Differences between revisions 29 and 33 (spanning 4 versions)
Revision 29 as of 2020-03-09 18:32:22
Size: 6966
Editor: GuillemJover
Comment: Replace invalid address
Revision 33 as of 2021-06-25 01:50:42
Size: 3875
Editor: PaulWise
Comment: cleanup
Deletions are marked like this. Additions are marked like this.
Line 2: Line 2:

 * To start quickly, just skip below to the client configuration links
  * Using the browser-based WebRTC service is the quickest way to start
 
Line 7: Line 5:
  * SIP ([[http://tools.ietf.org/html/rfc3261|Session Initiation Protocol]]) Proxy, allowing to pass VoIP phone calls,
  * TURN ([[http://tools.ietf.org/html/rfc5766|Traversal Using Relays around NAT]]) server
  * --(SIP ([[http://tools.ietf.org/html/rfc3261|Session Initiation Protocol]]) Proxy, allowing to pass VoIP phone calls.)-- ([[https://alioth-lists.debian.net/pipermail/debian-rtc-team/2020-May/000194.html|decommissioned]])
  * --(TURN ([[http://tools.ietf.org/html/rfc5766|Traversal Using Relays around NAT]]) server.)-- ([[https://alioth-lists.debian.net/pipermail/debian-rtc-team/2020-May/000194.html|decommissioned]])
Line 10: Line 8:
 * The following services are NOT available yet but are being planned or under consideration
  * Audio and/or video conference software
   * [[http://packages.debian.org/reconserver|see the reConServer package]]
   * [[https://jitsi.org/videobridge|Jitsi video bridge]] is also cool
 * You must create a real-time communications (RTC) password in [[http
://db.debian.org|the LDAP system]]: login to update your settings, then fill the RTC password field.
  * Do not use the same password that you use for any other Debian service. For example, you may want to cache the RTC password in a mobile device where there is a risk that it will be compromised, exposing the password.
 * The following services are NOT available yet but are being planned or under consideration 
  * BOSH Support, to connect to the XMPP server over HTTPS
 * You must create a real-time communications (RTC) password in [[https://db.debian.org|the LDAP system]]: login to update your settings, then fill the RTC password field.
  * Do not use the same password that you use for any other service. For example, you may want to cache the RTC password in a mobile device where there is a risk that it will be compromised, exposing the password.
Line 17: Line 13:
 * Your ''debian.org'' email address is also your SIP address  * Your ''debian.org'' email address is also your XMPP address
Line 19: Line 15:
 * Your SIP software may try to use the user-part of the SIP address for authentication. It will not work.
  * In your SIP settings, look for an ''authentication username'' or ''auth user'' field. It is often blank by default.
  * Put your full SIP address, e.g. ''username@debian.org'' in this field
 * The same credentials are used for TURN
 * If you are lucky, your client software uses DNS NAPTR and SRV lookups to find the TURN and SIP servers, if not, you can hardcode the following values into your configuration:
  * SIP server: please use a client that finds it using SRV lookups
   * if really necessary, use the value ''sip-ws.debian.org'' and TLS, port 5061
  * TURN server: ''turn.debian.org'' (UDP port 3478)
  * SIP over WebSocket: ''sip-ws.debian.org'' (HTTP port 443)
 * [[http://www.sip5060.net|sip5060.net]] provides some [[http://www.sip5060.net/test-calls|convenient SIP test numbers]]
  * clicking the links on the [[http://www.sip5060.net/test-calls|sip5060.net site]] will dial through your local SIP client or [[https://freephonebox.net|FreePhoneBox.net]]
  * copy and paste the SIP addresses from the page into [[https://rtc.debian.org|rtc.debian.org]] to test from there
 
Line 35: Line 19:
 * For general discussion about how to best use SIP as a tool to achieve the wider objectives of the Debian Project, please use ''debian-devel''
 * For specific faults with the service, please contact the [[Teams/DSA|Debian System Administration (DSA)]] team

== NAT traversal ==

 * NAT and firewalls have traditionally been a problem for free RTC software
 * For SIP itself, we only use TLS
  * This is a stream connection that is more likely to get through NAT than UDP
  * It can also potentially be tunnelled through proxies using the HTTP CONNECT method (port 443)
  * Some routers try to mangle SIP packets to help them through NAT, in practice this sometimes makes the problem worse
  * By using TLS, we ensure that no intermediate device will tamper with the packets, we aim to use industry standard ICE and TURN
 * The modern approach to this problem is the use of Internet Connectivity Establishment (ICE) and, as a last resort, relaying traffic through a TURN server
 * Not all SIP clients support TURN
  * Jitsi only supports TURN with Jabber, the SIP-TURN support is coming
  * Empathy only supports TURN through Google's proprietary TURN servers, but the TURN code could use any TURN server if configuration options were available. There is a bug report for this.
  * Only one end of the connection needs a TURN server for it to work though, as long as both support ICE.
 * The [[https://rtc.debian.org|rtc.debian.org]] WebRTC service is based on [[http://jscommunicator.org|JSCommunicator]]. It supports both ICE and TURN and is pre-configured for Debian's TURN servers. Although the UI is very basic, there is a high probability that it can get through NAT in situations where the other SIP clients currently struggle.

== WebRTC status ==

Note:

 * [[http://www.webrtc.org/|WebRTC]] users can only interact with other WebRTC users
 * Jitsi and Lumicall users can interact with each other but not with WebRTC users (yet)
 * People who don't have a SIP account can call you instantly using the [[https://freephonebox.net|FreePhoneBox.net WebRTC service]]
 * For general discussion about how to best use these technologies as a tool to achieve the wider objectives of the Debian Project, please use ''debian-devel''
 * For specific faults with the service, please contact the [[Teams/RTC|Debian Real Time Communications]] team
Line 63: Line 24:
=== Conversations.im on Android ===

See this [[UnifiedCommunications/DebianDevelopers/UserGuide/Android|step by step guide]].
Line 65: Line 30:
 * [[http://packages.debian.org/linphone|Linphone]] seems to work well and can receive calls from [[http://www.lumicall.org|Lumicall]] users  * [[DebianPackage:linphone|Linphone]] seems to work well and can receive calls from [[https://lumicall.org/|Lumicall]] users
Line 67: Line 32:
Line 71: Line 35:
 * [[http://packages.debian.org/jitsi|Jitsi]] is one of the most extensive open source communications tools  * [[DebianPackage:jitsi|Jitsi]] is one of the most extensive open source communications tools, but is no longer available in Debian
Line 76: Line 40:
 * Empathy is the default communications client in the Gnome desktop  * Empathy is the default communications client in the GNOME desktop
Line 81: Line 45:
 * [[http://www.lumicall.org|Lumicall]] is an open source mobile SIP client for Android.  * [[https://lumicall.org/|Lumicall]] is an open source mobile SIP client for Android.
Line 85: Line 49:
 * [[https://code.google.com/p/csipsimple/|CSipSimple]] integrates well with Android phones, and is recommended by [[https://guardianproject.info/apps/|The Guardian Project]].
* [[WikiPedia:CSipSimple|CSipSimple]] was a project that integrated well with Android phones, and was recommended by [[https://guardianproject.info/apps/|The Guardian Project]].
Line 90: Line 55:
 * [[http://jscommunicator.org|JSCommunicator]] is a browser-based WebRTC softphone using HTML5/JavaScript. It requires a modern browser.
 * A live demo customised for the Debian community is at [[https://rtc.debian.org|rtc.debian.org]]
 * [[https://jscommunicator.org/|JSCommunicator]] is a browser-based WebRTC softphone using HTML5/JavaScript. It requires a modern browser.
Line 96: Line 60:
 * [[http://packages.debian.org/asterisk]] is a full PBX system.  * [[DebianPackage:asterisk]] is a full PBX system.
Line 101: Line 65:
According to [[http://en.wikipedia.org/wiki/Comparison_of_VoIP_software|Wikipedia]], ekiga does not currently support TLS connections. According to [[WikiPedia:Comparison_of_VoIP_software|Wikipedia]], ekiga does not currently support TLS connections.

Key details

  • Please also see the Frequently Asked Questions

  • Debian Developers have access to the following services

  • The following services are NOT available yet but are being planned or under consideration
    • BOSH Support, to connect to the XMPP server over HTTPS
  • You must create a real-time communications (RTC) password in the LDAP system: login to update your settings, then fill the RTC password field.

    • Do not use the same password that you use for any other service. For example, you may want to cache the RTC password in a mobile device where there is a risk that it will be compromised, exposing the password.
    • Wait 30 minutes for the password to become active.
  • Your debian.org email address is also your XMPP address

Contact and support

  • For general questions about individual softphones, please contact the maintainers or upstream mailing lists
  • For general discussion about how to best use these technologies as a tool to achieve the wider objectives of the Debian Project, please use debian-devel

  • For specific faults with the service, please contact the Debian Real Time Communications team

Instructions for various client programs

Conversations.im on Android

See this step by step guide.

Linphone configuration

Jitsi configuration

  • Jitsi is one of the most extensive open source communications tools, but is no longer available in Debian

  • See the Jitsi screenshots for full details

Empathy

  • Empathy is the default communications client in the GNOME desktop
  • See the Empathy screenshots for full details

Lumicall

CSipSimple

JSCommunicator

Asterisk

Ekiga

According to Wikipedia, ekiga does not currently support TLS connections.