The session Jeremy Sanders and I presented today the IBM Connect 2014 event in Orlando.
Need my help? Contact Keith Brooks via one of the following ways:
Blog http://blog.vanessabrooks.com
Twitter http://twitter.com/lotusevangelist
http://about.me/keithbrooks
For more information on ThinkRite, http://www.thinkrite.com
3. Who Are These Guys?
Keith Brooks is the Social Collaboration Practice Leader for ThinkRite and a
Certified Administrator for IBM Sametime and Notes and Domino.
Keith manages a team that is responsible for providing Sametime and SUT
services to over 500,000 customers worldwide.
ThinkRite is the sole provider of SUT installations for IBM Worldwide.
Websphere (2013) and ICS (2013-2014)
Twitter/Skype: @lotusevangelist
Blog: http://blog.vanessabrooks.com
3
4. Who Are These Guys?
Jeremy Sanders is Chief Technical Officer of ThinkRite UK and an experienced integrator
and developer of enhancements for IBM Sametime Unified Telephony (SUT) and IBM Unified
Messaging (UM) for WebSphere Voice Response. He holds an MSc in Project Management
and achieved professional certifications in Cisco, Siemens/Unify and IBM/Lotus voice areas.
He has profound experience in integrating telephony systems and protocols.
Jeremy has worked in VoiceRite/ThinkRite for 13 years, starting as a Senior Engineer. Before
this Jeremy worked in IBM as Lead Developer for IBM UM and with another IBM business
partner installing and enhancing IBM UM.
Jeremy still occasionally works with IBM UM developers and support staff in IBM Hursley labs
but has been focused on IBM SUT for the last four years, and continues to lead SUT
installations and integrations in Europe.
4
5. Why Are We Here?
One word…..FREE!
Inside every downloadable copy of IBM Sametime 9 is a FREE
Repeat, FREE, product that will change your world.
We are here to show you why and how it will do this.
Please hold any questions until the end.
5
6. Why Are We Here?
“SUT Lite” is now called IBM Sametime Softphone (ST )
(In the ST Wiki find it under the name: Deploying SIP based calling)
It will make you and your employees lives better.
But how?
What does it do?
How can you enable this?
What else can you do with Sametime Unified Telephony? (SUT)
6
13. Sametime 101
7.5
Know
9.0
Community Community
Server
Server (Domino)
(Domino)
Domino, Websphere
and DB2 Required
Domino, Websphere
and DB2. Linux and
Windows Required
Gateway
Gateway, Proxy
Gateway, Proxy,
Edge, TURN, Media
Manager
Gateway, Proxy,
Edge, TURN, VMCU
Entitlement, Entry,
Standard, Advanced
Communicate,
Conference and
Complete
SUT
You
8.5
Entitlement,
Entry, Standard,
Advanced
Think
8.0.2
SUT
SUT Lite
SUT,
Voice/SoftPhone
Sametime?
13
15. Sametime 101 – 8.5.x
8.5.1 Required the following components if you wanted JUST instant messaging and presence with meetings:
Lotus Sametime System Console - used for managing and administering servers from a central location
DB2®
An LDAP directory
Lotus Sametime Community Server (Runs on Domino)
Lotus Sametime Meeting Server
Lotus Sametime Proxy Server - provides an integrated web chat client and presence; required for web clients and ST browser clients
The following components can optionally be deployed:
Lotus Sametime Gateway - extends instant messaging to external communities
Lotus Sametime Media Manager - provides audio and video features in the Lotus Sametime client and in meetings
Audio-visual (AV) components provided with the Lotus Sametime Media Manager
The Lotus Sametime Media Manager comprised three components
SIP Proxy/Registrar – central server for audio and video clients and servers to register their location and send and receive calls
Conference Manager - manages conference media flows
Packet Switcher- routes audio and video data to conference participants based on detecting the active speaker
15
16. Sametime 101 – 9.0
9.0 Required the following components if you wanted JUST instant messaging and presence with meetings:
IBM Sametime System Console - used for managing and administering servers from a central location
DB2®
An LDAP directory
IBM Sametime Community Server (Runs on Domino)
IBM Sametime Meeting Server
IBM Sametime Proxy Server - provides an integrated web chat client and presence; required for web clients and ST browser clients
The following components can optionally be deployed:
IBM Sametime Gateway - extends instant messaging to external communities
IBM Sametime Media Manager - provides audio and video features in the IBM Sametime client and in meetings
Audio-visual (A/V) components provided with the IBM Sametime Media Manager
The IBM Sametime Media Manager comprises four components
SIP Proxy/Registrar – central server for audio and video clients and servers to register their location and send and receive calls
Conference Manager - manages conference (and ST ) media flows
Video MCU - enables multi-way, audio and video conferences with continuous presence and multiple client layouts
Video Manager - manages the scaling and distribution of audio and video conferences
16
19. Sametime 101 – The Power Tools in 9.0
1. System Console Server
7. Proxy Server
2. Gateway Server
8. SIP Edge Proxy
3. Media Manager( in 4 parts) 9. TURN Server
4. Bandwidth Manager
10. Community Server / Mux
5. Meeting Server
11. LDAP Server
6. Advanced Server
12. DB2 Server
Note: ALL Components are 64bit ONLY
19
20. Sametime 101
1) Sametime System Console/Server:
First “server” to be installed
Use the SSC to install, configure and administer the other servers.
Larger environments this would be a stand alone server
20
21. Sametime 101
2) Gateway Server:
The Sametime Gateway server is used to connect Sametime clients with other instant
messaging clients. It can be a stand alone or a clustered installation.
You can, and usually do, install it securely in the network DMZ because:
– Firewall restrictions make it impossible for users from the Internet to directly access
a Sametime community server on your corporate intranet, but Internet users can
access Sametime Gateway Server in the network DMZ.
– Sametime community servers, behind the internal firewall, are accessible only over an encrypted VP
protocol.
– DB2 is behind the internal firewall, restricted by host and port access.
– LDAP is behind the internal firewall, accessible over SSL and restricted by host and port access
– Sametime Gateway Server exchanges with other instant messaging providers over SIP can be
encrypted with SSL.
Connects you to: AOL, Google Talk, and XMPP communities, Other Sametime communities
and other Sametime companies using AOL clearinghouse
21
22. Sametime 101
3) Media Manager:
The Sametime Media Manager is now comprised of four server components, which
can be installed on a single computer, individually on separate computers, or as a
cluster that supports fail over and high availability. They are:
1. SIP Proxy/Registrar – central service using industry standard SIP allows clients
and servers to register their locations and send and receive calls
2. Conference Manager - manages the state of audio and video calls (includes
TCSPI adapter for integration with other vendors)
3. Video MCU* - enables multi-way, audio and video conferences with continuous
presence and multiple client layouts (replaces more primitive Packet Switcher)
4. Video Manager - manages the scaling and distribution of audio and video
conferences
Works with the Sametime Bandwidth and TURN Servers (both Optional)
22
*=Linux Only
23. Sametime 101
3A) SIP Proxy/Registrar
Manages location services and forwards SIP messages to their destinations.
The SIP Proxy/Registrar maintains the registry between all users and their
location, and maintains the registration of conferences.
The SIP Proxy/Registrar routes all SIP messages inside Sametime. Every
voice or video message to a user goes through the SIP Proxy/Registrar.
The following components know to consult the registrar: Sametime Media
Manager, SIP-based calling, and Sametime Unified Telephony.
It requires access to LDAP.
23
24. Sametime 101
3B) Conference Manager
Administers all conferences, including point-to-point and multipoint.
The Conference Manager works with the client to establish a SIP session
for the call. It also hosts the internal Telephony Conferencing Service
Provider Interface (TCSPI) adapter and an optional external TCSPI
adapter. The TCSPI integrates with the Video MCUs and bridges.
The Conference Manager works with the client to establish the SIP session
for the call. The Conference Manager manages the state of audio and
video calls. All audio and video features, both one-to-one A/V chat and
multi-way A/V chats, depend on this component.
24
25. Sametime 101
3C) VMCU Server:
Video Multipoint Control Unit
The Video MCU provides conferencing functionality.
The main purposes of the Video MCU is to:
• Handles media and media control from Sametime 9 clients
• Routes H264 AVC (SVC base layer) and SVC video to video enabled
clients
• Routes Scalable Audio Codec (SAC) to Sametime 9 clients
• Support audio transcoding and audio mix for clients which don’t
support SAC
25
26. Sametime 101
3D) Video Manager
Distributes audio and video communications among the servers within
a Sametime deployment according to routing rules that you define.
The IBM Sametime Video Manager manages the scaling and distribution of audio
and video conferences, through MCU pools and cascading.
It also manages attributes for conferences, such as maximum line-rate, and the
following tasks:
– Multi-way audio and video conferencing (requires Sametime Conference)
– Multimedia transport and bandwidth control
– Call server routing based on dial plan
– Creates meeting rooms based on template
– The Video Manager cannot be clustered, but you can have multiple servers
with a load balancer in front.
26
27. Sametime 101
4) Bandwidth Manager:
Works with the Sametime Media Manager, controlling bandwidth used in audio and
video calls that are handled by the media manager.
You can install the bandwidth manager on an existing Sametime Media Manager,
or on a separate computer. Not managed by the Sametime System Console (SSC).
Optimizes bandwidth by calculating the call route for each call as it is initiated, and
reserving the required bandwidth for the duration of that call.
The bandwidth manager client is built into the Sametime Connect client, web client,
and embedded client, so its features are installed automatically.
The bandwidth manager is a J2EE SIP application running on IBM WebSphere®
Application Server.
You will not be able to change your mind and add the server to a cluster later!
27
You have been warned!
28. Sametime 101
5) Meeting Manager
Provides meeting features and online "meeting rooms" where users can present
information and share applications.
If you deploy the Sametime Media Manager, conferences can include audio and
video features as well.
The Sametime Meeting Server uses a DB2® database for storing information about
meeting room settings and schedules.
28
29. Sametime 101
6) Advanced Server:
Brings social networking features to the Sametime client with such
features as persistent chat rooms, broadcast messages, polling, screen
sharing, and remote machine control.
Sametime Advanced allows the ability to send and receive offline
messages, send files to a group chat, or send a folder to a contact.
The Advanced server requires a DB2 database and connection with
LDAP for authentication. Persistent chat rooms are managed and
maintained by the Advanced server itself and transcript logs in those
rooms are automatically accessible on the server.
Instant screen sharing requires you install the Meeting Server as well.
29
30. Sametime 101
7) Proxy Server:
Regulates communication with Sametime clients running on mobile
devices.
It’s all about PUSH.
Generally required to work with Apple (Apple’s Push Notification Server)
and Android devices (Google Cloud Messaging).
30
31. Sametime 101
8) SIP Edge Proxy Server:
A SIP application installed over WAS and uses the Media Manager’s SIP
Proxy/Registrar installer.
The IBM SIP Edge Proxy server connects external clients to the Sametime SIP
Proxy/Registrar server.
Both external (IBM SIP Edge Proxy IP) and internal clients (Media Manager’s SIP
Proxy/Registrar IP) receive a host name for the SIP Proxy/Registrar.
The IBM SIP Edge Proxy and the Sametime SIP Proxy/Registrar servers
communicate with each other over SIP ports.
SIP ports must be opened in the firewall in both directions and both servers
should be able to resolve the FQDN of each other.
31
32. Sametime 101
9) TURN Server:
Enables Sametime clients to send audio and video communications
across a NAT or firewall when direct peer-to-peer communications are not
possible.
Runs on Linux™ or Windows™ platforms only and is part of a JRE.
The TURN Server does not require WAS.
It has no dependencies on other processes or other Sametime servers.
The Sametime Connect client, Sametime Web meetings, and the Media
Manager can use the TURN server if they detect its presence.
32
33. Sametime 101
10) Community Server / Mux:
IBM Domino Server, Relies on Domino Clustering
Turn off all unnecessary Domino tasks
Mux Server sits in front of the Community Server for authentication and
scaling and can increase capacity significantly. No Clustering, use more.
11) LDAP Server:
IBM Domino Directory used as an LDAP repository is a popular choice
Microsoft’s Active Directory has been seen in the wild as well
Be aware different syntax and details are required for each so read the wiki
33
34. Sametime 101
12) DB2 Server
You can use the DB2 installation that comes with IBM Sametime, or you
can use an existing DB2 infrastructure.
The DB2 Setup wizard provides dynamic size estimates based on the
components selected during a typical, compact, or custom installation.
On Linux and UNIX operating systems, 2 GB of free space in the /tmp
directory is recommended.
Note: On Linux and UNIX operating systems, you must install
your DB2 product in an empty directory. If the directory that you have
specified as the install path contains subdirectories or files,
your DB2 installation might fail.
34
36. Sametime Phone (ST)
“SUT Lite” is now called IBM Softphone,
Sametime Phone or Sametime Voice
now available in Communicate and
Complete with no additional license!
37. What is Sametime Phone?
A basic SIP softphone packaged with Sametime 9
A basic SIP integration from Sametime Media Manager to
an IP PBX or other SIP entity
What isn’t Sametime Phone?
A Unified Telephony solution which includes Unified
Number, multiple devices and integrations, transfers, adhoc conference calls, etc.
38. What is SIP?
A straight forward internet standard text based protocol
(RFC 3261) like HTTP or SMTP - but for Initiating
prolonged Sessions (Calls or Chats!)
What isn’t SIP?
Something which sends and receives audio and video (that is
RTP – Real Time Transport RFC 1889 / 3550, a binary bits and
bytes protocol using codecs like G.711)
Something which describes the audio and video to be sent (that
is SDP – Session Description RFC 3264, a text based protocol)
39. SIP 101 – Requests (Methods)
REGISTER
- tell a server where we are so we can receive calls
INVITE
ACK
BYE
CANCEL
- attempt to start a call ( / session / dialog / chat / …)
- 3-way handshake only used with INVITE
- ends a call ( / session / … )
- give up an attempt to start a call
OPTIONS
- check other end is there and what it can do
INFO
- mid-session/call information
MESSAGE
- instant message (session/call not required)
SUBSCRIBE
- ask for events
NOTIFY
- send event to subscriber
PUBLISH
- send event to server
UPDATE
- modifies session
REFER
- call transfer
PRACK
- provisional acknowledgement
40. SIP 101 - Responses
Many are just like HTTP Response Codes (e.g. 404 Not Found )
1xx Provisional (eg, 100 Trying, 180 Ringing, 183 Session Progress)
2xx Successful ( eg, 200 OK, 202 Accepted )
3xx Redirection (eg, 302 Moved Temporarily )
4xx Request Failure – eg,
–
–
–
–
–
–
–
–
–
–
401 Unauthorized / 407 Proxy Authentication Required
403 Forbidden / User Not Authorized
404 Not Found (no such user / number)
408 Request Timeout
480 Temporarily Unavailable – Channels Not Inservice
481 Call Leg/Transaction Does Not Exist
482 Loop Detected
486 Busy Here (phone may just be busy or user may have set “do-not-disturb”)
487 Request Terminated
488 Not Acceptable Here (usually a codec issue)
5xx Server Failure (eg, 501 Not Implemented, 503 Service Unavailable )
6xx Global Failure (eg, 600 Busy Everywhere, 603 Decline )
41. Simple Direct SIP Call
Caller (UAC)
Called (UAS)
INVITE (w or w/o SDP)
100 Trying (Provisional)
180 Ringing (Provisional)
200 OK (w SDP)
ACK (w or w/o SDP)
media (RTP)
media (RTP)
BYE
200 OK
42. Overview of a SIP Request
INVITE sip:jo@example.co.uk SIP/2.0
To: tester1<sip:jo@example.co.uk>
From: tester2<sip:bob@193.195.52.229>
Call-ID: fd835c@193.195.52.229
Via: SIP/2.0/UDP 193.195.52.229:5060
CSeq: 1 INVITE
Content-Type: application/sdp
Content-Length: 125
Start Line (Method / Request URI)
“command” and “to whom”
Headers – about the session
Blank Line
v=0
o=193.195.52.229 4858 0 IN IP4 193.195.52.229
s= Call from tester2
c=IN IP4 193.195.52.229
m=audio 5004 RTP/AVP 0
Body (optional) – about the media
43. Mandatory SIP Headers
Method / Request URI at top (“command” and “to whom”)
To – intended destination
From – originator
Call-ID – together with To (+tag added in 200) and From (+tag from
INVITE) identifies a dialog
Cseq - the sequence number of this request
Max-Forwards – maximum times this can be forwarded
Via – where the message came from (and where to send the initial
responses) – can allow loop detection
45. Expected SIP Headers
Contact – where to send subsequent responses (direct to
originator, also used in 3xx redirect response to change
destination)
Allow – what methods are supported
Supported – what options are supported
Content-Length – how long the content is
Content-Type – what the content is – eg, application/sdp,
simple-message-summary, multipart-mime
47. Optional SIP Headers
Remote-Party-ID – real calling number details
P-Asserted-Identity – real calling number details (real RFC)
Diversion – original called number info
History-Info – original called number info (real RFC)
Expires / Min-SE – used for session timers
Route / Record-Route – used to stay in path
Date / Timestamp / User-Agent (many others!)
49. SDP Body (for a Call / Session)
Session Description Protocol:
v=0
<- v= version
o=User-Agent 2923 9482 IN IP4 10.1.1.8
<- o= media stream version details
s=-
<- s= session name
a=SIP Call
<- a= attribute
c=IN IP4 10.1.1.8
<- c= connection info including transport IP address
t=0 0
<- t= time session is active
m=audio 19144 RTP/AVP 8 0 18 101
<- m= media types and transport UDP (RTP) port
a=rtpmap: 8 PCMA/8000
<- a= attribute of media (A-law) preferred
a=rtpmap: 0 PCMU/8000
<- a= attribute of media (u-law) second choice
a=rtpmap: 18 G729/8000
<- a= attribute of media (G.729a) third choice
a=rtpmap:101 telephone-event/8000
<- a= attribute of media (DTMF)
a=fmtp:101 0-15
<- a= attribute of media (DTMF keys)
51. Codec Negotiation
One side sends SDP with all codecs supported – usually in order of
preference
Other side chooses first codec it too supports or what it prefers
Media only starts once this agreement has been reached
Some IP PBXes send INVITE with no SDP and send SDP in the ACK
instead (Delayed Offer)
183 Session Progress may contain Early Media
To receive Early Media PRACK (Provisional ACK) support is required
if INVITE had no SDP
52. SIP Entities
UAC : User Agent Client (most entities)
UAS : User Agent Server (also most entities!)
Proxy – for hierarchical routing (UAC and UAS)
(Softphone) Registrar – keeps details of users’ current (IP address)
location
(PSTN) Gateway – to Public Switched Telephone Network
IP PBX : Back to Back User Agent (B2BUA)
SBC : Session Border Controller : SIP Firewall / NAT workaround – to
connect 2 SIP networks
Servers – such as Unified Messaging / Voice mail
53. SIP Registration with Authentication
Registrar (UAS)
User (UAC)
REGISTER
100 Trying (Provisional and Optional)
403 User Not Authorized (with encoding details)
REGISTER (with encoded password)
100 Trying (Provisional and Optional)
200 OK
…calls made/received…
REGISTER (with Expires of 0)
100 Trying (Provisional and Optional)
200 OK (or 404 User Not Found)
54. Sametime SIP PR Registrations
Sametime AV – REGISTERs using Sametime user-id from Client (has no
telephone number) – used by “Call Computer”
Sametime Phone / SUT Lite : REGISTERs using telephoneNumber from
LDAP
Sametime Unified Telephony : REGISTERs using Unified Number with a
special softphone prefix
54
55. Regular SIP Proxy Inbound Call
Caller (A)
Proxy
INVITE
100 Trying
Called (B)
INVITE
100 Trying
180 Ringing
180 Ringing
200 OK
200 OK
ACK
ACK
media (RTP)
BYE
200 OK
56. ST Proxy Inbound Call
IP PBX (A)
INVITE (PBX SDP)
100 Trying
200 OK (ST SDP)
ACK
SIPPR
Client (B)
(internally send call
to conference focus)
MESSAGE
200 OK
Answer Call (Virtual Places)
INVITE (PBX SDP)
180 Ringing
200 OK (ST SDP)
ACK
media (RTP)
BYE
200 OK
BYE
200 OK
57. ST Proxy Inbound Call (Delayed Offer)
IP PBX (A)
SIPPR
INVITE
100 Trying
Client (B)
(internally send call
to conference focus)
MESSAGE
200 OK
Answer Call (Virtual Places)
INVITE
180 Ringing
200 OK (ST SDP)
200 OK (ST SDP)
ACK (PBX SDP)
ACK (PBX SDP)
media (RTP)
BYE
200 OK
BYE
200 OK
58. Outbound ST Call
Requested by Sametime Client over VP (Virtual Places) protocol
Created by Conference Manager/Focus acting as a SIP B2BUA
Consists of Two Calls through the proxy:
–First to ST Client
–Then to the dialled number/URI
Note that this is not the way any other softphone would make a call, which
would send an INVITE straight to the Proxy
(Full) Sametime Unified Telephony also uses a SIP B2BUA in this way
58
59. ST Proxy Outbound Call
IP PBX
SIPPR
INVITE (ST SDP)
100 Trying
180 Ringing
200 OK (PBX SDP)
ACK
Client
Make Call (Virtual Places)
INVITE
180 Ringing
200 OK (ST SDP)
200 OK (ST SDP)
200 OK (ST SDP)
200 OK (ST SDP)
ACK (PBX SDP)
media (RTP)
BYE
200 OK
60. Ideal Troubleshooting Tool: Wireshark
Network sniffer and network trace interpreter
Dedicated menus and sophisticated tools included for analysing SIP/VoIP
calls
–Display calls within a trace
–Examine call flow for each call
–View SIP headers and SDP body, RTP codec used
–Even extract audio (for some codecs)
Freely available http://www.wireshark.org/
63. TLS and sips:
Transport Layer Security is the same encryption method used
in HTTPS for secure web pages
Implementation of TLS is mandatory for SIP proxies, redirect
servers and registrars
A sips: URI scheme (otherwise identical to the sip: scheme)
indicates that all hops between the requestor and the
resource identified by the URI must be encrypted with TLS
Wireshark cannot (without keys and configuration) decrypt
SIP secured with TLS
64. SRTP
Secure Real Time Transport Protocol for encryption audio
Keys are exchanged in secured (TLS) SIP SDP codec
negotiations – so SRTP security depends on TLS security
Wireshark cannot (easily) decrypt media secured with SRTP
65. When SIP and/or media secured…
Client-side tracing:
– rcpinstall.properties in
– C:User[name]AppDataRoamingLotusSametime.config OR
– C:notesdataworkspace.config
# use for basic audio/video session troubleshooting
com.ibm.collaboration.realtime.multimedia.phonegrid.internal.client.level=FINE
# use for ICE (STUN/TURN) troubleshooting
com.ibm.ice.level=FINE
# use for SIP troubleshooting – see sip.log in ..logs directory
com.ibm.collaboration.realtime.telephony.softphone.level=FINE
# use to enable softphone logging
com.ibm.collaboration.realtime.telephony.softphone.mfw.level=FINEST
http://pic.dhe.ibm.com/infocenter/sametime/v8r5/topic/com.ibm.help.sametime.v85.doc/trouble/trbl_client_log_trace.html
66. When SIP and/or media secured…
Server-side tracing on SIP PR
– Troubleshooting > Logs and trace > STMediaServer > Diagnostic Trace >
Change Log Detail Levels
*=info: com.ibm.ws.security.*=all: com.ibm.ws.sip.*=all:
com.ibm.wsspi.sip.*=all: com.ibm.ws.udp.*=all: com.ibm.sip.*=all
http://pic.dhe.ibm.com/infocenter/sametime/v8r5/index.jsp?topic=%2Fcom.ibm.help.sametime.v85.doc%2Ftrouble%2Ftrbl_av_diagtrace.html
68. 68
Design by the speaker: http://www.images-graphics-pics.com/signs/signgenerator/simple.asp?text=Sametime+Softphone+Configuration++Section&align=Center&align2=Middle&fontsize=20&
font=SignBold&color=black&transparency=255&color2=YELLOW&watermark=&move=0&move2=&parody=&rotate=&a
llow=6112&left=&right=&up=&down=&pic=Tower-Caution&x=4&y=253&w=259&h=139
69. Configuring IBM Sametime SoftPhone / “SUT Lite”
You have installed Sametime 9
Everything works and you are ready for more
You look for the documentation and you find some here: http://goo.gl/UHVAEy
A Zero to Hero for SUT Lite (8.5.2)? http://www.slideshare.net/jackdowning/sut-lite-client
The online course from IBM http://www-304.ibm.com/events/idr/idrevents/detail.action?meid=5128&ieid=2186
And also find this:
“The IBM Sametime Unified Telephony Lite Client is easy to deploy and does not require any additional hardware or
software over Sametime Standard. It simply requires a SIP trunk to be configured between the Sametime Media Manager
and a certified SIP environment.” – Julie Reed, Product Manager SUT
Recommended: IBM Sametime 8.5.2 SUT Lite Troubleshooting:
http://public.dhe.ibm.com/software/dw/lotus/sametime/sut/sutlitetroubleshoot.pdf
69
70. Deploying the ST
1.
Think about how phones will call softphones and vice-versa (the “Dial Plan”)
Users must have a telephone Number or similar field in the directory.
Can you use a prefix like 1119 in front of the user’s regular internal or external
number in the directory? Can your PBX strip off such a prefix?
Should you add a new field to the directory for the user’s softphone?
Do you just want users to just make calls but not receive them on their softphone?
What about calling video endpoints – do you want to use SIP URIs like
sip:bob@vidcon.co.com for these?
2.
Make a list or diagram of all of the SIP entities and addresses
Try to include details of how each entity can call another.
3.
Follow basic documentation for configuring SIP-based calling
http://infolib.lotus.com/resources/sametime/9.0/ST900ACD041/en/st9_access_deploy
_av_siptrunk.html#config_lite
Download and Activate License (or edit the mediaserveradmin.war/Config.jsp file)
Turn on “Allow use of SUT Lite Clients” and “Allow calls that use SIP Trunk
capability”
70
71. Deploying the ST
4. (Temporarily?) Turn off SIP Security, note down and configure (unsecure) Ports
Typically: Servers > Server Types > WAS Servers > STMediaServer > Ports
SIP_DEFAULTHOST (for Conference Manager) : 5063
SIP_ProxyRegHOST : 5080
SIP port for VMGR : 5060
SSC > Sametime Servers > Sametime Media Manager – Transport Protocol : TCP : 5080 (VMGR : 5060)
Audio Video Media : Disable SRTP (these settings end up in stavconfig.xml file)
Applications > Application Types > WS Enterprise Apps > IBM Lotus SIP Registrar – Security role to user/group mapping
– AllAuthenticatedUsers : Everyone
5. (Optional:) Configure Sametime with custom telephoneNumber field in LDAP
Edit authorization.xml file to change name of telephoneNumber field
6. Configuring SIP-routing rules
SSC > Sametime Servers > SIP Proxies and Registrars – Proxy Administration – New …
See the next page for examples (these end up in the proxy.xml file).
7. Restart Media Manager
See different procedures for standalone vs cluster.
71
72. Let’s take a Look Shall we?
Live Code Example
Please try at your office….especially when everyone is logged
in and running a meeting
72
73. SIP Routing Rules – IN / OUT
eg, IP PBX will create:
INVITE sip:1119489686@[IP address]
eg, Conference Focus will create:
INVITE sip:489686@[hostname]
IP PBX sends from its own
address
(IP PBX sends to port 5080, the
SIP_ProxyRegHOST)
sip:4896.*
matches
sip:(.+)@.*
Note port 5063 (TCP)
SIP_DEFAULTHOST to
Conference Focus is used
sip:$1@10.1.7.121:5060;transpor
t=TCP
74. SIP Routing Rules - Priority
CM7OUT below must be evaluated before CM5OUT as it is more specific –
CM7: 4896.*
CM5: 489.*
75. SIP Routing Rules - Generic
See sutlitetroubleshoot.pdf
Anything not for the clientside or for trunk must be
from the IP PBX:
(?!.*;endpoint=client.*)
(?!.*;endpoint=trunk.*).*
still specify IP address
and port of Conference
Focus
Anything dialled by the
Client is destined for an
outbound SIP trunk:
.*;endpoint=trunk.*
still specify IP address
of IP PBX
76. SIP Routing Rules – Generic SIP URI with IP address
Works for IP addresses only (not hostnames):
Request URI
sip:.*@[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3};transport=TCP
From
.*;endpoint=trunk.*
sip:(.+)@(.+);transport=TCP
sip:$1@$2
Prioritize this rule above other rules for specific numbers
77. SIP Routing Rules – Generic Number
Works for numbers only
Request URI
sip:[0-9]*@.*
From
.*;endpoint=trunk.*
sip:(.+)@.*
sip:$1@[your IP PBX details]
Prioritize this rule below that for generic SIP URI
78. ST Configuration Tips
Trust the Documentation with a pinch of salt
– add some common sense to the documentation – for example:
• if a section doesn’t make sense (such as Configuring a custom LDAP attribute for authentication) try to work out what it
means by referring back to this presentation or cross-referencing with other documentation
• if the title of a section is “Enabling TLS encryption for SIP-based calling” but the text only shows enabling SRTP, look back at
how you disabled TLS…
Use TCP – at least to start with
– UDP is not supported and TLS is difficult to troubleshoot and may also result in problems
Tune Media Manager for faster restarts as you will restart it a lot!
– Set soReuseAddr and tcp_fin_timeout/TcpTimedWaitDelay as in the Tuning section of Tips and Tricks – Quick Links
Only use one Community in your test Client
– We encountered a bug where other communities can confuse Sametime Phone (resulted in no Call window for an inbound call)
Check new or changed rules are not lost
– always use Apply and OK for a rule and also in the main rule overview screen,
– check the proxy.xml file has the rules and check again after restarting the Media Manager
Make sure basic network or DNS issues are not complicating matters
– test using ping from clients and/or IP PBX to the hostname of the Media Manager
– add host names to hosts files and / or set Application Servers > STMediaServer > SIP Container > Custom Properties
com.ibm.ws.sip.sent.by.host (this is in server.xml file) to IP address – so Contact header contains just IP address
78
79. Command Line Tracing with tshark and
trace.log
tshark -i any -R "sip or tcp.port==5080 or tcp.port==5063 or
udp.port==5080 or udp.port==5063" -d tcp.port==5080,sip -d
tcp.port==5063,sip -d udp.port==5080,sip -d udp.port==5063,sip # for
an overview (Request URI / response) … without -i any will only see connections to
other servers (not local communication with C Focus)
-w sip_packet_capture.pcap # to send to a file for later analysis
-V -o sip.display_raw_text:true –S # to view all the SIP details “live”
> filename_for_just_this_test.sip # to redirect to a file
cd /opt/IBM/WebSphere/AppServer/profiles/poc1STMSPNProfile1/logs/STMediaServer
tail –F trace.log | tee filename_for_just_this_test.log
(for tail –F on windows you can install cygwin)
79
80. Troubleshooting Tips
When you restart Media Manager:
- ensure you allow time for Clients to re-REGISTER – or log them out and back in yourself or
you will see
404 Not Found
- wait a while for Conference Focus to initialize and register itself too or you will see
503 Service Unavailable
When calling an IP PBX:
- 403 Forbidden usually indicates the PBX does not have a SIP trunk configured to SIPPR
or does not trust the SIPPR
- 404 Not Found usually indicates the PBX does not like the number it has received
- beware of calls looping back to the SIPPR if the Dial Plan has not been well thought out
- a sudden BYE after a call seemed to get established usually includes a Q.850 cause code
which can explain what happened – eg, Reason: Q.850;cause=3 “No route to destination”
may mean it doesn’t know the IP to send a subsequent response back to SIPPR
80
(eg, if the details in the Contact header or Record-Route header include a hostname)
81. Time Out for a Demo
How about live calls, video, audio and meetings? Network allowing
81
Personally made using the http://www.widgetbox.com/widget/bart-simpson-chalkboard-generator
84. ST Limitations
Cannot perform PBX-like (or even other vendor softphonelike) actions like transfers
Cannot add users to existing
calls (ad-hoc conferencing)
85. Other Limitations
Must restart Media Manager whenever change SIP routing configuration
SIP routing configuration by Regex is not very intuitive to Telephony
Administrators (is more intuitive to programmers)
Can only transform/use numbers in Request-URI - cannot use numbers in
any other header such as To, Diversion, History-Info
Extremely limited set of configuration options for interoperability tweaking
Does not support G.729 codec (frequently used for VoIP over WAN)
85
86. Alternatives and Additions
Full Sametime Unified Telephony –sophisticated B2BUA
“Telephony Control Server” (TCS) controlled by Computer
Supported Telecommunications Applications (CSTA) protocol
by the “Telephony Application Server” (TAS)
Other vendor integrations with Sametime – client-side plugins
and/or server-side using Telephony Conferencing Server
Provider Interface (TCSPI)
Voice mail / Unified Messaging plugins (these may include
functionality similar to the above for one-number/transfers)
88. What Can Full SUT Do?
IBM Sametime Unified Telephony adds more features for making, receiving, and managing
telephone calls.
In addition to the calls and video features of IBM Sametime Communicate, with SUT you can:
Look at your Sametime contact list to see who is available for calls.
Make and receive calls through any of your preferred devices, including:
– Your Sametime client.
– Traditional telephones, such as your office or home phone.
– Mobile devices.
Route incoming calls to other devices or telephone numbers, depending on your location or other
criteria. Your SUT phone number always displays, so your personal numbers are never exposed.
Switch a call to a different device, without interrupting the call.
Call people inside or outside of your organization, even people who do not have SUT
Get notified whenever someone is calling you.
Begin ad hoc conferences with contacts not in your organization.
http://www-10.lotus.com/ldd/stwiki.nsf/dx/Get_started_with_calls_stu9
89. Sametime Unified Telephony
Sametime Softphone
When configured via SIP trunk to backend
telephony or video infrastructure
“Off hook” presence status
Place / receive calls from the Sametime 9
Connect client.
Call video endpoints or video MCUs
Call telephone numbers or conference bridges
Within a call: mute/unmute, raise/lower volume,
start/stop video, leave call, hold/resume
Other features: Click to call, dial via Quickfind or
Dial Pad, view call history
Single number reaches you on any device
Intelligent Incoming call rules & routing
Multiple device support
Move an in progress call between devices
Visual audio conferencing, drag & drop
Moderator conference controls
Transfer, merge calls
Can support multiple PBXs to create a
seamless UC environment
Support includes legacy TDM PBXs
“Off hook” presence status
Place / receive calls from the Sametime 9
Connect client.
Call video endpoints or video MCUs
Call telephone numbers or conference bridges
Within a call: mute/unmute, raise/lower
volume, start/stop video, leave call,
hold/resume
Other features: Click to call, dial via Quickfind
or Dial Pad, view call history
90. ST vs SUT features
Feature
ST
SUT
Point-to-point calls with softphone
Y
Y
Multipoint calls (3 or more participants, ad-hoc conferencing)
N
Y
Visual audio conferencing with moderator controls
N
Y
PBX features: Call transfer, hold, merge
N
Y
List of devices which can be selected
N
Y
User rules for devices (location-/ presence-/ time-/ caller- based)
N
Y
Single number service for incoming calls using the above
N
Y
Seamlessly move calls from one device to another
N
Y
Integration with multiple PBXes, Video/Conference solutions
N
Y
Support for G.729 codec
N
Y
Supports dialling SIP URLs as well as numbers
Y
N
Telephony presence icon
Y
Y
(Telephony presence for ST has been added for Sametime 9, it was not available in original SUT-Lite)
95. SUT vs ST Dial Plan
ST dial plan : SIPPR rules
– regular expressions, normally two per “SIP trunk”
– order of the rules is important
SUT dial plans
– easier to understand numbers and lengths
– order not important (always shown in numeric order)
– modular & powerful like a PBX: SIP endpoints (trunks),
routes to these, destinations which can have more than
one route, destination codes and prefix access codes
“Configurator” configures SUT dial plans with minimum effort
96. ST Tips and Tricks – Quick Links
sutLiteNumberMatcher – regular expression to send call to SUT-Lite
instead of TCSPI (for other vendor video conferencing integration)
– http://social-collaboration.blogspot.co.uk/2012/02/unnoticed-parameter-ofsametime-852.html
videoCallNumberMatcher – regular expression to start a video call
automatically when dialed
– http://social-collaboration.blogspot.co.uk/2012/05/unnoticed-parameter-ofsametime-852.html
Sametime 9 Mobile and SUT Lite
– http://social-collaboration.blogspot.co.uk/2013/12/ibm-sametime-9-mobile-andsut-lite.html
97. ST Tips and Tricks – Quick Links
Regular expressions
– http://social-collaboration.blogspot.co.uk/2013/12/regex-sip-uri.html
– http://www.zytrax.com/tech/web/regex.htm
SIPPR WAS Tuning
– http://pic.dhe.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=%2Fcom.ibm.w
ebsphere.express.doc%2Finfo%2Fexp%2Fae%2Ftprf_tunelinux.html
– https://pic.dhe.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=%2Fcom.ibm.
websphere.base.doc%2Finfo%2Faes%2Fae%2Frrun_chain_tcpcustom.html
98. ST Tips and Tricks – Quick Links
Troubleshooting
– http://www10.lotus.com/ldd/stwiki.nsf/dx/Troubleshooting_Sametime_Unified_Telephony_
Lite
– http://wiki.wireshark.org/VoIP_calls
– http://cnes.com/causecodes.html
Video/MCU Architecture and Integration
– http://social-collaboration.blogspot.co.uk/2013/12/sip-trunks-video-mcu-dialinout-with.html
– http://social-collaboration.blogspot.co.uk/2013/12/ibm-sametime-9-video-mcusvc-bandwidth.html
99. Other References
1.
Sametime Wiki: http://www-10.lotus.com/ldd/stwiki.nsf
2.
Detailed system requirements for Sametime and Sametime Unified Telephony, Ver. 7-9:
http://www-01.ibm.com/support/docview.wss?uid=swg27007792
3.
List of all files needed to Download: http://www-01.ibm.com/support/docview.wss?uid=swg24035249
4.
IBM Sametime Unified Telephony Lite (SUT Lite) Self Paced Online Course from IBM:
http://goo.gl/OMk0mT
5.
SUT Lite PDF Library (We have the PDF’s if the page disappears): http://goo.gl/YrKQgY
6.
From Zero to Hero – Sametime 8.5.2 SUT Lite: http://goo.gl/j0gukP
7.
IBM Sametime 8.5.2 SUT Lite Troubleshooting:
http://public.dhe.ibm.com/software/dw/lotus/sametime/sut/sutlitetroubleshoot.pdf
8.
IBM Sametime 8.5.2 SUT Lite Configuration: http://public.dhe.ibm.com/software/dw/lotus/sametime/st852/sutlite852_config.pdf
9.
IBM Sametime 8.5.2 Administration Guide on Amazon.com: http://goo.gl/tpYkQb
99
100. Sametime at Connect 2014 – 35 Sessions!
SUNDAY: 1:30 - 3:30 JMP204 IBM ST9 Deployment Workshop, Dolphin S Hemi 1
4:00 - 6:00 JMP205 Step by Step IBM ST9 Web Integration and Customization,Dolphin S Hemi 2
MONDAY - 5:00-6:00 KEY105 IBM Sametime Roadmap, Dolphin N Hemi A-C
TUESDAY - 1:30 – 2:30 BP501 Building and Deploying Custom IBM ST Connect Client
Installations, Dolphin N Hemi D
WEDNESDAY - 11:15-12:15 ID304 IBM ST9 Voice and Video Deployment, Dolphin N Hemi D
4:30-6:15 SHOW401 Taking IBM Sametime Mobile, Swan Osprey 1-2
THURSDAY – 8:15 – 9:15 ID306 keep Calm and Call On! IBM ST Communicate Softphone,
Swan Pelican 1-2
10:00-11:00 ID302 Upgrading and Migrating to IBM ST9, Dolphin N Hemi E
10:00-11:00 ID301 IBM ST9 Voice and Video: Roadmap for Tomorrow,
Swan Mockingbird 1-2
100
101. Access Connect Online to complete your session surveys using any:
– Web or mobile browser
– Connect Online kiosk onsite
Get out there and enjoy Connect 2014!
Be Social and talk to people!
101