SlideShare a Scribd company logo

SIP Testing with FreeSWITCH

Moises Silva
Moises Silva

Introduction to testing SIP services and products with sipp and FreeSWITCH

TechnologyBusiness
1 of 46
Download to read offline
SIP  Tes(ng  w/  FreeSWITCH   ClueCon,  August  2013   Moisés  Silva  <moy@sangoma.com>   Manager,  So?ware  Engineering    
About  Sangoma   •  Industry  pioneer  with  over  25  years  of  experience  in   communicaIons  hardware  and  so?ware   •  Publicly  traded  company  since  2000   –  TSXV:  STC   •  One  of  the  most  financially  healthy  companies  in  our  industry   –  Growing,  Profitable,  Cash  on  the  Balance  Sheet,  No  Debt   •  Mid-­‐market  sized  firm  with  just  under  100  staff  in  all  global   territories   –  Offices  in  Canada  (Toronto),  US  (CA,  NJ),  EU  (UK  &  Holland),  APAC   (India),  CALA  (Miami)   •  World  wide  customer  base   –  Selling  direct  to  carriers  and  OEMs   –  Selling  to  the  enterprise  through  a  network  of  distribuIon  partners   2   Sangoma  Technologies  -­‐  ©  2013  
Broad  Line  of  Great  Products   •  Voice  Telephony  Boards   –  Analog/digital/hybrid,  WAN,  ADSL   •  Session  border  controllers   •  Microso?  Lync   •  VoIP  Gateways   –  NetBorder  SIP  to  TDM   –  SS7  to  SIP   •  So?ware  ApplicaIons   –  NetBorder  Express,  Call  Progress   Analyzer…   •  Transcoding  (boards/appliances)   •  Fiber  connecIvity  (STM1)   •  Wireless  products  (GSM)   3   Sangoma  Technologies  -­‐  ©  2013  
Agenda   •  TesIng  Overview   •  FuncIonality  Tests   •  Load  Tests   •  Security  Tests   4   Sangoma  Technologies  -­‐  ©  2013  
Overview   •  I  know,  SIP  tesIng  can  be  scary     5   Sangoma  Technologies  -­‐  ©  2013  
Overview   •  TesIng  complex  systems  requires  detailed   engineering  and  deep  knowledge  of  OSes,  wide   range  of  protocols,  hardware,  etc   •  Not  everyone  likes  doing  it,  it  is  not  glamorous   work  …   •  But  …  It’s  developer’s  responsibility  to  test,  not   customer’s  …  shocking!     6   Sangoma  Technologies  -­‐  ©  2013  
Overview   •  Lots  of  open  source  tools  out  there  that  can  be   used  for  tesIng:   •  Sipp   •  Sipsak   •  Sipvicious   •  Voiper   •  FreeSWITCH   •  Asterisk   7   Sangoma  Technologies  -­‐  ©  2013  
Overview   •  Commercial  tools  as  well   •  IXLoad  from  Ixia   •  SIP  Hammer  from  Empirix   8   Sangoma  Technologies  -­‐  ©  2013  
Overview   •  FreeSWITCH  can  be  used  to  test  other  systems   •  Generate  calls  with  full  RTP  wide  array  of  codecs   •  Support  for  IPv4/IPv6,  TLS,  SRTP,  STUN,  ICE  etc   •  Flexible  programmable  logic  via  XML,  Python  etc   •  Originate/terminate  T.38  faxing   •  Originate/terminate  SIP/TDM  calls  (and  others)   •  Easy  to  hook  up  modules  to  test  media  or  signaling:   •  Example:  tone_detect,  mod_bert,  fs_test   9   Sangoma  Technologies  -­‐  ©  2013  
Func(onality  Tests   FuncIonality  Tests   10   Sangoma  Technologies  -­‐  ©  2013  
Func(onality  Tests   •  Verify  expected  SIP  behaviors   •  REFER  actually  places  a  new  call  to  given  desInaIon   •  183  with  SDP  actually  bridges  media   •  4/5XX  responses  hang  up  or  retry  a  call   •  REGISTER  creates  an  AOR  in  your  DB   •  …  And  you  can  go  crazy  with  Presence  tests  …       11   Sangoma  Technologies  -­‐  ©  2013  
Func(onality  Tests   •  IdenIfy  your  most  important  funcIonality   •  Execute  manual  tests,  take  traces  (pcap/ wireshark)   •  Write  test  scenarios  for  them   •  Automate  them!  (Python/Ruby/PERL  scripIng)   12   Sangoma  Technologies  -­‐  ©  2013  
SIPp   13   Sangoma  Technologies  -­‐  ©  2013  
SIPp   •  FreeSWITCH  Wiki  SIPP  Quote   “IF  YOU  DO  NOT  UNDERSTAND  HOW  TO  STRESS   TEST  PROPERLY  THEN  DON'T  BOTHER   Using  SIPp  is  part  dark  art,  part  voodoo,  part   Santeria.     YOU  HAVE  BEEN  WARNED”   14   Sangoma  Technologies  -­‐  ©  2013  
SIPp   •  Low-­‐level  SIP  funcIonality  &  performance  test   tool     •  Not  super  user-­‐friendly,  errors  can  go  unnoIced   •  Requires  a  firm  grasp  on  SIP  (requests,   responses,  transacIons,  dialogs)   •  Flow  logic  is  XML-­‐based   15   Sangoma  Technologies  -­‐  ©  2013  
SIPp   16   Sangoma  Technologies  -­‐  ©  2013  
SIPp   17   Sangoma  Technologies  -­‐  ©  2013  
SIPp   •  <send>,  <recv>,  <pause>,  <exec>,  rinse  &  repeat     •  <send>  sends  raw  SIP  messages   •  <recv>  indicates  you  are  expecIng  a  SIP  response  or   request   •  <pause>  waits  some  milliseconds   •  <exec>  Can  be  used  to  play  a  pcap  (and  other  stuff)   18   Sangoma  Technologies  -­‐  ©  2013  
SIPp   •  <send>  takes  care  of  re-­‐transmissions  if   “retrans”  awribute  is  used   •  <recv>  blocks  if  non-­‐opIonal   •  <exec>  playing  a  file  is  non-­‐blocking  (surprising  if   you  know  FreeSWITCH/Asterisk  playback)   19   Sangoma  Technologies  -­‐  ©  2013  
SIPp   •  More  complex  scenarios  can  be  created  with   condiIonal  branching   •  Use  staIsIcal  branching  to  add  some  variety  to   your  scenarios   •  <pause>  can  be  done  using  different  distribuIon   models  such  as  normal,  exponenIal,  pareto,  etc   20   Sangoma  Technologies  -­‐  ©  2013  
SIPp   •  Subtle  mistakes  can  go  unnoIced  (no  media)   21   Sangoma  Technologies  -­‐  ©  2013  
SIPp   •  Use  [media_port]  tag,  do  not  hard-­‐code  ports  in   the  SDP   22   Sangoma  Technologies  -­‐  ©  2013  
SIPp   •  Make  sure  you  use  –rtp_echo   •  Make  sure  you  insert  a  <pause>  a?er  playing  a   pcap  and  make  sure  the  pcap  is  long  enough   •  For  load  tests  raise  your  process  limits  (ulimit  –a   for  details)   23   Sangoma  Technologies  -­‐  ©  2013  
SIPp   •  AutomaIng  creaIon  of  SIPp  scenarios  out  of   pcap  captures:   •  Sippie   •  hwp://sourceforge.net/projects/sippie/   •  Sniff2sipp   •  hwp://svnview.digium.com/svn/sniff2sipp/   24   Sangoma  Technologies  -­‐  ©  2013  
SIPSak   •  Mostly  useful  for  flood  tests   •  Much  simpler/smaller  than  sipp,  but  less  control   •  Easily  used  for  RFC4475  tesIng  (SIP  Torture)   25   Sangoma  Technologies  -­‐  ©  2013  
FreeSWITCH   •  You  can  create  SIP  flows  indirectly  using   FreeSWITCH  applicaIons   •  No  direct/raw  SIP  access,  but  possible  through   FreeSWITCH  channel  variables   •  Logic  programmable  in  XML,  Python,  LUA  etc   26   Sangoma  Technologies  -­‐  ©  2013  
FreeSWITCH   •  Use  ESL  originate  to  send  INVITEs   •  fs_test  Python  script  mimics  some  SIPp  opIons   •  hwps://github.com/moises-­‐silva/fs_test   •  Control  INVITE  SIP  headers  through  “sip_h_”   originate  variables   •  Send  REFER  with  “deflect”  applicaIon   27   Sangoma  Technologies  -­‐  ©  2013  
FreeSWITCH   •  Send  180  with  “ring_ready”   •  Send  183  with  “pre_answer”   •  Send  200  with  “answer”   •  Send  3XX  with  “redirect”   •  Send  4XX/5XX/6XX  with  “respond”   •  Send  BYE  with  “hangup”   28   Sangoma  Technologies  -­‐  ©  2013  
FreeSWITCH   •  G.711  media  test  /  checking  can  be   accomplished  using  mod_bert  or  tone_detect   •  hwps://github.com/moises-­‐silva/freeswitch/tree/ mod_bert     •  Calls  failing  the  media  test  are  hung  up  with   MEDIA_TIMEOUT  reason   29   Sangoma  Technologies  -­‐  ©  2013  
Load  Tests   Load  Tests   30   Sangoma  Technologies  -­‐  ©  2013  
Load  Tests   •  Load  tesIng  can  be  a  fine  art   •  Be  careful  and  define  tesIng  scope   •  OS  (Linux,  Windows,  64/32  bit,  OS  packages  versions)   •  Media  features  (RTP/SRTP,  UDPTL,  Codec)   •  Signaling  Features  (TLS,  PRACK,  Presence,  T.38)   •  Hardware  environment  (CPU,  Memory,  PCI/PCIx,  HD)   •  Network  environment  (TCP/UDP/Ethernet  se|ngs)     31   Sangoma  Technologies  -­‐  ©  2013  
Load  Tests   •  Performance  can  vary  widely  when  changing   just  a  few  environment  characterisIcs,  be  sure   to  test  a?er  each  change   •  Record  your  findings  (ie:  use  CacI)   •  Do  no  underesImate  non-­‐call-­‐related  load   •  RegistraIons,  Presence,  MWI,  etc   32   Sangoma  Technologies  -­‐  ©  2013  
Load  Tests   •  Measure  your  network  performance  /   throughput   •  Use  good  cat6  ethernet  cables!     •  Use  Iperf   •  hwps://code.google.com/p/iperf/   33   Sangoma  Technologies  -­‐  ©  2013  
Load  Tests   •  Launching  iperf  server   34   Sangoma  Technologies  -­‐  ©  2013  
Load  Tests   •  Launching  iperf  client   35   Sangoma  Technologies  -­‐  ©  2013  
Load  Tests   •  Do  not  forget  to  verify  with  bwm-­‐ng   36   Sangoma  Technologies  -­‐  ©  2013   Iperf  server  bandwidth   Iperf  client  bandwidth  
Load  Tests   •  Slight  payload  change  (iperf  –l  172)  causes   significant  performance  difference   37   Sangoma  Technologies  -­‐  ©  2013   Iperf  server  bandwidth   Iperf  client  bandwidth  
Security  Tests   Security  Tests   38   Sangoma  Technologies  -­‐  ©  2013  
Security  Tests   •  Sipvicious   •  Voiper   39   Sangoma  Technologies  -­‐  ©  2013  
SipVicious   •  Sipvicious  is  handy  to  test  your  fail2ban  rules   •  Use  svwar.py  and  svcrack.py  to  trigger  your   fail2ban   •  Verify  the  host  was  blocked   40   Sangoma  Technologies  -­‐  ©  2013  
Voiper   •  Voiper  is  handy  for  fuzzy/vulnerability  tesIng   •  hwp://voiper.sourceforge.net/   •  Whatever  you  do,  do  not  click  on  the  last  link  at   that  page  (UnprotectedHex)   41   Sangoma  Technologies  -­‐  ©  2013  
Voiper   •  python  fuzzer.py  -­‐f  SIPInviteCommonFuzzer  -­‐i   192.168.168.1  -­‐p  5060  -­‐a  sessions/scen1  -­‐c  0   •  Tons  of  messages  like  this  on  FreeSWITCH:   42   Sangoma  Technologies  -­‐  ©  2013  
Voiper   •  Note  fail2ban  can  hardly  help  here  (if  at  all)   •  SoluIon  is  report  malformed  packets  via  events  and   possibly  block  hosts  sending  excess  of  malformed   traffic   43   Sangoma  Technologies  -­‐  ©  2013  
QUESTIONS  
Contact  Us   •  Sangoma  Technologies   100  Renfrew  Drive,  Suite  100   Markham,  Ontario  L3R  9R6   Canada   •  Website   hwp://www.sangoma.com/   •  Telephone   +1  905  474  1990  x2  (for  Sales)   •  Email   sales@sangoma.com   Sangoma  Technologies  -­‐  ©  2013   45  
THANK  YOU  

Recommended

FreeSWITCH as a Kickass SBC
FreeSWITCH as a Kickass SBCFreeSWITCH as a Kickass SBC
FreeSWITCH as a Kickass SBC
Moises Silva
 
Scaling FreeSWITCH Performance
Scaling FreeSWITCH PerformanceScaling FreeSWITCH Performance
Scaling FreeSWITCH Performance
Moises Silva
 
Introduction to FreeSWITCH
Introduction to FreeSWITCHIntroduction to FreeSWITCH
Introduction to FreeSWITCH
Chien Cheng Wu
 
Media Handling in FreeSWITCH
Media Handling in FreeSWITCHMedia Handling in FreeSWITCH
Media Handling in FreeSWITCH
Moises Silva
 
FreeSWITCH Monitoring
FreeSWITCH MonitoringFreeSWITCH Monitoring
FreeSWITCH Monitoring
Moises Silva
 
FreeSWITCH Modules for Asterisk Developers
FreeSWITCH Modules for Asterisk DevelopersFreeSWITCH Modules for Asterisk Developers
FreeSWITCH Modules for Asterisk Developers
Moises Silva
 
Kamailio - API Based SIP Routing
Kamailio - API Based SIP RoutingKamailio - API Based SIP Routing
Kamailio - API Based SIP Routing
Daniel-Constantin Mierla
 
Homer - Workshop at Kamailio World 2017
Homer - Workshop at Kamailio World 2017Homer - Workshop at Kamailio World 2017
Homer - Workshop at Kamailio World 2017
Giacomo Vacca
 

Recommended

FreeSWITCH as a Kickass SBC
FreeSWITCH as a Kickass SBCFreeSWITCH as a Kickass SBC
FreeSWITCH as a Kickass SBC
Moises Silva
 
Scaling FreeSWITCH Performance
Scaling FreeSWITCH PerformanceScaling FreeSWITCH Performance
Scaling FreeSWITCH Performance
Moises Silva
 
Introduction to FreeSWITCH
Introduction to FreeSWITCHIntroduction to FreeSWITCH
Introduction to FreeSWITCH
Chien Cheng Wu
 
Media Handling in FreeSWITCH
Media Handling in FreeSWITCHMedia Handling in FreeSWITCH
Media Handling in FreeSWITCH
Moises Silva
 
FreeSWITCH Monitoring
FreeSWITCH MonitoringFreeSWITCH Monitoring
FreeSWITCH Monitoring
Moises Silva
 
FreeSWITCH Modules for Asterisk Developers
FreeSWITCH Modules for Asterisk DevelopersFreeSWITCH Modules for Asterisk Developers
FreeSWITCH Modules for Asterisk Developers
Moises Silva
 
Kamailio - API Based SIP Routing
Kamailio - API Based SIP RoutingKamailio - API Based SIP Routing
Kamailio - API Based SIP Routing
Daniel-Constantin Mierla
 
Homer - Workshop at Kamailio World 2017
Homer - Workshop at Kamailio World 2017Homer - Workshop at Kamailio World 2017
Homer - Workshop at Kamailio World 2017
Giacomo Vacca
 
An SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environmentsAn SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environments
Giacomo Vacca
 
Three Ways Kamailio Can Help Your FreeSWITCH Deployment
Three Ways Kamailio Can Help Your FreeSWITCH DeploymentThree Ways Kamailio Can Help Your FreeSWITCH Deployment
Three Ways Kamailio Can Help Your FreeSWITCH Deployment
Fred Posner
 
Kamailio :: A Quick Introduction
Kamailio :: A Quick IntroductionKamailio :: A Quick Introduction
Kamailio :: A Quick Introduction
Olle E Johansson
 
Kamailio, FreeSWITCH, and You
Kamailio, FreeSWITCH, and YouKamailio, FreeSWITCH, and You
Kamailio, FreeSWITCH, and You
Fred Posner
 
rtpengine - Media Relaying and Beyond
rtpengine - Media Relaying and Beyondrtpengine - Media Relaying and Beyond
rtpengine - Media Relaying and Beyond
Andreas Granig
 
Why is Kamailio so different? An introduction.
Why is Kamailio so different? An introduction.Why is Kamailio so different? An introduction.
Why is Kamailio so different? An introduction.
Olle E Johansson
 
SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)
Fred Posner
 
Kamailio - Secure Communication
Kamailio - Secure CommunicationKamailio - Secure Communication
Kamailio - Secure Communication
Daniel-Constantin Mierla
 
Astricon 10 (October 2013) - SIP over WebSocket on Kamailio
Astricon 10 (October 2013) - SIP over WebSocket on KamailioAstricon 10 (October 2013) - SIP over WebSocket on Kamailio
Astricon 10 (October 2013) - SIP over WebSocket on Kamailio
Crocodile WebRTC SDK and Cloud Signalling Network
 
rtpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scalertpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scale
Andreas Granig
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker
建澄 吳
 
Kamailio with Docker and Kubernetes
Kamailio with Docker and KubernetesKamailio with Docker and Kubernetes
Kamailio with Docker and Kubernetes
Paolo Visintin
 
FreeSWITCH as a Microservice
FreeSWITCH as a MicroserviceFreeSWITCH as a Microservice
FreeSWITCH as a Microservice
Evan McGee
 
Kamailio on Docker
Kamailio on DockerKamailio on Docker
Kamailio on Docker
Chien Cheng Wu
 
Kamailio - Load Balancing Load Balancers
Kamailio - Load Balancing Load BalancersKamailio - Load Balancing Load Balancers
Kamailio - Load Balancing Load Balancers
Daniel-Constantin Mierla
 
Sipwise rtpengine
Sipwise rtpengineSipwise rtpengine
Sipwise rtpengine
Andreas Granig
 
Kamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication PlatformsKamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication Platforms
Daniel-Constantin Mierla
 
Freeswitch
FreeswitchFreeswitch
Freeswitch
Suneet Saini
 
Kamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceKamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood Prince
Fred Posner
 
Using Kamailio for Scalability and Security
Using Kamailio for Scalability and SecurityUsing Kamailio for Scalability and Security
Using Kamailio for Scalability and Security
Fred Posner
 
Architettura VoIP con FreeSWITCH + gazzurbo
Architettura VoIP con FreeSWITCH + gazzurboArchitettura VoIP con FreeSWITCH + gazzurbo
Architettura VoIP con FreeSWITCH + gazzurbo
Alessandro Antani
 
Vale, Asterisk sirve para llamar... ¿o para algo más?
Vale, Asterisk sirve para llamar... ¿o para algo más?Vale, Asterisk sirve para llamar... ¿o para algo más?
Vale, Asterisk sirve para llamar... ¿o para algo más?
Saúl Ibarra Corretgé
 

More Related Content

What's hot

What's hot (20)

An SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environmentsAn SFU/MCU integration for heterogeneous environments
An SFU/MCU integration for heterogeneous environments
 
Three Ways Kamailio Can Help Your FreeSWITCH Deployment
Three Ways Kamailio Can Help Your FreeSWITCH DeploymentThree Ways Kamailio Can Help Your FreeSWITCH Deployment
Three Ways Kamailio Can Help Your FreeSWITCH Deployment
 
Kamailio :: A Quick Introduction
Kamailio :: A Quick IntroductionKamailio :: A Quick Introduction
Kamailio :: A Quick Introduction
 
Kamailio, FreeSWITCH, and You
Kamailio, FreeSWITCH, and YouKamailio, FreeSWITCH, and You
Kamailio, FreeSWITCH, and You
 
rtpengine - Media Relaying and Beyond
rtpengine - Media Relaying and Beyondrtpengine - Media Relaying and Beyond
rtpengine - Media Relaying and Beyond
 
Why is Kamailio so different? An introduction.
Why is Kamailio so different? An introduction.Why is Kamailio so different? An introduction.
Why is Kamailio so different? An introduction.
 
SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)SIP Attack Handling (Kamailio World 2021)
SIP Attack Handling (Kamailio World 2021)
 
Kamailio - Secure Communication
Kamailio - Secure CommunicationKamailio - Secure Communication
Kamailio - Secure Communication
 
Astricon 10 (October 2013) - SIP over WebSocket on Kamailio
Astricon 10 (October 2013) - SIP over WebSocket on KamailioAstricon 10 (October 2013) - SIP over WebSocket on Kamailio
Astricon 10 (October 2013) - SIP over WebSocket on Kamailio
 
rtpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scalertpengine and kamailio - or how to simulate calls at scale
rtpengine and kamailio - or how to simulate calls at scale
 
FreeSWITCH on Docker
FreeSWITCH on DockerFreeSWITCH on Docker
FreeSWITCH on Docker
 
Kamailio with Docker and Kubernetes
Kamailio with Docker and KubernetesKamailio with Docker and Kubernetes
Kamailio with Docker and Kubernetes
 
FreeSWITCH as a Microservice
FreeSWITCH as a MicroserviceFreeSWITCH as a Microservice
FreeSWITCH as a Microservice
 
Kamailio on Docker
Kamailio on DockerKamailio on Docker
Kamailio on Docker
 
Kamailio - Load Balancing Load Balancers
Kamailio - Load Balancing Load BalancersKamailio - Load Balancing Load Balancers
Kamailio - Load Balancing Load Balancers
 
Sipwise rtpengine
Sipwise rtpengineSipwise rtpengine
Sipwise rtpengine
 
Kamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication PlatformsKamailio - Large Unified Communication Platforms
Kamailio - Large Unified Communication Platforms
 
Freeswitch
FreeswitchFreeswitch
Freeswitch
 
Kamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood PrinceKamailio, FreeSWITCH, and the Half-Blood Prince
Kamailio, FreeSWITCH, and the Half-Blood Prince
 
Using Kamailio for Scalability and Security
Using Kamailio for Scalability and SecurityUsing Kamailio for Scalability and Security
Using Kamailio for Scalability and Security
 

Viewers also liked

Whitepaper: Over-The-Top (OTT) Services: How Operators can overcome the Fragm...
Whitepaper: Over-The-Top (OTT) Services: How Operators can overcome the Fragm...Whitepaper: Over-The-Top (OTT) Services: How Operators can overcome the Fragm...
Whitepaper: Over-The-Top (OTT) Services: How Operators can overcome the Fragm...
tyntec
 
Tecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con AsteriskTecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con Asterisk
Nicolás Gudiño
 

Viewers also liked (14)

Architettura VoIP con FreeSWITCH + gazzurbo
Architettura VoIP con FreeSWITCH + gazzurboArchitettura VoIP con FreeSWITCH + gazzurbo
Architettura VoIP con FreeSWITCH + gazzurbo
 
Vale, Asterisk sirve para llamar... ¿o para algo más?
Vale, Asterisk sirve para llamar... ¿o para algo más?Vale, Asterisk sirve para llamar... ¿o para algo más?
Vale, Asterisk sirve para llamar... ¿o para algo más?
 
Sangoma SBC Training Presentation
Sangoma SBC Training PresentationSangoma SBC Training Presentation
Sangoma SBC Training Presentation
 
Qué hace tu Asterisk cuando no miras
Qué hace tu Asterisk cuando no mirasQué hace tu Asterisk cuando no miras
Qué hace tu Asterisk cuando no miras
 
Proyecto Open Pi Phone
Proyecto Open Pi PhoneProyecto Open Pi Phone
Proyecto Open Pi Phone
 
De SIP a WebRTC y vice versa
De SIP a WebRTC y vice versaDe SIP a WebRTC y vice versa
De SIP a WebRTC y vice versa
 
Introducción a Asterisk
Introducción a AsteriskIntroducción a Asterisk
Introducción a Asterisk
 
Jitsi: State of the Union
Jitsi: State of the UnionJitsi: State of the Union
Jitsi: State of the Union
 
Whitepaper: Over-The-Top (OTT) Services: How Operators can overcome the Fragm...
Whitepaper: Over-The-Top (OTT) Services: How Operators can overcome the Fragm...Whitepaper: Over-The-Top (OTT) Services: How Operators can overcome the Fragm...
Whitepaper: Over-The-Top (OTT) Services: How Operators can overcome the Fragm...
 
Tecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con AsteriskTecnicas monitoreo reportes con Asterisk
Tecnicas monitoreo reportes con Asterisk
 
Linux Performance Tools
Linux Performance ToolsLinux Performance Tools
Linux Performance Tools
 
開發人員不可不知的 Windows Container 容器技術預覽
開發人員不可不知的 Windows Container 容器技術預覽開發人員不可不知的 Windows Container 容器技術預覽
開發人員不可不知的 Windows Container 容器技術預覽
 
Raspberry pi : an introduction
Raspberry pi : an introductionRaspberry pi : an introduction
Raspberry pi : an introduction
 
Raspberry pi
Raspberry pi Raspberry pi
Raspberry pi
 

Similar to SIP Testing with FreeSWITCH

Securing IoT Applications
Securing IoT Applications Securing IoT Applications
Securing IoT Applications
WSO2
 
Top 10 most interesting vulnerabilities and attacks in SAP
Top 10 most interesting vulnerabilities and attacks in SAPTop 10 most interesting vulnerabilities and attacks in SAP
Top 10 most interesting vulnerabilities and attacks in SAP
ERPScan
 
Integrating Application Security into a Software Development Process
Integrating Application Security into a Software Development ProcessIntegrating Application Security into a Software Development Process
Integrating Application Security into a Software Development Process
Achim D. Brucker
 
Srikanth_PILLI_CV_latest
Srikanth_PILLI_CV_latestSrikanth_PILLI_CV_latest
Srikanth_PILLI_CV_latest
Srikanth Pilli
 
OSGi Alliance Community Event 2007 - Business Session#2 - Abdallah Bushnaq, A...
OSGi Alliance Community Event 2007 - Business Session#2 - Abdallah Bushnaq, A...OSGi Alliance Community Event 2007 - Business Session#2 - Abdallah Bushnaq, A...
OSGi Alliance Community Event 2007 - Business Session#2 - Abdallah Bushnaq, A...
mfrancis
 

Similar to SIP Testing with FreeSWITCH (20)

TADHack Winner: Snappy Kamailio: Carnival of the Creators
TADHack Winner: Snappy Kamailio: Carnival of the CreatorsTADHack Winner: Snappy Kamailio: Carnival of the Creators
TADHack Winner: Snappy Kamailio: Carnival of the Creators
 
Snappy Kamailio
Snappy KamailioSnappy Kamailio
Snappy Kamailio
 
Designing High Performance RTC Signaling Servers
Designing High Performance RTC Signaling ServersDesigning High Performance RTC Signaling Servers
Designing High Performance RTC Signaling Servers
 
Attacking SAP users with sapsploit
Attacking SAP users with sapsploit Attacking SAP users with sapsploit
Attacking SAP users with sapsploit
 
Securing IoT Applications
Securing IoT Applications Securing IoT Applications
Securing IoT Applications
 
Implementation Lessons using WebRTC in Asterisk
Implementation Lessons using WebRTC in AsteriskImplementation Lessons using WebRTC in Asterisk
Implementation Lessons using WebRTC in Asterisk
 
Top 10 most interesting vulnerabilities and attacks in SAP
Top 10 most interesting vulnerabilities and attacks in SAPTop 10 most interesting vulnerabilities and attacks in SAP
Top 10 most interesting vulnerabilities and attacks in SAP
 
Integrating Application Security into a Software Development Process
Integrating Application Security into a Software Development ProcessIntegrating Application Security into a Software Development Process
Integrating Application Security into a Software Development Process
 
SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ? SonarQube - Should I Stay or Should I Go ?
SonarQube - Should I Stay or Should I Go ?
 
2016-Automation-Summit_PA_SIMIT.pdf
2016-Automation-Summit_PA_SIMIT.pdf2016-Automation-Summit_PA_SIMIT.pdf
2016-Automation-Summit_PA_SIMIT.pdf
 
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdfUC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
UC18NA-D3D202-Dianomic-IZoratti-Introduction-To-FogLAMP.pdf
 
Srikanth_PILLI_CV_latest
Srikanth_PILLI_CV_latestSrikanth_PILLI_CV_latest
Srikanth_PILLI_CV_latest
 
Fuzzing RTC @ Kamailio World 2019
Fuzzing RTC @ Kamailio World 2019Fuzzing RTC @ Kamailio World 2019
Fuzzing RTC @ Kamailio World 2019
 
FOSDEM 2013 - SIP and MSRP over WebSocket in Kamailio
FOSDEM 2013 - SIP and MSRP over WebSocket in KamailioFOSDEM 2013 - SIP and MSRP over WebSocket in Kamailio
FOSDEM 2013 - SIP and MSRP over WebSocket in Kamailio
 
Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...Infosecurity.be 2019: What are relevant open source security tools you should...
Infosecurity.be 2019: What are relevant open source security tools you should...
 
Streaming meetup
Streaming meetupStreaming meetup
Streaming meetup
 
OSGi Alliance Community Event 2007 - Business Session#2 - Abdallah Bushnaq, A...
OSGi Alliance Community Event 2007 - Business Session#2 - Abdallah Bushnaq, A...OSGi Alliance Community Event 2007 - Business Session#2 - Abdallah Bushnaq, A...
OSGi Alliance Community Event 2007 - Business Session#2 - Abdallah Bushnaq, A...
 
OpenDataPlane Project
OpenDataPlane ProjectOpenDataPlane Project
OpenDataPlane Project
 
Practical SAP pentesting workshop (NullCon Goa)
Practical SAP pentesting workshop (NullCon Goa)Practical SAP pentesting workshop (NullCon Goa)
Practical SAP pentesting workshop (NullCon Goa)
 
abhi
abhiabhi
abhi
 

More from Moises Silva

Negociacion de Codecs en Asterisk
Negociacion de Codecs en AsteriskNegociacion de Codecs en Asterisk
Negociacion de Codecs en Asterisk
Moises Silva
 

More from Moises Silva (9)

Interfaces de Scripting para librerias en C
Interfaces de Scripting para librerias en CInterfaces de Scripting para librerias en C
Interfaces de Scripting para librerias en C
 
Vulnerabilidades en Aplicaciones Web PHP
Vulnerabilidades en Aplicaciones Web PHPVulnerabilidades en Aplicaciones Web PHP
Vulnerabilidades en Aplicaciones Web PHP
 
Manejo de Medios en FreeSWITCH
Manejo de Medios en FreeSWITCHManejo de Medios en FreeSWITCH
Manejo de Medios en FreeSWITCH
 
FreeSWITCH: Asterisk con Esteroides
FreeSWITCH: Asterisk con EsteroidesFreeSWITCH: Asterisk con Esteroides
FreeSWITCH: Asterisk con Esteroides
 
Negociacion de Codecs en Asterisk
Negociacion de Codecs en AsteriskNegociacion de Codecs en Asterisk
Negociacion de Codecs en Asterisk
 
Sangoma en el Ecosistema Open Source
Sangoma en el Ecosistema Open SourceSangoma en el Ecosistema Open Source
Sangoma en el Ecosistema Open Source
 
FreeTDM PRI Passive Recording
FreeTDM PRI Passive RecordingFreeTDM PRI Passive Recording
FreeTDM PRI Passive Recording
 
Asterisk PRI Passive Call Recording
Asterisk PRI Passive Call RecordingAsterisk PRI Passive Call Recording
Asterisk PRI Passive Call Recording
 
OpenR2 in Asterisk
OpenR2 in AsteriskOpenR2 in Asterisk
OpenR2 in Asterisk
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

SIP Testing with FreeSWITCH

  • 1. SIP  Tes(ng  w/  FreeSWITCH   ClueCon,  August  2013   Moisés  Silva  <moy@sangoma.com>   Manager,  So?ware  Engineering    
  • 2. About  Sangoma   •  Industry  pioneer  with  over  25  years  of  experience  in   communicaIons  hardware  and  so?ware   •  Publicly  traded  company  since  2000   –  TSXV:  STC   •  One  of  the  most  financially  healthy  companies  in  our  industry   –  Growing,  Profitable,  Cash  on  the  Balance  Sheet,  No  Debt   •  Mid-­‐market  sized  firm  with  just  under  100  staff  in  all  global   territories   –  Offices  in  Canada  (Toronto),  US  (CA,  NJ),  EU  (UK  &  Holland),  APAC   (India),  CALA  (Miami)   •  World  wide  customer  base   –  Selling  direct  to  carriers  and  OEMs   –  Selling  to  the  enterprise  through  a  network  of  distribuIon  partners   2   Sangoma  Technologies  -­‐  ©  2013  
  • 3. Broad  Line  of  Great  Products   •  Voice  Telephony  Boards   –  Analog/digital/hybrid,  WAN,  ADSL   •  Session  border  controllers   •  Microso?  Lync   •  VoIP  Gateways   –  NetBorder  SIP  to  TDM   –  SS7  to  SIP   •  So?ware  ApplicaIons   –  NetBorder  Express,  Call  Progress   Analyzer…   •  Transcoding  (boards/appliances)   •  Fiber  connecIvity  (STM1)   •  Wireless  products  (GSM)   3   Sangoma  Technologies  -­‐  ©  2013  
  • 4. Agenda   •  TesIng  Overview   •  FuncIonality  Tests   •  Load  Tests   •  Security  Tests   4   Sangoma  Technologies  -­‐  ©  2013  
  • 5. Overview   •  I  know,  SIP  tesIng  can  be  scary     5   Sangoma  Technologies  -­‐  ©  2013  
  • 6. Overview   •  TesIng  complex  systems  requires  detailed   engineering  and  deep  knowledge  of  OSes,  wide   range  of  protocols,  hardware,  etc   •  Not  everyone  likes  doing  it,  it  is  not  glamorous   work  …   •  But  …  It’s  developer’s  responsibility  to  test,  not   customer’s  …  shocking!     6   Sangoma  Technologies  -­‐  ©  2013  
  • 7. Overview   •  Lots  of  open  source  tools  out  there  that  can  be   used  for  tesIng:   •  Sipp   •  Sipsak   •  Sipvicious   •  Voiper   •  FreeSWITCH   •  Asterisk   7   Sangoma  Technologies  -­‐  ©  2013  
  • 8. Overview   •  Commercial  tools  as  well   •  IXLoad  from  Ixia   •  SIP  Hammer  from  Empirix   8   Sangoma  Technologies  -­‐  ©  2013  
  • 9. Overview   •  FreeSWITCH  can  be  used  to  test  other  systems   •  Generate  calls  with  full  RTP  wide  array  of  codecs   •  Support  for  IPv4/IPv6,  TLS,  SRTP,  STUN,  ICE  etc   •  Flexible  programmable  logic  via  XML,  Python  etc   •  Originate/terminate  T.38  faxing   •  Originate/terminate  SIP/TDM  calls  (and  others)   •  Easy  to  hook  up  modules  to  test  media  or  signaling:   •  Example:  tone_detect,  mod_bert,  fs_test   9   Sangoma  Technologies  -­‐  ©  2013  
  • 10. Func(onality  Tests   FuncIonality  Tests   10   Sangoma  Technologies  -­‐  ©  2013  
  • 11. Func(onality  Tests   •  Verify  expected  SIP  behaviors   •  REFER  actually  places  a  new  call  to  given  desInaIon   •  183  with  SDP  actually  bridges  media   •  4/5XX  responses  hang  up  or  retry  a  call   •  REGISTER  creates  an  AOR  in  your  DB   •  …  And  you  can  go  crazy  with  Presence  tests  …       11   Sangoma  Technologies  -­‐  ©  2013  
  • 12. Func(onality  Tests   •  IdenIfy  your  most  important  funcIonality   •  Execute  manual  tests,  take  traces  (pcap/ wireshark)   •  Write  test  scenarios  for  them   •  Automate  them!  (Python/Ruby/PERL  scripIng)   12   Sangoma  Technologies  -­‐  ©  2013  
  • 13. SIPp   13   Sangoma  Technologies  -­‐  ©  2013  
  • 14. SIPp   •  FreeSWITCH  Wiki  SIPP  Quote   “IF  YOU  DO  NOT  UNDERSTAND  HOW  TO  STRESS   TEST  PROPERLY  THEN  DON'T  BOTHER   Using  SIPp  is  part  dark  art,  part  voodoo,  part   Santeria.     YOU  HAVE  BEEN  WARNED”   14   Sangoma  Technologies  -­‐  ©  2013  
  • 15. SIPp   •  Low-­‐level  SIP  funcIonality  &  performance  test   tool     •  Not  super  user-­‐friendly,  errors  can  go  unnoIced   •  Requires  a  firm  grasp  on  SIP  (requests,   responses,  transacIons,  dialogs)   •  Flow  logic  is  XML-­‐based   15   Sangoma  Technologies  -­‐  ©  2013  
  • 16. SIPp   16   Sangoma  Technologies  -­‐  ©  2013  
  • 17. SIPp   17   Sangoma  Technologies  -­‐  ©  2013  
  • 18. SIPp   •  <send>,  <recv>,  <pause>,  <exec>,  rinse  &  repeat     •  <send>  sends  raw  SIP  messages   •  <recv>  indicates  you  are  expecIng  a  SIP  response  or   request   •  <pause>  waits  some  milliseconds   •  <exec>  Can  be  used  to  play  a  pcap  (and  other  stuff)   18   Sangoma  Technologies  -­‐  ©  2013  
  • 19. SIPp   •  <send>  takes  care  of  re-­‐transmissions  if   “retrans”  awribute  is  used   •  <recv>  blocks  if  non-­‐opIonal   •  <exec>  playing  a  file  is  non-­‐blocking  (surprising  if   you  know  FreeSWITCH/Asterisk  playback)   19   Sangoma  Technologies  -­‐  ©  2013  
  • 20. SIPp   •  More  complex  scenarios  can  be  created  with   condiIonal  branching   •  Use  staIsIcal  branching  to  add  some  variety  to   your  scenarios   •  <pause>  can  be  done  using  different  distribuIon   models  such  as  normal,  exponenIal,  pareto,  etc   20   Sangoma  Technologies  -­‐  ©  2013  
  • 21. SIPp   •  Subtle  mistakes  can  go  unnoIced  (no  media)   21   Sangoma  Technologies  -­‐  ©  2013  
  • 22. SIPp   •  Use  [media_port]  tag,  do  not  hard-­‐code  ports  in   the  SDP   22   Sangoma  Technologies  -­‐  ©  2013  
  • 23. SIPp   •  Make  sure  you  use  –rtp_echo   •  Make  sure  you  insert  a  <pause>  a?er  playing  a   pcap  and  make  sure  the  pcap  is  long  enough   •  For  load  tests  raise  your  process  limits  (ulimit  –a   for  details)   23   Sangoma  Technologies  -­‐  ©  2013  
  • 24. SIPp   •  AutomaIng  creaIon  of  SIPp  scenarios  out  of   pcap  captures:   •  Sippie   •  hwp://sourceforge.net/projects/sippie/   •  Sniff2sipp   •  hwp://svnview.digium.com/svn/sniff2sipp/   24   Sangoma  Technologies  -­‐  ©  2013  
  • 25. SIPSak   •  Mostly  useful  for  flood  tests   •  Much  simpler/smaller  than  sipp,  but  less  control   •  Easily  used  for  RFC4475  tesIng  (SIP  Torture)   25   Sangoma  Technologies  -­‐  ©  2013  
  • 26. FreeSWITCH   •  You  can  create  SIP  flows  indirectly  using   FreeSWITCH  applicaIons   •  No  direct/raw  SIP  access,  but  possible  through   FreeSWITCH  channel  variables   •  Logic  programmable  in  XML,  Python,  LUA  etc   26   Sangoma  Technologies  -­‐  ©  2013  
  • 27. FreeSWITCH   •  Use  ESL  originate  to  send  INVITEs   •  fs_test  Python  script  mimics  some  SIPp  opIons   •  hwps://github.com/moises-­‐silva/fs_test   •  Control  INVITE  SIP  headers  through  “sip_h_”   originate  variables   •  Send  REFER  with  “deflect”  applicaIon   27   Sangoma  Technologies  -­‐  ©  2013  
  • 28. FreeSWITCH   •  Send  180  with  “ring_ready”   •  Send  183  with  “pre_answer”   •  Send  200  with  “answer”   •  Send  3XX  with  “redirect”   •  Send  4XX/5XX/6XX  with  “respond”   •  Send  BYE  with  “hangup”   28   Sangoma  Technologies  -­‐  ©  2013  
  • 29. FreeSWITCH   •  G.711  media  test  /  checking  can  be   accomplished  using  mod_bert  or  tone_detect   •  hwps://github.com/moises-­‐silva/freeswitch/tree/ mod_bert     •  Calls  failing  the  media  test  are  hung  up  with   MEDIA_TIMEOUT  reason   29   Sangoma  Technologies  -­‐  ©  2013  
  • 30. Load  Tests   Load  Tests   30   Sangoma  Technologies  -­‐  ©  2013  
  • 31. Load  Tests   •  Load  tesIng  can  be  a  fine  art   •  Be  careful  and  define  tesIng  scope   •  OS  (Linux,  Windows,  64/32  bit,  OS  packages  versions)   •  Media  features  (RTP/SRTP,  UDPTL,  Codec)   •  Signaling  Features  (TLS,  PRACK,  Presence,  T.38)   •  Hardware  environment  (CPU,  Memory,  PCI/PCIx,  HD)   •  Network  environment  (TCP/UDP/Ethernet  se|ngs)     31   Sangoma  Technologies  -­‐  ©  2013  
  • 32. Load  Tests   •  Performance  can  vary  widely  when  changing   just  a  few  environment  characterisIcs,  be  sure   to  test  a?er  each  change   •  Record  your  findings  (ie:  use  CacI)   •  Do  no  underesImate  non-­‐call-­‐related  load   •  RegistraIons,  Presence,  MWI,  etc   32   Sangoma  Technologies  -­‐  ©  2013  
  • 33. Load  Tests   •  Measure  your  network  performance  /   throughput   •  Use  good  cat6  ethernet  cables!     •  Use  Iperf   •  hwps://code.google.com/p/iperf/   33   Sangoma  Technologies  -­‐  ©  2013  
  • 34. Load  Tests   •  Launching  iperf  server   34   Sangoma  Technologies  -­‐  ©  2013  
  • 35. Load  Tests   •  Launching  iperf  client   35   Sangoma  Technologies  -­‐  ©  2013  
  • 36. Load  Tests   •  Do  not  forget  to  verify  with  bwm-­‐ng   36   Sangoma  Technologies  -­‐  ©  2013   Iperf  server  bandwidth   Iperf  client  bandwidth  
  • 37. Load  Tests   •  Slight  payload  change  (iperf  –l  172)  causes   significant  performance  difference   37   Sangoma  Technologies  -­‐  ©  2013   Iperf  server  bandwidth   Iperf  client  bandwidth  
  • 38. Security  Tests   Security  Tests   38   Sangoma  Technologies  -­‐  ©  2013  
  • 39. Security  Tests   •  Sipvicious   •  Voiper   39   Sangoma  Technologies  -­‐  ©  2013  
  • 40. SipVicious   •  Sipvicious  is  handy  to  test  your  fail2ban  rules   •  Use  svwar.py  and  svcrack.py  to  trigger  your   fail2ban   •  Verify  the  host  was  blocked   40   Sangoma  Technologies  -­‐  ©  2013  
  • 41. Voiper   •  Voiper  is  handy  for  fuzzy/vulnerability  tesIng   •  hwp://voiper.sourceforge.net/   •  Whatever  you  do,  do  not  click  on  the  last  link  at   that  page  (UnprotectedHex)   41   Sangoma  Technologies  -­‐  ©  2013  
  • 42. Voiper   •  python  fuzzer.py  -­‐f  SIPInviteCommonFuzzer  -­‐i   192.168.168.1  -­‐p  5060  -­‐a  sessions/scen1  -­‐c  0   •  Tons  of  messages  like  this  on  FreeSWITCH:   42   Sangoma  Technologies  -­‐  ©  2013  
  • 43. Voiper   •  Note  fail2ban  can  hardly  help  here  (if  at  all)   •  SoluIon  is  report  malformed  packets  via  events  and   possibly  block  hosts  sending  excess  of  malformed   traffic   43   Sangoma  Technologies  -­‐  ©  2013  
  • 45. Contact  Us   •  Sangoma  Technologies   100  Renfrew  Drive,  Suite  100   Markham,  Ontario  L3R  9R6   Canada   •  Website   hwp://www.sangoma.com/   •  Telephone   +1  905  474  1990  x2  (for  Sales)   •  Email   sales@sangoma.com   Sangoma  Technologies  -­‐  ©  2013   45