Real-Time Communications Quick Start Guide

Daniel Pocock


Table of Contents

Preface
1. Introduction
Choosing between SIP and XMPP
Choice of operating system
Use latest software versions
Using IPv6
Example network used in the documentation
2. Architecture overview
3. User Experience
First time setup and provisioning
Dialing
Dial plans
Dialing Internet addresses
4. Optimizing Connectivity
Use ICE and a TURN server
Use the TLS transport for SIP packets
Getting through firewalls
5. DNS setup
Using non-standard ports
Sample DNS zone file
Testing the DNS settings
6. Firewall rules
Overview of firewall ports
NAT considerations
Setup with iptables on Linux
7. User and credential storage
Credentials
Password encryption
HA1 in detail
Databases
RADIUS
LDAP
SQL databases
Product-specific file formats
Conclusion
8. Server setup
9. TLS certificate creation
Install the OpenSSL utility
Certificate Common Name
Install a TLS certificate
10. ICE/STUN/TURN server installation
Choosing a TURN server
reTurnServer from reSIProcate
Installation
Configuration
Provisioning users
11. SIP proxy server installation
Choose your SIP proxy
repro SIP proxy
Package installation
Configuration
Testing with s_client
Login to web administration
User management
Adding a user
Adding routes for numeric dialing
Kamailio SIP proxy
Package installation
Configuration
12. XMPP (Jabber) server installation
Choosing an XMPP server
Prosody XMPP server
Package installation
Configuration
User management
Further reading
ejabberd XMPP server
Package installation
Configuration
13. WebRTC
Technical overview
Media streaming capabilities
Signalling protocols
User privacy and security
Practical WebRTC deployment
WebRTC clients and firewalls
JsSIP and JSCommunicator
Content Management Systems and other frameworks
Troubleshooting
14. Client devices and softphones
Softphones
IP desk phones
Smartphone apps
Click-to-dial
The Firefox Telify plugin
Mozilla Thunderbird and GNOME Evolution address books
Using sipdialer
Using Asterisk or FreeSWITCH
15. Adding ENUM to DNS
How ENUM works
Consuming ENUM data
Publishing ENUM data
Public ENUM
Private and third-party ENUM suffixes
Dynamic ENUM from LDAP with dlz-ldap-enum
16. Troubleshooting
Common problems and solutions
Google Talk/Hangouts users not receiving XMPP chat messages
Audio and video quality issues
Techniques
Monitoring tools
Check the logs
Check the web interface
Operating system utilities
Packet sniffers
Debugging mode
WebRTC and WebSockets
17. PBX Setup
18. Frequently Asked Questions
19. Community support
Mailing lists
Strategy and advocacy
Collaboration between operators and service providers
Server support
Softphones
Popular blogs and news sites
A. Building reSIProcate packages on Debian/Ubuntu
B. Building reSIProcate RPMs on RHEL and CentOS
Index

List of Figures

2.1. Overview
2.2. SIP federation between two sites
2.3. WebRTC basic peer-to-peer
2.4. WebRTC from customer web browser to call center
11.1. repro web administration: adding a domain
11.2. repro web administration: adding a user
11.3. repro web administration: listing users
11.4. repro web administration: adding a route
11.5. repro web administration: listing routes
11.6. repro web administration: routing test
13.1. DruCall/JSCommunicator/JsSIP software stack

List of Tables

5.1. DNS records for the example
5.2. Protocols using port 443
6.1. Firewall rules summary
6.2. Firewall rules summary (IPv6)
11.1. Comparison of SIP proxy servers
11.2. TLS client verification modes

List of Examples

5.1. ISC Bind zone file entries
5.2. Inspecting DNS entries with dig
6.1. Firewall setup with iptables
7.1. Computing HA1
7.2. OpenLDAP ACL for protecting ha1Password
8.1. Adding IP addresses in /etc/network/interfaces
9.1. Installing openssl on Debian/Ubuntu
9.2. Installing openssl on Fedora/RHEL/CentOS
9.3. PKI directories (Debian/Ubuntu)
9.4. PKI directories (Fedora/RHEL/CentOS)
9.5. Creating RSA key pair and CSR
9.6. Installing the certificate
10.1. Installing reTurnServer on Debian/Ubuntu
10.2. Install reTurnServer on Fedora/RHEL/CentOS
10.3. reTurnServer.config entries
10.4. Restarting the reTurnServer daemon (systemd)
10.5. Using netstat to verify reTurnServer is running
10.6. crontab entry for psql-user-extract
10.7. Sample /etc/reTurn/psql-user-extract.config
11.1. Installing repro on Debian/Ubuntu
11.2. Install repro on Fedora/RHEL/CentOS
11.3. Sample values for repro.config
11.4. Using htdigest to set admin user password
11.5. Restarting the repro daemon (systemd)
11.6. Using s_client to test SIP ports (Debian/Ubuntu)
11.7. Using s_client to test SIP ports (Fedora/RHEL/CentOS)
11.8. Installing kamailio on Debian/Ubuntu
11.9. Install kamailio on Fedora/RHEL/CentOS
11.10. Restarting the kamailio daemon (systemd)
12.1. Installing Prosody on Debian/Ubuntu
12.2. Install Prosody on Fedora/RHEL/CentOS
12.3. Domain configuration file
12.4. Restarting the prosody daemon (systemd)
12.5. Using prosodyctl to add a user
12.6. prosody.cfg.lua settings for mod_auth_ldap
12.7. Installing ejabberd on Debian/Ubuntu
12.8. Install ejabberd on Fedora/RHEL/CentOS
12.9. ejabberd interface example
15.1. Using dig to perform ENUM queries
15.2. Installing dlz-ldap-enum on Debian/Ubuntu
15.3. Install dlz-ldap-enum on Fedora/RHEL/CentOS
15.4. Sample dlz_ldap_enum.conf
15.5. Additions to named.conf for Debian/Ubuntu
15.6. Additions to named.conf for Fedora/RHEL/CentOS
A.1. Installing the debuild command
A.2. Installing the compiler and dependencies
A.3. Running the debuild command
A.4. Running the debuild command using code from Git
B.1. Installing the rpmbuild command
B.2. Installing the compiler and dependencies
B.3. Creating the rpmbuild directories
B.4. Running the rpmbuild command