Some customers report a crash problem to us. All of them deploy “SIP over TLS” in their VoIP networks. We have upgraded miniSIPServer to latest V35 (build 20190313) with following key modifications.
(1) In the latest miniSIPServer, SSL library has been upgraded to the latest version.
(2) Only TLSv1.2 method is kept, that means SSLv2, SSLv3, TLSv1 and TLSv1.1 are cut. When we did research on customers’ problems, we found some bad guys were trying to use the bug of SSLv3 to hack into MSS. We have to move all these methods out to defend that. In future, we will add other methods, such as TLSv1.3. At this time, we need confirm SIP phones can support TLSv1.2 too if we want to deploy SIP over TLS.
In another way, we refine “SIP over TLS” document to provide a simple demo on how to create certificate files.
Our data center have scheduled maintenance windows during which the basic infrastructure will be updated.
During the maintenance window, all our Cloud-MSS nodes will be powered down and that means all virtual servers will stop working. While a two-hour window is allocated for the maintenance, the actual downtime should be much less.
The scheduled maintenance window is set for: Tuesday, January 8, 8:30 AM UTC
Previous miniSIPServer versions only limit “maximum concurrent outgoing calls”, and didn’t limit the total concurrent calls. Normally, it can fit most requirements since we think SIP phones or SIP clients should be able to limit their incoming calls. In recent days, some customers response that their SIP phones don’t have enough functions and hope miniSIPServer to be able to limit total concurrent calls of each SIP phone. To fit this requirement, we upgrade miniSIPServer to V34. Please refer to following figure.
You can configure “maximum concurrent calls” to be zero. In this strange scenario, the SIP phone will never receive call and cannot make any outgoing call. It is to be noted that “maximum concurrent outgoing calls” should be smaller than “maximum concurrent calls” because “maximum concurrent calls” limits both outgoing calls and incoming calls together.
We often configure miniSIPServer to connect VoIP carriers’ network with external lines. There are lots of VoIP carriers and someone always asks us how to configure external line.
In our step by step document, we give a demo to configure MSS to work with “call centric”. You can refer to this document for more details about VoIP networks and external lines. In another way, we give some more examples in chapter “External lines” of F.A.Q document. Please refer to these documents if you are interesting in it and hope they can be helpful to you.
Maintenance is required for all virtual servers in our cloud system. We will reboot all our servers in 2018-01-19 7:00:00 AM UTC. You can prepare your VoIP networks for this mantenance.
This action affects the underlying infrastructure that your virtual server resides on and will not affect the data stored within your virtual server
During the maintenance window, your virtual server will be cleanly shut down and will be unavailable while we perform the updates. A two-hour window is allocated, however the actual downtime should be much less.
We regret the short notice and the downtime required for this maintenance. However, due to the severity of these vulnerabilities, we have no choice but to take swift and immediate action to ensure the safety and security of our customers. For these reasons, we must adhere to a strict timetable, and will not be able to reschedule or defer this maintenance.
If you experience any issues following the maintenance, please feel free to reach out to us and we will be happy to assist.
Yesterday, we helped a Chinese customer to deploy MSS to work with CTC IMS network. In this scenario, CTC IMS network has ZTE soft-switch (according to User-Agent header in SIP messages) , we need be careful to cooperate with it.
Since CTC provides user name and password for authorization, we configure “external line” in MSS to do that. Following sections will illustrate some key points.
Authorization user name
By default, we often use “External line (account)” as authorization user name, but ZTE softswitch requires full URI format, so we need configure “The authorization ID should include address information” in external line. Please refer to following figure for more details.
For example, if this item is selected, the authorization name will be “+firstname.lastname@example.org” according to above figure.
If it is not full format, IMS network will return “403 Forbidden” messages to reject it. In fact, we think it is a bug in ZTE softswitch since there is “realm” and “domain” parameters in SIP authorization header. No matter the user name is full format or not, the device should pass it according to successful authorization itself.
Anyway, if you have same problem to cooperate with other IMS networks, please pay attention to it and configure such item to take a try.
In Chinese CTC-IMS network, its “SIP server” is logic domain, not a real SIP device and cannot be visited. In above scenario, “gd.ctcims.cn” is its domain, not its real address. SIP messages should be routed to another device (we think it is a SBC or proxy), so we need configure “Via” address in MSS external line configuration. Please refer to following figure.
RFC3262 defines a method to provide reliable provisional response messages in SIP dialog. Simply, it uses a new message which is PRACK to response “response” messages. We don’t think it is a good idea, and most traditional VoIP devices don’t following this RFC document.
But now in some interoperability scenarios with the PSTN, it is required to provide RFC3262 capability. Specially in some 4G-IMS networks, for example, in China telcom markets, mobile carriers’ networks will reject SIP calls if they don’t have this capablity.
So we upgrade MSS to V31 to support RFC3262. New MSS will add ‘100rel’ in outgoing calls to update peer sides or SIP phones that it has RFC3262 capability, they can decide to invoke it by themselves. For incoming calls, MSS will not invoke RFC3262 procedures automatically unless peer sides or SIP phones require that.
If you have problem to work MSS with your local ISP networks, please try the latest MSS and hope you can enjoy it.
By default, MSS previous versions don’t limit concurrent calls of SIP trunk. That means you can make or receive calls as much as you can. If peer sides don’t have enough resources, they will reject calls by themselves. But now in some scenarios, customers hope MSS can handle concurrent calls and limit them automatically.
To fit this requirement, we upgrade MSS to provide concurrent calls configurations in SIP trunk. Too much calls will be rejected by MSS itself. Please refer to following figure for more details about these items.
Please pay attention to these.
(1) These items are independent. You can configure different values for them to limit different concurrent calls for outgoing calls and incoming calls.
(2) If one of them is zero, in fact all them can be zero, that means only incoming calls can be received, or can only make outgoing calls outsides.
We upgraded miniSIPServer V30 today to change “one number, multi-devices” service in local user’s configuration. In previous versions, we don’t need configure anything to enable this feature in local user since it was enabled by default. Customers think it is good idea to reduce configuraiton workload, but it brings new management problem. In fact, they hope to be able to control which local users can have this feature. In most scenarios, only some local users have several phones with same number, others are not permit to do that.
To fit this requirement, we add a new optional item in local user’s configuration. Please refer to following figure for more details. By default, this service is not enabled now until you configure it obviously.