Archive for October, 2010

tiranul sub asediu

Posted: October 31, 2010 in personal
Tags:

(2:43:09 PM) tiranul: si acu incerc sa-mi fac curaj sa ma duc sa arunc toate cacaturile din bucatarie
(2:43:16 PM) tiranul: si sa dau cu aspiratorul
(2:43:48 PM) tiranul: pai am aruncat ieri juma de masa si gunoiul si ce era pe masina de spalat da acu s-au facut la loc
(2:43:54 PM) tiranul: cre’ca fac ceva gresit pe undeva
(2:44:02 PM) tiranul: da o sa arunc tot
(2:44:07 PM) Cristina: 😛
(2:44:09 PM) Cristina: =))
(2:44:12 PM) tiranul: si daca e ceva ce-mi trebuie o sa cumpar
(2:44:27 PM) Cristina: =))=))=))=))=))
(2:44:46 PM) tiranul: nu mai rade ma
(2:44:59 PM) tiranul: ca sunt tot felul de crapuri pe masa aia din bucatatie
(2:45:01 PM) tiranul: bucatarie
(2:45:08 PM) tiranul: si in plus tre sa pun la spalat
(2:45:11 PM) tiranul: sa calci cand vii
(2:45:18 PM) tiranul: ca o sa raman fara camasi and stuff
(2:45:38 PM) Cristina: 😀
(2:45:43 PM) Cristina: cum ziceam: =))=))=))=))=))
(2:45:52 PM) tiranul: ma enervezi

This is how it looks like

(at least imho)

interop

EPS roaming architecture with  local breakout

Sometime in the future posts I will describe in details everything. This is part of an article called An Analysis of Secure Interoperation of EPC and Mobile Equipments, submitted to a conference from IARIA.

pe scurt

Posted: October 29, 2010 in travel
Tags:

Leonardo Boutique Hotel – hotel super curat, angajati super misto, foarte politicosi si atenti; oricum, e foarte curat peste tot pe-aici – maniaci cu “reset to defaults”: imi asez oglinda din baie cum vreau, imi pun lucrurile aiurea, cand revin seara in camera totul e reset la defaults, totul e super aranjat si dichisit, ma enerveaza pana si pe mine atata ordine – de dulciuri nici nu mai are sens sa comentez – cafeaua e foarte naspa, cam pe oriunde pe unde am fost pe-aici au un fel de cafea facuta la ibric, dar fac ceva naspa, ca nu le iese buna deloc – sau poate nu am eu gustul cum trebuie; mi-e dor de mers la Starbucks cu tiranul 😦 – trebe musai sa ies sa fac poze prin jur; au 2 parcuri mari in apropiere si cik 15 minute cu masina pana la mare – maine au inchis peste tot la hotel, in termeni de : nu mic-dejun, nu gustari in business lounge, nu restaurant deschis pentru cina; eu nu pricep cum in zi de “sarbatoare” oamenii fac foamea; sau poate doar eu o sa fac foamea :-s – israelienii ma enerveaza oficial: sunt prea tari la capitolul IT 😦 retelistica, retele mobile, radio, securitate, securitate pe retele mobile, telefonie, etc etc etc; tipul cu care lucrez eu a fost in CheckPoint si in Cisco; I am like: ^:)^ ^:)^ ^:)^ – mi-e frica sa nu-mi scape de draci vreo injuratura urata in romana, ca foarte multi inteleg limba romana; cei care au rude din Romania se straduiesc sa-si ia cetatenie romana, ca sa poate sa isi trimita kinderii la scoli in Europa si/sau eventual sa o taie si ei acolo; ei zic ca orice evreu are un “Plan B” – intotdeauna .   :-?? – mi s-a oferit, mai in gluma, mai in serios, un post pe wireless 😛 – inapoi in tara sper sa-mi iasa faza cu cersitul de bani pe la companiile mari; m-au sunat unii (nu zic care, inca), dispusi sa ma sponsorizeze cu doctoratul; sa vedem si ce vor la schimb; nu prea as vrea sa plec din firma de acum, macar aici invat tehnologie ca lumea – mi-e foarte ciudat ca nu pricep bob din ce scriu/vorbesc oamenii astia; daca mai ajung pe-aici inca o data, ma apuc de invatat ebraica; ma rog, majoritatea celor cu care am eu de-a face sunt rusi, de capul lor; deci, cand nu le iese pe ebraica, o dau pe rusa; apoi pe engleza, apoi pe rusa, apoi iar pe ebraica; ceea ce e bine, constat ca termenilor IT tot pe engleza le zic; in Franta sa fi fost, atunci sa vezi distractie; v-am spus ca-s foarte tari la tehnologie? – fac dulciuri foarte bune 😀 Later Edit: DA, si astia de la hotel baga muzica super misto. In afara rarelor cazuri cand baga muzica de-a lor, la micul dejun, cina si in business lounge se asculta jazz, rock classic, muzica frantuzeasca din anii 80. Azi la micul dejun au pus niste preferati de-ai mei mai vechi: Staind – It’s been a while.  Iar colegii de la firma baga metale 😀

yogo

Posted: October 27, 2010 in travel
Tags: ,

Widely know fact: Israelienii fac dulciuri SUPER BUNE

Acum am descoperit Yogo 😀

image.php_

Sau, cu alte cuvinte, pe ce mai cheltui eu banii aiurea :p

Israel – again – prima zi

Posted: October 25, 2010 in travel
Tags:

Deci, am prins si eu plecarea cu El-Al de pe Otopeni, iar fazele de mi le povestea tiranul cu SRI-ul cu pushcoace in aeroport: CHIAR ASA E.

Control dupa check-in, interviu ~10-15 minute despre : cine sunt, unde stau, unde m-am nascut (nenea stia de Pitesti 😛 ), de cand sunt in Bucuresti, ce facultate am facut, de cand lucrez unde lucrez, cu cine stau, ce posesiuni am in Romania, pe unde am calarit in Orientul Mijlociu, daca am prieteni in Iordania, Irak…etc, daca am frati/surori care au fost pe-acolo……samd. Toate astea in timp ce stateam cu bagajul de mana si cel de cala dupa mine. Ma trece apoi de o coada de vreo 20 de persoane care asteptau in fata masinariei cu raze X. Imi baga bagajul in masinarie, apoi cred ca scap.

Draci! Vine partea si mai misto: ma pune sa-mi deschid bagajul si incepe sa imi scoata toate cele din bagajul de cala. Ii ia vreo 20 de minute sa verifice tot, apoi vine partea funny: ca ma uit la nenea ca nu mai reuseste sa la puna la loc si sa intre. Pentru un moment intra in panica, le scoate iar pe toate si incepe sa le aseze frumos. Chestie care-i mai ia vreo 5 minute. Apoi e multumit si ma lasa sa plec. Stau iar la o coada care abia se misca la controlul bagajelor de mana, dar pana la urma ajung la poarta 6. Imi iau un sandvis, fac un mic eavesdropping la parola de la Vodafone-le din aeroport si intru si eu un pic pe net.

Toate bune si frumoase, numai ca apare o tanti pe care o vazusem la masinaria cu raze X si-mi zice ca trebe sa eliberam locul. Apoi vin o alta gramada de tipi si pun panouri dintr-un fel de plastic dur asemanator geamului sablat. Instaleaza inca o masina X si cum eu stateam pe-acolo si ma chioram la ei, ma intreaba daca sunt pt zborul 572. Sunt, cum sa nu fiu.

Si mai intru la o repriza de control, de data asta, al bagajului de mana. Dat jos pantofi, scos tot din geanta, scos laptop, migalit aia la toate tampeniile pe care le luasem eu in bagajul de mana, dupa vreo alte 15 minute se declara multumiti si ma lasa sa ma indrept spre poarta.

Am observat ca pe ai lor nu-i controleaza mai deloc, la modul ca le trec bagajele prin masina minune, dar nu le desfac bagajele 😦

Zborul a fost oki-doki, numai mancarea super naspa: un sandvis cu mozarella, dar mai mult cu sos pesto in el, si un fel de “salata” rece de pufarine fierte (asa pareau 😛 ), cateva felii minuscule de morcov si 2-3 masline. Prajiturelele au fost bune.

La controlul pasapoartelor, iar interogatoriu. Ma intreaba ala unde ma duc, ii zic, si ma duce pe mine inspiratia, sa-i zic ca am mai fost o data, si ca tot acolo am fost. Il si vad cum se schimba la fata, pune o mutra incruntata si ma intreaba sever si suspicios: “Why are you telling me that? What should I understand from that?” La care mormai speriata un “I don’t know, sorry” si imi blestem eu dorinta de a comunica si socializa cu paranoicii.

In fine, ajung la hotel si ajung si eu sa fac nani.

De dimineata, abia asteptam masa, ca data trecuta a fost super buna mancarea si numai somon si branza frantuzeasca. Booon, cand ajung in sala de masa, ditai coada de coreeni. Abia de am gasit un loc, mai era lume care manca din picioare. Groaznic, ma miram eu de ce nu mai puteam face nicio rezervare.

Camera e niiicee 🙂

IMG_2595

 

IMG_2596

This is a summary of what I hope to be able to describe in the next several posts: the establishment of a basic SIP-IMS call flow, in a somewhat interesting scenario: when both Alice and Bob are in roaming.

Each of the participants talks to his/her own P, S and I servers. Here the presumption is that Alice is the one making the phone call.

sip-ims-call

“c1” because…mwell, because “a” was the register and 4G/IMS architecture, “b” was the OpenIMSCore and “c” should be an actual call flow.

Unfortunately, I cannot show you the actual 4G encapsulation, because I don’t have any tool to emulate that, but, as we’ve understood from the registration flow, each IMS message coming from or going to the IMS mobile device will be encapsulated in GTPv1-u header between the eNodeB, SGW, PGW and then forwarded, without the GTPv1-u encapsulation, to the P-CSCF. Juuust as for the Register flow…

4g-ims

Oook, now let’s take a look at the IMS-SIP call flow. Basically, what I’m going to show here is a Basic Call with Voice.

Now, the most basic SIP (Session Initiation Protocol) call flow has the following structure:

sip-basic

Basically, Alice sends an INVITE message to Bob (via a sip proxy server or directly), inviting Bob to a voip message exchange, and also sending in the SDP (Session Description Protocol) header (presented as a SIP message body), the RTP (Real-Time Protocol) codecs that Alice’s phone is supporting. 1xx is provisional messaging. 100 Trying and 180 Ringing is a good sign, they mean I am actually contacting Bob, I am just waiting for him to pick-up the phone. When he does that, his device signals a 200 OK (sending in this message also the RTP codecs known by Bob’s device), and Alice’s device Acknowledges. Now the RTP session can begin, with one of the matching codecs. Once the two guys finish talking, Alice’s phone (usually) is the one signaling the end of the conversation, by sending a BYE message to Bob, and this one acknowledges. Alice can also send her supported RTP codecs barely in her ACK message, procedure called late negotiation.

Now, this may rightfully seem simple enough, but wait! We haven’t yet got to the IMS part 🙂

The same “basic” SIP call flow in the IMS context would look like this (of course, excluding the 4G encapsulation which we’ve agreed we understand):

sip-basic-IMS

In the next chapter I’ll detail these messages.

For the moment, let’s just observe the presence of a weird new message called PRACK. The PRACK is defined in RFC3262: Reliability of Provisional Responses in the Session Initiation Protocol (SIP). The RFC 3262 states:

   The PRACK request plays the same role as ACK, but for
   provisional responses.  There is an important difference, however.
   PRACK is a normal SIP message, like BYE.  As such, its own
   reliability is ensured hop-by-hop through each stateful proxy.  Also
   like BYE, but unlike ACK, PRACK has its own response.  If this were
   not the case, the PRACK message could not traverse proxy servers
   compliant to RFC 2543 [4]."

I believe the IETF guys are pretty explanatory 🙂

See you in the next chapter.

HSS and Tomcat

Posted: October 14, 2010 in technical
Tags: , , ,

Ok, it’s been a while, but I had a true headache today trying to determine Tomcat to accept connections from an IP other than 127.0.0.1. Eventually, I didn’t make it, against all the optimistic descriptions of the manager.xml, server.xml or connector.xml or whatever.

Therefore, I have installed vnc4server and connected to that machine via VNC so that I can open a browser and type in http://localhost:8080

My user on that machine (where I had installed OpenIMSCore) is named cristina. Therefore, the steps I have followed were:

1. Install vnc4server : apt-get install vnc4server

2. sued to cristina and edit the xstartup file, like this:

#!/bin/sh

# Uncomment the following two lines for normal desktop:
unset SESSION_MANAGER
# exec /etc/X11/xinit/xinitrc

gnome-session &

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid grey
vncconfig -iconic &
# xterm -geometry 80×24+10+10 -ls -title “$VNCDESKTOP Desktop” &
twm &

Yes, I have GNOME, I hate GNOME,  but that’s what I have installed on this machine 🙂

3. Start the VNC server:

vncserver -geometry 1100×750 :1

Then used a UltraVNC client from Windows to connect to that machine on instance 1.

fhoss

This is what I see when accessing http://localhost:8080

 

From this web interface I can now configure the public and private user identities, charging policies and filtering and so on.

WONDERFUL tool. Kindda weird to configure at first, but, once you have clear in mind what you want to do, it seems really intuitive.

I have it on a debian 5.0.5. Installed in /opt/OpenIMSCore

It has 4 main components:

P-CSCF, I-CSCF, S-CSCF and HSS – and, as far as I have understood from my knowledgeable colleagues who have done this, these components can be installed separately on different machine. I have installed them bulky on a single machine.

Ah, and it needs a DB server (HSS being a DB afterall) – I have used MySQL and a DNS server – I have used bind9, on the same machine. The Fraunhofers are nice guys and give you the DNS file zone and a lot of scripts to make your work of configuring the proxies, as well as adding and managing users, much easier.

So, briefly, where are the configuration files, what I have changed in each of them to make them work, which scripts I have used and what users I have (the IMS dumps from the previous post shows a user called Cristina who registers to this IMS core and does a SIP call – we’ll see that also).

imacandi:/opt/OpenIMSCore# ls
add-imscore-user_newdb.sh  dbdump.sh                 fhoss.sh        icscf.thig.sh  pcscf.cfg       scscf.cfg  TGPPGq.xml      trcf.sh
add-user-cristina.sql      delete-user-cristina.sql  icscf.cfg       icscf.xml      pcscf.sh        scscf.sh   TGPPRx.xml
add-user-sin.sql           delete-user-sin.sql       icscf.sh        mgcf.cfg       pcscf.xml       scscf.xml  tls_prepare.sh
configurator.sh            FHoSS                     icscf.thig.cfg  mgcf.sh        remove_sems.sh  ser_ims    trcf.cfg
I guess it would be nice and mostly USEFUL, to read the OpenIMSCore install howto (don’t worry, is not long) BEFORE continuing – at least if you want to apply the following information as a “howto”. If you are reading just as a lecture, you may just continue.
And we are firstly interested in the configuration files of the proxies and the database. They are already created at installation time, and I have copied them (as per the installation howto), directly under /opt/OpenIMSCore.
They are:
/opt/OpenIMSCore/pcscf.cfg
/opt/OpenIMSCore/icscf.cfg
/opt/OpenIMSCore/scscf.cfg
/opt/OpenIMSCore/FHoSS/deploy/DiameterPeerHSS.xml
The pcscf.cfg is the config for the P-CSCF – big surprise, heh?
The only change I made here was the IP address the P-CSCF uses for opening the socket:
listen=22.22.22.22
port=4060
alias=”pcscf.open-ims.test”:4060
This file has the directives for the modules to be loaded by the pcscf daemon and also the main routing logic.  This routing logic part is a set of decisional actions based on the values of different headers from the SIP messages, like the Method type or the length of the message, or the value of max_forwards header or whether or not this is the initiator of a dialog and so on…
The pcscf.xml is another configuration file, containing declarations of the DiameterPeer, FQDN, Default Route, Realms and Authentication Identifiers. The only changes I’ve done in this file where related to the port where the P-CSCF listens for the Diameter communication:
<Acceptor port=”3867″ bind=”22.22.22.22″/>
This is specially useful if you have the HSS on a different machine (which is the real use-case).
And there is also the pcscf.sh, which is a basic start/stop script.
Now, the example with the pcscf config above is basically the same for the icscf and scscf.
The /opt/OpenIMSCore/FHoSS/deploy/DiameterPeerHSS.xml file contains some similar configuration for the HSS, where the only change was the Acceptor IP and port.
Oh, and one more thing, in order to be able to actually start the HSS you need to have the JAVA_HOME variable set.
Mine is JAVA_HOME=/usr/lib/jvm/java-6-sun.
Then I’ve started the HSS like this:
# cd /opt/OpenIMSCore/FHoSS/deploy
# ./startup.sh
By default, everything starts in debug mode, so I have 4 screens where I start the P, S, I and HSS, and then another one to play with.
It looks like this:
openimscore
— At this is the no-TLS way to configure it: not much to configure, actually.

http://leonidas-mb.ro/sortimente.html

S-a intamplat sa incerc si eu cateva sortimente de la Leonidas. Magazinul e pe Dorobanti, la vreo 50 de metri de ASE – Cibernetica. Nu stiu daca sa scriu o tona de complimente aici sau doar sa zic ca ciocolata e absolut geniala si ca merita TOTI banii. Nu are coloranti sau conservanti, e valabila 2 saptamani si…a..da: e FOARTE BUNA.

leonidas-bomboane-ciocolata

A fost cam 84 ron 500 gr, deci nu e chiar ieftina. Da’ nici nu cumpar zilnic 😛

Me happy ! 😀