Laboratorio de Conmutación

Kamailio Lab 2012-13 (version 1.0)

Sep. 11, 2012

Introduction As you know, Quobis Networks is collaborating in the extended practice of Laboratorio de Conmutación. This is our proposal for the Kamailio exercise. Honestly we can say it is not difficult at all but it requires you to know a few VoIP concepts and learn how to configure Kamailio. We recommend to read a SIP tutorial (see bibliography section) before starting the practice, you will get very valuable skills for the practice and your professional life.

Why Kamailio? We have already presented the amazing features of Kamailio in previous classes. It is the most powerful SIP open-source softswitch used in real VoIP operators such as 1&1 and Freenet. In the bibliography section you can find links to good Kamailio documentation.

Exercise. Welcome to the LC imaginary real-world. Last year, your colleagues had to start a new operator from scratch. In this practice you will have to increase the services and the capacity of your system by implementing new techniques. As you may know, the United Archipelago Republic is formed by more than 100 islands. However 99% of population enjoy their lives in the 4 biggest islands, namely, Big Banana, Big Treasure, Drake Island and Lost Island. The national telecommunication operator was acquired by a Galician capital risk fund in 2011. For operative reasons, it was decided to divide the operator in four smaller operator based

in each of the main islands. Thanks to the global financial crisis, the Caribbean country is increasing its GDP and population. They are hiring new VoIP skills and you has been luckily selected to manage the addition of new functionalities to the SIP system of the island operator you choose. You will be posted there by your Telecom company, so pack your luggage and enjoy the experience. To implement the central softswitch infrastructure your colleagues had a limited budget but they got very valuable VoIP skills implementing the system on their own with the powerful Kamailio open-source software.

Basic functionality. All groups must configure Kamailio so that it can do the following:

1. Register up to 100 users (except for team 2).2. Establish calls between registered users.3. Establish calls to each other’s groups.

General considerations

● Users will be provisioned with their complete E.164 number (including the international prefix).

● Numbering length is up to system administrator however the length of the complete number must respect E.164 standard (never longer than 15 digits, http://en.wikipedia.org/wiki/E.164). The recommended length is 5 digits after country prefix. For instance, Big Banana Island numeration would go from 00178800000 to 00178839999, more than enough for an island.

● Users registered on the same Kamailio, thus belonging to the same, island should be able to call each other without dialing the international prefix.

● Users from different islands must dial the complete number (including prefix) to call each other.

● As an additional exercise, user numbers can be associated to SIP URIs, for example, user 00178838888 can be bound to a SIP URI like this mahatma.gandhi@<kamailio IP>. If you feel capable, you can even substitute <kamailio IP> for a domain name: bigbanana.ur, bigtreausure.ur, drakeisland.ur, lostisland.ur. If you were wondering it, yes, ‘ur’ domain root is free: http://www.iana.org/domains/root/db/)

Additional functionality.

Additionally to the basic exercise, every group must chose one of the following options: Option 1: you will configure Kamailio for Big Banana Island. With a population of 10,000 native residents, they received last year 120,000 people during tourist season. Most of them comes from Europe and North America so most of the call traffic is international. We want to balance all the international traffic between a number of SIP providers. In the practice we’ll simulate just a couple of SIP providers. The SIP providers can be simulated with either Asterisk or sipp4. However, Kamailio will check every 30 seconds the availability of our SIP providers, to prevent us from sending calls to an out- of-service SIP provider. To avoid service disruptions Kamailio must implement peak load protection. To simulate calls you can use sipp. XML sipp configuration files will be provided by Quobis. The international prefix assigned for Big Banana island is: 001788[0-3] Option 2: you will configure Kamailio for Big Treasure Island. This Island it’s a Tax Haven so it has a lot of corporative customers. Last year we implemented TLS support to be able to encrypt the signaling exchanged between our customer terminals and Kamailio. This year, as a massive customer requirement we must support attended call transfer between our users. It should be supported by default by Kamailio, anyway we need to implement a demo scenario with sipp so that we can test the scenario easily in an automatic way. So you must implement the call transfer scenario in sipp from the traces that will be provided to you in due time. The international prefix assigned for Big Treasure Island is: 001788[4-5] Option 3: you will configure Kamailio for Drake Island. This island has been a pirate refuge for centuries. This tradition survives and nowadays this island has the world highest cracker rate per km2. Last year we used SIPvicious toolkit to test the security of our Kamailio server. Though simple, it’s quite powerful, hacker community skills improve day after day so you must use more powerful tools. That’s the reason why this year will use the Metasploit modules implemented by our colleague jesus.perez@quobis.com to simulate DoS, DDoS and extension brute-force attacks. Your challenge in the practice option will be implement as many attacks and security methods as you can. The security of this operator is in your hands. The international prefix assigned for Drake Island is: 001788[6-7] Option 4: you will configure Kamailio for Lost island. Last year your colleagues had to force GSM codec in every calls processed by this operator since they use WiMAX air links whose capacity dramatically decreases during hurricane and other extreme atmospheric phenomena. During this year hurricanes our bandwidth saving technique worked pretty well, but operator CEO says that we should offer a better audio quality when the sky is blue and the Sun is shining, which is almost all the time. To do so we’ll only force GSM codec in our calls when wind is over 50km/h or visibility is lower than 3km. To implement it you must get the weather conditions of our island from a public and free weather webservices server and act accordingly. Our recommendation is to call a script which checks the Globalweather service from http://www.webservicex.net calling a Python script from Kamailio (a check every 5 minutes would be enough), to indicate the need of using GSM codec in a Kamailio pseudovariable which must be checked when processing every call. In short, the target is to modify SDPs to

only allow GSM1 codec in every call when weather conditions are bad2, and leave the selected codec the rest of the time. The international prefix assigned for Drake Island is: 001788[8-9]

Help!Take it easy, luckily you are not alone. Quobis is going to support you during the practice, we will offer at least one more lesson and provide e-mail support: university@quobis.com On the other side, Kamailio project is supported by a big community formed by developers, testers and users who are looking forward to helping you in your challenging project. You can visit the Kamailio web site and subscribe to Kamailio mailing lists. Note about using Kamailio mailing list: many people is going to invest their time in reading all the list mails everyday so, please, read carefully the documentation and try to find similar questions already answered in the list. If you don’t find the answer on your own, do not hesitate to send a mail to the list trying to write it in an understandable way, including all the progress you have done so far.

What tools can I use?There are many tools which can be really useful to carry out this exercise. Below you can find some of them:

● wireshark: protocol analyzer.● ngrep-sip: sip-adapted ngrep http://dev.sipdoc.net/projects/sip-stuff/wiki/Ngrep-SIPsipp● jitsi: a Java softphone.● SIPp and SIPvicous: check links included in bibliography section.

Bibliography

1. SIP tutorial: http://www.iptel.org/files/sip_tutorial.pdf2. Kamailio Knowledge Base: http://kb.asipto.com/kamailio:index3. Kamailio Wiki: http://www.kamailio.org/dokuwiki/doku.php/start4. SIPp: http://sipp.sourceforge.net/5. SIPvicious: http://blog.sipvicious.org/

1 In a production environment, the right choice would be normally G.729. The thing is that G.729 codec can only be used after paying a cannon, so open source softphones do not support it. However GSM is an open standard and it is implemented by most of the open source softphones.

2 Obviously, Globalweather service will only offer weather from real real cities. For this practice will use the weather conditions from Nassau Airport (Bahamas).