VoIP System bsed on for Enterprise Network Fumikzu Iseki, Yuki Sto, Moo Wn Kim, Deprtment of Informtion Sciences, Tokyo University of Informtion Sciences, Jpn mwkim@rsch.tuis.c.jp Abstrct This pper describes VoIP system for the enterprise network bsed on. First the min ides nd the fetures of the VoIP system re described tht we hve developed by using in the Intrnet environment. Then the new scheme to relize high security by using Open VPN is described when developing the lrge scle enterprise network. Keywords VoIP, Enterprise network,, IP-PBX, Open VPN I. INTRODUCTION This pper describes VoIP system for the enterprise network (e.g. compny, university) bsed on (http://www.sterisk.org). is kind of open source softwre to implement IP-PBX system nd supports vrious necessry protocols to relize the VoIP system such s SIP, H.323, MGCP, SCCP. First the min ides nd the fetures of the VoIP system re described tht we hve developed by using in the Intrnet environment. Then the new scheme to relize high security by using Open VPN is described when developing the lrge scle enterprise network. II. BASIC IDEA The following re the min requirements to develop the VoIP system for the enterprise network. A. Sclbility In the environment of the enterprise network, it is not esy to nticipte the trffic becuse there re lots of uncontrollble fctors. So developing vrious scle systems bsed on the sme rchitecture is necessry to meet the unpredictble chnge of trffic. B. Cost It is obviously desirble to develop the system t resonble cost becuse generlly the budget is rther limited. C. High security Also obviously high security is indispensble. Considering the bove requirements, the following re our bsic ides. A. Developing VoIP system by using Obviously considering development cost it is desirble to use the open softwre. So we hve selected three open softwre s cndidtes, tht is, OpenSIPS, FreeSwitch nd. As the SIP server s viewpoint, OpenSIPS nd FreeSwitch re superior to in terms of functions, but support vrious protocols (e.g. H.323, MGCP, SCCP) other thn SIP nd lso hs lots of dditionl PBX services (e.g. Voice Conference, Automtic Cll distributor). So we hve decided to use to development VoIP system for the enterprise network. B. Relizing high security by using Open VPN When we develop the lrge scle enterprise network by connecting multiple servers locted in different sites bsed on proprietry protocol (i.e. ), some method is necessry to relize the high security becuse the voice dt mong sites is not encrypted. For this purpose we hve introduced new scheme to estblish VPN by using Open VPN. III. OVERVIEW OF ASTERISK is kind of open source softwre executed on Linux to implement IP-PBX system nd support vrious VoIP protocols such s SIP, H.323, MGCP, SCCP. It cn be connected with IP network nd lso cn be connected with the existent telephone networks vi nlog/digitl interfces. Figure1 shows the rchitecture of. Chnnel portion in Figure1 consist of vrious logicl communiction interfce modules nd Appliction portion consist of the dditionl PBX service modules. In the following the min modules of the chnnel A. Chnnel Modules 1) DAHDI (Digium/ Hrdwe Device Interfce): To connect with the ordinry existent telephone terminl it is necessry to insert the telephony crd (e.g. telephone crd of Digium or of Voicetronix) s the physicl interfce nd then the DAHDI interfce module will be used. In cse of connecting with existing POTS (Plin Old Telephone Service), FXS (Foreign exchnge Subsciber) nd FXO (Foreign exchnge Office) interfces will be used. In cse of connecting with ISDN terminl it is necessry to insert the ISBN 978-89-5519-154-7 1284 Feb. 13~16, 2011 ICACT2011
extension crd s the physicl interfce. Chnnel PBX Core DAHDI Appliction SIP VoiceMil MeetMe Protocol FXS/FXO ISDN dummy SIP IV.VOIP SYSTEM BASED ON ASTERISK A. VoIP System bsed on Figure 2. shows the VoIP system tht we hve developed by using n in the Intrnet environment (i.e. enterprise network). Hndy IP Phone Telephone PSTN FXO Telephone FXS IVR.. H.323.. H.323.. Wifi AP VoIP Adptor Telephony Crd Intrnet Figure 1. Architecture of 2) SIP: This is the most bsic signling protocol to perform cll processing in nd RTP/RTCP re used in order to trnsmit user dt (e.g. voice dt). 3)(Inter- exchnge2): is proprietry protocol to conncet with multiple servers locted in the diffrent sites. The sme port (i.e. 4569 s the defult port) is used to trnsmit the cll control signl nd voice dt. B. Appliction Modules 1) Voice Conference: The voice conference service in is clled s MeetMe. User cn join the conference by inputting the designted number s the service number. IP Phone IP Phone Figure 2 VoIP Gtewy Softwre Phone VoIP system developed in Intrnet FXO PSTN In the Figure 2 ll telephone terminls re connected to one server, but it is possible touse multiple servers depending on the scle of the Intrnet (i.e. the number of terminls). As the IP phones, we hve ccommodted Grndstrem BT101 nd Snom 105 (Figure 3), nd lso Grndstrem HT286 (Figure 4 ) hs been used s VoIP dptor.grndstrem HT488nd Sipur SPA1000 hve been used s VoIP gtewys to connect with PSTN. 2) IVR (Interctive Voice Response): The utomtic voice response cn be performed by integrting voice response dt file nd dil number pln 3 )AGI ( Gtewy Interfce): AGI is n API to connect the outside progrm with in order to include some dditionl functions. Vrious progrmming lnguge (e.g. C, Jv, Perl, PHP, Bone Shell) re supported. 4 )SLA (Shred Line Appernces): Multiple telephone terminls cn shre subscriber line. Figure 3 Snom 105 s IP Phone ISBN 978-89-5519-154-7 1285 Feb. 13~16, 2011 ICACT2011
3) Define Dil Pln : Dil Pln is the core portion of the cll processing in. Dil Pln is defined in /etc/sterisk/extensions.conf. Extensions.conf consist of generl section, globls section nd context blocks s follows; - Generl section: Generl prmetes to cover the whole Dil Pln re defined in this section. - Globls section: Vribles used in the content blocks re defined in this section. - Context blocks: Multiple dil pln re defined in the context blocks independently. So cn relize flexible dil pln by selecting pproprite block bsed on the conditions. The formt of ech line in the context block is s follows; exten => Extension, Priority, Appliction Extension in the right side is generlly telephone numer nd Priority is the order of processing. Appliction is the processing to be perfoemed to the Extension. Figure 4 Grndstrem HT286 s VoIP Adptor B. Multiple Loction Connection by As described previously is the proprietry protocol to connect with multiple servers (see Figure 5). So it is possible to connect with multiple servers locted in different Intrnets esily. Intrnet Intrnet B. Appliction development process 1) MeetMe (Voice conference): MeetMe, voice conference service, cn be esily relized in. In order to register the service, first, registrtion dt is defined in the [room] section of /etc/sterisk/meetme.conf. [defult] exten => 9000,1,Goto(incoming,s,1) Intrnet Internet Figure 5. Connecting with multiple s V. DEVELOPMENT PROCESS OF VOIP SYSTEM A. Bsic development process 1) DAHDI compile nd instll : First of ll should be instlled, but before tht it is necessry to complete the DAHDI compile nd instll. 2) compile nd instll : Next compile nd instll hs been performed. [incoming] exten => s,1,answer() exten => s,n,wit(1) exten => s,n(gin),bckground(vm-enter-num-tocll) exten => s,n,witexten(10) exten => s,n,plybck(vm-goodbye) exten => s,n,hngup() ; exten => i,1,plybck(invlid) exten => i,n,goto(s,gin) ; exten => 1,1,Dil(SIP/1000) exten => 2,1,Dil(SIP/1001) exten => 3,1,Dil(DAHDI/1) Figure 6. Exmple of IVR definition 2) IVR ( Interctive Voice Response): In order to relize the utomtic voice response service, detiled Dil Pln should be defined in /etc/sterisk/extensions.conf s shown in Figure 6. Answer in the incoming] context shows tht will perform utomtic response processing. The function of ISBN 978-89-5519-154-7 1286 Feb. 13~16, 2011 ICACT2011
Bckground shows tht the voice file of vm-enter-num-to-cll will be plyed nd tht the control signl from the terminl cn be processed even during the voice response. Plybck is lso kind of function to ply the voice file, but the user s signl cnnot be processed during the voice response. WitExtern is function tht suspend the signl processing for the defined time. VI.. OPEN VPN In order to relize high security to connect multiple s locted in different Intrnets, we hve implemented VPN cpbility. Figure 7 shows the procedure to estblish VPN between two servers by using OpenVPN (http://openvpn.net/) bsed on the regulr SIP sequence. To relize this procedure we hve developed progrm (i.e. sip_pp) to hve SIP client function with the function to invoke the externl ppliction. It is developed by using osip2 (http: // www.gnu.org /softwre / osip) nd exosip2 (http:// www.ntisip.com /s /en /products.php )librries in GNU, nd hs the SIP client function, SDP control function nd the function to invoke the externl process s child process. In the server1, OpenVPN is registered s the externl process nd sip_pp send the REGISTER messge to SIP server (1). In the server2, sip_pp send the REGISTER messge to SIP server (1) nd send INVITE messge to the server1(2, 3). server1 invoke the OpenVPN s the server mode (4) nd reply 200 OK fter inserting the necessry connection informtion into record in SDP (5,6). server2 invoke OpenVPN s the client mode fter getting the necessry informtion from record in SDP (7). OpenVPN in the server2 communicte with OpenVPN in the server1 nd VPN between two servers hs been estblished(8). Tble 1 shows the vlues of SDP t the process (6) in Figure 7. Record m shows medi type (i.e. ppliction /VPN) nd the kind of protocol (i.e. OpenVPN). Record is used by sip_pp to control externl process invoke. IP4 in Tble1 is the IP ddress of the server1 nd PORT is the port to receive OpenVPN connection of server1.vpn_local_addr is the IP ddress of server1 nd VPN_REMOTE_ADDR is the IP ddress of server2. VII. CONCLUSION This pper describe VoIP system for the enterprise network (e.g. compny, university) tht we hve developed bsed on which is kind of open source softwre to implement IP-PBX system. Through the development nd evlution, we hve confirmed tht VoIP system bsed on is very powerful s whole nd most PBX functions to be required for the enterprise network cn be relized. Compred with the generl SIP server, it cn be sid tht is more focused on providing bsic functions. But cn connect with SIP server esily, so it is possible to implement the necessry dditionl functions by just connecting with other outside SIP servers. Also cn connect with the existent PSTN by using FXO telephony crd, so it is possible to be used s the VoIP gtewy. When developing the lrge scle enterprise network by connecting multiple servers locted in different sites bsed on, to relize high security is the issue becuse the voice dt is not encrypted. To solve this issue, we hve proposed the method to estblish VPN by using Open VPN nd hve lso described the development process in detil. REFERENCES [1] http://www.sterisk.org [2] http://openvpn.net/ http://www.gnu.org/softwre/osip [3] http://www.ntisip.com/s/en/products.php [4] Ymmoto et l.(2008). Vlidtion of VoIP System for University Network, Proceedings of ICACT2008, 9C-2, Phoenix Prk, Feb.2008, Kore ISBN 978-89-5519-154-7 1287 Feb. 13~16, 2011 ICACT2011
SIP Server 202.26.159.131/24 (1)REGISTER Server1 202.26.159. 136/24 (3) INVITE (5) OK (SDP) (6) OK (SDP) (2) INVITE (1)REGISTER Server2 172.22.1. 28/24 (8)VPN is estblished 192.168.234.1 192.168.234.2 (4) OpenVPN session is strted (7) OpenVPN is strted s client bsed on SDP Figure 7. VPN estblishing procedure TABLE 1. RECORD VALUE OF SDP Record Type Vlue v 0 o 2500 1169538046 1169538046 IN IP4 202.26.159.131 s - t 0 0 m ppliction/vpn 7084 OpenVPN 0 c IN IP4 202.26.159.131 IP4:202.26.159.136 PORT:8000 VPN_LOCAL_ADDR:192.168.234.1 VPN_REMOTE_ADDR:192.168.234. ISBN 978-89-5519-154-7 1288 Feb. 13~16, 2011 ICACT2011