Docstoc

PPT - Jonathan Rosenberg

Document Sample
PPT - Jonathan Rosenberg Powered By Docstoc
					Architecting SIP Networks for ITSPs
         Jonathan Rosenberg
            Chief Scientist
 What Does an ITSP Network Look Like?
 Depends on Services Being Offered

 Two Common Revenue Generating Services are Origination
       and Termination
          Wholesale services
          Related to PSTN connectivity

 Origination Service
          Customer gets block of PSTN numbers
          Customer gives provider IP addresses to send calls to
          Calls for those numbers reach provider, and are routed to customer

 Termination Service
          Customer generates SIP calls destined for PSTN numbers
          Calls are sent to provider, and they are gatewayed to the PSTN



SIP 2001 2.23.01
Architecting SIP Networks for ITSPs   www.dynamicsoft.com
 Customers
  Origination Service
            FAX service providers
            Unified messaging providers
            Voice Portals
            Residential VoIP providers


  Termination Service
            Click to dial providers
            Communications ASPs
            Retail ITSPs




SIP 2001 2.23.01
Architecting SIP Networks for ITSPs    www.dynamicsoft.com
Benefits
  For the Customers
            No need to own, manage and operate gateways
            No need to have global PSTN connectivity
            Focus on applications and services
            Cheaper


  For the Providers
            Great way to generate lots of minutes
            Economies of scale allow them to make profits yet still provide low cost
                 service

  Overall: Relentless Specialization




SIP 2001 2.23.01
Architecting SIP Networks for ITSPs    www.dynamicsoft.com
 A Real ITSP Network
                                                                                     Regional POPs




                                                    Core Routing
                                                      Proxies


                                                                               Regional
                                                                               Routing
                                                                                Proxy Gateway
                                                                                        Managing
Firewall
                                                                                                     Gateway
                                      Firewall Control
                       Edge               Proxies
                      Proxies




SIP 2001 2.23.01
Architecting SIP Networks for ITSPs                      www.dynamicsoft.com
Proxy Servers Have Roles
  Proxy Is Just a SIP Defined Logical Function
            Not useful in and of itself
            Critical piece is value add features built on top of SIP proxy function
            Which features you need depends on roles


  Real VoIP Networks have Multiple Signaling Points, Each with
        Specific Roles and Functions
            Edge proxies
            Firewall control proxies
            Core routing proxies
            Regional routing proxies
            Gateway managing proxies
            User feature proxies




SIP 2001 2.23.01
Architecting SIP Networks for ITSPs        www.dynamicsoft.com
 Edge Proxies
  Serve As Access Point Into                      Why Is Accounting Needed
        ITSP Network                                   Here?
                                                          For wholesale customers
  What Needs to Be Done at                                      Only place in network where all
        Access Point?                                             traffic from/to customer arrives
            Authentication                                      Ideal point for troubleshooting
                                                                  customer interface
            Accounting
                                                                 Customer traffic profiling and
            DoS Attack Prevention                                usage metrics
                                                                 Customer care
  Authentication Only Need Be
                                                          Intrusion detection
        Done Once at Ingress Point
                                                          DoS attack detection
            From there, secure TLS based
             connections between elements
                                                   Useful to Dedicate Proxies to
            Critical for DOS prevention               Specific Customers
  How Is Authentication Done?                            No resource contention
                                                          High availability
     Wholesale, bulk traffic – TLS
                                                          Common model in web server
     Individual consumers – SIP proxy
      authentication mechanisms                              market as well


SIP 2001 2.23.01
Architecting SIP Networks for ITSPs    www.dynamicsoft.com
DoS Attack Protection
 DoS Attacks
          Flooding of packets
          Malicious content                                        DMZ

 Access Proxy Acts as DMZ
       Machine
          Sole point of entry for calls to
               network

 Filtering Functions
          Absorbs bursts
          Blocks large messages
          Removes content with viruses
          String parsing checks and
               validations



SIP 2001 2.23.01
Architecting SIP Networks for ITSPs           www.dynamicsoft.com
Firewall Control Proxies
 Responsible for Allowing SIP and Media Traffic to Traverse
       Firewalls and NATS at Periphery of Network

 Ideally Isolated From Edge Proxies
          Security risk in directly making these accessible
          Scalability
          Authenticate and authorize at periphery, freeing internal boxes from
               performing the function again

 Logging to Record Firewall Usage

 How Do They Allow SIP and Media to Traverse Firewalls?




SIP 2001 2.23.01
Architecting SIP Networks for ITSPs      www.dynamicsoft.com
Proposed Solution
 Separate Application Layer
       NAT/Firewall from IP Layer
       NAT/Firewall
          Similar to megaco decomposition
                                                                         Decomposed Firewall/NAT
          MG analogous to packet filter                                    Proxy               Firewall/NAT
                                                                         Server/ALG             Packet Filter
          MGC analogous to ALG (proxy)
                                                                                      Control
          Same benefits
                       Better scaling
                       Faster
                                                                           SIP
                       Lower cost
                       Expertise problem solved                                      RTP
                       Deployment paths for new apps
                       Load balancing




SIP 2001 2.23.01
Architecting SIP Networks for ITSPs                www.dynamicsoft.com
The Missing Piece
 Control Protocol Between
       SIP ALG and IP NAT/Firewall                              INVITE
                                                                                  BIND REQ

 Main Requirements                                                             BINDING

          Binding request: give a private                                              INVITE
               address, obtain a public
               address                                                             200 OK
                                                                200 OK
          Binding release                                                          OPEN
          Open hole (firewall)
          Close hole (firewall)                                 ACK
          Group bindings
                                                                                    ACK




                                                          PC             Proxy Server      Firewall

SIP 2001 2.23.01
Architecting SIP Networks for ITSPs       www.dynamicsoft.com
Routing
  Routing is One of the                              Routing Is Best Performed in a
        Primary Functions of a                            Hierarchical Fashion
        Proxy                                                Scalability

  Routing Is One of the Core                                Ease of management
        Services of a Service                                      Delegation
        Provider                                                   Upgradability
  Most General Definition                                         Isolation
            Connecting users to the network          Many Inputs to Routing Process
             services required for the session
                                                             Registration database
             by selecting a next hop server to
             process the request                             Telephone routing prefixes
            Network services                                TRIP and TRIP-GW
                Gateways                                    Caller preferences
                POPs                                        External databases
                Application platforms
                Media servers




SIP 2001 2.23.01
Architecting SIP Networks for ITSPs       www.dynamicsoft.com
Core Routing Proxy
  How Does a Proxy Route? Depends on Roles
  Core Routing Proxy
     Job is to take calls from all access points and figure out high level next
      hop service to handle call
            Can recreate Class 4 features
            Next hop service is typically
                         Regional POP for PSTN termination
                         User feature proxies for local subscribers
                         FCP for calls out to peer networks

            Routing generally based
                         Telephone prefixes
                         TRIP
                         Databases for domain lookups

            Why use a core?
                         Avoids need for each service to know about each other
                         Example: CPL in user feature proxy forwards call to PSTN termination


SIP 2001 2.23.01
Architecting SIP Networks for ITSPs                   www.dynamicsoft.com
Telephone Routing Prefixes
 SIP INVITE Can Contain Phone
       Numbers
          sip:17325551212@domain.com
          tel:17325551212

 Do Not Correspond to Users on IP
       Network, but PSTN Terminals                                        sip:19735551212@
                                                tel:19735551212            longdistance.com
 Call Must Be Routed to Gateway

 Gateways Often Arranged                                         1-732     regional.com
       Through Peering

 Which One to Use Based on Prefixes                                1      longdistance.com
       (Domestic = gw1, Europe = gw2)

 Route Table is Mapping From Prefixes                                      international.com
       to Next Hop IP address/port/transport
       Plus URL Rewrite Rules

SIP 2001 2.23.01
Architecting SIP Networks for ITSPs   www.dynamicsoft.com
Telephony Routing Over IP (TRIP)
 Inter-domain Protocol for Gateway                                                            Gateways
       Route Exchange
              Currently in working group last call in IETF

 TRIP Supports Various Models
          Bilateral agreements                                                    Location Server
          Centralized settlements provider
          Wholesaler service

 TRIP Based on Scalable IP Routing                                        ISP B
       Technology
                                                                                                 TRIP
          Uses BGP4 as a basis
          Supports aggregation
          Uses proven algorithms
                                                              End Users
 Proxy = TRIP LS
              Allows proxy to build routing table
               dynamically                                                                              ISP A
                                                                              Front End
 Core Proxy Would Use TRIP to
       Determine Whether to Route Call
       to a Peer Provider
SIP 2001 2.23.01
Architecting SIP Networks for ITSPs                  www.dynamicsoft.com
Regional Proxy
  Manages All Gateways in a Geographical Region
            Country, state, province
            Depends on size


  Why Separate From Core Proxy?
            Separate administrators for POPs
            Information on optimal routing not known globally


  May Be Additional Sub-regions Depending on Size

  Generally You Want Regional Proxy When There are More
        than One Heterogeneous Gateways in a POP




SIP 2001 2.23.01
Architecting SIP Networks for ITSPs     www.dynamicsoft.com
Gateway Managing Proxies
 Responsible for managing routing of
       calls to sets of gateways
 Routing decisions based on
    Gateway availability (up/down)
    Available gateway capacity
    Codecs and other features
    Possibly cost

 May Want to Handle Temporary
       Overload Cases
          Gateway responds with 503; should try
               another one
 Generation of CDRs for Calls
 Ideally Should Utilize Full Capacity of
       Gateways
 Question: How Does Proxy Know
       Available Capacity of Gateways?

SIP 2001 2.23.01
Architecting SIP Networks for ITSPs    www.dynamicsoft.com
TRIP and Gateways
 Normal TRIP Runs Interdomain

 TRIP-GW: Lightweight Version that
       Runs Between LS and Local
       Gateways

 Provides Gateway Information
       Exported to Other Domains Via                    INVITE
                                                                 TRIP-GW
       TRIP

 Provides Gateway Management
       Capabilities
          Load balancing based on available
           ports/codecs
          Liveness detection
          Failover



SIP 2001 2.23.01
Architecting SIP Networks for ITSPs   www.dynamicsoft.com
Generating Billing Records
 Billing Issues                                                   Log Server
          Must bill for a real service
                       Gateways
                       MCUs
          Proxy “fronts” gateway                                         Remote
          Need secure association to                                     Logging
               gateway
          Session timer?                      Billing Mediation
                                                     Server

 Logging to Remote Logging
       Server is Key Benefit

 Real Time Not Needed




                                                                                    Gateways

SIP 2001 2.23.01
Architecting SIP Networks for ITSPs       www.dynamicsoft.com
Other ITSP Components
 Configuration and Management
          Command line interface
          web
          SNMP


 Fault Tolerance
          No single point of failure
                       Its not for free with SIP
          Alarms to report device failures
          Many approaches to handle backups


 Scale
          $$/call or $$/transaction is the key
          Linear scalability in performance is ideal


SIP 2001 2.23.01
Architecting SIP Networks for ITSPs             www.dynamicsoft.com
Other ITSP Components continued
 Subscriber Management
          Add users to system
          Define services and capabilities
          Authorize services against subscriber lists


 Dynamic Reconfiguration
          Change parameters/routing table entries on the fly


 Customized Logging Outputs
          XML, apache, etc.




SIP 2001 2.23.01
Architecting SIP Networks for ITSPs   www.dynamicsoft.com
Information Resource   Jonathan Rosenberg
                       Chief Scientist
                       +1 973.952.5060
                       jdrosen@dynamicsoft.com

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:1
posted:3/23/2013
language:English
pages:22