how to deploy webrtc, class5, class4 ... - kamailio sip server · security bans. creating a...
TRANSCRIPT
![Page 1: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/1.jpg)
How to deploy WebRTC, Class5, Class4 and SBC Services
within minutes
Andreas Granig<[email protected]>
Andrew Pogrebennyk<[email protected]>
Victor Seva<[email protected]>
![Page 2: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/2.jpg)
What's the sip:provider CE?● A turn-key appliance for real-time
communication (voice, video, presence, IM)● using SIP and XMPP● for carrier environments with 50k+ subscribers
and 2k+ parallel calls● based on Kamailio, Prosody and Sipwise
projects
![Page 3: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/3.jpg)
Some Statistics
● First public release in December 2010● 11 releases so far (latest is mr3.2.1)● 18k+ downloads total, ~1k per month
![Page 4: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/4.jpg)
Agenda● Set up your VMs● Hook up SIP, WebRTC and XMPP Clients● Use Rewrite Rules, Peering and Billing
● Know the Architecture● Manage Configuration Files
● Tweaks for different Use Cases
![Page 5: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/5.jpg)
Set up your VMs
● http://www.vagrantup.com
● http://www.virtualbox.org
● https://s3euwest1.amazonaws.com/kamailioworld2014/sip_provider_CE_mr3.2.1_vagrant.box
$ vagrant init spce sip_provider_CE_mr3.2.1_vagrant.box$ vagrant up
![Page 6: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/6.jpg)
Accessing your SPCE
● https://your-ip:1443administrator/administrator
● vagrant ssh
sudo -s
root/sipwise
![Page 7: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/7.jpg)
Creating a Reseller
● (Almost) Everything is Multi-Tenant!
● Domains● Customers● Subscribers● Billing Profiles● Rewrite Rules
● Domains● Customers● Subscribers● Billing Profiles● Rewrite Rules
● Domains● Customers● Subscribers● Billing Profiles● Rewrite Rules
Tenant A Tenant B Tenant C
● Resellers● Peerings● Security Bans
![Page 8: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/8.jpg)
Creating a Reseller● default Reseller, or your own:● Settings → Resellers → Create with Default● Adapt Default Values
– Base Information– Contact Email– Admin Logins
● Create Billing Profile for Customers
![Page 9: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/9.jpg)
Creating a Domain
● Domain-Preferences are defaults for Subscriber-Preferences
example.org
Domain
Subscriber
● use_rtpproxy: always with plain SDP
● use_rtpproxy: domain default- or -
● use_rtpproxy: always with rtpproxy as only ICE candidate
![Page 10: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/10.jpg)
Creating a Domain
● Your IP as Domain, or your own:● Settings → Domains → Create Domain● Default Domain-Preferences are fine (for now)
![Page 11: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/11.jpg)
Creating a Customer
● Customers are Billing Containers
#1234
Customer
Subscribers
Contact
100€ used50€ left
Contract Balance
Contact
![Page 12: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/12.jpg)
Creating a Customer
● Use an existing one, or your own:● Settings → Customers → Create Customer
– Select/Create a Contact– Select/Create a Billing Profile
![Page 14: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/14.jpg)
Creating a Subscriber
● Use an existing one, or your own:● Settings → Customers → Your Customer
→ Details → Create Subscriber● or● Settings → Subscribers → Create Subscriber
![Page 15: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/15.jpg)
Connecting your Subscribers
● SIP and XMPP work out of the box● SIP/TLS needs to be enabled
– vim /etc/ngcpconfig/config.yml
– kamailio lb tls enable: 'yes'→ → →
– ngcpcfg apply
![Page 16: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/16.jpg)
What about WebRTC?
ws://yourip:5060/ws, wss://yourip:5061/ws, wss://yourip:1443/wss/sip/● Needs Preference Tweaking as of mr3.2.x● Subscribers → Details → Preferences
→ NAT and Media Flow Control– use_rtpproxy: Never, Always with rtpproxy as additional/only
ICE candidate
– srtp_transcoding: Transparent, Prefer SRTP
– rtcp_feedback: Transparent, Prefer AVPF
● Depends on your Use Case (SIP ↔ WebRTC Bridging)
![Page 17: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/17.jpg)
Rewrite Rules
● Your Dial-Plans in Perl Regex
Dialplan Germany
Rule Set
Inbound Caller
M: ^0([19][09]+)$R: ${caller_cc}\1D: National to E.164
Inbound Callee
M: ^0([19][09]+)$R: ${caller_cc}\1D: National to E.164
Outbound Caller
M: ^([19][09]+)$R: 00\1D: E.164 to International
Outbound Callee
M: ^([19][09]+)$R: 00\1D: E.164 to International
Preferences as${caller_xxx} and ${callee_xxx} variables
![Page 18: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/18.jpg)
Creating Rewrite Rules
● Settings → Rewrite Rules● Processing stops on first match (order
matters)● Assign to Subscribers, Domains and Peer
– Preferences → rewrite_rule_set
![Page 19: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/19.jpg)
Peerings● Dynamic peering via ENUM
– config.yml: kamailio → proxy → use_enum● Dynamic peering via Foreign Domains
– Dom-Preference: allow_out_foreign_domain– Dom-Preference: unauth_inbound_calls
● Static peering via Peering Groups– Everything not local goes to peer– Force inbound/outbound to peer via Preferences
![Page 20: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/20.jpg)
Static Peerings
● Settings → Peerings → Create Peering Group
Telefonica
Peering Rules
gw1.telefonica.degw2.telefonica.de
● Priority over multiple Groups● Auto-Failover after all Servers used
● Callee prefix length● Match on
● Caller pattern● Callee pattern
Peering Group
Peering Servers
gw1.telefonica.degw2.telefonica.de
● Weight per server● Random selection● Auto-Failover
![Page 21: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/21.jpg)
Billing Profiles
● Settings → Billing → Create Billing Profile
myprofile
Billing Zones
Germany FixedGermany MobileEurope
Billing Profile
Billing Fees
^49 → 20cents^43 → [email protected] → 1cent
Offpeak Times
Mo-Fr 00:00-07:95Mo-Fr 18:00-23:59Sa-Su2014-12-25
![Page 22: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/22.jpg)
That's it for the operational part
Easy, eh?
![Page 23: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/23.jpg)
sip:provider Architecture
![Page 24: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/24.jpg)
SIP Components
![Page 25: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/25.jpg)
Configuration Framework● Templates!● Controlled by:
– /etc/ngcpconfig/config.yml
– /etc/ngcpconfig/constants.yml
– /etc/ngcpconfig/network.yml
● Template sources:– /etc/ngcpconfig/templates/...
● Backed by Git (but you don't use it directly)
![Page 26: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/26.jpg)
Changing Configs● Use customtt-Files!
$ cp \
/etc/ngcpconfig/templates/etc/kamailio/lb/kamailio.cfg.tt2 \
/etc/ngcpconfig/templates/etc/kamailio/lb/kamailio.cfg.customtt.tt2
● Apply changes$ ngcpcfg apply
– Commits your changes, generates configs and restarts affected services (neat, eh?)
● Automatically tracks everything you drop into /etc/ngcp-config/templates/
![Page 27: How to deploy WebRTC, Class5, Class4 ... - Kamailio SIP Server · Security Bans. Creating a Reseller ... SIP and XMPP work out of the box SIP/TLS needs to be enabled ... – Force](https://reader035.vdocuments.site/reader035/viewer/2022081507/5fc18e3d423edc5abf0ae7da/html5/thumbnails/27.jpg)
Your Use Cases?
● If we wanted to do $this...● then you have to do $that
Your turn!