[SR-Users] Kamailio as SBC

Yu Boot yu at yu-boot.ru
Mon Oct 22 19:16:06 CEST 2018


I can help you with cfg, if you 're ready to implement standalone 
softswitch on your Kamailio :)


22.10.2018 17:21, Ellad Yatsko пишет:
> May you help?.. :-)
>
> Kind regards,
> Ellad
>
> 22.10.2018 17:12, Alex Balashov пишет:
>> I did not say that my article represents a complete answer to every part
>> of every one of your questions, at every level of abstraction and
>> specificity. Just that it might be helpful. :-)
>>
>> On Mon, Oct 22, 2018 at 04:40:03PM +0300, Ellad Yatsko wrote:
>>
>>> Dear Alex,
>>>
>>> your article is just "general words". :-) There is a couple of questions:
>>>
>>>    - can my "vision" be completed?
>>>    - how can it be implemented?
>>>
>>> The major problem as I see is to modify algorithm so Kamailio will not check
>>> database but will lean on answers of its upstream to generate
>>> UL. It should not BALANCE, just forward SIP traffic, ANALYZE answers of
>>> Upstream
>>> SIP-Server, make decision about attacks and PROXY RTP. It should be more
>>> clear
>>> definition what I would like to achieve.
>>>
>>> I could be confused about exact terminology of "Session Border Controller".
>>> But I'd like to implement FRAUD/BruteForce protection of my Asterisk using
>>> Kamailio (in the middle) because I heard it highly effective in the point
>>> of view of heavy loads. Asterisk might not bear a "tons" of SIP requests
>>> (dialogs).
>>>
>>>
>>>
>>> Kind regards,
>>> Ellad
>>>
>>>
>>> 22.10.2018 12:07, Alex Balashov пишет:
>>>> I hate to plug my own articles, but in this case it might help:
>>>>
>>>> http://www.evaristesys.com/blog/kamailio-as-an-sbc-five-years-on/
>>>>
>>>> --
>>>> Sent from mobile. Apologies for brevity and errors.
>>>>
>>>> -----Original Message-----
>>>> From: Ellad Yatsko <eyatsko at ngs.ru>
>>>> To: sr-users at lists.kamailio.org
>>>> Sent: Mon, 22 Oct 2018 3:28 AM
>>>> Subject: [SR-Users] Kamailio as SBC
>>>>
>>>> Hello!
>>>>
>>>> I'd like to implement the following diagram:
>>>>
>>>>   Users  -> Internet -> Kamailio -> Asterisk
>>>>
>>>> 1. Kamailio has no own users, it just re-writes headers and re-send
>>>> REGISTER messages to Asterisk where usres are located.
>>>>
>>>> 2. Depending on Astersisk's answers Kamailio either form UL (using
>>>> original IP from the first, original REGISTER from Users) or translates
>>>> Asterisk's answer back to Users. If it is error (e.g.
>>>> forbidden/notfound) Kamailio blocks User's IP (for instance using pike
>>>> module) and Fail2Ban adds affected IP into IPSet's List to block it by
>>>> IPTables Permanently.
>>>>
>>>> 3. INVITEs are translated to Asterisk as to the only Upstream
>>>> SIP-Server. And again Errors from Asterisk are processed in the same way
>>>> as Bad REGISTERs. Pike in conjunction with IPSet/IPTables block affected
>>>> IPs.
>>>>
>>>> 4. Astersisk sees all registrations from Internet user as they are
>>>> directly behind Kamailio. Kamailio rewirtes headers twice: from Users to
>>>> Asterisk and from Asterisk to Users - this allows to hide topology from
>>>> users (they deal ONLY with Kamailio) and block non-static IPs on the
>>>> Asterisk's side.
>>>>
>>>> Is this possible?
>>>>
>>>> Kind regards,
>>>> Ellad Yatsko
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Kamailio (SER) - Users Mailing List
>>>> sr-users at lists.kamailio.org
>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>
>>>> _______________________________________________
>>>> Kamailio (SER) - Users Mailing List
>>>> sr-users at lists.kamailio.org
>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users




More information about the sr-users mailing list