freeswitch-centos-rpm.png

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

Finally, FreeSWITCH 1.10.1 is available in an easy way for non-Debian users (aka CentOS). Today, I have published in OKay's RPM repository RPMs for FreeSWITCH 1.10.1. FreeSWITCH is a complete VoIP switch that works on many platforms, including CentOS 6 and CentOS 7. This is one of the biggest packages I have ever done; there are more than 1800 hours of work behind to make it work (mainly because of the CentOS 6 support). When updating, you will notice it will download many libraries, most part of them not available anywhere.

The big difference in my RPM's is there are more sub-packages, for example, you can install only freeswitch-cli if you only need fs_cli command; CentOS 6 RPMS for 32 and 64 bits are available with video support; I have imported a patch that fixes mod_nibblebill, in some situations leg b won't hang up and it will produce money losses. I have been updating some other dependencies such as VLC, OpenH264 and MPG123 with latest stable if you were using my RPM's you will notice more updates as well.V8 module (javascript) is available in CentOS 7. Since the RPM of the 1.6.15 release, I have published the sounds for en-ca-june, the Canadian English language. If you live in Canada and you have done English exams such as CELPIP, you will notice those little differences.

In addition, these RPM's have a patch that allows the console to filter by a regular expression. If you do VoIP debugging, you will understand right away what I am talking about.

Because libyuv is now part of the core, these RPMs are compiled with video support. Yes, you read it well, both Centos 6 and 7 with video support. I also had some problems trying to port back LLVM 5 to CentOS 6 which it is needed to compile v8 (JavaScript Engine). Because of this, CentOS 6 RPM's do not provide JavaScript support (aka mod_v8). Also, because some issues compiling for i386, I couldn't build the RPM's for 32 bits.

Since this release, my RPM is going to be linked against tcmalloc.

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

IP Authentication is the fact of linking a sip extension against a set of known IP's. Therefore, any call signalled to or from a given IP will be linked to a linked SIP account. IP Authentication is needed (not a must) if you want to configure your PBX as a Class 4 PBX. If you want to know more about the difference between Class 4 and Class 5, read the article I published some years ago in this blog.

So, our scenario is our FusionPBX (pbx-b) is the carrier of another PBX (pbx-a). The pbx-a uses pbx-b as a carrier configured without registration (IP authenticated). Users register into pbx-a. When an outbound call is done, the user signals the authenticate INVITE to pbx-a, then pbx-a forwards the SIP INVITE without authentication. Finally, pbx-b forwards the INVITE to the upstream carrier.

pbx class 4 scenario

FusionPBX by default is shipped as a Class 5 PBX. You will need to do some web tuning to make it work as a Class 4 PBX. In this article, I will write about the SIP Authentication, which is one of the many steps you need to do.

dns-tunneling.png

User Rating: 5 / 5

Star ActiveStar ActiveStar ActiveStar ActiveStar Active

DNS tunnelling is just another tunnelling technique. Usually, it is called VPN over DNS too, it is just naming. What it makes it very popular is that not all carriers or network administrators are aware of it or if they are, they don't know exactly how to stop it. Rogers, one of the biggest telecommunication carrier in Canada and Telcel the biggest player of mobile telephony in Mexico, both allow DNS tunnelling (I don't doubt others carriers do as well), so when you run out of data in your plan you can still connect if you configure it in your mobile. This is because smartphones need to connect to some carrier servers regardless if you have the right to 2G/3G/4G data access or not; smartphones still have access to the local DNS server. Local networks have the same symptom because DNS is used to access many IT services like the Active Directory, it is very difficult to differentiate between a true legitimate DNS query and DNS tunnelling traffic without the proper tools.

Because of this, I am going to describe how this technique works.