Differences between revisions 3 and 14 (spanning 11 versions)
Revision 3 as of 2014-01-17 08:27:42
Size: 2525
Editor: DanielPocock
Comment:
Revision 14 as of 2014-01-19 11:58:26
Size: 5191
Editor: ?StuartPrescott
Comment: Fix URL for empathy instructions
Deletions are marked like this. Additions are marked like this.
Line 3: Line 3:
 * To start quickly, just skip below to the client configuration links
 * Please also see the [[UnifiedCommunications/DebianDevelopers/FAQ|Frequently Asked Questions]]
Line 6: Line 8:
 * The following services are NOT available yet but are being planned or under consideration
  * XMPP/Jabber server
  * Audio and/or video conference software
   * [[http://packages.debian.org/reconserver|see the reConServer package]]
   * [[https://jitsi.org/videobridge|Jitsi video bridge]] is also cool
Line 7: Line 14:
  * Do not use the same password that you use for any other Debian service. For example, you may want to cache the RTC password in a mobile device where there is a risk that it will be compromised.   * Do not use the same password that you use for any other Debian service. For example, you may want to cache the RTC password in a mobile device where there is a risk that it will be compromised, exposing the password.
Line 15: Line 22:
 * If you are lucky, your client software uses DNS NAPTR and SRV lookups to find the TURN and SIP servers, if not, you can hardcode the following values into your configuration:
  * SIP server: please use a client that finds it using SRV lookups
   * if really necessary, use the value ''vogler.debian.org'' and TLS, port 5061
   /!\ Don't do that. We don't want to couple service names with hosts names! -- zobel
  * TURN server: ''turn.debian.org'' (UDP port 3478)
  * SIP over WebSocket: ''sip-ws.debian.org'' (HTTP port 443)

== Contact and support ==

 * For general questions about individual softphones, please contact the maintainers or upstream mailing lists
 * For general discussion about how to best use SIP as a tool to achieve the wider objectives of the Debian Project, please use ''debian-devel''
 * For specific faults with the service, please contact the [[Teams/DSA|Debian System Administration (DSA)]] team
Line 29: Line 48:
 * The WebRTC demo site based on [[http://jscommunicator.org|JSCommunicator]] does support both ICE and TURN and is pre-configured for Debian's TURN servers. Although the UI is very basic, there is a high probability that it can get through NAT in situations where the other SIP clients currently struggle.  * The [[https://rtc.debian.org|rtc.debian.org]] WebRTC service is based on [[http://jscommunicator.org|JSCommunicator]]. It supports both ICE and TURN and is pre-configured for Debian's TURN servers. Although the UI is very basic, there is a high probability that it can get through NAT in situations where the other SIP clients currently struggle.
Line 31: Line 50:
== Jitsi configuration == == WebRTC status ==
Line 33: Line 52:
Note:

 * WebRTC users can only interact with other WebRTC users
 * Jitsi and Lumicall users can interact with each other but not with WebRTC users (yet)


== Instructions for various client programs ==

=== Jitsi configuration ===

 * Jitsi is one of the most extensive open source communications tools
Line 34: Line 64:

=== Empathy ===

 * Empathy is the default communications client in the Gnome desktop
 * See the [[UnifiedCommunications/DebianDevelopers/Empathy|Empathy screenshots]] for full details

=== Lumicall ===

 * [[http://www.lumicall.org|Lumicall]] is an open source mobile SIP client for Android.
 * See the [[UnifiedCommunications/DebianDevelopers/UserGuide/Lumicall|Lumicall configuration page]] for full details

=== JSCommunicator ===

 * [[http://jscommunicator.org|JSCommunicator]] is a browser-based WebRTC softphone using HTML5/JavaScript. It requires a modern browser.
 * A live demo customised for the Debian community is at [[https://rtc.debian.org|rtc.debian.org]]
 * See the [[UnifiedCommunications/DebianDevelopers/UserGuide/JSCommunicator|JSCommunicator configuration page]] for full details about how to put it in your own blog or web site

Key details

  • To start quickly, just skip below to the client configuration links

  • Please also see the Frequently Asked Questions

  • Debian Developers have access to the following services

    • SIP Proxy
    • TURN server
  • The following services are NOT available yet but are being planned or under consideration

  • You must create a real-time communications (RTC) password in the LDAP system

    • Do not use the same password that you use for any other Debian service. For example, you may want to cache the RTC password in a mobile device where there is a risk that it will be compromised, exposing the password.
    • Wait 30 minutes for the password to become active.

  • Your debian.org email address is also your SIP address

  • Your SIP software may try to use the user-part of the SIP address for authentication. It will not work.

    • In your SIP settings, look for an authentication username or auth user field. It is often blank by default.

    • Put your full SIP address, e.g. pocock@debian.org in this field

  • The same credentials are used for TURN
  • If you are lucky, your client software uses DNS NAPTR and SRV lookups to find the TURN and SIP servers, if not, you can hardcode the following values into your configuration:
    • SIP server: please use a client that finds it using SRV lookups

      • if really necessary, use the value vogler.debian.org and TLS, port 5061 /!\ Don't do that. We don't want to couple service names with hosts names! -- zobel

    • TURN server: turn.debian.org (UDP port 3478)

    • SIP over ?WebSocket: sip-ws.debian.org (HTTP port 443)

Contact and support

  • For general questions about individual softphones, please contact the maintainers or upstream mailing lists

  • For general discussion about how to best use SIP as a tool to achieve the wider objectives of the Debian Project, please use debian-devel

  • For specific faults with the service, please contact the Debian System Administration (DSA) team

NAT traversal

  • NAT and firewalls have traditionally been a problem for free RTC software
  • For SIP itself, we only use TLS
    • This is a stream connection that is more likely to get through NAT than UDP
    • It can also potentially be tunnelled through proxies using the HTTP CONNECT method (port 443)
    • Some routers try to mangle SIP packets to help them through NAT, in practice this sometimes makes the problem worse
    • By using TLS, we ensure that no intermediate device will tamper with the packets, we aim to use industry standard ICE and TURN
  • The modern approach to this problem is the use of Internet Connectivity Establishment (ICE) and, as a last resort, relaying traffic through a TURN server
  • Not all SIP clients support TURN
    • Jitsi only supports TURN with Jabber, the SIP-TURN support is coming
    • Empathy only supports TURN through Google's proprietary TURN servers, but the TURN code could use any TURN server if configuration options were available. There is a bug report for this.
    • Only one end of the connection needs a TURN server for it to work though, as long as both support ICE.

  • The rtc.debian.org WebRTC service is based on JSCommunicator. It supports both ICE and TURN and is pre-configured for Debian's TURN servers. Although the UI is very basic, there is a high probability that it can get through NAT in situations where the other SIP clients currently struggle.

WebRTC status

Note:

  • WebRTC users can only interact with other WebRTC users
  • Jitsi and Lumicall users can interact with each other but not with WebRTC users (yet)

Instructions for various client programs

Jitsi configuration

  • Jitsi is one of the most extensive open source communications tools

  • See the Jitsi screenshots for full details

Empathy

  • Empathy is the default communications client in the Gnome desktop

  • See the Empathy screenshots for full details

Lumicall

JSCommunicator