June 2014 archive

Speaking At SIPNOC 2014 On June 10 About TLS For SIP/VoIP/UC

SIPNOC 2014 logoWhat advantages does Transport Layer Security (TLS, what we used to call “SSL”) bring to voice-over-IP (VoIP) that uses the Session Initiation Protocol (SIP)? What is the state of TLS usage within SIP and VoIP? Why isn’t it being used more?

Tomorrow, June 10, 2014, I’ll be speaking at the SIP Network Operators Conference (SIPNOC) 2014 event down in Herndon, Virginia, on the topic of “Is It Time For TLS For SIP?“. I’ll be discussing why we need more TLS usage in SIP-based communication, including what we think of as “VoIP” and also “Unified Communications (UC)”. The abstract for my talk is:

With concerns about large-scale pervasive monitoring on the Internet, many groups are encouraging the increased use of Transport Layer Security (TLS, what we used to call “SSL”). While SIP has had TLS support for quite some time, it is often not used. This session will look at concerns of using TLS with SIP and discuss opportunities for providing higher security for SIP-based communication. The session will also outline some newer innovations such as the DANE protocol that when coupled with DNSSEC can provide a higher level of trust for TLS encryption.

As you can tell, my focus will be around the “TLS for Applications” topic area we have here on Deploy360, as well as some discussion around DANE and what it can bring in terms of increased security.

I’ve spoken at SIPNOC events for the past two years (and before that) but my topic has always included IPv6.  This time I won’t be doing that… but to my delight one of the talks before mine tomorrow will be Carl Klatsky from Comcast providing a case study of their work their voice services to IPv6.  Here is his abstract:

Comcast Voice IPv6 Deployment Lessons Learned. Presented by Carl Klatsky, Comcast.

This presentation will review the successes, challenges, and lessons learned in deploying IPv6 support into Comcast’s IMS based SIP voice network, in support of an upcoming IPv6 technical trial. The presentation will review the overall target architecture covering both access and network side elements, and share the lessons learned with the SIP community.

I’m very much looking forward to hearing what Carl has to say!

There are many other great sessions on the SIPNOC 2014 agenda.  Unfortunately I can only be at the event tomorrow and will be missing out on the great content on Wednesday and Thursday.  You can, of course, expect to find me in any of the security-related sessions on Tuesday!

If any of you reading this are at SIPNOC 2014 tomorrow please do feel free to say hello!

P.S. And before anyone asks in the comments, no, there is not a live stream (or recordings) of the SIPNOC sessions.  They try to keep it an informal atmosphere where information can be shared with the conference sessions without that information being immediately public.

 

What Major Change Is SoundCloud About To Make To Their Mobile Apps?

Soundcloud 250What is SoundCloud planning for their next mobile app release for at least iOS and presumably Android? On Friday (June 6, 2014) I received an email stating this:
We noticed you've used our app to record and upload tracks to SoundCloud. With an upcoming version of the app, we'll be making changes to the way tracks are stored on your phone. If you have tracks that you've recorded but haven't uploaded, please follow the instructions below to save them. You can upload the tracks to your SoundCloud profile, or you can download them to your computer. Please do this as soon as possible to ensure that you don't lose anything you've recorded.

I cringed when I saw this... because I do use the SoundCloud app on my iPhone to record tracks for my "The Dan York Report" podcast and I do keep a number of different unpublished tracks sitting in the SoundCloud app. Often I may record a sound somewhere with the intent of later folding that into a recording (and which, admittedly, I often wind up never getting around to doing).

The key message of the email from SoundCloud is this:

YOU WILL LOSE YOUR TRACKS THAT YOU HAVE NOT UPLOADED UNLESS YOU TAKE ACTION BEFORE THE UPGRADE!

The email points out that all you need to do is upload the tracks to your SoundCloud account - and you can do so and make them "Private" so that they are only visible to you. They also note that you can download your sounds to your computer if you would prefer to do that. I chose to upload my tracks to SoundCloud as private recordings.

IMPORTANT: Note that when you upload your tracks to SoundCloud, the original date information will NOT be saved! That track you recorded in December 2012 that has the title "Sounds from Tuesday evening" will be uploaded to SoundCloud with a timestamp of when you upload the track. So if the date of the original recording is important to you, you may want to incorporate that date into the title of the track BEFORE you upload the track.

If you don't know what I'm talking about, the email from SoundCloud helpfully provided this image showing tracks that have not been uploaded:

NewImage

I cringed when I read the email from SoundCloud for a larger reason. This upload of local tracks was no big deal. I was done in maybe 5 minutes. My larger concern though is... what is SoundCloud going to do to the recording experience?

Right now I mostly used the SoundCloud iOS app to record my TDYR podcasts (as I explained in an episode) as my TDYR podcast is all about trying to see how minimally and easily a podcast can be recorded.

However, the SoundCloud app seems to continue to move to being more about music consumption rather than creation. This started a while back when they moved "Record" from the home screen to being under the "..." menu choice. And then we haven't really seen any improvements or changes to the recording capability.

Will they improve the recording experience? Or further de-emphasize it?

We'll see... but in the meantime if you have any local recordings in the app you need to do something if you want to retain any of those recordings.


If you found this post interesting or useful, please consider either:


Happy World IPv6 Launchiversary! Two Years Of Remarkable IPv6 Growth (Featured Blog)

Happy Launchiversary! It's been two years since World IPv6 Launch in 2012, the day many major Internet Service Providers (ISPs), home networking equipment manufacturers, and web companies around the world started permanently enabling IPv6 for their products and services. In the last two years, participation and interest in IPv6 has only grown. Today nearly 250 network operators around the world are participating in World IPv6 Launch measurements, and we continue to see increased IPv6 deployment by network operators, websites, and home router vendors. More...

A Quick Ebook To Learn About IPv6: The Consumer Guide

IPv6_HongKong_ISOCAre you looking for a quick way to learn more about IPv6 and how to get started?  Would you like to quickly set up a computer to test out IPv6 and learn how to use it?

If so, check out the Consumer Guide: All About IPv6.  Published by the Internet Society Hong Kong Chapter, this ebook gives a basic introduction to IPv6, then provides tutorials for configuring IPv6 on consumer devices. It explains what IPv6 is all about by explaining IPv4 exhaustion and other benefits of IPv6 adoption. It also includes tutorials detailing how to enable and configure IPv6 and 6in4 tunneling on typical consumer software including Windows 7, Apple’s OS X, VPN clients, and home routers.

The book is a well-done basic introduction to IPv6 that is easy to read and understand.  It is available both as a PDF that can be printed or read in an ebook reader or on a tablet or smartphone – or as a website for desktop viewing, complete with a clickable table of contents and other controls.

Thanks to the ISOC Hong Kong Chapter for creating such a useful guide!

If you are looking for more resources to get started with IPv6, please visit our “Start Here” pages that can guide you to resources appropriate to your type of organization or activity.

Happy World IPv6 Launchiversary! Two Years Of Remarkable IPv6 Growth (Featured Blog)

More...

Dhcpy6d – A new tool to help with DHCPv6 (DHCP for IPv6)

We received the following guest post from Henri Wahl in the IT Department of the Leibniz-Institut für Festkörper- u.Werkstoffforschung (IFW) in Dresden, Germany.


Getting DHCPv6 to work

dhcpy6dWe run a network with approximately 1.000 client hosts. To use dualstack we decided to provide hosts with IPv6 addresses via DHCPv6. We wanted to use our existing MAC-based IPv4 address provisioning for IPv6 too and SLAAC gives not enough control regarding different classes of clients and dynamic DNS updates. Sadly we found no working solution, especially because RFC 3315 does not consider MAC addresses as useful. Thus we had to develop our own incarnation of a DHCPv6 server.

The result is dhcpy6d, available as open source at https://dhcpy6d.ifw-dresden.de and written in Python. It retrieves MAC addresses from local neighbor cache and this way allows us to keep our address management solution for IPv4 and IPv6.

Our DHCPv6 server allows to identify clients by MAC address, DUID or hostname. Clients can be organized in different classes. Addresses can be generated randomly, from MAC address, by range or by a given ID. Clients can get multiple addresses. Leases are stored in MySQL or SQLite databases. DNS information might be updated with ISC Bind9.

In practice we found Windows clients from Vista and up to be working perfectly as DHCPv6 clients. They even have no problems to receive multiple addresses per client. Linux and MacOSX desktop clients still fail on this.

Dhcpy6d still is work in progress but already works flawlessly on a daily basis. There are at least some universities which use it.

For details see https://dhcpy6d.ifw-dresden.de/documentation/ .

Great IPv6 Work Happening In Grenada In The Caribbean

Joining in to the celebration of World IPv6 Launchiversary, Brent McIntosh sent us some info about all the great IPv6 work they are doing on the island of Grenada in the Caribbean. You can view the PDF simply by clicking/tapping the image below:

IPv6 in GrenadaCongratulations to Brent and all the others involved for the excellent IPv6 activity happening there!

 

Case Study: IPv6 At The U.S. Census Bureau

The United States Census Bureau is one of the leading implementors of IPv6 within the U.S. government. Charles Sun, IPv6 Transition Manager for the U.S. Census Bureau, provided us with information noting:

  • On September 28, 2012, U. S. Census Bureau was the first agency – Operating Unit (OU) within U. S. Department of Commerce to be in full compliance of the U.S. OMB mandate for IPv6 transition Phase I (September 30, 2012);
  • The U.S. Census Bureau is currently on track to complete the second phase of the U.S. OMB mandate to enable all internal agency users to be able to access Internet related services from our internal enterprise network by September 30, 2014 so as to be in full compliance with the U.S. OMB mandate based on the U.S. federal government initial IPv6 transition initiative.

Charles also pointed to two sources of IPv6 statistics:

Charles also wrote a personal opinion article on global IPv6 adoption titled “Stop using Internet Protocol Version 4!” that is available (with registration) at ComputerWorld, CIO.com and other related sites.


Please visit our IPv6 Case Studies page for more examples of IPv6 deployment. If you would like to get started with IPv6, please visit our IPv6 resources or begin with our “Start Here” page to help find resources most appropriate for your type of organization. If you have an IPv6 case study you think we should consider for inclusion on our site, please contact us – we are always looking for more!


Slides: IPv6 and Telecom – IPv4 Is FInally Running Out. Now What?

What is the impact of IPv6 on telecommunications, including Voice-over-IP (VoIP) and Unified Communications (UC)?  I recently presented in a webinar for US Telecom on exactly that topic – and my slides for the session are now available:

The webinar was recorded and I’m told that if you register you can view the archive of the session.  There were some excellent questions asked at the end that you can hear through the recording.

As more of the Internet moves to IPv6, it’s definitely important for telecommunications to work over IPv6 – to help with that we are continuing to compile a list of resources related to IPv6 and VoIP/UC/telecom.  Please do check the list out – and also please let us know of any additional resources we should add!

If you are looking to get started with IPv6, please do check out our “Start Here” pages where you can find resources relating to your type of company or organization.

Case Study: Facebook Moving To An IPv6-Only Internal Network

At the 2014 v6 World Congress in Paris, Facebook’s Paul Saab outlined how Facebook is well on the path toward moving to an IPv6-only internal network. He makes the point that why should you deal with the headache of maintaining a dual-stack (IPv4/IPv6)? Instead just move your internal network to be IPv6-only and then have dual-stack devices on the edge of the network to interact with the legacy IPv4 Internet.  He also walks through the challenges Facebook faced with regard to vendor equipment, software applications and also with the issue that many developers continued to write IPv4-only code. (A clever solution: simply remove IPv4 from the developer’s machines!)

You can download a copy of the slides (and view commentary in the IPv6 Group on Facebook) to read all about the process, but here’s the key summary slide 31:

fb-internal-ipv6

Those statistics are:

  • 100% of  hosts they care about respond on IPv6  (Hosts that are not IPv6 ready are going away.)
  • 75% of internal traffic is now IPv6 with a goal to be at 100% by Q3 2014 or earlier
  • 98% of traffic in and out of HHVM is IPv6
  • 100% of our memcache traffic is IPv6
  • A goal of being 100% IPv6-only in 2-3 years

Very impressive to see!  All in all a great document for anyone seeking to understand the challenges that an online service may face when moving to IPv6 – and how to overcome those challenges!


Please visit our IPv6 Case Studies page for more examples of IPv6 deployment. If you would like to get started with IPv6, please visit our IPv6 resources or begin with our “Start Here” page to help find resources most appropriate for your type of organization. If you have an IPv6 case study you think we should consider for inclusion on our site, please contact us – we are always looking for more!