 13 ].TheSDPmessagestravelasapartoftheSIPINVITEmessage.Theyconveysinformationpertainingtothesessionaswellastothemedia.Thisisdonebymeansofcertain 33

PAGE 34

attributesandattribute-valuepairs.SDPisatextbasedprotocol,andusestheISO10646charactersetinUTF-8encoding,andiscompatiblewithotherprotocolslikeHTTP[ 14 ].TheinformationconveyedbySDPincludes: DetailsofthesourceofthesessionsuchasIDofthesourceanditsaddress Nameandidenticationofthesession Informationaboutthetypeofconnection Detailsaboutthebandwidthusage Timinginformationandprovisionforschedulingperiodicsessions Optionsforencryptingthesessionbysendinganencryptionkey Detailsaboutthemediaformatandprotocolusedtotransmitit 3.4TelephoneNumberMapping(ENUM)ThesuccessofanIPtelephonysystemiscriticallydependentonitsabilitytointer-operatewiththePSTN.IPphonesmusthavetheabilitytoaccessthePSTN,aswellastakeadvantageoftheservicesthatareaccessedthroughtheInternet.Telephonenumbermapping,orE.164NUmberMapping(ENUM)[ 15 ]isatechniquethatachievesthisfunctionalitybymappingaphonenumbertodifferentkindsofrecords,suchasURLs.E.164referstothestandardnumberingplanissuedbytheInternationalTelecommunicationUnit(ITU),anddenesaphonenumberasacountrycode,followedbyanareacodeandatelephonenumber[ 16 ].BymakinguseofENUM'sDNSbasedarchitecture,thephonenumbercanberedirectedacrosstheInternetusingnamingauthoritypointer(NAPTR)resourcerecords[ 17 ].Themethodofdatainputinphonesislimitedusuallyonlytothekeypad,andENUMprovidesaccesstoawidevarietyofserviceswithinthatconstraint.Therefore,ENUMcanbethoughtofascircuit-switchedtypetrafcalongapacket-switchednetwork,bymappingaphonenumbertoaURL[ 18 ]. 34

PAGE 35

OursystemusesENUMlookuplocallytoredirectcalls.Forthispurpose,alocalDNSserverwiththeappropriateNAPTRrecordsisrequired.Theserveriscreatedusingtinydns.ENUMconvertsanE.164phonenumbertoanInternetaddressbyreversingthedigitsandappendingthelocalDNSextension.Forinstance,toaccesstheirvoicemailaccounts,theusersofoursystemneedtodialtheextension8000.ThiscallhastoberedirectedtoFreeSWITCH,theSIPaccessory,whichhastheentryforprocessingextension8000initsdialplan.TheSIProuterguresoutthisdestinationusinganENUMquery.Theextensionnumber8000getsconvertedto0.0.0.8.localdns.com.ThisaddressisthenusedintheformofaDNSquery,resultinginaNAPTRrecord.TheNAPTRrecordhastheinformationforredirectionofthecallbasedonthedialednumber.ThisworkingisshowninFigure 3-5 .ThereversingofthedigitsisdoneasDNSreadstherecordsfromrighttoleftinahierarchicalmanner. Figure3-5. OperationofENUM ANAPTRrecordcontainesthefollowingelds[ 19 ]: Theordereld,whichspeciestheorderinwhichtherecordsisprocessed. Thepreferenceeld,whichdetermineswhichrecordtoprocessrstincasetworecordsofhavingthesameordereldarereturnedasaresultofanenumquery. 35

PAGE 36

Theserviceeld,whichspeciestheprotocolsandservicesthatcontactthedomaininquestion. Theagseld,whichdenesactionsforsubsequentDNSlookups. Theregexpeldisoneoftheeldsthatcandenetherewriterulefortherecordbymeansofregularexpressions. Thereplacementeldistheothereldthatcanbeusedtodenetherewriterule.TheremaybeseveralmatchingNAPTRrecordscorrespondingtoasingleE.164numberandtheywillallbereturnedasaresultoftheDNSlookup.Theorderinwhichtheywillbeprocesseddependsonthepreferenceandordereldsoftherecord.Therefore,thisgivesusaverysimpletechniqueforredirectingacallbasedontheparametersofthecallandtheavailabilityoftheuser.Dependingonthetypeofcall,itmayhavetoberoutedtotheFreeSWITCHserver,oritmaybedirectlyroutedusingtheKamailioserver.Incasetheuserisbusy,thecallshouldberedirectedtovoicemailwiththehelpofFreeSWITCH.Alltheseactionscanbeperformedusingtheenumtreebyappropriatelysettingtheorderandpreferenceelds. 36

PAGE 37

CHAPTER4COMPONENTSOFTHEPHONESYSTEM 4.1OverviewofaCompleteVOIPSystemAfullyfunctionalVOIPsystemconsistsofseveralcomponentsresponsiblefordifferentaspectsofthecommunication.ThesecomponentsareshowninFigure 4-1 .Agenericoverviewofeachofthesecomponentsandtheroletheyplayinthesystemisnowprovided[ 5 ].Thisisfollowedbyadetaileddescriptionoftheactualcomponentsusedinoursystem,explaininghowtheyfullltheseroles.TheinitialdiscussionpertainstoasystemusingSIPasthesignalingprotocol,sincethisistheoneusedinoursystem.Notethatthereareotheroptionsavailable,suchasH.323. Figure4-1. ComponentsofacompleteVOIPsystem 4.1.1SIPProxyThisisthecentralcomponentofthesystem,whichinourset-upisKamailio.Itisresponsibleforregisteringusersandmaintainingauserdatabase.ItalsotakescareofsettingupandtearingdownofVOIPconnections.Itdoesnothandletheactualmultimediatrafcbetweenuseragents. 37

PAGE 38

4.1.2UserAdministrationandProvisionPortalTheadministrationportalallowsuserstomanagetheirsubscription,andtheadministratortoregulatethesubscribers'privileges.Theusersshouldbeabletoupdatetheiraccountinformation,password,andaddcallingcredit.Administratorsusetheportaltoaddnewsubscribers,changetheircreditsandtypeofsubscription.ChangestotheparametersoftheSIPservercanalsobemadeusingtheportal.Theprovisionportalallowstheendsystemtocongurethemselvesbydirectlyacceptingthesettingsfromaserver,therebyremovingthehassleofconguringeachdeviceindividually.Provisioningisdescribedindetailinalatersectionofthischapter. 4.1.3PSTNGatewayThePSTNgatewayenablesVOIPsubscriberstomakecallstoPSTNsubscribers.ThisisacriticalfeatureofanyIPtelephonysystem,asthelackofinteroperabilitywiththePSTNwouldgreatlyrestrictthesubscribers'abilitytoconnectwithusersoutsideoftheirnetwork.UsuallytheE1orT1trunksareusedfortheinterfacing.ThisroleisfullledinoursystembytheVOIPprovidertowhichwearesubscribed.DirectingoutgoingcallstothenetworkoftheVOIPproviderrequirestheresolvingofcertainissues,whichshallbediscussedshortly. 4.1.4MediaServerAsexplainedatthebeginningofthischapter,multimediamessagesarenothandledbytheSIPserver.AmediaserverisrequireddealwithfunctionsthatrequireinteractivemediacommunicationbetweentheVOIPsystemandtheuseragents.Inoursystemthesefunctionsarevoicemail,automatedattendant,musiconholdandconferencecalls.ThemediaservermustbeabletoexchangeSIPmessagesaswellRTPpacket,actingasaSIPAccessory.FreeSWITCHistheSIPaccessoryinourVOIPphonesystem. 4.1.5MediaProxyWhilediscussingthePSTNgateway,itwasmentionedthatsomeissuesneedtoberesolvedinordertoconnectthesubscribersoftheIPtelephonysystemtothenetworkof 38

PAGE 39

theVOIPprovider.OneofthemainissuesisNATtraversal.AVOIPsystemisthereforeincompletewithouttheprovisionofsomemeansoftacklingthisissue.FreeSWITCHprovidestheconnectiontoourVOIPprovider,actingasaSessionBorderController(SBC)byfunctioningasaBack-to-BackUserAgent(B2BUA)duringtheentiredurationofanoutgoingcall.Detailofthisfunctionalityisprovidedinsection 4.4.3 4.1.6MonitoringToolsThesetoolsarerequiredtodebuganyproblemintheSIPserver.Thesemayincludeaprotocolanalyzer,andpacketsnifngtoolslikengrep,Wireshark,tcpdumpandethereal.KamailiohasamodulecalledSIPTrace,whichisalsousefulindetectingerrorsintheSIPserver'soperation.TherestofthischapterdiscussestheindividualcomponentsusedinourVOIPphonesystem.TheseincludeKamailio,whichistheSIProuter,FreesWITCH,theSIPaccessory,andnally,theprovisioningserver. 4.2AlpineLinuxTheoperatingsystemonwhichtheVOIPsystemhasbeensetupisAlpineLinux.ItisaLinuxbasedoperatingsystemspeciallydesignedforrouters,rewalls,VirtualPrivateNetworks(VPNs)andVOIP[ 20 ].ItisverysimpletoinstallandcanrunonaUSBstick,whichishowwearerunningit.ItisdesignedfortheexperiencedLinuxuserandgivestheusercompletecontroloverthesystem.AlpineLinuxusesPaXprotection,whichimplementsleastprivilegeprotectionformemoryaccess.Thiscreatesahighlysecurekernelwhichisextremelydifculttopenetrate,protectingitfrombugs[ 21 ].AlpineLinuxtakesabout4-5MBofspace,excludingthekernel,ascomparedtogigabytesinthecaseofmostoperatingsystems.ItcanrunfromRAM,sothereisnothreatoftheharddiskwearingoutasaresultofmultipleread/writeoperations.ForRAMbasedinstalls,whichisthecaseinoursystem,datacanbebackedupusingtheLinuxBackupUtility(LBU).LBUsavesallthecongurationinformationinasinglele,whichcanthenbeusedwhenthesystemisrestartedtogetbackthelastsaved 39

PAGE 40

conguration.ThecongurationlecanalsobecopiedtoanycompatibleAlpineLinuxsystem,resultingintheexactsamesettingsonadifferentUSBstick.Therefore,theOSishighlyportable.AveryusefulfeatureinAlpineLinuxistheAlpingCongurationFramework(ACF),whichisawebcongurationutility.AlmostalltoolshaveanACFplugin,whichenablestheusertoaccessandmodifythemusingaweb-interfaceinaremoteterminal.AlpineLinuxcontainsalight-weightbrowsercalledmini httpd,whichtransferstheinformationfromtheAlpinesystemtotheremote-terminalviasecureHTTP.ACFthusgivestheuseraGUIforconguringalmostallthesettings.Thisfeatureprovestobeextremelyusefulwhileconguringtheprovisioningserverandthevoicemailaccounts. 4.3KamailioKamailioistheopensourceSIProuterusedinoursystem.ItiscomplianttoSIPprotocol,andcanhandlethousandsofcallspersecondevenonlow-budgethardware.Italsoactsastheregistrar.Ipversions4and6botharesupportedbyKamailio,andithassupportforcommunicationviaTCP,UDP,TransportLayerSecurity(TLS)andStreamControlTransmissionProtocol(SCTP).ItcanruninLinux,SolarisandFreeBSDenvironments.ThecongurationlesarewritteninCShell-likelanguage,whichgivestheusercompletecontroloverthebehavioroftheserver[ 22 ].KamailiohasbeenwrittenentirelyintheClanguage.Thismakesitextremelyportableandexpandable.NewmodulesforanyspecicpurposecanbeeasilywrittenusingClanguage.Asaresultofnewmodulesbeingaddedtoprovidemorefunctionality,Kamailiocanalsofunctionasaloadbalancerorapresenceserver[ 5 ].ItisalsopossibletoaccessscriptswritteninCorJavafrominsideKamailio,whichgivestheadministratorcompletecontroloftheoperationsoftheSIPserver.ThemodulararchitectureofKamailiomakesitextremelyexibleandeasytotweakaccordingtotheuser'srequirements,andenhancethefeaturesoftheserver.Theproxyiscapableofoperatinginstatelessandstatefulmodes,andprovidesNATtraversal 40

PAGE 41

supportforSIPandRTPtrafc.Italsohasfeaturesforroutingfail-overandreplicationforhighavailability.Thisfeatureishighlysuitedtoourpurpose.TheaccountingofthecallsthroughKamailioiseventbased,andtheparametersoftheaccountingareeasilycongurable.Italsohasfeaturesforaccountingofmulti-legcalls.Thedataoftheusersisusuallystoredinadatabase,RadiusorDiameter.WehaveusedPostgreSQLforthispurpose,whichiscompatiblewithKamailio,asareotherdatabasemanagementsystemslikeMySQL,UnixODBCandBerkeleyDB,amongothers[ 22 ].AllthenecessaryinformationaboutthesubscribersisstoredinthePostgreSQLdatabase,andtheauthenticationofauserwhileregistrationisdonewithitshelp.TheexibilityofKamailioalsoallowsittointerfacewithextensionswritteninotherlanguageslikePerl,JAVA,LuaandPython.Itallowsfordifferentkindsofback-endsservingdifferentpurposestooperatesimultaneously.Theinter-connectionofKamailiotootherserviceslikeMediaServersandPSTNgatewaysisfairlysimple.CreatingafullyfunctionalVOIPsystemwithKamailioastheSIPproxyisthuseasilyachievable. 4.3.1ScalabilityKamailioishighlyscalable,andcanfunctioninalmostanytypeofmachine.Evenonembeddedsystemwithconsiderablylowresourcesitisabletomakehundredsofcallsetupspersecond.Whenoperatedonsystemswith4GBmemory,itcanserveabout300,000onlinesubscribersatonetime,andwhenusedasaloadbalancerinstatelessmode,itachievesratesofover5000callsetupspersecond[ 22 ].ManyVOIPsystemsaregeographicallydistributedandarehencemoredifculttomaintain.Kamailiomakesthesetypeofsystemspossible.Provisionforimplementingredundancyandfailoverisalsopresent,whichisnecessaryforaHighAvailability(HA)system. 4.3.2KamailioArchitectureKamailioconsistsofacorearoundwhichallthefeaturesdescribedabovearebuilt.ThecorehandlesthebasicfunctionalityasaSIPserverandRegistrar.Themajorityof 41

PAGE 42

functionsarehandledbypartsofthearchitectureknownasmodules.Thesearebuiltaroundthecore.Theirfunctionalityisaddedthroughnewcommandsandparametersusedinsidescripts.Eachmoduleusuallytakescareofonefeatureandisindependentoftheothermodules.Hence,hundredsofmodulesexist.Theonesthatarerequiredbyasystemcanbe'loaded'intothecongurationlekamailio.cfg.Asitiswritteninascriptinglikelanguage,itprovestobeaveryconvenientmechanismforaddingserviceswritteninanyscriptinglanguageasmodules.Newmodulescanbeeasilyaddedwithoutaffectingthecoreoranyothermodule. 4.3.3TheCongurationFileThekamailio.cfgcongurationleisplacewheretheentireVOIPsystemisshaped.Alargenumberofparametersareavailablethroughthecongurationle.Alltheroutingcriteriaaredenedhereandthesortingofcallsaccordingtotheirdirection,class,oruserscanbedoneveryconveniently.AlmosteveryscenariooftheSIPprotocolcanbedenedalongwiththeactionsrequired.Callscanalsoberedirectedtootherservers,afeaturethatwehaveusedextensivelyforredirectingcallstoFreeSWITCH.Theleallowstheadministratortoaccessandchangeparametersspecictoauseroracall,whichgiveshim/hertotalcontroloverthemanagementoftheVOIPsystem.Inadditiontothis,thesechangesmayalsobemadeduringrun-time.Sofeaturesmaybeadded,deletedormodiedthroughthecongurationleevenwithoutrestartingtheserver.Thecongurationleiswellorganizedandfairlyeasytounderstandandmodify.Itisdividedintodifferentsections.Themainsectionsarenowdescribed.AsamplecongurationleisgiveninAppendix A 4.3.3.1GlobaldenitionsThissectionisusedfordeclaringtheglobalKamailioparameters,forexampletheipandportthatitwilllistentoandthepathwherethemodulelesarelocated.Userdenedfunctionsthatareglobaltothesystem,andstringsubstitutionsarealsousuallydeclaredinthisblock. 42

PAGE 43

4.3.3.2ModulesThissectionisusedforloadingthemodulesasdescribedearlier.Thecommandusedhereiscalledloadmodule.Themodulesarerequiredforbasicoperationslikeroutingtheinternalcallsarealreadyincludedaspartofthedefaultcongurationthatcomeswiththefreshinstall.Allothermodulesmustbeloadedaccordingtotheuser'srequirements.Thesemodulesperformspecicfunctionssuchasenumqueriesandmodicationofcallvariables,andgiveaccesstotheKamailiocore. 4.3.3.3ModulescongurationEachmodulecontainsseveralparametersthatcanbedenedandmodiedbytheuseraspertherequirementsofthesystem.Thissectionservesthatpurpose.Thecommandusedfordeclaringtheparametersismodparam.Theparameterscomewithdefaultvalues,soomittingthesecommandswillnotresultinanyerrors,buttheymustbeclearlylookedintotosuitthedesiredoperationofthesystem. 4.3.3.4MainroutingblockThisblockisanalogoustothemainfunctioninahighlevelprogramminglanguage.Theprocessingofeachandeverycallstartsfromthemainroutingblock.Theinitialoperations,suchasdeningthetimeconditionsandextractingthetypeoftheSIPmessageareusuallyperformedhere.Theprocessingofthemessageaccordingtotheirtypethentakesplace.Initialcheckssuchasthelengthofthemessageandnumberofhopsarealsodoneinthisblock. 4.3.3.5SecondaryroutingblocksTheseblockscanbethoughtofasuserdenedfunctionsandsubroutines.Theyareusedtoperformactionsbasedonspecicconditionsofthemessageandstateofthenetwork,suchastheavailabilityofthedestinationuser,andthevalueofvarioustimeouts.Secondaryroutingblocksaredenedusingthecommandroute[routename]. 43

PAGE 44

4.3.3.6ReplyroutingblocksAsdescribedinaprevioussection,theSIPrequestsresultincertainreplies.Theoperationstobeperformedbasedontheserepliesaredenedinreplyroutingblocks.Usuallytheseareusedtoprocess200OKmessages. 4.3.3.7FailureroutingblocksTheseblocksareusedtodenetheactionstakenincaseoffailedrequests.Eventssuchastheuserbeingbusy,ortheringerbeingtimedoutarehandledhere. 4.3.4RoleofKamailiointheVOIPPhoneSystemKamailioplaysthepivotalroleinthesystemandisitsmostimportantcomponent.ItperformsthedutiesoftheSIPregistrar.EachpieceofterminalequipmentthatdesirestomakecallthroughtheVOIPnetworkmustsendREGISTERrequeststotheIPaddressthatKamailioislisteningto.Onreceivingsucharequest,KamailioperformstheSIPregistrationprocessdescribedinsection 3.1 .APostgreSQLdatabaseoftheregisteredusersismaintained,andKamailioveriestheauthenticityoftheusersbasedonthisdatabase.Onceregistered,theuserscanmakecallsaccordingtotheprivilegesprovidedtothemaspertheirsubscriptionandagreementwiththeserviceprovider.EverycallthusmadewillgototheKamailioserverandinitialsettingupofthecallwillbeperformedasmentionedinsection 4.3.3.4 .Kamailiothendeterminesthetypeofcallrequested,andperformsauthenticationchecks.Basedonthetypeofcall,theroutingdecisionisthenmade.AtthispointKamailiomaydirectlyroutethecalltothedestinationifitisaninternalcall,oritmayperformanenumquerytogureoutthecorrectdestination.Ifthecallismeanttogotovoice-mail,forexample,KamailiowillredirectittothecorrectIP.Detailsoftheseoperationsaredescribedinchapter 5 .Duringnormaloperation,Kamailiomayoperateinstatelessmode.Thismeansthatitwillonlybeinvolvedinthesettingupofthecall,andafterthatwillactasasimplepacketforwarder.Oncethecallhasbeenestablished,Kamailiowillnotlook 44

PAGE 45

intothecontentsofthemessagesexchanged,andwilldiscardthemimmediatelyafterforwarding.Thisbenetstheperformanceofthesystem,astheloadontheSIProuterisgreatlyreduced,enablingittosupportmoreuserssimultaneously.Apartfromthis,Kamailiocanalsoperformtheaccountingandbillingofthecallsoncetheyareconcluded.Thisoperationtakesplacewhenoneofthepartiesinvolvedinthecallhangsup,therebysendingaBYEmessagetotheSIPserver.ThisfunctionmayrequiretheSIProutertofunctioninastatefulmode. 4.4FreeSWITCHFreeSWITCHisanopensourceIPtelephonyplatform.Itishighlyscalableandworkswithawiderangeofcommunicationprotocols.Itcanbeusedasasimpleswitchingengine,aPBX,amediagateway,oramediaservertohostIVRapplications[ 1 ].Itmakescomplicatedfunctionslikevoice-mailandmusiconholdfairlysimpletoincorporateintothephonesystem.InthedesignedVOIPphonesystem,FreeSWITCHfunctionsasamediaserverandanSBCuseragent.ItcannotserveasaSIPproxy,hencethatfunctionisperformedbyKamailio. 4.4.1ArchitectureofFreeSWITCHThedesignofFreeSWITCH,likeKamailio,isbasedonastablecentralcorewithmodulesforspecicfunctionality.Thecoreprovidesaninterfacetotheseoduleswhichallowsdeveloperstocontrolthesystemefciently,and,ifrequired,addtheirownmodulesconveniently.Thedifferentmodulesthatoperateonthecorearecompletelyindependentofeachother.Eachmodulegeneratesanumberofgenericevents,whichgointothecore.Theothermodulesareprogrammedtolistenfortheseeventsandaredrivenbythemaccordingly.Themoduleshavenoinformationofthesourceoftheseeventsortheworkingofthemodulesproducingthem,andtheiractionsareindependentofthesource.Thiskindofdesignmakesaddingnewmodulesveryconvenientforthedevelopers.Someoftheimportantmodulesaregivenintable 4-1 45

PAGE 46

Table4-1. PopularFreeSWITCHmodules[ 1 ] ModuletypePurpose EndpointTelephoneprotocolslikeSIP/H.323andPOTSlinesDialplanParsethecalldetailsanddecidewheretorouteCodecTranslatebetweenaudioformatsApplicationPerformatasksuchasplayaudioorsetdataAPIExportfunctiontakingtextinputreturningtextoutputFileExtractandplaysoundfromvariousaudioformatsText-To-SpeechInterfacewithtext-to-speechenginesAutomatedSpeechRecognitionSpeechrecognitionenginesDirectoryConnectdirectoryinformationtocommoncoreChatBridgeandexchangevariouschatprotocolsSayStringtogetheraudioletosaythingslikenumbers 4.4.2BasicOperationThemostimportantmodulesintheFreeSWITCHarchitecturearetheEndpointmodules.Thesemodulesprovideaninterfacetooneofthesupportedcommunicationprotocols.SuchaconnectionbetweenFreeSWITCHandaprotocolsuchasSIPorH.323isknownasasession.TheconnectionisbasedontheparametersandsettingsdenedintheXMLcongurationle.WeareinterestedinthemodulethatcreatesaninterfacewiththeSIPprotocol,namely,mod soa.ThismoduleenablesthetriggeringSIPactionsviatheFreeSWITCHcommandsandviceversa.ThebasicoperationofFreeSWITCHisthefollowing.First,aSIPphonesendscallsetupmessagetomod soa,theSIPmodule.Thecallisthenpassedtothecorestatemachine.ThisbringsFreeSWITCHintheroutingstate.ItnowlooksforamodulecalledtheDialplan,whichisanXMLledescribingcallspecicactionsforeachscenario,knownasanextension.AcallmaymatchmorethanoneextensionintheDialplan,andthushavetherequiredactionsforeachofthoseextensions.Thematchingofextensionsisdonebymeansofregularexpressions.TheDialplannowbuildsatasklistforthecurrentcallandinsertsinstructionsintothesessionobject.AsampledialplanleisgiveninAppendix B .AfterthisFreeSWITCHgoesintotheexecutestate,sequentiallyimplementingthetasksdescribedintheDialplan.Theexecutionisdone 46

PAGE 47

bytheApplicationmodule.ThetasklistiscreatedbytheDialplanintheformoftheapplicationname(whichisgoingtoexecutethetask)andtheargumentsitrequires.Theapplicationsloadedonthecorewillbelisteningforthesetasks,andwillexecutetheonesmeantforthem.Itshouldbenotedthattheseapplicationhavenoinformationaboutthesourceofthesetasks.Alltheyarelookingforistheinstruction,andexecutionofthetask.ThismakestheimplementationsimplerandalsomakesFreeSWITCHextremelyscalable.Themostcommonapplicationisthebridgeapplication.Thisapplicationcreatesasessionwithanoutboundconnection,andbridgesittotheinboundsession.Oncethetwosessionsarebridgedtogether,audiocanbetransmittedinbothdirection.Inotherwords,thecallgetsconnected.Thisisdoneintheexecutestate,wheretheinformationresultingfromthebridgeapplicationispassedtothedesireduser.Theexecutionofthebridgeapplicationthuscreatesthenewoutboundsession,inadditiontotheoriginalsessionthattriggeredtheexecution.Ifthetwosessionaresuccessfullycreated,theycanbebridgedtogether,resultinginaconnectedcall.Thesequenceofeventsdescribedabovetakesplacewheneverythinggoesperplanandthedestinationuserisavailable.Intheeventofnoanswerfromthedestination,thecalltimesout,andthen,dependingonthetasklistfromtheDialplan,maygotovoice-mail,ormaybeforwardedtoanotherdestination.Theseactionsareperformedbyotherapplications,listeningforappropriateeventsthroughthecore.ItisthusextremelyimportanttohavetheentriesintheDialplanintheexactorderastheactionstobetaken.Forexample,supposethedesiredbehavioristoconnectthecallandwaitfortheusertoanswer,followedbyswitchingovertovoice-mailiftheuserisbusyordoesn'tanswer.Inthatcase,thedestinationmatchingandexecutionofthebridgeapplicationmustbewrittenintheDialplanrst,followedbythevoicemailapplication.TheDialplanalsoallowsustoaccessandchangecertainuserparameters,bymakinguseofwhatareknownaschannelvariables.Thesevariablescanbeextracted 47

PAGE 48

andmanipulatedinthespecicationoftheextensions.TheyprovideasimilaraccesstothecallparameterslikethepseudovariablesdenedinKamailio.ThecongurationlescanbeusedtodeclareglobalvariablesliketheIPaddressofthemediaserver,andanyuserdenedvariables.Thecongurationcanbewritteninamodularfashion,withdifferentXMLlesfordifferentpurposes.Thelescanthenbeincludedinthecentralcongurationle,wheretheprocessingofeachcallstarts.Thisisparticularlyusefulwhilecreatinguseraccounts.Eachuseraccountcanbecreatedasaseparatele,hencemakingitextremelyconvenienttocontroltheprivilegesoftheindividualusers.Theusersmayalsobegroupedtogether,andhaveacommonaccountle.ThedefaultFreeSWITCHcongurationisshownintheFigure 4-2 Figure4-2. TheFreeSWITCHdefaultconguration[ 6 ] 4.4.3SessionBorderControllerAsessionbordercontroller(SBC)isadevicelocatedatthelogicalboundaryoftwonetworks,whichcontrolsthecommunicationbetweenthem.Itresolvescompatibilityissuesarisingasaresultofdifferencesintheadministrationandprotocolsoftheborderingnetworks,providinginteroperabilityinspiteofthemismatch.Itcanalso 48

PAGE 49

providesecurityfeatures,keepingacheckonthevolumeoftrafcenteringanetwork,andhidingitstopologyfromsurroundingnetworks.SomeofthefunctionsanSBCcanperformarelistedbelow[ 23 ]: Networktopologyhiding Protectionfromintentionalandunintentionaloodingofanetwork Protectionfromunauthorizedaccesstoanetwork ResolvingNetworkAddressTranslation(NAT)issues Protocolconversion Transcodingofmediatrafc Translationofphonenumberformats ProvidingadditionalQoSsupportAsmentionedearlier,FreeSWITCHcanalsoactasanSBC.Inourphonesystem,wehaveusedisfornetworktopologyhidingandtoresolveNATtraversalissues.FreeSWITCHistheentityinournetworkthatisusedtoaccesstheoutsidenetworks,suchasthePSTNandthenetworkoftheVOIPprovider.ThiscanbeseeninFigure 4-3 .Itthusactsasthesingleinterfacevisibletotheseoutsidenetworks,hidingtheSIPproxyandtherestofthetopology.Thismakescommunicationsimpler,andalsomakesournetworklessvulnerabletoattacks.Inordertoperformthisfunction,FreeSWITCHactsasaBack-to-BackUserAgent(B2BUA).ThismeansthatitreceivesrequestsfromtheUACsortheIPphones,actinglikeaUAS.Itthenre-generatestheserequestsandsendsthemtotheirappropriatedestinations,behavinglikeaUAC.ThedifferencebetweenaB2BUAandaSIPproxyisthatallthedata,includingthemediastreamspassesthroughtheB2BUA.Henceitstaysintheloopofthecommunicationfortheentiredurationofthecall.ThisisshowninFigure 4-4 .Thesystemdesignedcurrentlyresidesinaprivatenetwork,withprivateIPaddresses.Thisraisescreatesaproblem,becauseaNATdevicecanonlyconvert 49

PAGE 50

Figure4-3. FreeSWITCHhidingthenetworktopology IPaddressesatLayer3andnotontheApplicationlayer[ 23 ].Thisculminatesinasituationwherethecallisconnected,butaudiodataisnotabletotraversethenetwork.FreeSWITCHresolvesthisissuebystayingintheloopofthecommunicationasdescribedabove,andchangingtheprivateIPaddressoftheSIPdevicestoitsownpublicIPaddressbeforerelayingittotheoutsideworld,thusactingonceagainasaB2BUA. 4.5TheProvisioningServerAsmentionedearlier,VOIPsystemsconsistofintelligentterminalequipment.UnlikethephonesinthePSTN,therefore,theSIPphonesandAnalogTelephoneAdaptersrequiresomeamountofcongurationsettingstobeadjustedbeforetheycanregisterwiththeSIPserverandbeusedformakingcallsandusingtheotherfeaturesofthephonesystem.Onewayofgoingaboutthisistomanuallycongureeachitem 50

PAGE 51

ofterminalequipmenteitherbymeansofthemenuonthedeviceorbyusingthecommonlyavailablewebcongurationutilities.Thismethodfeasiblewhenthesystemconsistsofasmallnumberofsubscribers,andalltheusersarefullyawareofthecorrectsettingsrequiredtomaketheequipmentworkinthatsystem.Anotherdrawbackof Figure4-4. FreeSWITCHasaB2BUA 51

PAGE 52

thisapproachisthatthereisnomeansofinformingthephonesofanychangesintheserversettings.Eventhesmallestofchangesmustbeconguredindividuallyineachofthephones.Thus,inarealworldscenario,conguringeachendsystemmanuallyprovestobeatediousandinconvenientapproach,andgiveswaytoprovisioning.Thisistheprocessbywhichtheterminalequipmentacceptsthesettingsofthesystemdirectlyfromapre-conguredcentralserver,makingitreadyforoperationwiththedefaultparameterssetintheserver.Thissavestheusersthehassleofgoingthroughthemenusofthephones,andallowsthemtostartusingtheservicesstraightaway.Thesettingsintheprovisioningserveraretestedpriortothedeploymentofthesystem,andhenceerrorsincongurationareextremelyrare.Thephonescanalsobeconguredtoregularlycheckforupdatedcongurationsettings.Thisgivestheserverasimpleandeffectivewaytoinformthephonesofthechangesintheserverandkeepthemuptodate.ProvisioningrequiresaDynamicHostCongurationProtocol(DHCP)servertoprovidethelocationofthecongurationlesviaDHCPoption66.Oursystemusesdnsmasqforcreatingtheserver.TheSIPphonesusedintheset-upcanbepoweredupusingPoweroverEthernet(PoE).Therefore,alltheuserhastodoisplugthephoneintoaPoEconnection.Thephonethengetspoweredup,andsendsaDHCPREQUESTmessagetotheDHCPserver,requestingforoption66aswell.TheDHCPserverrespondswiththeDHCPACKmessage,whichcontainsthenetworksettings,likeinthecaseofanyotherDHCPserver.ThesesettingsincludetheIPaddressassignedtothephone,thenetmaskandthegatewayofthenetwork.TheDHCPACKalsoprovidesthedetailsofthelocationoftheprovisioningserver,astheSIPphonerequestsforoption66.TheVOIPphoneswehaveusedcontainlightweightHTTPclients.OnreceivingthelocationoftheHTTPProvisioningserver,thesehttpclientsrequestforthecongurationlesfromtheprovisioningserverthroughregularHTTPrequests.ThisprocessisshowninFigure 4-5 52

PAGE 53

Figure4-5. Theprovisioningprocess AlpineLinuxprovidesapowerfulanduser-friendlyprovisioningapplicationknownasacf-provisioning,whichwehasbeenusedinourVOIPphonesystem.ConguringtheprovisioningserverismadeveryconvenientasaresultofAlpineLinux'sweb-congurationutility,ACF.Prolescanbecreatedbasedonthetypeofterminalequipment,withalltheparametersconguredaccordingtotheavailablefeaturesinthattype.AnewSIPphonecanthenbeaddedbasedonitsMACaddress.Thepurposeofsettingtheparametersofthatparticularphonecanbemetbysimplypointingittotherelevantprole.Acf-provisioningallowstheadministratortochangealmostanyparameterinthephonesystem.Ascreenofacf-provisioningisshowninFigure 4-6 .Defaultscanthusbesetinacommonpage,fromwhichalltheprolesgettheirvalues.Generalprolescanalsobecreatedforlesserknownmodelsandsoftphones.Allphonescommunicatewiththeprovisioningserverregularly.So,incasesomeparametersneedtobechanged,alltheadministratorhastodoischangetheminthedefaultspage.Thephonestherebygettheseparametersintheirnextinteractionwiththeprovisioningserver. 53

PAGE 54

Figure4-6. Conguringtheprovisioningserver 54

PAGE 55

CHAPTER5WORKINGOFTHECOMPLETESYSTEM 5.1OverviewThedesignedVOIPphonesystemoffersanovelapproachtoIPtelephony.ItcanprovideallthefeaturespresentinexistingIPBXs,butatmuchlowercostsasitisbasedentirelyonopensourcesoftwareandhasverymodesthardwarerequirements.ItrunsonRandomAccessMemory(RAM),whichmakesitextremelyeasytomaintainandalsoresultsinahighlyportablesystem.TheUSBdisksrunningthesystemcanbepluggedintoanycomputerwiththeappropriateamountofRAMandanInternetconnection,resultingintheexactsamefunctionality.TheUSBsaremadeunwritableduringnormaloperation.Thisleadstoahighlyprotectedsystem,whichcannotbeeasilytamperedwith.CreatingduplicatesoftheUSBdisksisfairlystraightforward,afeaturethatisbenecialforwhilebackingupthesystemaswellasexpandingthenetwork.OursystemisInternetinspired,andtheintelligenceofthenetworkliesattheterminalequipment,asmentionedinsection 1.4 .Theserverdoesnotimposeanyformoffeaturesonthephones.Provisionsaremadeforthefeatures,andtheuserscantweaktheparametersbymeansoftheSIPphonesaspertheirrequirements.AnyformofSIPenabledorSIPsoftphonecanbeused,anddependingonthecapabilityofthephone,thefeaturesbecomeavailabletotheuser.Hence,theuserisfreetouseaphoneofhis/herchoiceandhascontroloverthefeaturesavailabletohim/her.EventraditionalanalogphonescanbeusedwiththehelpofanAnalogTelephoneAdapter(ATA).ItactsasaninterfacebetweentheEthernetandtheanalogphoneconnection.So,thesystemishighlyexible,andirrespectiveofthetypeofendsystem,allowstheusertoperformatleastthebasicfunctions.Itcanbethoughtofasdistributedtypeofsystem,inthesense,thattheSIPserverisnotinthecommunicationloopatalltimes.Itisonlyinvolvedinthesettingupofthecall.ThemediadoesnottraversethroughtheSIPserverItgoesdirectlyfromoneend 55

PAGE 56

systemtotheother.Thisreducesthetrafcowthroughtheserver,asitdoesnothavetodoalltheprotocolhandling,makingitmuchmoreefcient.Asaresult,thenumberofdroppedcallsisreduced.Italsoallowstheservertosupportmorecallssimultaneously,asexplainedinsection 4.3.4 .ThedistributedandendsystemorienteddesignoftheVOIPphonesystemalsogivesitstructure,whichcentralizedserverslack.Differentkindsoffunctionsaredividedinanorganizedmanneracrossthesystem,insteadofoneserverdoingitall.Forexample,Kamailioisresponsibleforthecallsetupandbilling.TheSIPaccessory,FreeSWITCHhandlesthemediafunctionslikemusiconhold,voice-mailandconferencecallsandalsoactsastheBacktoBackUserAgent(B2BUA).IPphonesmaybeabletohandlecalltransfersandcallforwarding.Theycanalsocontrolparametersofotherfunctionssuchastheringertimeout.ThestructureofthesystemisdepictedinFigure 5-1 .Aswecansee,thesystemiswillconnectedtothePSTNnetworkaswell,andcansupportDirectInwardDialing(DID).Thesystemprovidesseveralextrafunctionsapartfrombasicvoicecalls.Thefunctionsthatweareconcentratingoninclude: InternalCalls ExternalCalls MusiconHold Voice-mail ConferenceCalls AutomatedAttendant 5.2ProcessingofCallsAsdescribedearlier,theinformationandcredentialsoftheregisteredusersarestoredinaPostgreSQLdatabase.Usersmaybeaddedmanuallybyextensionnumberorbyprovisioning.Incaseofmanualregistration,thephonesmustbeindividually 56

PAGE 57

conguredeitherbyaccessingtheirmenusandchangingthesettingsorusingawebinterface.Incaseofprovisioning,oncearegistereddevicecomesonline,itgetsallthecongurationinformationbysendingaDHCPREQUESTtotheDHCPserverwithoption66,followedbytherequesttotheprovisioningserver,asexplainedinsection 4.5 Figure5-1. StructureoftheVOIPphonesystem Eachcall,irrespectiveofitsdestinationgoesthroughsomeinitialstepsbeforeitcannallyberoutedaccordingtothedestinationURIandotherfactors,suchastheavailabilityofthecalledparty.Whenauserdialsanextensionoranexternalnumber,theSIPenabledphonegeneratesanINVITEmessagewiththeappropriatedestinationURI.ThismessageissenttotheSIProuter,i.e.,Kamailio.Kamailioinitializesthemodulesasdiscussedinthepreviouschapter,andsetstheirparameters.Themessagenowgoestothemainroutingblockwhereitisrstcheckedforcorruptorillegalelds, 57

PAGE 58

suchasthelengthofthemessagebeingtoolarge,orthenumberofhopsallowedbeingtoomany.Aftertheseinitialtestsarepassed,parameterslikethetimezoneofthecallandtheclassofthecallareinitialized.Now,basedonthedestinationURI,anumberofactionsmaybetakenbyKamailio.Thesearedescribedinthesectionsthatfollow.AsummaryofthisowisalsoshownintheowchartinFigure 5-2 5.2.1InternalCallsAninternalcallisdenedasacallwhosesourceanddestinationarebothregisteredtothesameSIPserver.ConnectinginternalcallsisoneofthemostbasicfunctionsofaSIProuter.ThesecallscanbehandledbyKamailioaloneandFreeSWITCHdoesnotcomeintothepicture.OncetheinitialprocessingoftheINVITEmessageiscompleteasdiscussed,KamailioreadsthedestinationURIandlooksforitintheregistereduserstable.Ifthedestinationisfoundinthetable,Kamailioconcludesthatthisisaninternalcallandaccordinglysetstheparametersofthecall.TheINVITEmessageisthenrelayedtothedestinationextension.ThedestinationSIPenabledphonereceivesthisINVITEmessage,andifnotbusy,repliedwithanACKmessage.TheACKmessagereachestheKamailioserver,andisrelayedtothecaller.OncethecallerreceivestheACK,itreplieswitha200OK,andthecallisestablished.ThetransferofvoicedataisnothandledbySIP.Whenoneoftheparticipantsofthecallhangsup,aBYEmessageisgenerated,andrelayedtotheotherparticipantthroughtheKamailioserver.Thecallendswhenthemessageisacknowledged.Afterthecallendsanyrequiredpostprocessinglikebillingmaybeperformed. 5.2.2ExternalCallsWhenaregistereduseronthesystemdialsaUSphoneoutsidethenetwork,itisknownasanexternalcall.TobeabletomakeexternalcallsweneedtohaveaVOIPaccountwithaserviceprovider.ThesecallsareroutedthroughFreeSWITCH.Foridentifyingthesecalls,anineisprexedtothedesirednumber.Anexternalcallinitiallygoesthroughthesamestepsastheinternalcalls.However,inthestepwhereKamailio 58

PAGE 59

looksforthedestinationintheregistereduserstable,itfails.Kamailiothenidenties Figure5-2. Callhandlingprocess withthehelpoftheleading9thatitisanexternalcall.AtthispointitredirectsthecalltoFreeSWITCHforfurtherrouting.WithintheFreeSWITCHcongurationles,anexternal 59

PAGE 60

SIPproleisdened,whichhasthecredentialsoftheVOIPaccountwhichwillallowustomaketheexternalcall.IntheFreeSWITCHdialplan,aconditionisdenedfordestinationphonenumbersstartingwith9.ThecallgoestothisblockofthedialplanandisbridgedtooutVOIPserviceprovider'sserverusingthemod soamodule.TheauthenticationisdoneusingtheinformationprovidedintheexternalSIPproledened.Hence,thecallisestablished.FreeSWITCHnowstaysinthecallfortheentireduration,actingasaB2BUAasexplainedinsection 4.4.3 5.2.3MusiconHoldOurphonesystemprovidesmusiconhold(MOH).Thismeansthatwheneverauserregisteredonourserverputsacallonholdtheotherparticipantofthecallgetsmusicstreamedtohis/herphone.Thisrequiresamediaproxy,whichisFreeSWITCHinourcase.AMusiconHoldextensionisdenedintheFreeSWITCHdialplan.Whenacallisplacedonhold,anewbranchiscreatedbyKamailio,andthecallisredirectedtotheMOHextension.ThepressingoftheholdbuttonculminatesinanewINVITEbeinggeneratedbytheuseragentwithablanktotag.Forthepurposeofdeterminingthelocationtowhichthecallshouldberedirected,anenumquerywiththeMOHextensionisgenerated,asexplainedinsection 3.4 .Thequerysearchesfore2u+siprecordsintheenumtreedened,whichisaDNSserverwithNAPTRrecords.Theenumlook-upresultsinthecorrectdestinationURIoftheform[MOHextension]@[FreeSWITCHIP].NowthenewbranchcanbecreatedwiththisURIasthedestination.TheFreeSWITCHdialplanhasanentryforthisURIandthemusicisstreamedbacktotheuserintheformofRTPpackets. 5.2.4Voice-mailIncaseauserdoesnotansweracall,itfailsovertovoicemail,whereamessagecanberecorded.EachregistereduserrequiresaFreeSWITCHvoice-mailaccounttobeabletoreceivemessages.ThiscanbedoneusingAlpineLinux'swebcongurationutility,calledAlpineCongurationFramework(ACF).Itcanalsobedonebycreating 60

PAGE 61

individualcongurationlesforeachoftheusersintheFreeSWITCHdirectoryfolderofthesystem.Eachuserhasitsownvoice-mailaccountwithpassword,whichcanbeaccessedbydialingthevoice-mailextension.Thereisanentryforthevoice-mailextensionintheFreeSWITCHdialplanthatusesthevoicemailapplication.Ifthevoice-mailaccountsarecreatedcorrectly,thisapplicationtakescareofeverything.Themessagescanalsobeforwardedtoane-mailaddressifrequired.Therearetwowaysinwhichthefailovertovoicemailcanbeimplemented.TherstoneissimilartothemethodusedtoredirecttoMusiconHold.Anenumqueryisgeneratedforthedestination'svoicemailaccountnumber.TheenumqueryresultsintheURIofthevoicemailbox.AswithMusiconHold,anewbranchofSIPmessagesiscreated,andanINVITEissenttothisnewURI.Thesecondmethodistocapturethebusyevent,andthenmanuallycreateanewcalllegwiththeappropriatedestinationURI.Oncethecallerisconnectedtothevoicemailbox,he/shehearspre-recordedinstructionstoleaveamessagelikeanyregularvoice-mail.ThusinthiscasealsoFreeSWITCHisactingasthemediaserverandexchangingRTPpacketswiththeuseragent. 5.2.5ConferenceCallsTheconferencecallfeatureallowsmorethantwouserstotalktoeachothersimultaneously.Aseriesofextensionnumbersarereservedforconferencecalls.Forexample,inourset-up,theextensionnumbersoftheform30XXareusedforconferencecalls.Thismeansthataconferencecallcanbeinitiatedbyausersimplybydialinganyextensionofthisform.Otheruserswhowishtojointheconferencecallcandosobydialingthesameextension.Kamailio'sbehaviorwhenaconferencecallisinitiatedissimilartowhenMusiconHoldhastobeplayed,orwhenthecallerneedstoberedirectedtovoice-mail.Inotherwords,thecallisredirectedtoFreeSWITCHbymeansofanenumquery.TheFreeSWITCHdialplanhasaregularexpressionentryforthesetofextensionnumbersinquestion.Theconferencecallishandledbytheapplication 61

PAGE 62

calledconference.Ifthisapplicationisinitializedcorrectlywiththecorrectdomainaddress,ittakescareofallthebridgingrequired. 5.2.6AutomatedAttendantThisfeatureprovidesthecallerwithanInteractiveVoiceResponse(IVR)system.Thiscanbeusedtoredirectincomingcallswithoutanoperator.ThecallisredirectedthroughFreeSWITCHinasimilarmannerastheconferencecalls. 5.3MakingtheSystemSecureAVOIPphonesystemispronetomisuseandattacksbyunauthorizedusers.Itisthusessentialtosecurethenetworksfromthesethreats,whichcouldincludeattackerstryingtoaccesstheVOIPsubscriptioninformationbyloggingintothesystemremotely,ormalicioustrafcfromoutsidethenetworkintheformofoodingofREGISTERrequeststobeabletousethesystemtomakeunauthorizedphonecalls.WehaveusedtheSecureShell(SSH)networkprotocolforcarryingoutsecurecommunicationbetweenthemachinesrunningtheVOIPserversandremoteterminals.AlpineLinuxcomeswithopenSSH,whichactsastheSSHservertowhichremoteterminalscanconnect.ThecommunicationthroughSSHisencrypted,unliketheplaintexttelnetandothersimilarprotocolsinwhichtheexchangeofdatatakesplaceinplaintext.Thismakesthesystemimmunetothreatsfrompacketsniffers.SSHhastheprovisionofpublickeyauthentication,whichallowsonlyauthorizeduserstologintothesystem.Eachauthorizeduserhasapublic-privatekeypair.Thepublickeyisstoredintheservertobeaccessed,andcanbefreelydistributed.Thiskeyisusedtoencryptdatabeforesendingittotheremoteterminal.Thedatathusencryptedcanonlybedecryptedusingthecorrespondingprivatekey,whichisonlyknowntotheuseraccessingthesystem.Noteventhesendercandecryptthemessageonceithasbeenencryptedusingtheuser'sprivatekey,asitdoesnothaveaccesstothecorrespondingprivatekey.Inthismanner,onlythoseuserswithauthorizedprivatekeyscanaccessthesystem,makingithighlysecure.Passwordauthenticationhasbeen 62

PAGE 63

disabledinoursystem.Soevenifanunauthorizeduserisabletohackthepasswordusedforloggingin,he/shewillnotbeabletoaccessthesystembecauseoflackofavalidpublic-privatekeypair.AnySSHclientcanbeusedtologintothesystem.ThepopularclientsareopenSSHforUNIXbasedsystems,andPuttyforWindows.Theseclientscomewiththeirownkeygenerators,whichallowtheuserstoconvenientlygeneratetheirpublic-privatekeypairs. 5.4TowardsAchievingHighAvailabilityTomakethesystemHighlyAvailable,redundantKamailioserverswillberequired.ThesetupwillhavetoconsistofatleasttwoKamailioservers,andoneFreeSWITCHserverrunningonAlpineLinux.EachKamailioserverwillhaveanumberofclientsaddedtoit.CallswillbemadeusingIPphonesorasoftphonelikex-lite.SupposetheKamailioserver1becomesfull,oritisdown,thentheusersareshiftedtothesecondKamailioserver.Incasethesecondserverisalsodownorfull,thenitwillgotoFreeSWITCHforvoice-mailorcallonhold.ThisworkingisshowninFigure 5-3 .AnalternatestrategyforthesystemcanbetosharetheloadamongtheKamailioservers.Thisway,theloadwouldnotbetoomuchononeserver.Also,withoutthiskindofloadbalancing,theotherserverwillbeidlemostofthetime.MorethantwoKamailioserverscanbeused.ThiswillbeanalogoustotheN+1redundancymethoddescribedinanearliersectionofthispaper.Bydoingso,assumingnservers,evenifaserverisdown,only1/noftheuserswillbeaffected.Thefailoversmaybemanagedbytakingadvantageoftheenumtree.Eachcallcouldbedirectedtoanenumlookup,whichwouldhavetheURIsforalltheSIPserversinthepreferredorder.IncasethereisnoanswerfromtherstSIPserveronthelist,thebackupserverwillbetried.ThiswillleadtobehaviordiscussedaboveandwillincreasetheavailabilityoftheSIPserver. 63

PAGE 64

Figure5-3. Flowchartoftheproposedsystem Achallengeinthisproposeddesignisthefollowing.Supposeaservergoesdown,andithadsomecallsinprogress.Nowwhenthecallswillbehandledbyanotherserver,thereshouldbesomewayofredirectingtheongoingcalls,andifpossiblekeepingthemconnected,otherwiseeverytimethereisafailure,somecallswillalwayselostduringthefail-overtotheduplicateserver. 64

PAGE 65

CHAPTER6CONCLUSIONAfullyfunctionalVOIPphonesystemwasdesignedandimplemented.Itcontainsalltheextrafeaturesdesired,namelymusic-on-hold,voicemail,automatedattendantandconferencecalls.ExternalcallstoanyUSphonecanbemadebyredirectingthecalltoFreeSWITCHandusingitasaB2BUA.IntelligentSIPphonesusedinthesystemcandirectlytakethecongurationsettingsfromtheprovisioningserver,andgetautomaticallyregistered.Thephonescanhandlecalltransfersontheirown.Theusercanalsomodifyanyofthesettingsasperhis/herrequirement.Thephonewilltheninformtheprovisioningserverofthesechanges.Thedesignedsystemisthushighlyexible.FreeSWITCHsupportsalotofothermediafunctions,whichcanbeeasilyaddedtothecurrentsystem.TheIVRcanbecreatedforotherlanguages.Otherfunctionsthatcanbeaddedarecallparking,text-to-speechandradiostreaming,ThesystemhasbeendesignedinamannerthathighlysuitstheadditionofredundantcomponentinordertoachieveanIPbasedhighavailabilitysystem.Toachievehighavailability,asecondKamailioserverwillhavetobecreatedwithalltheinformationoftheprimaryserver.Thecallwillfailovertothisserverintheabsenceoftheprimaryserver,asdescribedattheendofthepreviouschapter.TheprioritizingoftheservercanbeDNSbased.TheDNSserverwillhavetocontainService(SRV)resourcerecords.Theserecordscontainthepriorityandweightelds,whichcanbeusedtoselectthepreferredserverwhereacallcanberedirected. 65

PAGE 66

APPENDIXATHEKAMAILIOCONFIGURATIONFILE #Section1:GlobalDefinitions#--------------------------------debug=2fork=yeslog_stderror=nolisten=port=5060children=4dns=norev_dns=nompath="/usr/lib/kamailio/modules_k/:/usr/lib/kamailio/modules/"#!subst"/__DBRW/postgres:\/\/openser:openserrw@localhost\/openser/"#!subst"/__DBRO/postgres:\/\/openser:openserrw@localhost\/openser/"#Section2:Modules#--------------------------------loadmodule"tm.so"#enablesstatefulprocessingofSIPtransactionsloadmodule"sl.so"#statelessreplierloadmodule"tmx.so"#Transactionmanagementextenstionsloadmodule"rr.so"#Record-RouteandRouteloadmodule"maxfwd.so"#Max-Forwardprocessorloadmodule"usrloc.so"#Userlocationimplementationloadmodule"registrar.so"#SIPregistrarimplementation#loadmodule"mi_fifo.so"loadmodule"pv.so"#Accessingpseudovariablesloadmodule"xlog.so"#Logging 66

PAGE 67

#loadmodule"uac.so"#UACfunctionalities#loadmodule"avpops.so"#AVPoperation#loadmodule"auth.so"#Basicauthentication#loadmodule"auth_db.so"#Database-backendauthenticationloadmodule"dialog.so"loadmodule"enum.so"#Enumqueriesloadmodule"siputils.so"#SIPUtilitiesloadmodule"textops.so"#text/stringoperations#loadmodule"sqlops.so"#SQLoperations#loadmodule"domain.so"#Determinesifahostislocalornotloadmodule"permissions.so"loadmodule"dialplan.so"loadmodule"htable.so"#storesacountidloadmodule"group.so"#groupmembershipcheckingloadmodule"presence.so"#forPUBLISHandSUBSCRIBEmessagesloadmodule"db_postgres.so"#forfullfifomanagement#loadmodule"kex.so"#loadmodule"ctl.so"#loadmodule"cfg_rpc.so"#loadmodule"mi_rpc.so"#Section3:ModuleConfiguration#---------------------------------------#tmmodparam("tm","fr_timer",60000)#ifnofinalreplyforarequestorACKforanegativeINVITEreplymodparam("tm","fr_inv_timer",120000) 67

PAGE 68

#ifnofinalreplyforINVITEarrivesafterprovisionalmessagereceivedmodparam("tm","contacts_avp","i:600")modparam("tm","disable_6xx_block",1)#allowsustofailovertovoicemailmodparam("tm","failure_reply_mode",3)#allpreviousbranchesdiscardedincaseofnewserialforkingleg#usrlocmodparam("usrloc","db_mode",2)#adddescriptionmodparam("usrloc","db_url","__DBRW")#auth_db#modparam("auth_db","calculate_ha1",1)#modparam("auth_db","password_column","password")#Plaintextpassword#modparam("auth_db","db_url","__DBRO")#xlogmodparam("xlog","buf_size",8192)#dialogmodparam("dialog","default_timeout",43200)#insecondsmodparam("dialog","db_url","__DBRW")modparam("dialog","db_mode",0)#DialoginformationnotflushedintoDBmodparam("dialog","dlg_flag",3)#Flagformarkingdialogmodparam("dialog","hash_size",65536)#Sizeofhashtabletostoredialogs#enummodparam("enum","domain_suffix","enum.local.gatorfone.com") 68

PAGE 69

#sqlops#modparam("sqlops","sqlcon","sqlconrw=>__DBRW")#modparam("sqlops","sqlcon","sqlconro=>__DBRO")#domain#modparam("domain","db_url","__DBRW")#permissionsmodparam("permissions","db_url","__DBRW")#dialplanmodparam("dialplan","db_url","__DBRO")modparam("dialplan","attrs_pvar","$var(dp_attrs)")#htablemodparam("htable","htable","dialog=>size=16;")#nameofthetable#groupmodparam("group","db_url","__DBRO")#presencemodparam("presence","db_url","__DBRW")#modparam("mi_fifo","fifo_name","/tmp/kamailio_fifo")#Section4:MainRouteBlock 69

PAGE 70

#--------------------------------------route{include_file"kamailio-vars.inc"$var(dp_attrs)=$null;xlog("L_INFO","$rm:$tu($fn$si:$sp)->$ru($tn$Ri:$Rp)\n");if(!mf_process_maxfwd_header("30")){sl_send_reply("483","TooManyHops");return;}if(msg:len>4096){sl_send_reply("513","Messagetoobig");return;}record_route();#AddsRecord-routeheaderfield,fordialogawareness#Handlethemessagesroute(MAIN);xlog("L_INFO","##Donewithroute(MAIN)");if(has_totag()){xlog("L_INFO","##In-dialogmessage");loose_route();#Incaseofin-dialogmessage,containsarouteset}if(method=="REGISTER"){ 70

PAGE 71

route(REGISTER);return;}#loose_route();xlog("L_INFO","##Attemptingtorelaypacket");route(RELAY);#DialogaccountingafterBYEmessageif(isflagset(1)){$var(DialogStatus)="Completed";xlog("L_INFO","##Dialogcompleted");route(RECORD_DIALOG);}}#Section5:SecondaryRouteBlocks#------------------------------------------route[MAIN]{switch($rm){case"ACK":xlog("L_INFO","##ACK");break;case"BYE":xlog("L_INFO","##BYE");setflag(1);break;case"CANCEL":xlog("L_INFO","##CANCEL"); 71

PAGE 72

break;case"INFO":xlog("L_INFO","##INFO");break;case"INVITE":xlog("L_INFO","##INVITE");if($var(TimeoutEnable)==1){xlog("L_INFO","Timeoutisenabled");t_on_failure("13");#Failovertovoicemailifnoanswer}#Fortheinitialinvite:if(!has_totag()){dlg_manage();#settingdialogflagforinitialINVITExlog("L_INFO","##Dialogflagset");route(INITIAL_INVITE);route(SET_CALL_INFO);}if(has_totag()){xlog("L_INFO","##HOOOLD$var(HoldStatus)");if($var(HoldStatus)==1){xlog("L_INFO","##HoldReleased");$var(HoldStatus)=0;break;}if($var(HoldStatus)==0){xlog("L_INFO","##HoldPressed");$var(HoldStatus)=1; 72

PAGE 73

break;}xlog("L_INFO","Holdstatusis$var(HoldStatus)");}break;}}route[INITIAL_INVITE]{xlog("L_INFO","##initialinvite");#Setdefaults$var(class)="local";$var(volid)=$null;$var(direction)="in";if(is_present_hf("p-arp")){xlog("L_INFO","##is_present_hf_p-arp");if(!lookup("location")){sl_send_reply("404","NotHere");exit;}return;}#ApplyingTimeConditionsroute(TIME_CONDITIONS);xlog("L_INFO","##Timeconditionsapplied");#Ifvalidlocallocation,routeiflookup("location"){ 73

PAGE 74

xlog("L_INFO","##Validlocallocation");return;}#Notaninternalcallif(!$avp(s:MySPNNDC)){if(($avp(s:MySPN)!=$null)&&($avp(s:MySPN)!="")){xlog("L_INFO","##SPN+NDC");$avp(s:MySPNNDC)="000"+$avp(s:MySPN);$avp(s:MySPNNDC)=$(avp(s:MySPNNDC){s.substr,-3,3});if($avp(s:MyNDC)!=$null)&&($avp(s:MyNDC)!=""){$avp(s:MySPNNDC)=$avp(s:MySPNNDC)+$avp(s:MyNDC);}xlog("L_INFO","MySPNNDCis$avp(s:MySPNNDC)");}}xlog("L_INFO","##Fetchingcontactsfor$fu");reg_fetch_contacts("location","$fu","caller");if(($ulc(caller=>count)>=1)||allow_trusted()){#Onlyregistereduserscanusedialplan1if(dp_translate(1)){route(DO_DIALPLAN);}}xlog("L_INFO","Thisisa$var(class)$var(direction)-boundcall");route(SET_CALL_INFO);xlog("L_INFO","##CallInfoSet,checkingifcallisoutbound");#Ifitsanoutboundcall,trytorouteit 74

PAGE 75

if($var(direction)!="in"){if(route(OUT_BY_CLASS)){xlog("L_INFO","##RoutedoutboundcallusingOUT_BY_CLASS");return;}}#Itsinboundforus,butnotonthisrouter#DoalocalARPrequestxlog("L_INFO","##Inboundcall,butnotonthisrouter");if(route(PREPARE_ARP_SEARCH)){xlog("L_INFO","##LocalARPRequest");return;}}route[TIME_CONDITIONS]{xlog("L_INFO","Checkingtimeconditions");if($(var(LocalTimeZone){s.len})>0){xlog("L_INFO","##Settingtimezone");$var(tcq)="SETTIMEZONE'"+$var(LocalTimeZone)+"';\n";}else{xlog("L_INFO","##Notimezone");$var(tcq)="";}return;}route[SET_CALL_INFO]{xlog("L_INFO","##Settingcallinfo"); 75

PAGE 76

#storetheclassandvolidinthehashtableusingthecallid$var(x)="class=\""+$var(class)+"\""";volid=\""+$var(volid)+"\""+";to=\""+$rU+"\""";dir=\""+$var(direction)+"\"";$sht(dialog=>$ci)=$var(x);$var(x)=$null;}#-Defaultmessagehandlerroute[RELAY]{if(!t_relay()){xlog("L_INFO","##Unabletorelaypacket");sl_reply_error();}}#-RegistrationRequestroute[REGISTER]{if(!save("location")){sl_reply_error();}}route[RECORD_DIALOG]{xlog("L_INFO","Dialogcomplete,addcodetorecordinCDRtable");return;}route[PREPARE_ARP_SEARCH]{xlog("L_INFO","##PREPARE_ARP+SEARCH"); 76

PAGE 77

$rU="+"+$(rU{re.subst,/^\+?(.*)$/\1/}{s.substr,0,14});#enummoduleneedsnumberinformof+decimal-digitsxlog("L_INFO","inPREPARE_ARP_SEARCH,rUis$rU");#Hardcodedbecauseenum_querycan'thandlevariablesif(route(LOCAL_ENUM_QUERY)){xlog("L_INFO","##Routedusinglocalenumquery");$rU=$(rU{re.subst,/^\+?(.*)$/\1/});$tU=$rU;t_load_contacts();t_next_contacts();t_on_branch("ARP");t_on_failure("ARP");t_on_reply("ARP");xlog("L_INFO","inPREPARE_ARP_SEARCH,rUnowis$rUandtUis$tU");return;}xlog("L_INFO","here?");$rU=$(rU{re.subst,/^\+?(.*)$/\1/});$tU=$rU;return(-1);}route[LOCAL_ENUM_QUERY]{xlog("L_INFO","##route[LOCAL_ENUM_QUERY]");return(enum_query("enum.local.gatorfone.com"));}route[FAILURE]{xlog("L_INFO","Call$ci$fU->$rUendedinerror$var(errno) 77

PAGE 78

[$var(errmsg)]");$rU=$var(errmsg);if(defined$avp(s:MAP)){#sethostportdoesnotacceptvars,sowehavetodothisxlog("L_INFO","##definedmap");if($avp(s:MAP)!=""){xlog("L_INFO","##Manipulationforsethostportinput");$ru=$(ru{re.subst,/(.*)@([^;]*)(;?)(.*)$/\1@$avp(S:MAP)\3\4/});}if(t_relay()){xlog("L_INFO","##Packetrelay");exit;}}send_reply("$var(errno)","$var(errmsg)");drop;}route[DO_DIALPLAN]{xlog("L_INFO","##Enteredroute[DO_DIALPLAN]");$var(class)=$(var(dp_attrs){param.value,c});$var(direction)="out";}route[OUT_BY_CLASS]{switch($var(class)){case"OutsideViaFSW":xlog("L_INFO","OutsideViaFSW");$rU=$var(OutsideViaFSW)+$rU; 78

PAGE 79

rewritehostport("128.227.120.33:5060");break;}return(1);}#Section6:ReplyRouteBlock#----------------------------------branch_route[ARP]{t_set_disable_6xx(1);append_hf("p-arp:True\r\n");}onreply_route[ARP]{return;}#Section7:FailureRouteBlock#------------------------------------failure_route[13]{xlog("L_INFO","##Timeout,tryingtoredirecttovoicemail");$du="sip:128.227.120.33:5060";append_branch();t_relay();route(MAIN);}failure_route[ARP]{xlog("L_INFO","ARPFailurerouteherewith$T_reply_code($T_rpl($rm))");#Ifthephoneknowsthecallerhasmoved,relayitif(t_check_status("302")){ 79

PAGE 80

xlog("L_INFO","##Callermoved,relaying");t_relay();exit;}if(t_check_status("486")){xlog("L_INFO","##BUSY");#Busy,andsomeSIPphonesdontknowwhattodo.#Redirectthemtothebusy-tonemediaserer$var(errno)="486";$var(errmsg)="E_BUSY_TONE";route(FAILURE);exit;}if(t_next_contacts()){xlog("L_INFO","##nextcontacts");#JustdropalocalCANCELif($T_reply_code==487){xlog("L_INFO","##487");exit;}t_on_branch("ARP");t_on_failure("ARP");t_on_reply("ARP");append_hf("p-arp:True\r\n");t_relay();exit;}} 80

PAGE 81

APPENDIXBTHEFREESWITCHDIALPLAN 81

PAGE 82

82

PAGE 83

83

PAGE 84

84

PAGE 85

85

PAGE 86

REFERENCES [1] A.MinessaleandM.S.Collins,FreeSWITCH1.0.6.Birmingham,UK:PacktPublishing,2010. [2] E.MarcusandH.Stern,Blueprintsforhighavailability,2nded.Indianapolis,IN,USA:WileyPub.,2003. [3] Iptelephony:Theveninesstory,WhitePaper,CiscoSystems,2002. [4] E.Basart,BuildingreliableIPtelephonysystems,ShoreTel,Sunnyvale,CA,Tech.Rep.,oct2006. [5] F.E.Goncalvez,BuildingTelephonySystemswithOpenSER:Astep-by-stepguidetobuildingahighperformanceTelephonySystem.Birmingham,UK:PacktPub.,2008. [6] Freeswitchonlinedocumentation.[Online].Available: http://wiki.freeswitch.org/wiki/Main Page [7] Iptelephony:Reliabilityyoucancounton,WhitePaper,ShoreTel,2009. [8] S.Pal,R.Gadde,andH.A.Latchman,Onthereliabilityofvoiceoverip(VoIP)telephony,inTheSPRING9thInternationalConferenceonComputing,CommunicationsandControlTechnologies,Orlando,Florida,USA,Mar.2011. [9] R.Horak,Telecommunicationsanddatacommunicationshandbook.Hoboken,NJ,USA:Wiley-Interscience,1991. [10] D.Minoli,Telecommunicationstechnologyhandbook.Boston,MA,USA:ArtechHouse,1991. [11] J.Rosenberg,H.Schulzrinne,G.Camarillo,A.Johnston,J.Peterson,R.Sparks,M.Handley,andE.Schooler,SIP:Sessioninitiationprotocol,IETFRFC3261,Jun.2002.[Online].Available: http://datatracker.ietf.org/doc/rfc3261/ [12] H.Schulzrinne,S.Casner,R.Frederick,andV.Jacobson,RTP:Atransportprotocolforreal-timeapplications,IETFRFC3550,Jul.2003.[Online].Available: https://datatracker.ietf.org/doc/rfc3550/ [13] M.Handley,V.Jacobson,andC.Perkins,SDP:Sessiondescriptionprotocol,IETFRFC4566,Jul.2006.[Online].Available: https://datatracker.ietf.org/doc/rfc4566/ [14] U.D.Black,Internettelephony:callprocessingprotocols,2nded.UpperSaddleRiver,NJ,USA:PrenticeHall,2001. [15] J.Peterson,Telephonenumbermapping(ENUM)serviceregistrationforpresenceservices,IETFRFC3953,Jan.2005.[Online].Available: https://datatracker.ietf.org/doc/rfc3953/ 86

PAGE 87

[16] Theinternationalpublictelecommunicationnumberingplan,InternationalTelecommunicationUnion(ITU). [17] P.Faltstrom,E.164numberandDNS,IETFRFC2916,Sep.2000.[Online].Available: https://datatracker.ietf.org/doc/rfc3953/ [18] D.MinoliandE.Minoli,DeliveringvoiceoverIPnetworks,2nded.NewYork,USA:WileyPub.,2002. [19] M.Mealling,Dynamicdelegationdiscoverysystem(DDDS)partthree:Thedomainnamesystem(DNS)database,IETFRFC3403,Oct.2002.[Online].Available: https://datatracker.ietf.org/doc/rfc3403/ [20] Aboutalpinelinux.[Online].Available: http://alpinelinux.org/about [21] H.A.Latchman,N.Angelacos,andN.Copa,EnterpriseVOIPsolutionswithalpinelinux,inSlashroots2011Developer'sConference. [22] Kamailioonlinedocumentation.[Online].Available: http://www.kamailio.org/docs/ [23] P.Park,VoiceoverIPSecurity.Indianapolis,IN,USA:CiscoPress,2009. 87

PAGE 88

BIOGRAPHICALSKETCH GautamBatrareceivedhisBachelorofEngineeringdegreeinelectricalandelectronicsengineeringfromBirlaInstituteofTechnologyandScience(BITS)PilaniUniversity,Indiain2009.HethenworkedattheIndianInstituteofTechnologyDelhi,IndiaasaJuniorResearchFellowforayearonwirelesssensornetworks.HewasadmittedtotheUniversityofFlorida,Gainesville,USAasagraduatestudentinthefallof2010.HeearnedhisMasterofSciencedegreeinelectricalandcomputerengineeringinspring2012.HisinterestsincludeIPtelephony,wirelesscommunicationsandwirelessnetworks. 88