For work environments where you only get HTTP or HTTPS access, what is the feasibility of doing IAX over HTTP? I have heard of projects such as stunnel. Has anyone tried something like this? I did a quick search but didn't come up with much.
HTTP uses TCP. Too much overhead. Add SSL on to that and you have a huge amount of overhead. The end result would be poor and choppy sound quality. Jason On 21/07/05 21:58 +0200, Rob Scott wrote:> For work environments where you only get HTTP or HTTPS access, what is > the feasibility of doing IAX over HTTP? > > I have heard of projects such as stunnel. > > Has anyone tried something like this? > > I did a quick search but didn't come up with much. > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users
Rob Scott wrote:> For work environments where you only get HTTP or HTTPS access, what is > the feasibility of doing IAX over HTTP? > > I have heard of projects such as stunnel. > > Has anyone tried something like this? > > I did a quick search but didn't come up with much.I did some tests, with openvpn, for my purpose, was ok, not sure how would behave in packet loss, jitter conditions..
Doesn't Skype use something similar? I have heard that it is encrypted and works through http proxies. -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Jason Stewart Sent: 21 July 2005 22:46 To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: [Asterisk-Users] Re: IAX over HTTP HTTP uses TCP. Too much overhead. Add SSL on to that and you have a huge amount of overhead. The end result would be poor and choppy sound quality. Jason On 21/07/05 21:58 +0200, Rob Scott wrote:> For work environments where you only get HTTP or HTTPS access, what is> the feasibility of doing IAX over HTTP? > > I have heard of projects such as stunnel. > > Has anyone tried something like this? > > I did a quick search but didn't come up with much. > _______________________________________________ > Asterisk-Users mailing list > Asterisk-Users@lists.digium.com > http://lists.digium.com/mailman/listinfo/asterisk-users > To UNSUBSCRIBE or update options visit: > http://lists.digium.com/mailman/listinfo/asterisk-users_______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
I disagree. Isn't running it over a VPN the same thing? I have been running with no problems: a) a soft phone over a OpenVPN VPN (over TCP) b) a soft phone over a MS PPTP VPN c) a hard phone over a IPSec net-to-net VPN For the soft phone I've used X-Ten (SIP) and idefisk (IAX) For the hard phone I've used Budgetone BT-102, Sipura SPA-841 and ATCOM AT-320 (w/ IAX2 firmware). I've had no problems. I suppose it is a matter of a good connection.> Message: 25 > Date: Fri, 22 Jul 2005 13:48:09 +0200 (CEST) > From: Jerry Glomph Black <asterisk-users@glomph.com> > Subject: Re: [Asterisk-Users] IAX over HTTP > To: Asterisk Users Mailing List - Non-Commercial Discussion > <asterisk-users@lists.digium.com> > Message-ID: <Pine.LNX.4.61.0507221344450.17655@bittycow.prognet.com> > Content-Type: text/plain; charset="iso-8859-1" > > Doing IAX over TCP is simply a Bad Idea. > > Under perfect circumstances, it will work OK, but the slightest network > disturbance will result in sound gaps/distortion and/or monster audio > delay. > > This is not idle UDP-boosting, I've tried it. > > [Have had good results with UDP-based secure tunnel transport of IAX > traffic (CIPE and OpenVPN)]
We have been running IAX through OpenVPN with SSL for 6 months without any trouble to Las Veags, and we are in Oklahoma. Most of the time, IAX sounds better then the land line. -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Julio Arruda Sent: Friday, July 22, 2005 12:41 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [Asterisk-Users] IAX over HTTP Just remember that TCP will try to retransmit your lost voice packets, what is not exactly of any use :-). VPNs with IPSec and others (CIPE and some UDP 'related' vpns) would not create this extra (and useless) overhead. I've used IAX over OpenVPN (with SSL as you), and it does work, to some level, but I would not do it for a living :-) Iassen Hristov wrote:> I disagree. Isn't running it over a VPN the same thing? > > I have been running with no problems: > a) a soft phone over a OpenVPN VPN (over TCP) > b) a soft phone over a MS PPTP VPN > c) a hard phone over a IPSec net-to-net VPN > > For the soft phone I've used X-Ten (SIP) and idefisk (IAX) For the > hard phone I've used Budgetone BT-102, Sipura SPA-841 and ATCOM AT-320> (w/ IAX2 firmware). > > I've had no problems. I suppose it is a matter of a good connection. > > >>Message: 25 >>Date: Fri, 22 Jul 2005 13:48:09 +0200 (CEST) >>From: Jerry Glomph Black <asterisk-users@glomph.com> >>Subject: Re: [Asterisk-Users] IAX over HTTP >>To: Asterisk Users Mailing List - Non-Commercial Discussion >> <asterisk-users@lists.digium.com> >>Message-ID: <Pine.LNX.4.61.0507221344450.17655@bittycow.prognet.com> >>Content-Type: text/plain; charset="iso-8859-1" >> >>Doing IAX over TCP is simply a Bad Idea. >> >>Under perfect circumstances, it will work OK, but the slightest >>network disturbance will result in sound gaps/distortion and/or >>monster audio delay. >> >>This is not idle UDP-boosting, I've tried it. >> >>[Have had good results with UDP-based secure tunnel transport of IAX >>traffic (CIPE and OpenVPN)]_______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users This electronic message transmission, including attachments, is for the exclusive use of the individuals to which this e-mail is addressed and is to be reviewed and used exclusively for authorized company purposes. This transmission may contain proprietary, confidential or privileged information. If you are not the intended recipient of this transmission, you are hereby notified that any use, copying, disclosure, dissemination, distribution or taking of any action in reliance upon the contents of this transmission is strictly prohibited. If you believe you may have received this electronic message in error, please notify the sender immediately by return email and delete or destroy the original message and/or any copy of it from your computer system and/or your files. Thank you.
Eric Rees wrote:> We have been running IAX through OpenVPN with SSL for 6 months without > any trouble to Las Veags, and we are in Oklahoma. Most of the time, IAX > sounds better then the land line.Using UDP or using TCP? Might want to confirm by using tcpdump. -- Eric Wieling * BTEL Consulting * 504-210-3699 x2120
UDP.... Because of the way TCP likes to re-transmit VOIP packets. -----Original Message----- From: asterisk-users-bounces@lists.digium.com [mailto:asterisk-users-bounces@lists.digium.com] On Behalf Of Eric Wieling aka ManxPower Sent: Friday, July 22, 2005 3:42 PM To: Asterisk Users Mailing List - Non-Commercial Discussion Subject: Re: [Asterisk-Users] IAX over HTTP Eric Rees wrote:> We have been running IAX through OpenVPN with SSL for 6 months without> any trouble to Las Veags, and we are in Oklahoma. Most of the time, > IAX sounds better then the land line.Using UDP or using TCP? Might want to confirm by using tcpdump. -- Eric Wieling * BTEL Consulting * 504-210-3699 x2120 _______________________________________________ Asterisk-Users mailing list Asterisk-Users@lists.digium.com http://lists.digium.com/mailman/listinfo/asterisk-users To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users This electronic message transmission, including attachments, is for the exclusive use of the individuals to which this e-mail is addressed and is to be reviewed and used exclusively for authorized company purposes. This transmission may contain proprietary, confidential or privileged information. If you are not the intended recipient of this transmission, you are hereby notified that any use, copying, disclosure, dissemination, distribution or taking of any action in reliance upon the contents of this transmission is strictly prohibited. If you believe you may have received this electronic message in error, please notify the sender immediately by return email and delete or destroy the original message and/or any copy of it from your computer system and/or your files. Thank you.
On Fri, 2005-07-22 at 15:42 -0500, Eric Wieling aka ManxPower wrote:> Eric Rees wrote: > > We have been running IAX through OpenVPN with SSL for 6 months without > > any trouble to Las Veags, and we are in Oklahoma. Most of the time, IAX > > sounds better then the land line. > > Using UDP or using TCP? Might want to confirm by using tcpdump.OpenVPN uses UDP -- Dave Cotton <dcotton@linuxautrement.com>
Dave Cotton wrote:> On Fri, 2005-07-22 at 15:42 -0500, Eric Wieling aka ManxPower wrote: > >>Eric Rees wrote: >> >>>We have been running IAX through OpenVPN with SSL for 6 months without >>>any trouble to Las Veags, and we are in Oklahoma. Most of the time, IAX >>>sounds better then the land line. >> >>Using UDP or using TCP? Might want to confirm by using tcpdump. > > > OpenVPN uses UDPOpenVPN can use TCP, and really, I would expect that many users using openvpn to bypass firewall rules, would be using TCP not UDP. Simple example... ----- dev tun .... proto tcp-server port 443 -----
On Sat, 2005-07-23 at 17:51 -0400, Julio Arruda wrote:> OpenVPN can use TCP, and really, I would expect that many users using > openvpn to bypass firewall rules, would be using TCP not UDP.Yes OpenVPN _can_ be _configured_ to use TCP, just shows what a powerful tool it really is. -- Dave Cotton <dcotton@linuxautrement.com>
>>>>> "Rob" == Rob Scott <Rob_Scott@epam.com> writes:Rob> For work environments where you only get HTTP or HTTPS access, Rob> what is the feasibility of doing IAX over HTTP? Tunnelling tcp/ip over http/(tls/)?tcp/ip is viable, tunnelling rtp/udb/ip or iax/udp/ip over http/(tls/)?tcp/ip however will only work reliably if the tcp doesn't see any packet loss. Else it will retransmit lost packets and the voice quality will suck. That said, if you can get a http or https socket going you can probably also tunnel over dns. So you may want to look into ip over dns/udp/ip tunnels for rtp or iax. -JimC -- James H. Cloos, Jr. <cloos@jhcloos.com> <http://jhcloos.com>