Release Notes for RTPProxy v3.1.0

We are excited to announce the release of RTPProxy v3.1.0, which brings significant new features and enhancements to improve NAT traversal, media security, and system robustness. This release focuses on the introduction of the new ICE-Lite module, enhancements to the DTLS gateway module, and the addition of a new fuzzer type for improved testing.

New Features

ICE-Lite Module

• Introduction of ICE-Lite Support
  • Added a new ICE-Lite module to enable RTPProxy to participate in Interactive Connectivity Establishment (ICE) procedures as a lite implementation.
  • Enhances NAT traversal capabilities by allowing RTPProxy to handle ICE connectivity checks, improving media stream establishment in NAT-restricted environments.
  • Supports interoperability with full ICE implementations, facilitating seamless media negotiation between endpoints behind NATs.
  • Can be combined with the existing dtls_gw module to provide full WebRTC endpoint. Verified to seamlessly interoperate with Google Chrome, Mozilla FireFox and Microsoft Edge.

New Fuzzer Integration

• Enhanced Testing with Advanced Fuzzing
  • Integrated a new RTP/DTLS/ICE session fuzzer type into the testing framework to proactively identify and address potential vulnerabilities.
  • The fuzzer systematically generates a wide range of inputs to test the resilience of RTPProxy against unexpected or malformed data.
  • Improves overall stability and security by uncovering edge cases and ensuring robust handling of diverse network scenarios.

Improvements

DTLS Gateway Module Enhancements

• RTCP Support
  • Added support for the RTCP/SRTCP packets encryption/decryption in case they are muxed into RTP/SRTP stream.
• Optimized DTLS Handshake Process
  • Improved the efficiency of the DTLS handshake in the dtls_gw module, reducing latency during the establishment of secure media streams.
• Expanded Cipher Suite Support
  • Updated the DTLS implementation to support additional cipher suites, enhancing compatibility with a broader range of clients and strengthening security.
• Stability and Reliability Enhancements
  • Resolved issues related to DTLS session management, resulting in more stable and reliable encrypted media transmissions.

Pre-built Containers Enhancements

• Pre-built docker images are now also pushed to the ghcr.io in addition to the hub.docker.com.
• Ubuntu-based images are added in addition to the Debian ones.

Documentation Updates

• ICE-Lite Documentation
  • Added documentation on the ICE-Lite (ice_lite) module.
• Updated DTLS Gateway Documentation
  • Revised documentation for the dtls_gw module to reflect the latest enhancements and provide guidance on optimizing DTLS settings.

Upgrade Notes

• Configuration Changes
  • New configuration parameters are introduced for the ICE-Lite module. Users should review and update their configuration files to enable and customize ICE-Lite functionality.
• Dependency Updates
  • Ensure that all dependencies, especially those related to DTLS and ICE, are updated to their latest versions to fully leverage the new features and improvements.

Acknowledgments

We extend our gratitude to all contributors, testers, and community members whose efforts and feedback have been invaluable in making this release possible.

For a detailed list of all changes and commits, please refer to the GitHub comparison between v3.0.1 and v3.1.0.

We highly recommend updating to this version to take advantage of the new ICE-Lite module, DTLS gateway enhancements, and improved testing capabilities.

This is a minor release fixing a bug in the DTLS_GW module causing SHA-256 not being accepted as a fingerprint algorithm name (vs. more common sha-256 notation).

RTPProxy 3.0 Release Notes

Sippy Labs is thrilled to introduce RTPProxy 3.0. This release introduces significant enhancements and new features since the previous release 2.2 four years ago.

Major Improvements

• Revamped Architecture: We have rearchitected major subsystems for more parallelism, significantly improving performance.
• Enhanced Compatibility: RTPProxy 3.0 ensures extended support for third-party extension modules.
• Full Support for Video and Encrypted Calls: The new release can handle video and encrypted calls, solidifying RTPProxy's position as a comprehensive solution for real-time communication needs.

Performance Enhancements

• Polling: We've replaced the use of poll() with epoll()/kqueue() for RTP/RTCP sockets polling.
• RTCP Handling: Now runs in its own dedicated thread.
• Media Generation: Playback now runs in a separate thread.
• Elimination of Bottleneck: We've eliminated a significant synchronization bottleneck that was affecting the command-processing thread.
• Hashing Algorithm: For handling sessions hash tables, we've switched to xxHash, a high-performing hashing algorithm.

New Features

• Library Version of RTPProxy: This version allows RTPProxy to be embedded into other real-time communication software.
• DTLS Gateway Module: This new module can translate between encrypted and non-encrypted streams and perform back-to-back re-encryption of already encrypted streams for recording purposes.
• Automated Docker Builds: Starting with 3.0, we are publishing official RTPProxy Docker images to DockerHub with every release and every commit to the master branch.

For more detailed information, please refer to our full RTPProxy 3.0 Release Information.

RTPProxy v2.1.1 Release Notes

September 2020

Various bugfixes and small improvements made into our LTS release branch rtpp_2_1.

RTPProxy v2.2.0 Release Notes

September, 2020

Notable Changes

HEP Integration Module

New acct_rtcp_help loadable module has been implemented allowing to report RTCP packets to the HEP (Homer) server.

RFC2833 Capture Module

New catch_dtmf module has been added in collaboration with the OpenSIPS project. The module allows the RTPProxy notify a call controller (i.e. SIP Proxy or B2BUA) when so instructed of any DTMF-style events that are present in the real-time stream. The notification can be enabled on per-stream basis and is done via the same mechanism as "no-audio timeout" notifications to simplify integration.

Support for Link-Time Optimization (LTO)

Optional support for the LTO has been added into the build system allowing utilizing latest enhancements to the compiler technology (--enable-lto when running configure script).

Numerous Performance Improvements

Number of performance-critical components have been refactored to reduce

Automatic Test Coverage Report Integration

Coveralls.io has been integrated to provide Test Coverage tracking for all actively developed branches.

Test Coverage Improvements

Test coverage has been vastly improved from 52% to 91%.

RTPProxy v2.1.0 Release Notes

June 2019

Version 2.1.0 of the RTPProxy brings 3+ years of improvements and fixes into our 2.0 version. The goal of this release has been to stabilize the new code and subsystems added in 2.0.

We heavily focused on developing test framework that is based on high-level functional testing and fixed the issues as we go. Basic testing is done in the RTPProxy repository itself.

For more advanced test scenarios that use external components, an additional repository has been created, Sippy/VoIPTests. The code in that repository is building on our python SIP stack and brings together many-many different versions of Kamailio, OpenSIPS, RTPProxy, Sipppy B2BUA (Python) and our recent addition Sippy B2BUA (Go) to tests that they can perform basic functions that an user might want them to perform. So if we (god forbid!) break our ability to work with any of those software by making any changes to our code we are instantly notified. And in reverse, if any of those nice folks break (never happens!:) whatever we think of a basic level of the support for the RTPProxy, we are aware of it and do our best to bring the issue to the light.

Notable Changes

Improved session latching

Make session latching more intelligent. Instead of disallowing
another latch within certain interval after previous one
(UPDATE_WINDOW), allow another update any time if new packet
meets criteria:

1. It's valid RTP packet (as far as rtp_packet_parse() can tell);
2. It has the same SSRC value that has been saved during the
   previous latching;
3. Its sequence number is greater than the sequence number that
   we saved while doing the previous latching.

If any of (1)-(3) fails, then we revert to the old way with
disallowing new update within UPDATE_WINDOW after the previous
one.

This fixes the issue when endpoint generates 3 packets from
the proper IP, but then switches to completely different port
and sticks with that for the rest of the session. Right now,
the rtpproxy would latch to the first packet out of those 3 and
discard the rest considering those a garbage. We are not 100%
sure if it's endpoint's fault or just some NAT stupidity.

Printing of SSRC and initial sequence number is done while latching. It
is helpful to identify session in the log and could also be useful in some
other cases.

fb594fb

Count ignored packets

rtpproxy now counts the number of ignored packets per session. This counter
represents the number of packets that were coming from unrecognized IP/Ports.

0020e45

New U/L command modifier n to allocate in RTP/RTCP ports

The new n option to the RTPP U/L commands that force a new pair of RTP/RTCP
ports to be allocated and the old ones released. This is useful when a call
route-advances or fails over to a new destination, where the failed route may
still be sending superfluous traffic to the previous ports.

8066e51

RTPP Q command takes arguments of what counters to return

Extend the Q (session stats query) command to take optional list of specific
counters to pull. This allows fetching only those stats that are relevant and
makes Q quite usable for the test suite runs.

Example: Q call-id from_tag to_tag rtpa_nsent rtpa_nrcvd rtpa_ndups rtpa_nlost

273292b

New stats counters to track overall packet loss

rtpa_nsent rtpa_nrcvd and rtpa_ndups counters allow to monitor overall
packet loss in all streams going to the rtpproxy as function of time.

4f58b4a

SSRC packet tracking

See commit for WIP: b1ac79e

Python rtpp client

python/rtpp_query.py is a simple client that allows the user interactive rtpp
session. Also useful for injecting commands via stdin or by files.

48a603e

Notification socket wildcard

A notification wild card %%CC_SELF%% can be used to automatically register
notifications sockets for callers of the U and L commands.

83b09c9

The SIGHUP signal causes rtpproxy to shutdown gracefully

Use SIGHUP instead of SIGTERM to shut down the proxy. The difference is that
SIGTERM tries to tear down everything from the signal handler, while SIGHUP
actually makes main() to exit gracefully so that there is no racing condition
between main() posting event into the rtpp_proc queue and the rtpp_proc
actually exiting.

55438f1

Improved test coverage

The rtpproxy test suite has grown, and covers all common use cases.

• repacketization

New pertools/udp_contention tool to simulate UDP traffic.

3025a33

U and L command option z to set ptime

Save ptime value if provided by the z options for the U/L command into
session parameters and use it to request specific packet size when P (playback)
command is received with "session" as a codec type. Extend playback
(rtp_server) API to be able generating frames with ptime other than absolute
minimum supported by a codec.

644072c

rtpp_streamdb module

Add rtpp_streamdb, a new module to serve as a central in-memory DB for the
RTP/RTCP streams. Instead of using call-id as an indexing/lookup parameter or
passing around a pointer to the structure, assign unique (within
rtpp_streamdb instance) 64-bit integer for each session and provide a way to
use that integer to quickly pull the session in question. Also integrate
ref-counting and require it in order to protect a session from being released
while it's being used by some part of the code. This allows us to untangle some
global locking between command and RTP forwarding threads.

The 64-bit id will be used as a "weak reference" in critical path of the code,
i.e. mapping from the file descriptor into the session structure while doing
I/O, so that some performance assessment has been done to make sure lookup
performance is adequate for the task. Quick assessment shows that we can do
some 6,000,000 lookups/sec on a single thread on E3-1220 V2 @ 3.10GHz on set of
4,000 sessions with initial code. This should be enough for the current
architecture and there are several relatively easy ways to reduce the overhead
at least 2-3 times further by increasing the size of the hash table and/or
in-lining/optimizing hashing code. We expect current code doing some 70-100k
lookups/second at 1.5-2k sessions top.

34c2911

Re-factor session handling (internal changes)

Refactor mostly related with the fact that struct rtpp_session is now struct
rtpp_session_obj and that the sp->stream[N] is a pointer, not
a sub-structure. Also deals with some API changes in the weakref code and
elsewhere.

29bb9e1

Jitter Tracking

RTPProxy now tracks jitter metrics as per Appendix A.8 of rfc3550

e545b08

Dynamic Loadable Modules

Infrastructure to support dynamic loadable modules has been implemented, and it
is used for the new Accounting CSV module.

6305000

Accounting CSV Module

An accounting module that will output stats for each ended call to a csv file.
The Accounting CSV module will output a CSV string of user specified (at start
time) metrics. At the end of each session, this module will append a new live
to the CSV file. Operators typically will configure a log collection agent to
further process the metrics.

TODO: Provide flag examples

cd5afbf

IPv6 Improvements and fixes

Fixes and improvements plus integration tests added to our test suite.

TODO: MAX, can you flesh this paragraph out a bit more?

MAX: Yes, sure, fixed lot of bugs and made overall improvement and code unification.

3e13d18

Thank you to our contributors!

• @sobomax

rtpproxy v2.0.0 Release Notes

This is the first official release since version 1.2 in March 2009. v2.0 release brings 5-years worth of extensive improvements in performance, quality, and test coverage. This release has been heavily tested in production environments, and has had significant contributions from the open-source community.

This is the first release since we moved the project to github, and travis-ci for automated test coverage.

rtpproxy is a Sippy Software, Inc open source project. The rtpproxy is part of Sippy's commercial soft switch product, and Sippy's clustered media gateway project. rtpproxy is also widely used in other VoIP service provider networks.
rptproxy supports Opensips, Kamailio, and Sippy's own open source b2bua

Notable Changes

Performance / Quality

Reduction in CPU usage by 40% to 60% has been observed on production deployments.
Jitter (measured using wire shark) characteristics have improved significantly.

These quality and performance improvements come mostly from improvements in the following areas:

• send receive threads are now asynchronous
• poll() is called more intelligently thanks to a PLL timing loop, resulting in much better jitter characteristics
• poll() is called less frequently for RTCP than for RTP
• command processing I/O happens on separate background thread
• Overall reduction in poll() overhead

New stats counters

The rtp command protocol (rtpp) has a new command G that gives access to the following counters:

• nsess_created Number of RTP sessions created
• nsess_destroyed Number of RTP sessions destroyed
• nsess_timeout Number of RTP sessions ended due to media timeout
• nsess_complete Number of RTP sessions fully setup
• nsess_timeout Number of sessions ended due to media timeout
• nsess_nortp Number of sessions that had no RTP neither in nor out
• nsess_owrtp Number of sessions that had one-way RTP only
• nsess_nortcp Number of sessions that had no RTCP neither in nor out
• nsess_owrtcp Number of sessions that had one-way RTCP only
• nplrs_created Number of RTP players created
• nplrs_destroyed Number of RTP players destroyed
• npkts_rcvd Total number of RTP/RTPC packets received
• npkts_played Total number of RTP packets locally generated (played out)
• npkts_relayed Total number of RTP/RTPC packets relayed
• npkts_resizer_in Total number of RTP packets going into re-sizer (re-packetizer)
• npkts_resizer_out Total number of RTP packets coming out of re-sizer (re-packetizer)
• npkts_resizer_discard Number of RTP packets discarded by the re-sizer (re-packetizer)
• npkts_discard Total number of RTP/RTPC packets discarded
• total_duration Cumulative duration of all sessions
• ncmds_rcvd Total number of control commands received
• ncmds_succd Total number of control commands successfully processed
• ncmds_errs Total number of control commands ended up with an error
• ncmds_repld Total number of control commands that had a reply generated

Re-packetization support to resize rtp packet sizes.

Re-packetization allows providers to resize the rtp frame size between a caller and a callee. This is useful for saving bandwidth between pops, or for interoperability with vendors who require a non-standard ptime. For example, the standard ptime for g.729 is 20 msec, but a vendor may require that ptime be 60msec. Re-packetization allows this resizing to happen on the fly. See also the monitoring counters npkts_resizer_in, npkts_resizer_out and npkts_resizer_discard that relates to this feature.

SIGHUP for graceful shutdown

The SIGHUP signal will initiate a slow shut down. In this mode any new rtpp requests for a new session will be rejected with a E99 code. The rtpproxy will exit only after all active sessions have ended. This feature simplifies planned maintenance.

Updated makeann utility

The makeann utility takes 16-bit signed linear encoded audio and produces a file for each supported codec.

makeann codecs are supported:

• G.711u
• G.711a
• G.722 (new in 2.0)
• G.729 (new in 2.0)
• GSM (new in 2.0)

New extractaudio Utility

The extractaudio utility extracts audio streams and writes the recording to disk in wav format. The utility existed before 2.0, but it was not connected to the autoconf/automake build and as such required manual intervention to compile. The test suite uses this utility to verify that audio is transmitted correctly. The utility can be used for recording purposes also.

extractaudio supported codecs:

• G.711u
• G.711a
• G.722 (new in 2.0)
• G.729 (new in 2.0)
• GSM (new in 2.0)

The new flag -n has been added in 2.0 to avoid inserting blank audio periods to keep streams synchronized to real time. Mostly intended for CI use to provide predictable output.

Logging

• Call-ID is now recorded in log files

RTPP Command Channel Improvements

• Improved stream-based communication support to accept more than one command in the batch, don't expect sender to pause and wait for the reply after issuing a command.
• the rtpprroxy improved performance by using a hash table for look ups
• new G command to retrieve stat counters;
• new s modifier for the R command to record both streams into a single file (requires PCAP recording mode to be enabled via -P command-line option).
• simple commands are now executed without holding global lock, which should increase total throughput in terms of maximum numbers of commands that can be processed per unit of time and reduce interference between command and rtp processing threads. Those commands are V',VF' and `G'.

New Types of Control Channels

In 2.0, we've added the following 3 new control channels cunix, stdio and systemd, in addition to unix and udp as supported since v1.2:

• cunix, similar to unix except the server (e.g. rtpproxy) is not closing session after processing a command, so more commands can be posted and processed in sequence, thereby reducing overhead and complexity of the client code. Intended to become the default channel for local IPC;
• stdio, commands are read from stdin, replies are posted to stdout. Primarily designed to be used for CI. Example: rtpproxy -s stdio: -f < some.commands;
• systemd, get command from / post replies to the file descriptor provided by the systemd daemon. Only supported on Linux;

The control channel system has been overhauled to enable more than one channel to be used simultaneously.

New and updated command line flags

-s now accepts stdio, cunix: and systemd: as an argument. rtpproxy can accept -s multiple times, which will cause it to listen on multiple control sockets. More than one control channels can be used independently.
-V Show command protocol version.
-L Adjust the number of simultaneous open connections. Note that each RTP media stream requires four open connections. A SIP call can open more than one RTP media stream depending on the client's setup.
-A address Sets the advertised IP address. -A addr1/addr2 can also be used for bridging mode
-W setup_ttl Implements "Call Establishment Phase Timeout" as originally implemented in this opensips patch
-w Set access mode for the controlling UNIX-socket (if used). Only applies if rtpproxy runs under a different GID using -u option.
-b Don't randomize allocated ports, primarily aimed for debugging to provide more predictable behaviour

New Continuous Integration (CI) / Testing suite

Automated tests are now run using travis-ci
There are two groups of tests, tests bundled with the rtpproxy distribution, that can be run using the make check target, and a suit of integration tests (opensips, kamailio, sippy b2bua).

See github.com/sippy/voiptests for the integration test suite.

Summary of tests that run from the make check target

• makeann tests for all supported codecs
• Forwarding tests that verifies media from sender to receiver & the reverse
• Recording tests that verifies recording capability of the rtpproxy in both AdHoc and PCAP formats
• Simple command parser tests
• Playback tests that streams sample payload, captures packets from network, decodes and verifies the captured payload against the source payload.
• memdeb is an opt-in memory allocation tracker useful for detecting memory leaks
• session_timeout tests both types of session timeouts for both call establishment phase and session timeouts
• Re-packetization tests to verify proper functionality of the lossless re-packetization feature

See rtpproxy/test/ for more details.

Lossless RTP Payload Resize

The Lossless RTP Payload Resize feature has been promoted from experimental to fully supported feature and has been extensively tested with all supported codecs, which currently include the following codecs:

• G.711u
• G.711a
• G.729
• G.722 (new in 2.0)
• GSM (new in 2.0)

Miscellaneous

• make will build a rtpproxy binary and a rtpproxy_debug binary. The latter includes memdebug
• systemd support on Linux
• udp_storm - a utility to stress-test rtpproxy with the RTP-like traffic.

Sponsors & Contributors

Thank you to our contributors!

• @sobomax
• @bogdan-iancu
• @jevonearth
• @lemenkov
• @miconda
• @oej
• @taisph

This is a beta release of version of 1.3.