Linked by David Adams on Mon 21st Mar 2011 20:14 UTC, submitted by Anonymous
GNU, GPL, Open Source The GNU Project has announced a new project called GNU Free Call, an open source Skype alternative that will offer anonymous VoIP and will use the GNU SIP Witch server as the back end. GNU SIP Witch requires a minimum of system resources so it can be used on cell phones too so it seems the goal is to provide a cross-platform application, the immediate target most probably being Android.
Thread beginning with comment 467512
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[7]: 'Twas about time
by Alfman on Wed 23rd Mar 2011 08:04 UTC in reply to "RE[6]: 'Twas about time"
Alfman
Member since:
2011-01-28

"I agree the SIP protocol could be better engineered but I don't get what is the need for a firewall when your voip application has its own IP address."

The need for firewalls is really a separate debate.

"NAT has no use for voip."

You could say "NAT has no use for HTTP" or "NAT has no use for SSH", since NAT has nothing to do with these protocols either. Somehow I allowed myself to veer off from talking about SIP to talking about NAT, but these are two separate topics. My original point was that protocols which use a single port are much more manageable.

"load distribution does not make sense for a voip application."

Why not? Shouldn't that decision be left to the sysadmins? Who are we to set policy?

"domain names don't apply to voip."

You've never used xlite or another voip/im client to dial "mydomain.com" or "###@mydomain.com"? Not only does this work, it's highly practical.

If ever it became popular, I'm sure most businesses would like to use their domain name for VOIP calls as well as web hosting. Why should we require that a domain name can only be used for services running on a single server? There is no reason to impose limits like this.


"That is why there are registrars. Just tell your registrar what is your new IP address and you are done."

Yes of course, but you could port forward the old IP to eliminate the DNS prorogation downtime. It's one solution we have today you think we shouldn't have, but why not?


I understand your agenda against IPv4, but your beef with port forwarding is exagerated. Regarding the load balancers mentioned above? Please explain why these shouldn't be permitted on IPv6?

I already know ipv4 is a nightmare, but port forwarding is useful even in corporate environments where IPv4 was never a limitation....you are simply overstating your case.

Reply Parent Score: 1

RE[8]: 'Twas about time
by spiderman on Wed 23rd Mar 2011 09:49 in reply to "RE[7]: 'Twas about time"
spiderman Member since:
2008-10-23


The need for firewalls is really a separate debate.
I mean that there is no need to filter the ports. If the application has its own ip address, all traffic is for this application anyway. A firewall is still useful if it can filter based on content.

You could say "NAT has no use for HTTP" or "NAT has no use for SSH", since NAT has nothing to do with these protocols either. Somehow I allowed myself to veer off from talking about SIP to talking about NAT, but these are two separate topics. My original point was that protocols which use a single port are much more manageable.
HTTP and SSH are client/server protocols. NAT makes sense in the cases you cited. It's not relevant to SIP because the peer wants to contact another peer. Each peer is identified by its ip. Hiding that ip makes no sense. There is only one client with that ip.

Why not? Shouldn't that decision be left to the sysadmins? Who are we to set policy?

The sysadmin already has a lot of policies and decisions to take. NAT'ing VoIP over IPv6 is still an option but I don't see why the sysadmin should consider it when it does not make sense in this context and adds useless complexity.

You've never used xlite or another voip/im client to dial "mydomain.com" or "###@mydomain.com"? Not only does this work, it's highly practical.

If ever it became popular, I'm sure most businesses would like to use their domain name for VOIP calls as well as web hosting. Why should we require that a domain name can only be used for services running on a single server? There is no reason to impose limits like this.
SIP addresses are something like sip:user@domaine.com but the domain does not matter. Each user has his own IP registered. The registrar has a fixed address. NAT'ing on the registrar's side may make sense but not on the client.

Yes of course, but you could port forward the old IP to eliminate the DNS prorogation downtime. It's one solution we have today you think we shouldn't have, but why not?

SIP is designed so the client does not have a fixed IP address. When the client authenticates, he registers his IP address to the registrar. If you don't use that feature, why use SIP at all?

I understand your agenda against IPv4, but your beef with port forwarding is exagerated. Regarding the load balancers mentioned above? Please explain why these shouldn't be permitted on IPv6?

I already know ipv4 is a nightmare, but port forwarding is useful even in corporate environments where IPv4 was never a limitation....you are simply overstating your case.

Load balancing does not make sense for a SIP client. ipv6 was pretty much designed with VoIP in mind. ipv6 makes all this trouble just vanish. No more STUN server, no more ICE, no more hacks, nothing. Everything is simple. You have an IP address, you use this IP address on the network to contact someone with his IP address. Skype becomes a simple server with a database with names, passwords and ip addresses. It does not longer have to route traffic. The Skype server can run on a 1Ghz PC with 256Mb of RAM and a small hard drive, 100Gb should be more than enough for the system and the database of all current users, all that connected to the internet with ADSL. Anybody could apt-get install a package and become Skype.

Anyway, all of this is just a dream. ipv6 will never take off, ever. We are going to have to deal with ipv4 until the end of time. The internet will become more and more of a mess. The price will go up and up but we will still stick with ipv4 until the end of time. This is the sad reality.

Edited 2011-03-23 10:06 UTC

Reply Parent Score: 2

RE[9]: 'Twas about time
by Alfman on Wed 23rd Mar 2011 18:00 in reply to "RE[8]: 'Twas about time"
Alfman Member since:
2011-01-28

"I mean that there is no need to filter the ports. If the application has its own ip address, all traffic is for this application anyway. A firewall is still useful if it can filter based on content."

If that's your opinion of hardware firewalls, then so be it. They are valuable to some people.

"HTTP and SSH are client/server protocols. NAT makes sense in the cases you cited. It's not relevant to SIP because the peer wants to contact another peer."

This is a ridiculous argument, of course there are SIP servers, asterisk being among the most popular...I shouldn't even have to say this.


"NAT'ing VoIP over IPv6 is still an option but I don't see why the sysadmin should consider it when it does not make sense in this context and adds useless complexity."

Of course they shouldn't do port forwarding unless it's helpful. In principal it should be their choice and not yours, I won't budge from this principal, if you disagree with it, then we'll just have to accept that we have different idealogical viewpoints.

"SIP addresses are something like sip:user@domaine.com but the domain does not matter."

It does matter, dialing peers via domain name is practical and allows for a decentralized "directory". It seems desperate to deny this practical application of SIP, which works today, on account that you feel SIP should not be usable via DNS.

Of course this all works fine under IPv6, a problem only arises when we deny the use of port forwarding over idealogical reasons. It sounds like you are willing to extend your argument so far as to deny the ability to use one domain name to host multiple services due to the fact that they use port forwarding. I disagree with that, but to each our own opinion.

"The registrar has a fixed address. NAT'ing on the registrar's side may make sense but not on the client."

Well, my examples were about port forward at the service provider where they have sysadmins. There are times when it does make sense.


"Load balancing does not make sense for a SIP client."
It's entirely plausible to have a scenario where a PBX is overloaded and load balancing helps, you're speaking in absolute terms without allow for the possibility of exceptions.

"ipv6 makes all this trouble just vanish. No more STUN server, no more ICE, no more hacks, nothing. Everything is simple. You have an IP address, you use this IP address on the network to contact someone with his IP address."

You're speaking as though I disagree with that, but I don't. As stated earlier, I know the benefits of IPv6.

"Anyway, all of this is just a dream. ipv6 will never take off, ever..."

The trouble is that IPv4 and IPv6 are incompatible, people on one network cannot reach the other without a proxy. Since everyone today is on IPv4, nobody wants IPv6. I totally agree that it sucks.

Reply Parent Score: 1

RE[9]: 'Twas about time
by Alfman on Wed 23rd Mar 2011 19:40 in reply to "RE[8]: 'Twas about time"
Alfman Member since:
2011-01-28

spiderman,

Since you softened up on the original claim that NAT has no uses whatsoever, then I guess I don't really object to your points.

Ideally we should eliminate NAT for residential users to allow full end to end connectivity.

I'm still disappointed that stock Linux IPv6 cannot do any NAT whatsoever, since it eliminates Linux as a candidate for roles where port forwarding is needed. The upgrade from IPv4 to IPv6 shouldn't require sysadmins to give up functionality.

Reply Parent Score: 1

RE[9]: 'Twas about time
by Alfman on Wed 23rd Mar 2011 20:26 in reply to "RE[8]: 'Twas about time"
Alfman Member since:
2011-01-28

Once more, to put it concisely:

"NAT" as a mechanism for automatically masquerading private IPs behind a public IP is a hack which IPv6 solves (assuming of course that ISPs agree to give customers sufficient IPs for all their devices). Using NAT for masquerading kills end to end connectivity.

"NAT" as a mechanism for explicitly forwarding ports to distribute services across multiple servers solves a completely different set of problems which have nothing to do with private IP masquerading. Port forwarding is not contradictory to the connectivity goals of IPv6.

One is evil, the other is not.

Reply Parent Score: 1