[VoiceOps] New blog article: Kamailio as an SBC - five years on

Ryan Delgrosso ryandelgrosso at gmail.com
Tue Jun 19 15:20:40 EDT 2018 

Hey Alex

As you well know i have been working on a platform, and started off 
using Kamailio as my edge proxy, but was pragmatically forced to pivot 
to OpenSIPS as it could do more SBC-flavored things, which it seems the 
Kamailio community find less than savory.

Of major note is the mid-registrar module, which allowed for 
short-re-reg intervals on the outside for nat traversal, with long core 
intervals to alleviate load, while also exposing a directly adjacent 
contact to the core switch without the need for the core to support such 
esoteric measures as the path header. This is crucial when supporting 
commercial registrars such as broadsoft or a metaswitch (and to a lesser 
extent freeswitch which only KINDA supports path) which are written 
expecting the commercial SBC behavior of adjacent contacts.

Abandoning SIP over UDP is a major topic for me these days. Once upon a 
time SBC's were a great place to prune packets to limbo under the 1500 
byte MTU bar, but as we all know this is a losing battle with the 
bloating of SDP's and the supported header, and can cause random 
breakage. Furthermore with the internet at large becoming increasingly 
hostile towards UDP as a transport due to the massive DDOS possibilities 
many UDP protocols offer, the sip over udp client space is becoming 
increasingly difficult. Moving access-side to TCP offers literally 
nothing but upside, with one exception, failover, as you well 
identified. Of course an open-source SBC in software carried with it the 
possibility for automation and orchestration, and if you go TCP, then 
there's literally no excuse to not encrypt everywhere and go TLS with 
LetsEncrypt. TLS signaling also carries the benefit of carving through 
ALG's and anti-competitive ISP practices.

Im still a proponent of UDP in the core, where jumbo-framing can be 
guaranteed, as it allows for easier fail-over of core elements 
mid-dialogue, and eliminates cumbersome state tracking inside a trusted 
core.

In my commercial practice i still support both big-iron commercial SBC's 
as well as the FOSS sort. Long term, FOSS will win. Its inevitable but 
it wont come until an industry paradigm shift from screen watching NOC 
engineers to automation building DevOps takes place.



On 6/18/2018 10:20 PM, Alex Balashov wrote:
> This is an update to my 2013-era article on the subject, and thought it
> might be of interest to some of you:
>
> http://www.evaristesys.com/blog/kamailio-as-an-sbc-five-years-on/
>

More information about the VoiceOps mailing list