hledat:

SIP Implementation for Organizations Connected to CESNET

CESNET technical report number 15/2007
also available in PDF, PostScript, and XML formats.

Michal Petrovič
3.12.2007

1   Abstract

This Document proposes a general SIP IP Telephony solution applicable in any organization connected to the CESNET2 Network.

Keywords: SIP, IP telephony, SER, OpenSER, Asterisk, High-Availability

2   Introduction

IP Telephony is a topic often discussed in organizations and among public. IP Telephony allows voice to be transferred by means of local computer networks or the Internet. This saves cost of telephone calls between various branches of an organization or between organizations. IP Telephony also makes the organization's telephone network easily and cost-effectively accessible from the Internet as well as other telephone networks supporting IP telephony.

Members of CESNET, the association of Czech universities and the Czech Academy of Science, are mutually connected through the CESNET2 computer network. Most of the members are also connected by IP connections running through H323 Protocol-based VoIP gateways. Internal phone networks operated by participating organizations consist of private branch exchanges (e.g. Siemens, Avaya, Cisco Call Manager) connected to the public phone network. In many cases, Cisco routers are connected to these exchanges through a PRI line. Larger organizations often use multiple exchanges connected not only to the fixed telephone network but, by means of GSM gateways, to mobile networks as well.

Figure gives an example - an overview of the telephone network run by the University of West Bohemia in Plzeň.

3   Design Proposal

A correct implementation of a SIP-based IP Telephony network requires a suitable IP exchange (SIP server). Among the most popular free-software SIP servers are:

• SER - Sip Express Router,

• OpenSER - the Open Source SIP Express Router,

• Asterisk - Open Source telephony switching and private branch exchange (PBX) daemon

The OpenSER solution playing the role of a proxy and registration server is recommended for organizations wishing to connect to the CESNET2 IP Telephony network. Such a server can be further connected to other SIP servers or to original private branch exchanges fitted with IP modules. For example, the Siemens HiPath 4000 exchange can be extended with an IP card, connected to a SIP server, and used as a media gateway.

In many cases, existing VoIP gateways (such as Cisco 2600) may be used to connect SIP servers to the CESNET2 IP Telephony network requiring only minor configuration adjustment. This can decrease the cost of deploying SIP infrastructure and enable a seamless transition from H323 to SIP.

Asterisk is recommended as a platform providing other related services such as VoiceMail, VoiceMenu, echo test, etc.

The OpenSER SIP server does not require especially powerful hardware. It can even run on a virtual system.

The OpenSER server is based on Linux and gets installed in the following manner:

1. Install a database server (e. g. MySQL)

2. Install NAT helper (e. g. RTP Proxy)

3. Install the OpenSER exchange

4. Initialize a database to be used by OpenSER and choose a configuration suitable for your organization. The sip:wizard configurator is recommended for generating correct configurations.

In Debian GNU/Linux, all packages mentioned above are available for installation. For systems relying on RPM or DEB packaging solutions, installation packages may be downloaded from our repository.

Once the SIP server is set up, it is necessary to advertise IP telephony services to users of the local computer network or the Internet. This involves SRV records in the organization's DNS and phone number translation services (so called ENUM). More information on the ENUM service is available from our ENUM page (in Czech).

Lastly, it is necessary to choose a method to authenticate users using the IP telephony service and accessing its Web interface. The OpenSER exchange can authenticate users against a local MySQL database, LDAP server, or a RADIUS server. Users can have their passwords stored in open text form or as hashes. A standard solution (such as SSO) can be used to authenticate users opening an IP telephony account or accessing account manipulation services through Web interfaces.

4   Numbering Schema

It is necessary - with respect to the expected number of users - to allocate enough phone numbers accessible from the organization's telephone network or from the public one. In case IP telephony is intended to be used by a limited number of users, it seems best to allocate a part of the organization's numbering schema used for traditional telephony.

In case the existing range of phone numbers has already been used up, it is possible to purchase additional numbers. Purchasing a range of phone numbers can be combined with ordering the SIP TRUNK service from a selected VoIP operator. This service provides direct connection of the IP-based network to the public telephony network and redirects calls addressed to the newly purchased number to the organization's SIP exchange.

In case the planned number of users exceeds certain limits, its is preferable to register so called non-geographic range with the Czech Telecommunications Office. In this manner, it is possible to receive hundreds to thousands of phone numbers. For numbers intended for use in IP telephony networks, choosing a non-geographic range is always preferable because the actual location users will be connecting from is uncertain. Each user can connect to the network anywhere within the reach of Internet, which makes the use of numbers that can be matched to specific locations or regions within the Czech Republic undesirable.

5   Service Redundancy

When deploying large-scale IP telephony services, it is advisable to make the IP exchange redundant as it may easily become a single point of failure. Once the IP exchange fails, it brings down the service, which can be rather unpleasant.

IP exchange redundancy can be achieved in several ways. Depending on the actual implementation, it can either involve setting up a back-up exchange or even a high-availability system resistant not only to power supply interruptions but to connectivity disruptions as well.

A high-availability IP exchange may comprise two identical IP exchanges serving mutually as back-ups. It is, however, necessary to ensure synchronization between these two and make them appear as one highly available IP exchange.

It is also possible to operate two independent exchanges and use prioritized SRV records in the DNS to advertise them. Should the primary exchange fail, clients will automatically start contacting the one with lower priority. Similarly to the high availability-based system, it is also necessary to ensure synchronization between the two exchanges.

A detailed guide to installing and configuring these solutions and providing redundancy is available from our High Availability page (in Czech).

6   Server Management GUI

OpenSER implementation should be accompanied by the implementation of a graphical user interface to be used by the administrators and, more importantly, the users.

There are several options available to both administrators and users: SERweb (developed specifically for SER systems management but currently not recommended for use with OpenSER systems version 1.x and higher) and OpenSER Administrator (currently available as version 0.3).

While implementing the OpenSER system, the University of Ostrava has developed a PHP-based interface (PHP OpenSER Administrator - POSERA) to allow access to user account management, see Figure.

7   Conclusion

IP telephony is a well-proven and reliable technology comparable - and often superior - to traditional telephony systems. Installing a SIP server and opening it to calls coming in from outside makes the organization's phone network accessible from CESNET2 as well as the Internet.