Friday, May 19, 2017

Inbound And Outbound Dialings Are "Institutional"


Why are there inbound and outbound boundaries with phones but not with Facebook/Google/Apple voice chats? Can we answer that question by looking at the smallest bits and pieces ourselves? I think so. But, what is the implication behind all these?

OK. In my diagram above, when lines, connections touch, it means they are associated. The purple inbound dialings do not touch any trunk lines, which means the inbound dialings are not associated with any particular trunk line. The orange PBX outbound dialing does not touch any phone line and is not associated with any phone protocol. The PBX outbound dialing, however, does touch SIP trunk line, which means it only goes out on the SIP trunk and not H323 protocol. So, all that means is that an inbound dialing does not care what the outbound trunk or protocol will be; an outbound dialing does not care what the inbound phone or protocol is. This is the essence of the PSTN call leg and the essence of VOIP.
For the green VOIP signal dash lines, the corresponding configs are in pjsip.aor.conf ,
[101]
type=aor

[102]

type=aor
[SIP-to-CUCM]
type=aor
contact=sip:10.1.10.76:5060


, and in ooh323.conf ,
[10.1.10.76]
type=friend
context=from-trunk
host=10.1.10.76
port=1720
[ekiga223]
IP=10.1.10.223
port = 1720
type=peer
context=from-external
. The purple inbound dialings are in extensions_additional.conf ,
[ext-did-0002]
exten => 18001231101,1,Set(__DIRECTION=INBOUND)
exten => 18001231101,n(dest-ext),Goto(from-did-direct,101,1)

exten => 18001231102,1,Set(__DIRECTION=INBOUND)
exten => 18001231102,n(dest-ext),Goto(from-did-direct,102,1)

exten => 18004561203,1,Set(__DIRECTION=INBOUND)
exten => 18004561203,n(dest-ext),Goto(from-did-direct,203,1)
, and outbound dialings are also in extensions_additional.conf
[outrt-1] ; siptrunk
exten => _1800321XXXX,1,Macro(user-callerid,LIMIT,EXTERNAL,)
exten => _1800321XXXX,n,Macro(dialout-trunk,2,${EXTEN:7},,off)

[outrt-2] ; h323trunk
exten => _1800654XXXX,1,Macro(user-callerid,LIMIT,EXTERNAL,)
exten => _1800654XXXX,n,Macro(dialout-trunk,1,${EXTEN:7},,off)

. The FreePBX GUI generates the entire extensions_additional.conf and pjsip_aor.conf . ooh323.conf is entirely manually created. All configurations are downloadable here, https://drive.google.com/file/d/0B2NfHoyfFf1aTWR6QUxQQVhkQWc .
The GUI dialogs are







The voice-vlan enabled router configuration is as  https://drive.google.com/file/d/0B2NfHoyfFf1aNXRhMnJyU01Zb0E .
The CUCM GUI screenshots are 


So, a call leg becomes a proxy in the TCP/IP/HTTP world so that the destination and source phones do not know the IP address of each other. The very definition of protocol proxy. It provides some isolation("does not care") of parts of the network while requiring the border routers to have the insights into the protocol. Speaking of proxy, do you know that this very page you are viewing is a proxy'ed page when you are at blog.mpls-phone.com, which is 34.225.89.249 . The true IP address of the web server is google's blogger web server IP address. That will be yet another posting about the Apache configuration that made the proxy.


Sunday, May 7, 2017

Watching The Branch Office Traffic


The branch office is on the far side of the WAN, and predictably the SCCP phones are on the branch router's EtherSwitch ports. So, how to find the actual voice packets that we want to know how much network bandwidth is utilized?

  1. Easy, just browse the flow exports pcap. But the number of voice flows is actually a very small fraction of the number of signaling flows. Just look at this screenshot of pcap search, 
    , the first actual voice flow is at packet 280. The IP source/destination is indistinguishable between small, frequent signaling flows and actual voice flow. It turns out, among the thousands of packets, only 3 are actual voice traffic flow exports. Browsing is out of the question. The real C1900's flow pcap is at https://drive.google.com/file/d/0B2NfHoyfFf1aMzlNbnM0SkhpQTg/view?usp=sharing . You can try it yourself. 
  2. Easy, just search the TOS on the flow exports pcap, right? The problem is that the hardware phone is subject to change without notice, so the TOS number is unknow. 
  3. Why not search for flow packet size? The size is actually unknown as well. In above screenshot, there is a roughly 36MB sized packet every half an hour of 1800 seconds. The string "Octets: 360" seems very unique. However,  how do you get this number? Intranet voice runs at the common 64kbps for u/alaw 8kps sample,  8 bits quantization. (64+16overhead)kbps * 1800 seconds / 8bit/Byte . It should be 18MB. It turns out, the counting is done twice for each packet while ingress to the router and at the egress interface. There is no certain way to foresee the search string "Octets: 360".
It turns out, ELK search is necessary to figure out what search strings we want! And that search is performed by ranking all flow size(bytes), and the 36MB stands out in the crowd of 1KB short signaling flows.

The ELK graphing is as below picture after taking out all signaling flows,
. Notice, that straight ELK can't handle niche fields like VLAN ID. When VLAN ID is present, ELK may simply discard the whole flow. That is why we need to alter the flow content in an editor in the terminal.

Now, after going through so much, are we sure that modern phone voice indeed is with 8kps sampling rate? According to Math, 8 kHz sampling rate can only transmit 4kHz sound, and that seems too low for high human hearing. The answer is that modern SD phone speech is defined as from 300 to 3400 Hz. We can hear a lot wider range of sounds than we can make. And the speech encoding is not meant to transmit Hi-Fi music, waves, etc.

Saturday, May 6, 2017

Mind In The Data Center Zone


Zoning out on a compact setup that has everything.


The MQTT logs come from the Internet, sourced from a ARM mosquitto program. And the Kibana display of the MQTT traffic flow is this,

, notice TOS is marked down to precedence 1 (TOS 32 decimal), by T-Mobile. And a hundred of these IoT sensors looks like the picture at the top.

Rehabilitate The Tarnished IoT Drone Image

OK, It is not hard to fly the helicopter with a joystick on any computer with LibrePilot ground control station and CC3D Revolution board. As a weekend project, this is a discussion continuation from librepilot.org forum. The only material needed is a thin wire soldered to the RF connector's underside. Take out the original board , which weighs almost the same as the CC3D Revo board. 









And the ground control station setting is as below.












Notice that the last picture is OPLink viewed from vehicle's perspective while ground OPLink unit is off the computer.

And below is the flight data at the moment of touch down landing.

This is all fun and game. But why does everybody hate drones? Why does everybody want the well organized iPhone? A microcontroller is just not a highly organized thing like iPhone/iPad/iMac . All those loved things have many, many microcontrollers and much much higher organized operating system. What is missing in the fun and game pictures?