Saturday, December 15, 2012

Call Center Solution : Techincal Review

Technical Review
Hosted Call Center Solution
(by Tech Bridge Consultancy)

This is a technical review of a Hosted Call center solution which is an all in one stop for all the call center components required in any such setups. This is developed by my senior friends in my country and I think this product needs appreciation since this is one of a kind solution which is developed in my region for International users.

This hosted call center server is Linux based with Asterisk as its telephony back end and uses Microsoft Silverlight for its User Interfaces. 

The most appealing features which I found are its sleek design and performance compared to other available products. It has a very rich feature set in both telephony as well as in CRM areas. 

Focusing the VoIP component first, it has the ability to run multiple clients with multiple campaigns in parallel and each campaign can have as many agents and super agents as needed.  The agents need not to be using SIP phones, the calls can be routed to agents using cellular or regular land lines via client specified gateway. 

Another big feature is its Predictive Autodialer which calculates the campaign agents available and trigger outbound calls. We can set outbound Caller ID for campaigns too. What I liked most about it is the availability of designing a custom IVR tree such that as soon as any autodialed caller answers it can get landed on the IVR and then can proceed by going into any category i.e press 1 for maintenance, 2 for operations..etc. This can be pretty handy to sort down the responses and areas where most of the campaign callers went.

Other features include Voicemails and its beautiful interface to listen to the recorded messages, Live calls super agent panel, live call monitoring, and Real Time Call Data Records. 



The other major component which can not be ignored here is its GUI, where we can manage our everything, collect reports, schedule meetings, manage leads and so on.


From Call Center point of view we can have super agents/supervisors and regular call center agents. Agents can be assigned priority according to their skill. There is ofcourse an in build Softphone in the GUI and a notification pop ups for each incoming call. Yes, only privileged agents can make outbound calls and regular agents can only receive calls. 

Agents can drag and drop schedule meetups for the mature leads. There is a very powerful utility available for managers to collect all campaigns statistics for analysis. 

Like any other competing solution they've focused necessarily on reporting and a very strong reporting is made available for administrators and super agents. 


The above screenshot explains the reporting features. 

From my personal experience this application is quite wonderful and works perfectly for any required customer services solution. Inbuilt Predictive Dialer, custome IVR building, Agent management, Agent performance monitoring, campaign reporting is all that one can wish for in this category. More than anything with simple addition of powerful proxy like OpenSIPS or Kamailio it can be scaled horizontally and handle as many concurrent calls as needed.

I wish my friend best of luck for this product and hope they keep up doing this good professional work in the world of VoIP.

Sunday, October 21, 2012

Linux Security - Am I Genius ?

This is pretty basic stuff to start securing the Linux servers. The basic concept is to allow only the required ports and block everything else out.
I recently started working on my new personal Hosted PBX project and for that I got a new VPS. So the very first thing I wanted to do was secure my server from any hankers. My server has two interfaces. One interface assigned physically  Public IP on it and other on LAN IP. The only access point inside my two/four server zone is this servers WAN interface (eth0)

Without wasting more time on this, here are the lines which I executed.
[root@HBPBX scripts]# iptables -A INPUT -i eth0 -m state --state ESTABLISHED -j ACCEPT

Allow anything that is in ESTABLISHED (already in progress) state.

[root@HBPBX scripts]# iptables -A INPUT -i eth0 -p icmp --icmp-type echo-request -j DROP
Silently drop incoming ICMP ping requests.Don't let the Auto-scan-bots think that my IP is reachable.
[root@HBPBX scripts]# iptables -A INPUT -i eth0 -p tcp --dport 22 -j ACCEPT

Allow SSH port into the system.

NOTE: I highly recommend to change the default SSH port to something other than 22. This reduces the Brute force dictionary attacks by 90+% - As an examples I mostly use 3132 or 5152 or 7172 ports for SSH

[root@HBPBX scripts]# iptables -A INPUT -i eth0 -p tcp --dport 80 -j ACCEPT

Allow any more ports if required - HTTP port 80 in my case.
[root@HBPBX scripts]# iptables -A INPUT -i eth0 -p udp --dport 5060 -j ACCEPT
[root@HBPBX scripts]# iptables -A INPUT -i eth0 -p udp --dport 10000:40000 -j ACCEPT
Since I need to work on SIP/5060 and RTP/10000:40000 so I also allowed the port(s)

[root@HBPBX scripts]# iptables -A INPUT -i eth0 -j REJECT
This is the Main line - Block everything else out.

Security is a Huge HUGE domain in itself and by no means I've done any justice to that topic here. There are many things left out which needs attention before considering somewhat secure.

To Be or Not to be a "Genius"


Make Sure you don't fall into the "Genius" Category like the following.

Not protecting the server at all. Top of the charts Genius.


Or someone like this: Totally blocking everything and hence losing all access.


I'd rather be somewhat Genius and suggest something like this for myself :


Hope you guys enjoyed this quick blog.

Saturday, October 20, 2012

Hosted PBX using FreeSWITCH

"Reinventing the Wheel"  

Only according to my requirements

Though I've made almost two Hosted PBXs and couple of projects with Hosted IVR but those were golden Asterisk times and I feel like I haven't done anything big yet. This time I am fully occupied in my official activities and yet to get the most out of me I'm starting to convert my Hosted PBX solution from Asterisk to FreeSWITCH. Not to mention that the Autodialer using FreeSWITCH I made recently was a big accomplishment and worked flawlessly which gave me motivation for this. 

That Autodialer consisted of  FreeSWITCH, Lua, Perl, MySQL, and Redis. It inspired me to do more but I was somewhat less busy to think of something like this current Project.

Starting with a quick overview. The ideal Hosted PBX should have these characteristics from developers point of view:

1- Scaleable [Extend, Expand, Integrate easily and quickly]
            The structure should be easy to expand as in hardware and extend as in software. Both ways should be easy to integrate with the ongoing structure. 

In HostedPBX Context: I should be able to add as many clients and resellers as I want, add more servers and new nodes into the system and increase my capacity. Any client should be able to use system provided ITSPs or add their own ITSP for their usage. Personally I Like the idea of pooling the services so at any given time adding anything to the pools add overall to the infrastructure. 

2- Performance [Effective code and virtually least possible bottlenecks]
           Use as simple and as intelligently-lazy code as possible, find quick and easy ways to make a module for a particular feature but at the same time keeping in mind that it doesn't closes its doors for extension or integration with other modules/layers.

In HostedPBX Context: Call processing should be as speedy as possible, nothing should keep the caller waiting - Anything thats behaviour of application is excluded from this i.e Queues, Conferences, PDD from Carriers. But there should be no PDD coming from withing the PBX - example a curl function that dumps/retrieves values from web server blocking the call from proceeding further.

3- Accessibility [ Ease of use for everyone]
           Everyone means everyone connected to it which includes developers, administrators, resellers, clients.Any functions/APIs or GUIs should be as easy to work with as possible.

In HostedPBX Context: Mostly clients and their usability should be given priority( GUI ), That doesn't mean that anything else should be ignored totally or given less preference. Internal code and infrastructure should be as much easily accessible to authenticated and authorized Engineers and admins.

4- Reliable and Secure [Fail & Fool proof structure]
            Failure to any one or at max up to three nodes, services, providers, or links should not effect overall system. This reliability should be increased with introduction of more Hardware/Software code keeping point-1 and point-2 in mind. At any given time at any layer should be any single point of failure be it a DNS provider, power services provider, internet services provider, or any software application/tool.

In HostedPBX Context: Everything should've atleast one backup node, every layer should has its own security mechanism. An IVR with infinite input timeout is as dangerous to service as a less secure SIP extensions password. In any case its a loss to revenue for all the parties involved with the service. Failure to SIP Inbound SBC or REGISTRAR server should be invisible to users.

5- Customizable [Add/remove modules(features) with less pain]
           Keeping point-3 in mind the structure and the programming used should've always interaction points to be used by any other module in the structure. If Point-3 is not ignored then the customization will come easy as cake. Point-1 Provides basic rule of thumb to design the project as to facilitate the extension in code or feature set.

In HostedPBX Context: Adding new features or altering GUI menus must be able to fit easily into the structure. Collect values from anywhere from the system and use it accordingly.

Expected Tools

Keeping my own expertise in mind, what I can tell at the moment which I can do on my own is use the following tools to design the PBX

1- OpenSIPS                                   1- Kamailio
2- FreeRADIUS                               3- FreeSWITCH + SEMS + SylkServer
4- Languages: Perl, Lua, PHP         5- Redis or Cassandra
6- MySQL                                       7- Vyatta
8- DNS(BIND) Server                     9- MediaProxy + RTPproxy

Since I'm strictly not a Web devel so :( unfortunately can't tell how and when it can be developed. Since its a personal project so I dont know if this area will be constructed or not. Wish I'd done some web development courses while I was doing summer semesters in university :D

Initially Expected Features

Most of these are almost the same features I've created before,so this time its just conversion from Asteriks code to FreeSWITCH code but obviously keeping in mind the new development style.

Multi-Domain Clients provisioning             DID provisioning
ACL Manager (for Any Secret IVR Menu/App)            Click to Dial
Call Limits(Minutes/Concurrent Calls)       AutoDialer
Billing for Outbound Calls                            CDRs
Multiple IVR creation                                  Incoming Call Settings
Call Recordings                                            DISA service
Custom SIP Trunk                                        Features Permissions
IM/Chat and Presence

N x N level IVR tree creation [ Using combination of the following applications ]
Time Conditions                                                            Announcements/Play Sounds
Queues                                                                         Follow Me / Call Forwarding
Outbound Caller ID Set[Client's DID or Custom ]         Voicemails
ACL                                                                                Conferences 


Ultimate Ideal to Follow

Though there are so many Hosted/Virtual PBX out on internet, but one of my ideal is one by 2600 Hz - though too much to commit but the feature list should be some what a subset  of this feature list. Also I think this new Kazoo project by 2600 Hz is brilliant and amazing to learn from. On SIP is another beautiful and inspiring source for me.

I can't obviously compare individual myself to the experts and senior team behind the 2600 Hz project or On SIP but atleast I can follow how their wheel looks like and give mine a shape.


Thats all I had in mind for my little home project. Hope to keep up my timelines and come up with something good.



Disclaimer: The primary purpose of this post was to get ideas and suggestions as to what and how should the Hosted/Virtual PBX based on FreeSWITCH should look like. This is my personal attempt and so far no other developer or resource has been added to the pool yet ;)

Wednesday, September 12, 2012

OpenSIPS Monitoring using SNMP [ Part-I ]

OpenSIPS Monitoring 
using SNMP

This is once again a little personal development project on creating a VoIP Monitoring server capable of displaying stats from all the VoIP tools we've ever deployed and used in our company. I want to make a monitoring server which will publish stats from OpenSIPS, Kamailio, FreeSwitch, and Asterisk servers all at one place. 

The very first thing one should focus on for any project like this should be the choice of monitoring tool, this is critical because it gets really hard at some later stage to switch to any other NMS. I had a good experience with Zabbix and knew the flexibility and options available in this tool so I used Zabbix.

In this post I'll just focus on collecting stats from the OpenSIPS server, rest of the applications are just the same steps.

Installation of zabbix can be another post and I don't really want to make this a huge blog post now.

One should have atleast a running opensips server and a zabbix server running.

The first way of asking OpenSIPS to start publishing monitoring data is useing the SNMPSTATS  module.

In your opensips.cfg file add these lines in appropriate sections.

loadmodule "snmpstats.so"

modparam("snmpstats", "sipEntityType", "registrarServer")
modparam("snmpstats", "snmpgetPath", "/usr/bin/")

Next define a RO community in the snmpd.conf file (again assuming the snmpd is installed already and have all the MIBs) 

my snmpd.conf file has just these lines.

rocommunity  voip_monitoring
syslocation  "VM, Virtual DataCenter"
syscontact  govoiper@gmail.com

Then in /etc/snmp/snmp.conf file I've these lines only

defVersion      2c
defCommunity    voip_monitoring


Following line needs to be in the /etc/snmp/snmpstats.conf file

agentXSocket tcp:localhost:705


Next we need to copy the OPENSER-MIB files from the source installation directory to the default directory where all MIBs are place already.

My default directory for all MIBs is /var/lib/mibs/ietf/


root@opensips-1:~#cp /usr/src/opensips-1.7.2-tls/modules/snmpstats/mibs/* /var/lib/mibs/ietf/
The file /etc/default/snmpd has following line edited as follows.


SNMPDOPTS='-x tcp:localhost:705 -Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf'


Restart opensips and snmpd services , if everything is started successfully verify that we can fetch SNMP values from the OpenSIPS.


root@opensips-1:~# snmpbulkwalk -v2c -Os -c voip_monitoring localhost OPENSER-REG-MIB::openser


Showed a huge list of data: (See end of page)


root@opensips-1:~# snmpbulkwalk -O s -v 2c -c  voip_monitoring localhost OPENSER-SIP-COMMON-MIB::openserSIPCommonObjects


openserSIPProtocolVersion.0 = STRING: SIP/2.0
openserSIPServiceStartTime.0 = Timeticks: (1308884) 3:38:08.84
openserSIPEntityType.0 = BITS: 08 registrarServer(4)
openserSIPTransportRcv.ipv4."192.168.56.3".5060 = BITS: 40 udp(1)
openserSIPMethodName.1 = STRING: METHOD_INVITE
openserSIPMethodName.2 = STRING: METHOD_CANCEL
openserSIPMethodName.3 = STRING: METHOD_ACK
openserSIPMethodName.4 = STRING: METHOD_BYE
openserSIPMethodName.5 = STRING: METHOD_INFO
openserSIPMethodName.7 = STRING: METHOD_UPDATE
openserSIPMethodName.8 = STRING: METHOD_REGISTER
openserSIPMethodName.9 = STRING: METHOD_MESSAGE
openserSIPMethodName.10 = STRING: METHOD_SUBSCRIBE
openserSIPMethodName.11 = STRING: METHOD_NOTIFY
openserSIPMethodName.12 = STRING: METHOD_PRACK
openserSIPMethodName.13 = STRING: METHOD_REFER
openserSIPMethodName.14 = STRING: METHOD_PUBLISH
openserSIPSummaryInRequests.0 = Counter32: 496
openserSIPSummaryOutRequests.0 = Counter32: 0
openserSIPSummaryInResponses.0 = Counter32: 0
openserSIPSummaryOutResponses.0 = Counter32: 26862
openserSIPSummaryTotalTransactions.0 = Counter32: 26376
openserSIPCurrentTransactions.0 = Gauge32: 8
openserSIPNumUnsupportedUris.0 = Counter32: 0
openserSIPNumUnsupportedMethods.0 = Counter32: 3
openserSIPOtherwiseDiscardedMsgs.0 = Counter32: 4


Next Step is to collect the Full number OID of each interesting OID from above by using this command


root@opensips-1:~# snmptranslate -On OPENSER-SIP-COMMON-MIB::openserSIPNumUnsupportedMethods.0

This resulted in a number like this:

.1.3.6.1.4.1.27483.3.1.1.1.8.2.0

We will use the above number and its Key in Zabbix for plotting this Data later on.
My output for SNMPD process listening on interfaces:



root@opensips-1:~# netstat -pln | grep snmp
tcp        0      0 127.0.0.1:705           0.0.0.0:*               LISTEN      31456/snmpd
udp        0      0 0.0.0.0:161             0.0.0.0:*                           31456/snmpd
root@opensips-1:~


Adding Host in Zabbix

Open the Zabbix web interface:

Goto Configuration -> Hosts -> Create Host (Button on top right side)
Add a SNMP interface, fill in the details accordingly.



Once Host is created add a new monitoring "item" in that Host.


SNMP module gives some very useful info but I wanted to find out if there is any other way to look more into the OpenSIPS.
SNMP Data Example Graph - SIP Request/Responses In/Out

See Next Part of this Post using the MI_XMLRPC Module to collect more stats.

Links Consulted:

http://www.opensips.org/html/docs/modules/1.5.x/mi_xmlrpc.html#id228103
http://www.opensips.org/html/docs/modules/1.7.x/snmpstats.html
http://kamailio.org/docs/modules/1.3.x/snmpstats.html#AEN46
http://www.opensips.org/Resources/DocsTipsFaqs#toc3
http://remarks.peurat.net/integrating-opensips-and-cacti-using-xmlrpc/
http://www.personal.psu.edu/sus21/blogs/sven/2009/10/configuring-snmpstats-for-kamailio-openser.html
http://sysadvent.blogspot.com/2008/12/day-4-extending-net-snmps-snmpd.html



OpenSIPS Monitoring using MI_XMLRPC [ Part-II ]


OpenSIPS Monitoring 
using MI_XMLRPC


To monitor stats from OpenSIPS there can be more possible ways than just using the SNMP module.One of them is using the MI_XMLRPC module.I found this from this post:
http://remarks.peurat.net/integrating-opensips-and-cacti-using-xmlrpc/

That gave me an inspiration to add more things into my monitoring and so I found out a very simple script which sends MI_XML request to opensips and returns data back.

http://www.opensips.org/Resources/DocsTipsFaqs#toc3

Taking the example code from the above URL - I added few lines on top to query more modules and return output in numbers only.

#!/usr/bin/php
<?php
$params[] = "core:";
$params[] = "net:";
$params[] = "pkmem:";
$params[] = "tm:";
$params[] = "sl:";
$params[] = "shmem:";
$params[] = "dialog:";
$params[] = "usrloc:";
$params[] = "registrar:";
$params[] = "usr:";

$method = "get_statistics";
$request = xmlrpc_encode_request($method,$params);

$context = stream_context_create(array('http' => array(
   'method' => "POST",
   'header' => "Content-Type: text/xml",
   'content' => $request
)));
$file = file_get_contents("http://127.0.0.1:8000/RPC2", false, $context);
$response = xmlrpc_decode($file);
if (is_array($response)) {
   trigger_error("xmlrpc: $response[faultString] ($response[faultCode])");
} else {
        $response = str_replace($params,"",$response);
        $response = str_replace(":", "", $response);
        $response = str_replace(" = ", ":", $response);
        //$response = str_replace("\n", " ", $response);
        $pieces = explode("\n", $response);
        $total = count($pieces);
        $final_response = NULL;
        for ($i=0; $i< $total; $i++)
        {
                if($pieces[$i] != NULL )
                        $value = explode(':',$pieces[$i]);
                $real_value = (int)$value[1];
                $final_response .= $real_value;
                $final_response .= "\n";
        }
        $final_response = trim($final_response);
//      $response = trim($response);
        print_r($final_response);
}
?>

saved the script with any filename i.e php_xmlrpc.php file in /usr/src/ folder.

Add MI_XMLRPC module in opensips.cfg with its params i.e

loadmodule "mi_xmlrpc.so"

modparam("mi_xmlrpc", "port", 8000)
modparam("mi_xmlrpc", "reply_option", 2)

Restart opensips, once started successfully ensure that port 8000 or w.e you've assigned is listening on the interface.

root@opensips-1:~# netstat -pln | grep opens
tcp        0      0 0.0.0.0:8000            0.0.0.0:*               LISTEN      1668/opensips
udp        0      0 192.168.56.3:5060       0.0.0.0:*                           1665/opensips


Now execute the script mentioned above

root@opensips-1:~# php /usr/src/php_xmlrpc.php

This should print a long list of numbers - See end of this blog for the Full List.

Now What I did was call this script from the SNMPD daemon and pull the data list via SNMP. I already had SNMP based Zabbix monitoring setup for OpenSIPS so all I had to do is execute this script from opensips-server SNMP, collect the results, and plot these.

To call the script from SNMP add the following line in your /etc/snmpd/snmpd.conf

extend opensip_details /usr/bin/php /usr/src/php_xmlrpc.php

Restart the SNMPD service i.e

root@opensips-1:~#/etc/init.d/snmpd restart


Now your SNMP should be able to execute this script. Test this by using this command.

root@opensips-1:~# snmpwalk -v 1 -c voip_monitoring localhost NET-SNMP-EXTEND-MIB::nsExtendOutLine


This will print out a huge list again. For meaning of these number see the end of this post second column.

Pick any data of your interest and find out its full OID to use un Zabbix for pulling this Data and plotting it.
To get the OID of any interesting data use the following line.

root@opensips-1:~# snmptranslate -On 'NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".1'

.1.3.6.1.4.1.8072.1.3.2.4.1.2.15.111.112.101.110.115.105.112.95.100.101.116.97.105.108.115.1

The above huge dotted number is now to be used in item creation in Zabbix and then make beautiful looking graphs.(See Part-1 of this post to do that)

Rate of Stateless SIP Responses on OpenSIPS

Thats all for now,  Use the above script be creative and fetch data of your favourite module via MI_XMLRPC and plot it in your NMS.

I will see how can I use OpenSIPS STATISTICS module to define our custom data and pull&plot that data using MI_XMLRPC monitoring approach.

---------------------------END OF POST-------------------------------

rcv_requests:1080 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".1 = STRING: core:rcv_requests = 94
rcv_replies:21 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".2 = STRING: core:rcv_replies = 12
fwd_requests:6 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".3 = STRING: core:fwd_requests = 2
fwd_replies:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".4 = STRING: core:fwd_replies = 0
drop_requests:151 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".5 = STRING: core:drop_requests = 2
drop_replies:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".6 = STRING: core:drop_replies = 0
err_requests:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".7 = STRING: core:err_requests = 0
err_replies:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".8 = STRING: core:err_replies = 0
bad_URIs_rcvd:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".9 = STRING: core:bad_URIs_rcvd = 0
unsupported_methods:3 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".10 = STRING: core:unsupported_methods = 0
bad_msg_hdr:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".11 = STRING: core:bad_msg_hdr = 0
timestamp:149900 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".12 = STRING: core:timestamp = 41455
waiting_udp:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".13 = STRING: net:waiting_udp = 0
waiting_tcp:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".14 = STRING: net:waiting_tcp = 0
0-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".15 = STRING: pkmem:0-total_size = 2097152
0-used_size:105104 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".16 = STRING: pkmem:0-used_size = 104824
0-real_used_size:132748 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".17 = STRING: pkmem:0-real_used_size = 132444
0-max_used_size:132748 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".18 = STRING: pkmem:0-max_used_size = 132444
0-free_size:1964404 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".19 = STRING: pkmem:0-free_size = 1964708
0-fragments:1 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".20 = STRING: pkmem:0-fragments = 1
1-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".21 = STRING: pkmem:1-total_size = 2097152
1-used_size:104020 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".22 = STRING: pkmem:1-used_size = 103892
1-real_used_size:131796 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".23 = STRING: pkmem:1-real_used_size = 131644
1-max_used_size:132052 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".24 = STRING: pkmem:1-max_used_size = 131700
1-free_size:1965356 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".25 = STRING: pkmem:1-free_size = 1965508
1-fragments:10 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".26 = STRING: pkmem:1-fragments = 4
2-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".27 = STRING: pkmem:2-total_size = 2097152
2-used_size:123276 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".28 = STRING: pkmem:2-used_size = 123608
2-real_used_size:151172 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".29 = STRING: pkmem:2-real_used_size = 152092
2-max_used_size:151172 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".30 = STRING: pkmem:2-max_used_size = 154492
2-free_size:1945980 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".31 = STRING: pkmem:2-free_size = 1945060
2-fragments:2 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".32 = STRING: pkmem:2-fragments = 53
3-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".33 = STRING: pkmem:3-total_size = 2097152
3-used_size:120492 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".34 = STRING: pkmem:3-used_size = 120472
3-real_used_size:150308 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".35 = STRING: pkmem:3-real_used_size = 150396
3-max_used_size:157692 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".36 = STRING: pkmem:3-max_used_size = 157788
3-free_size:1946844 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".37 = STRING: pkmem:3-free_size = 1946756
3-fragments:119 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".38 = STRING: pkmem:3-fragments = 130
4-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".39 = STRING: pkmem:4-total_size = 2097152
4-used_size:120032 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".40 = STRING: pkmem:4-used_size = 119380
4-real_used_size:148624 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".41 = STRING: pkmem:4-real_used_size = 147612
4-max_used_size:152640 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".42 = STRING: pkmem:4-max_used_size = 151052
4-free_size:1948528 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".43 = STRING: pkmem:4-free_size = 1949540
4-fragments:70 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".44 = STRING: pkmem:4-fragments = 44
5-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".45 = STRING: pkmem:5-total_size = 2097152
5-used_size:119728 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".46 = STRING: pkmem:5-used_size = 119448
5-real_used_size:148236 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".47 = STRING: pkmem:5-real_used_size = 147932
5-max_used_size:152256 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".48 = STRING: pkmem:5-max_used_size = 151868
5-free_size:1948916 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".49 = STRING: pkmem:5-free_size = 1949220
5-fragments:70 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".50 = STRING: pkmem:5-fragments = 72
6-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".51 = STRING: pkmem:6-total_size = 2097152
6-used_size:119800 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".52 = STRING: pkmem:6-used_size = 119392
6-real_used_size:148308 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".53 = STRING: pkmem:6-real_used_size = 147876
6-max_used_size:152288 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".54 = STRING: pkmem:6-max_used_size = 151624
6-free_size:1948844 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".55 = STRING: pkmem:6-free_size = 1949276
6-fragments:70 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".56 = STRING: pkmem:6-fragments = 72
7-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".57 = STRING: pkmem:7-total_size = 2097152
7-used_size:119748 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".58 = STRING: pkmem:7-used_size = 119112
7-real_used_size:148208 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".59 = STRING: pkmem:7-real_used_size = 147260
7-max_used_size:152264 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".60 = STRING: pkmem:7-max_used_size = 150772
7-free_size:1948944 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".61 = STRING: pkmem:7-free_size = 1949892
7-fragments:66 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".62 = STRING: pkmem:7-fragments = 44
8-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".63 = STRING: pkmem:8-total_size = 2097152
8-used_size:102772 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".64 = STRING: pkmem:8-used_size = 102492
8-real_used_size:129984 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".65 = STRING: pkmem:8-real_used_size = 129680
8-max_used_size:129984 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".66 = STRING: pkmem:8-max_used_size = 129680
8-free_size:1967168 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".67 = STRING: pkmem:8-free_size = 1967472
8-fragments:2 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".68 = STRING: pkmem:8-fragments = 2
9-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".69 = STRING: pkmem:9-total_size = 2097152
9-used_size:116928 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".70 = STRING: pkmem:9-used_size = 116648
9-real_used_size:144764 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".71 = STRING: pkmem:9-real_used_size = 144460
9-max_used_size:144884 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".72 = STRING: pkmem:9-max_used_size = 144580
9-free_size:1952388 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".73 = STRING: pkmem:9-free_size = 1952692
9-fragments:7 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".74 = STRING: pkmem:9-fragments = 7
10-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".75 = STRING: pkmem:10-total_size = 2097152
10-used_size:163024 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".76 = STRING: pkmem:10-used_size = 162744
10-real_used_size:190644 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".77 = STRING: pkmem:10-real_used_size = 190340
10-max_used_size:190644 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".78 = STRING: pkmem:10-max_used_size = 190340
10-free_size:1906508 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".79 = STRING: pkmem:10-free_size = 1906812
10-fragments:2 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".80 = STRING: pkmem:10-fragments = 2
11-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".81 = STRING: pkmem:11-total_size = 2097152
11-used_size:163024 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".82 = STRING: pkmem:11-used_size = 162744
11-real_used_size:190644 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".83 = STRING: pkmem:11-real_used_size = 190340
11-max_used_size:190644 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".84 = STRING: pkmem:11-max_used_size = 190340
11-free_size:1906508 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".85 = STRING: pkmem:11-free_size = 1906812
11-fragments:2 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".86 = STRING: pkmem:11-fragments = 2
12-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".87 = STRING: pkmem:12-total_size = 2097152
12-used_size:163024 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".88 = STRING: pkmem:12-used_size = 162744
12-real_used_size:190644 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".89 = STRING: pkmem:12-real_used_size = 190340
12-max_used_size:190644 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".90 = STRING: pkmem:12-max_used_size = 190340
12-free_size:1906508 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".91 = STRING: pkmem:12-free_size = 1906812
12-fragments:2 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".92 = STRING: pkmem:12-fragments = 2
13-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".93 = STRING: pkmem:13-total_size = 2097152
13-used_size:163024 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".94 = STRING: pkmem:13-used_size = 162744
13-real_used_size:190644 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".95 = STRING: pkmem:13-real_used_size = 190340
13-max_used_size:190644 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".96 = STRING: pkmem:13-max_used_size = 190340
13-free_size:1906508 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".97 = STRING: pkmem:13-free_size = 1906812
13-fragments:2 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".98 = STRING: pkmem:13-fragments = 2
14-total_size:2097152 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".99 = STRING: pkmem:14-total_size = 2097152
14-used_size:154528 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".100 = STRING: pkmem:14-used_size = 154248
14-real_used_size:182028 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".101 = STRING: pkmem:14-real_used_size = 181724
14-max_used_size:182028 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".102 = STRING: pkmem:14-max_used_size = 181724
14-free_size:1915124 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".103 = STRING: pkmem:14-free_size = 1915428
14-fragments:1 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".104 = STRING: pkmem:14-fragments = 1
received_replies:21 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".105 = STRING: tm:received_replies = 12
relayed_replies:16 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".106 = STRING: tm:relayed_replies = 9
local_replies:30008 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".107 = STRING: tm:local_replies = 8286
UAS_transactions:43 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".108 = STRING: tm:UAS_transactions = 4
UAC_transactions:29976 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".109 = STRING: tm:UAC_transactions = 8290
2xx_transactions:11 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".110 = STRING: tm:2xx_transactions = 4
3xx_transactions:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".111 = STRING: tm:3xx_transactions = 0
4xx_transactions:30003 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".112 = STRING: tm:4xx_transactions = 8284
5xx_transactions:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".113 = STRING: tm:5xx_transactions = 0
6xx_transactions:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".114 = STRING: tm:6xx_transactions = 0
inuse_transactions:8 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".115 = STRING: tm:inuse_transactions = 8
1xx_replies:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".116 = STRING: sl:1xx_replies = 0
2xx_replies:322 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".117 = STRING: sl:2xx_replies = 42
3xx_replies:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".118 = STRING: sl:3xx_replies = 0
4xx_replies:540 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".119 = STRING: sl:4xx_replies = 44
5xx_replies:18 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".120 = STRING: sl:5xx_replies = 0
6xx_replies:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".121 = STRING: sl:6xx_replies = 0
sent_replies:880 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".122 = STRING: sl:sent_replies = 86
sent_err_replies:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".123 = STRING: sl:sent_err_replies = 0
received_ACKs:151 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".124 = STRING: sl:received_ACKs = 2
total_size:16777216 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".125 = STRING: shmem:total_size = 16777216
used_size:1888760 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".126 = STRING: shmem:used_size = 1888368
real_used_size:1932040 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".127 = STRING: shmem:real_used_size = 1931564
max_used_size:1961760 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".128 = STRING: shmem:max_used_size = 1953812
free_size:14845176 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".129 = STRING: shmem:free_size = 14845652
fragments:33 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".130 = STRING: shmem:fragments = 30
active_dialogs:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".131 = STRING: dialog:active_dialogs = 0
early_dialogs:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".132 = STRING: dialog:early_dialogs = 0
processed_dialogs:18 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".133 = STRING: dialog:processed_dialogs = 0
expired_dialogs:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".134 = STRING: dialog:expired_dialogs = 0
failed_dialogs:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".135 = STRING: dialog:failed_dialogs = 0
registered_users:2 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".136 = STRING: usrloc:registered_users = 2
location-users:2 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".137 = STRING: usrloc:location-users = 2
location-contacts:3 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".138 = STRING: usrloc:location-contacts = 2
location-expires:9 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".139 = STRING: usrloc:location-expires = 6
max_expires:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".140 = STRING: registrar:max_expires = 0
max_contacts:5 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".141 = STRING: registrar:max_contacts = 5
default_expire:3600 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".142 = STRING: registrar:default_expire = 3600
accepted_regs:322 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".143 = STRING: registrar:accepted_regs = 42
rejected_regs:0 NET-SNMP-EXTEND-MIB::nsExtendOutLine."opensip_details".144 = STRING: registrar:rejected_regs = 0


Wednesday, August 8, 2012

Adventures with CISCO AS-5350 [Integration with RADIUS Server for AAA of calls]

Continuing from the last blog-post on setting up a remote syslog server for CISCO devices. In this writeup I will share the configurations I did to integrate the CISCO universal gateway with my FreeRadius server for AAA of calls made from a specific dial-peer.


Define the RADIUS Server:


!
radius-server host 192.168.137.85 auth-port 1812 acct-port 1813 key 0 radius-pa$$w0rd
radius-server vsa send accounting
radius-server vsa send authentication
!

Bind SIP services on the Public interface of CISCO AS


!
voice service voip 
 sip
  bind control source-interface FastEthernet0/0
  bind media source-interface FastEthernet0/0
  header-passing 
  registrar server
!


Set AAA options:


!
aaa new-model
!aaa accounting connection voip start-stop group radius
aaa dnis map enable
!
aaa preauth
    group radius 
    clid required 
    dnis required 
!
aaa session-id common


Create a Voice Class for AAA


!
voice class aaa 2
 authentication method voip
 authorization method voip
 accounting method voip
 accounting template out-bound
!
[OPTIONAL] Create a Codec class

!
voice class codec 1
 codec preference 1 g711alaw
 codec preference 2 g711ulaw
 codec preference 3 g723ar53
 codec preference 4 g729br8
!



Creating a Dial-Peer:
!

dial-peer voice 10 voip
 destination-pattern [0-9].%
 voice-class aaa 2
 voice-class codec 1
 voice-class sip url sip
 session protocol sipv2
 session target ipv4:192.168.137.87
 session transport udp
!




Where 192.168.137.87 is the IP address of my Kamailio server which will receive the calls.

"destination-pattern [0-9].%" Will Match everything of any length

Send CDR on Accounting Server:
To automatically generate accounting packets by enabling voice accounting, enter the gw-accounting aaa command in global configuration mode. Use Callhistory-detail to Send All VSAs (default and new) to the accounting server:

!
gw-accounting aaa
 acct-template callhistory-detail
!


[OPTIONAL] set SIP-UA parameters.

!
sip-ua 
 registrar ipv4: 192.168.137.87  expires 3600
 sip-server ipv4:192.168.137.87
!

I think thats pretty much it. Now calls matching dial-peer 10 will send AAA info to the RADIUS server.


Reference URLs:
[1] http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide_chapter09186a00800b5de9.html#1028579
[2]
http://docwiki.cisco.com/wiki/Cisco_IOS_Voice_Troubleshooting_and_Monitoring_--_AAA_for_Voice_Troubleshooting
[3]
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t11/feature/guide/ft_trg.html#wp1077327
[4]
http://www.cisco.com/en/US/docs/ios/12_3/security/configuration/guide/scgrdat3.html

And some 5/6 PDF Manuals/Books from CISCO around 1200 pages !