[HacktionLab] Open Source / federated VOIP?
johnc
johnc at aktivix.org
Wed Dec 31 16:24:33 UTC 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
The Ostel project is probably the best attempt at doing this so far.
https://ostel.co/
I demoed a very similar system a couple of years ago at barn camp:
https://www.johncahill.net/wiki/index.php/Skype_like_conferencing_System
both borrow heavily from:
http://kb.asipto.com/kamailio:skype-like-service-in-less-than-one-hour
Some of the nice things about this approach:
- - Easy federation, i.e. alice at domain1.com can call bob at domain2.com with
no additional configuration required.
- - You can do ZRTP end to end encryption so you don't have to trust the
server or the people running it.
- - Easy configuration, ostel have managed to get their config included
with the csipsimple SIP app which may be downloaded from the play store
etc. You just enter someuser at ostel.co and your password and you are
basically done.
- -Far end NAT traversal solution. Kamailio fixes up the SIP signalling
(rewrites IP's and ports for contact headers etc) and RTPproxy takes
care of media so that each sip end-point talks to public IP addresses of
the media/signalling proxy rather than NATed clients speaking directly
to each other, (which is a nightmare for various reasons).
Some Problems:
- -Mobile phone specific:
- -- mobile phones vary greatly in their ability to run sip clients using
crypto. I've seen sip clients use 100%CPU with awful audio quality on a
few phones including high end samsung models.
- -- The latency on 3G is typically around 1 second. Expect horrible lag
etc. Using WiFi is the only way to go unless you are lucky enough to be
on 4G.
Non mobile phone specific:
- - ostel's only server is in the US, latency is about 120ms. Not so good
if you are in Europe. We could build our own :-).
- - If you are going to build an ostel system I suggest you include the
topology hiding setup from my wiki or elsewhere in your Kamailio config.
SIP leaks IP/location information unless you make an effort to obfuscate
it.
- - The above solutions don't have a media mixer + we're using end to end
encryption so things get a bit complicated if you want to have more than
two people in a conference. I can think of two solutions:
1) Use a SIP client with mixing capabilities (e.g. jitsi ) to initiate
conversations with each of the people you want to conference in. I tried
this a couple of years ago it was buggy, CPU hogging and the quality was
a bit hit and miss for more than 4 users in a conference. Also, because
of the topology a lot of bandwidth is used on the mixing leg. You can't
get around the last issue but they may have fixed some of the other ones:
https://jitsi.org/GSOC2011/ConfCallChatting
2) Use a Freeswitch server hosted at a data centre to do the mixing:
This solution should work OK but adds a fair bit of complexity. The
advantage of hosting at at a DC is that no single user has to
send/receive a large number of unmixed audio/video streams. N.B.
Freeswitch acts as trusted man in the middle. If the freeswitch server
is not physically secure then it can be used to tap calls :-(
Hope some of this is useful.
Cheers,
John
On 25/12/14 22:17, Furtim gzikskud wrote:
> My experience with Ostel and jitsi is that it just works, video was a
> little iffy, but I managed to teach some very non techs to use it and we
> we were sharing the same DSL connection! We tested both the Android and
> MAC/windows versions. Not sure if we did it over mobile network.
>
> Mark
>
> On Thu, Dec 25, 2014 at 1:56 PM, helen varley jamieson
> <helen at creative-catalyst.com <mailto:helen at creative-catalyst.com>> wrote:
>
> jit.si <http://jit.si> is very simple to use & browser-based. i've
> also had some experience with freeswitch but i didn't set it up & i
> think that was complicated; it functioned well for a time & then it
> broke somehow.
>
> h : )
>
>
> On 25/12/14 3:05 23AM, U wrote:
>> Also interested in this. Have tried RedPhone (android) which is
>> okay, but calls drop a lot and the quality isn't great.
>> TextSecure, the companion encrypted chat app is pretty good.
>>
>> Was looking at testing Jitsi next for VoIP.
>>
>> On Thu, Dec 25, 2014 at 12:47 AM, <nmd at riseup.net
>> <mailto:nmd at riseup.net>> wrote:
>>
>> Hi,
>> I was just wondering what other list members thoughts were on the current
>> state of open source Voice over IP software?
>>
>> I've tried the range of user end software that are available for this on linux
>> for SIP or XMPP (through the debian /ubuntu repositories) as well as some of
>> the clients that are available for android (through F-droid) - ekiga, empathy,
>> telepathy,pidgin; lumicall, csipsimple, etc... with very little success. I
>> think I managed to get an audio call working only once with my brother, which
>> was an empathy - empathy or empathy - pidgin connection I think). My brother
>> says he's had some success using Pidgin with riseup.net <http://riseup.net> and XMPP.
>>
>> Have also tried several servers: riseup.net <http://riseup.net> and jabber.org <http://jabber.org> for xmpp, and
>> ostel.co <http://ostel.co> (guardian project) and ekiga.net <http://ekiga.net> for SIP; haven't been particularly
>> systematic in testing these but still little success.
>>
>> I'm not particularly techie (though maybe more than most of the public) and
>> haven't really been able to fiddle a lot round with settings as I don't
>> particularly understand them. However, I get the impression that despite these
>> manuals suggesting fairly simple set up, these technologies are not really
>> ready for general use. Secure video and audio calls are an important method of
>> communication, and ideally there would be some protocols and clients that work
>> satisfactorily out of the box, and that I would feel able to recommend to
>> others, with less knowledge or interest in setting up these things. It seems
>> to me currently that if such protocols and cleints exist, I haven't found
>> them, and so currrently can't recommend anything to 'beginners'. Perhaps there
>> are others I haven't tried, or I have just been particularly unfortunate?
>>
>> Has anyone had more positive experiences of using SIP/ XMPP? What, if
>> anything, would you recommend for people with less technological ability, or
>> commitment, to try?
>>
>> Cheers,
>> Nick
>>
>>
>> _______________________________________________
>> HacktionLab mailing list
>> HacktionLab at lists.aktivix.org
>> <mailto:HacktionLab at lists.aktivix.org>
>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>>
>>
>>
>>
>> _______________________________________________
>> HacktionLab mailing list
>> HacktionLab at lists.aktivix.org <mailto:HacktionLab at lists.aktivix.org>
>> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>
> --
> helen varley jamieson
> helen at creative-catalyst.com <mailto:helen at creative-catalyst.com>
> http://www.creative-catalyst.com
> http://www.talesfromthetowpath.net
> http://www.upstage.org.nz
>
> _______________________________________________
> HacktionLab mailing list
> HacktionLab at lists.aktivix.org <mailto:HacktionLab at lists.aktivix.org>
> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>
>
>
>
> _______________________________________________
> HacktionLab mailing list
> HacktionLab at lists.aktivix.org
> https://lists.aktivix.org/mailman/listinfo/hacktionlab
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/
iQIcBAEBAgAGBQJUpCM7AAoJELy1jPQ1KER7CnYQAKuqRv7jS8trAVsisZglpnNo
64M2z4ie1X8T2hdFZA5mg3FOVULAqQ0jRA8yJ8c/o7w0Lz0SAv/u66D8HoBEHw8H
mQLwQc7m4919TWNNBi8FvTACq0WCTmCGj4982maoVmPutEmq6iz/40svA1GGynfH
FQYZzBsjZe1c9dY70qFOj37OCcq+wBbtVGhc26jQ6o3zjye9ba/IVW1hlCyjsutd
a1MmcMbc+8w+WBi5i1Z15Rhv8j348yPW5fRwpn2OnPWxpzLjpUd1EYc0IBBTkhYW
skx1SukqJpD44LczwfXkKz5jM3PzHb7j1YYrEe+o6koAgS6L/m3eFJ8W+oKbxS4S
bwhIkGKx6OI9L0c0kTKdIcF08BCw3rWUWnW0/RXTEfeQOXQgwkTG7mZekA+H+54y
nRU6RayLXSo6f+Ntm9e0UngnwyJOf1Z0aUwOw4rKfu+6kefNWq5KX6ffnnjbEKlf
7VOY2IcGGHy7H69IDIwWvAuWJXW+r3Ty6qf2pyZunCLI6MtAHk2xyw0bR7TevPpi
TOjzXiVdGB8ZwEAXB5FPkFZMOGIzvdpyXSVzbepgnBKG1+KCDb/uTQBTSVAMq2vd
xrksKm+9sUuzd0Sw3odLwnoouwRHFYkV7KSULeB3c5DOK3AGgXVTIoE2Ovvzw9J6
DfRRf6hVJG16QcIvyCWX
=L7hq
-----END PGP SIGNATURE-----
More information about the HacktionLab
mailing list