[Kamailio-Users] stun/outbound draft...

Aymeric Moizard jack at atosc.org
Sun Jan 4 13:54:16 CET 2009 


On Sun, 4 Jan 2009, Juha Heinanen wrote:

> Aymeric Moizard writes:
>
> > * TURN is used ONLY when 2 peers cannot connect together, this means
> >    that it's much better than always offering RTP relay which is
> >    the solution today.
>
> kamailio tools allow you to choose when to use rtp relay and when not.
> it is not used always in my configuration.

My opinion is that no decision can be taken on kamailio. Or any proxy... 
It's technically not possible. Only the client and ICE could decide wether 
to use relay or not.

All the tools/way/tricks tha I'm aware of, TRY to guess by looking at
IPs for example, or comparing source port and contact or via port: all
those tricks are just bad guess for many reasons.

If you have a 100% working trick, I'll be interested to learn it! Very
interested!

> > * ICE allow to certify that you are sending the RTP data to your
> >    correspondant (ther is an ICE password in SDP)
>
> there are also other solutions for this, like quite commonly implemented
> zrtp, which has the additional advantage that rtp is also encrypted.

ICE helps to find direct connection between peers securely: still it
doesn't prevent from receiving spoofed data on the discovered connection.
zrtp is there to fill the gap: not a conflict at all.

> negative aspect of ice is that the spec is VERY complicated and hard to
> understand.  even the tutorial by rosenberg was too much to me.

Well, I'm not saying it's not complicated... I fully agree there. But
still this is the best (& only?) way to optimize the SIP udp media path.

Until ICE come, there will never be any success for the internet part of
SIP: the only reliable (optimized) calls today are the SIP to PSTN calls
and that is very very sad and unusefull.

Of course, non optimized free SIP (telephony..) services can be provided, 
but this comes at a high cost: you have to provide the relay services, 
modify contact headers, modify SDP contents, break SIP message integrity, 
provide low quality voice & video (relay...). Last point but not the 
least, is there any existing way to make sure you can provide inter-domain
SIP calls? (2 RTP relays are inserted in the path or a proxy fix a 
contact header to the IP/port source of the previous proxy...)

I want ICE to be implemented, no matter the effort. Else, I think there is
no value in SIP or VoIP except for commercial usage.

Please help the world and vote for ICE whatever the effort. If not, join
the IMS effort to make millions of $ for the next decades. That's a 
choice! (no flame to anyone here, don't misunderstood me... I just 
feel sad)

MAIL was a success & free probably because correct deployment is easy.
With ICE, SIP could become the same.

I'm done!
Aymeric MOIZARD / ANTISIP
amsip - http://www.antisip.com
osip2 - http://www.osip.org
eXosip2 - http://savannah.nongnu.org/projects/exosip/



> -- juha
>

More information about the sr-users mailing list