30 Aug
2012
30 Aug
'12
10:58 p.m.
Hello,
I have only ever deployed SER behind SBC. SBC is the most expensive component. I am not
involved with security, but I would not be allowed by my organisation to deploy something
like SER, with mysql details of usernames and password on an internet address. The SBC
hides my addressing and only opens temp pinholes for both sip and rtp. The main USP of the
SBCs is the power to route many rtp streams simultaneously. This also allows guard timers
to check rtp streams dying so no overcharging takes place. I don't think the hardware
on a conventional server will scale to the number of rtp streams i want to deal with. I
guess u might say, why route all the rtps through a single point of failure... there are
other mechanisms to avoid overcharging,and also can hide SER behind NAT... I agree, but
SBC suppliers have moved along the value chain....header manipulation for interworking,
eNum lookup, codec manipulations....again all things that can be done on SER.... it comes
down to a philosophy and "way we do things"...The other main thing SBC does is
prevent attacks. i.e. SIP signalling attacks result in instant filtering from that address
and thereby protects the service. I wouldn't know how to protect my SER if it was
exposed to the internet, ...maybe there is a way...I just don't know it.
Rupert.
________________________________________
From: sr-users-bounces(a)lists.sip-router.org [sr-users-bounces(a)lists.sip-router.org] On
Behalf Of Daniel-Constantin Mierla [miconda(a)gmail.com]
Sent: 30 August 2012 19:56
To: Carsten Bock
Cc: SIP Router - Kamailio (OpenSER) and SIP Express Router (SER) - Users Mailing
List
Subject: Re: [SR-Users] [OT] the role of SBCs
Hello,
On 8/30/12 8:26 PM, Carsten Bock wrote:
Hi Daniel,
i believe in many setups (including mine and the Sipwise Systems) a
SBC is always used as you described: Behind a Proxy.
yes, I do the same when I need a media server/b2bua for transcoding, etc
I'm trying to figure out what drives the other type of topology, with
the SBC in front.
Of course, if anyone has good arguments against an front-end SBC, speak
here as well, it may help other people to take the right decision. I
pretty much listed mine in the initial message.
Cheers,
Daniel
The Proxy does Flood-detection, advanced logic,
Loadbalancing and so
on and the SBC works only as simple B2B-UA for Transcoding and
Topology hiding.
Kind regards,
Carsten
2012/8/30 Daniel-Constantin Mierla <miconda(a)gmail.com>om>:
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, Berlin, Nov 5-8, 2012 - http://asipto.com/u/kat
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Hello,
based on the outcome of the discussion carried in the thread:
http://lists.sip-router.org/pipermail/sr-users/2012-August/074480.html
I am looking again the clarify some aspects out there in the VoIP world.
So, as mainly dealing with proxy/sip signaling deployments, it's very often
to be the first one hit by support issues claiming things don't work. Then
you investigate and end up in conclusions like in the above thread:
"The problem was at the SBC, __where I did not expect it__."
The underlined part heats me up a bit, because I never understood from where
it comes this perception that SBC is a MUST-TO-HAVE and the PERFECT (never
mistaken or breaking things) node in a VoIP networks.
To some extent, the SBC is just a very costly SIP ALG, and a SIP ALG is
there to break the things.
I don't want to start like a flame war, but is it something that I am
obviously missing in regards to what benefits a SBC can bring? I see only
inconveniences:
- another point of failure
- it is a b2bua, therefore very unlikely to offer the same performances of a
proxy
- if transcoding is needed, a media server can be used behind the proxy,
properly protected of attacks by the proxy and eventually deployed as a farm
load balanced by the proxy
- if topology hinding is wanted in the b2bua fashion (not the proxy fashion
with encoding headers), then the b2bua can be behind the proxy, properly
protected of attacks by the proxy and eventually deployed as a farm load
balanced by the proxy
- nat traversal was solved long time ago in proxy environment, being
scalable by deploying a farm of rtp proxy
I don't want to go to other features, including the transport layer, it's a
clear win of the proxy in my experience (ok, being deep involved in this
project).
Then, what makes the SBC so desirable in many companies/voip deployments? If
any SBC user here that can share, what was the reason to buy such a device?
Any conceptual functionality that cannot be achieved with the proxy as the
first hop in front of the (wild) clients?
Cheers,
Daniel
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, Berlin, Nov 5-8, 2012 - http://asipto.com/u/kat
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users