Introduction

Voice Over IP (Internet Telephony) is very clever, and useful. But there are no simple howtos! This guide tries to explain how I personally set up VOIP to actually make calls! I'm an individual (so I don't want to run something complex like Asterisk), using Linux, based in the UK. I've also chosen specific providers, but you don't have to uses these ones. I want to make all 3 types of calls:

• PC -> PC
• PC -> Phone
• Phone -> PC (so I can receive calls made from a phone)
• [Phone -> Phone not relevant here!]

The end result, for me is that I have:

• The ability to make and receive calls on my pc, whether to/from another pc or a phone.
• A free (to me) UK telephone number which can be called from the PSTN (public switched telephone network - i.e. normal phones) at the UK national rate.
• I can call any other telephone in the world from my pc cheaply.
• No fiddling with firewalls (neither on the local machine, nor the NAT gateway).
• Other services such as voicemail.
• The choice of (almost) any SIP client, or a hardware sip-phone if I choose.

Protocols

There are 3 common VOIP protocols in use. These are: SIP, H.323, Skype

• SIP - session initiation protocol is, I think, the best. It is Open Source, widely used, with support in hardware sipphones, Linux phones (kphone, linphone), Mac, Windows XP (built into Windows Messenger (note, not MSN Messenger), and is the simpler, and more flexible protocol. This is what I have chosen.
  
  
• H.323 is older, more complex, and less widely supported except by GnomeMeeting (and Microsoft NetMeeting)
  
  
• Skype is proprietary, does not come with source, uses a gratuitously incompatible and undocumented protocol, and comes from the makers of Kazaa. There is a Linux client (binary only), [which I haven't tried], and it apparently easy to use, but Skype are trying to monopolise the market with their own protocol, and obtain vendor lock-in: bad idea! Furthermore, one must use Skype's servers, and the EULA requires you to share your bandwidth (not, itself, a bad thing, but has caused my university to ban it.)

There is more information at and . Here is a detailed, but lucid about SIP.

SIP is peer2peer - so why is a server needed?

One SIP phone may directly call another. Eg 2 kphone clients can directly call each other, provided that they can see each other over the network. This requires UDP connection to port 5060, and that both machines may address each other. Eg on machine 192.168.0.1, start kphone and call sip://rjn@192.168.0.10. This will work! But, there are some problems with this, hence the need for the Session Initiation bit: the voice traffic always flows directly between the two "phones", but the call-initiation may use a different server.

• What if one or both machines have a dynamic IP address? Then the SIP URL in your phonebook will never be up to date! So, we need a Registration Server, which both clients sign into, and which serves as a central point of contact. The registration server can also tell you whether someone is online, and may handle calling to multiple locations and voicemail.
  
  
• What if you are running a firewall on your desktop machine? Under Mandrake, the default shorewall policy setup is to allow all outgoing connections, but block all incoming connections [I usually allow ping and ssh, but that's another matter]. This means that you can only make outgoing calls! [Actually, you can get around this, since UDP is stateless - if both people call each other simultaneously, the firewalls will usually assume the incoming packet is a response to your own outgoing connection, and permit it.] The use of a registration server also solves this problem. Of course, you can also simply change the firewall rules, but this is not necessary.
  
  
• What if you are on a private network, behind a NAT (Network Address Translation) gateway/firewall? This is the common case for a home network - including mine. It means that machines within the network do not have public IP addresses - so there is no way to address them from outside the network, even if the firewalls would permit the connection. The answer, for Symmetric NAT, is to use an Outbound Proxy: this is usually provided by the registration server. [.] Alternatively, for non-symmetric NAT, use , which is Simple Traversal of UDP over NAT.
  [In our case, we have a separate Linux gateway server for NAT and firewalling. This uses Shorewall to perform IP masquerading ("Internet connection sharing" in Mandrake) - this is a Symmetric NAT.]

Actually doing it!

Here are the steps I took, (with the stumbling omitted!). Many of the choices are personal, eg the use of FWD, and I am only mentioning them (a)because they work for me and (b)because it's very helpful for a guide to have an actual example!

1. Test the hardware: Check that the headphones and microphone actually work! In particular, it's worth enabling the "20dB Mic Boost" that many soundcards have - using a mixer such as gnome-alsamixer. I'd recommend the purchase of a decent and comfortable headset-mic (costing about £15 ($25)). Remember that the Mic must be set as the default recording device, but should be muted (unless you want a megaphone!). Note that using loudspeakers and a microphone for VoIP may cause serious problems with echoing: experiment with this.
   
   
2. Download the software: You can use either or . Either will work well, although I personally prefer Linphone, since it has a better interface and documentation, although kphone has more features. I've covered both versions below. Under Mandrake 10.1, you can install kphone-4.10 or linphone 0.12.2 by using urpmi, and it will just work. If you install linphone, you may find the diagnostic program, sipomatic useful. On Mandrake 10.2, you will get linphone-1.00-preX, but my recommendation is that you download the latest version (currently 1.0.1) of linphone and compile from source.
   
   [To compile linphone, first install libgai0-devel for the gnome-applet libraries, and then use the standard ./configure; make commands. I'd recommend using checkinstall instead of make install, since it will give you an RPM.]
   
   
3. Register with a SIP server: I selected , who appear to be well-established, and provide a decent service, for free. You can sign up (at no cost) for a username,password and SIP number. The SIP number is represented as NNNNNN below. [Remember to set the profile options to opt out of the marketing emails.]
   
   
4. Configure Kphone: FWD provide a , with the settings for kphone. This configuration varies slightly depending on whether you are on a public IP or behind NAT. Note that kphone needs to be restarted after changing the identity. Also, If you have multiple network interfaces on the computer, kphone will ask which one to use at startup - use the outward facing interface! Here are the settings needed; most of these are in File->Identity; STUN is configured in Preferences->SIP Preferences->Socket
   

   Setting (Kphone)	Value
   Full Name	Your Name (optional)
   User Part of SIP URL	FWD Number eg NNNNNN
   Host Part of SIP URL	fwd.pulver.com
   Authentication Username	FWD Number eg NNNNNN
   Auto Register	On
   Outbound Proxy	fwdnat.pulver.com:5082
   STUN server	stun.fwdnet.net:3478

   Notes:
   • Public IP address: Neither STUN not Outbound proxy are needed.
   • Non-Symmetric NAT: Use STUN, not Outbound proxy.
   • Symmetric NAT: Use Outbound proxy, not STUN.
   • Leave the socket protocol set to UDP (always).
   • When logging in, Kphone will pop up a dialog box for Username,Password. The Username is the FWD Number, not your name.
   • In KPhone, the right-mouse-button is very useful!
   • The default Audio settings (G771U codec and 10ms sample) work fine.
   
   
   
5. And/Or, Configure Linphone: this uses similar settings in most cases, although FWD do not provide a configuration guide. Here are the options I used (in the Connection->Preferences menu). They have slightly different names from the options in kphone. This helped me to find the right settings. Note: see update below about linphone 1.0.1.

   Setting (Linphone 0.12)	Value
   Identity	sip:NNNNNN@fwd.pulver.com
   Use sip registrar	checked
   Server address	sip:fwd.pulver.com OR sip:fwdnat.pulver.com:5082
   Your password	[password]
   Address of record	This is an output, not an input. No point editing it!
   Use this registrar as outbound proxy	checked
   Number of bufferized milliseconds	200ms works well for me. Experiment.
   NAT traversal enable	checked if required
   Firewall IP address	The public IP of the firewall/gateway.
   RTP port used for audio	Default (7078) is fine

   Notes:
   • NAT traversal need only be enabled if there is a firewall/gateway. If so, use the public I.P. address of the firewall, not the private I.P. (!)
   • Linphone seems to assume that the registration server and the outbound proxy must be the same server. Fortunately, either sip:fwd.pulver.com OR sip:fwdnat.pulver.com:5082 work.
   • It is rather odd that the "address of record" looks like an input, when in fact it isn't.
   • Linphone's GUI is much more sane. There is also some reasonable documentation and is useful for testing.
   • I find useful - to dock linphone into the system tray. Kdocker is easy to use, and will dock anything in KDE or GNOME. I created a desktop shortcut to run "kdocker -m /usr/bin/linphone".
   
   
   
6. Update: Linphone 1.0.1 is now available for download. This is much better than 0.12, and fixes some significant bugs (eg automatic registration) with 1.0.0. I'd strongly advise it and compiling it. (Note: to compile on Mandrake, you need the libgai0-devel package installed.)
   
   In 1.0.1, the GUI is slightly different: in particular, the proxy/registrar GUI has changed. These are the differences from 0.12:

   Setting (Linphone 1.0.1)	Value
   Identity	sip:NNNNNN@fwd.pulver.com
   Automatically guess a valid hostname	not checked
   Add proxy/registrar	click the button
   Proxy/Registrar configuration: ->Send registration	checked
   Proxy/Registrar configuration: ->SIP Identity	sip:NNNNNN@fwd.pulver.com
   Proxy/Registrar configuration: ->SIP Proxy	sip:fwd.pulver.com
   Proxy/Registrar configuration: Username/Password	There's nowhere to type these; linphone will prompt for them if/when needed.
   Sound device	ALSA

   Notes:
   • This version of Linphone can use multiple different proxy or registration servers. Only sip:fwd.pulver.com and NOT sip:fwdnat.pulver.com:5082 work.
   • When linphone prompts for a password for registration server, enter the following:

     Setting	Value
     realm	"fwd.pulver.com"
     username	FWD Number, eg NNNNNN
     password	[password]
     userid	[blank]

   • Linphone's DTMF works fine in 1.0.1. (In 1.0.0, it functions, but there is no audible feedback.)
   • If you are beind a firewall or gateway machine, you must put in the external (public) address of the firewall. Otherwise, you won't be able to receive incoming calls.
   
   
   
7. Test it:First, check that you have succesfully registered on the registration server (if you are using one). If you are using FWD, then go to: NNNNNN (for whatever your userid is) and check that you appear online.
   Now, try an echo test: "dial" 613 (in kphone) or sip:613@fwd.pulver.com (in linphone) for an echo service - you will hear your own voice repeated. There are many useful for testing, and these include the rather fun '411' service for voice-activated "Tell Me". Now, we can call any person who has a SIP URL, and also many
8. , allowing one to receive incoming mail by email (as a .wav attachment). Dialing 8502 to access voicemail seems only to work with linphone (it doesn't accept my password with kphone, maybe DTMF related). Nevertheless, the emails do arrive, complete with .wav attachments! [Actually, the .wav attachments aren't as large as I expected, typically about 16K for a short message.]
   
   
   • Add an icon to your webpage! Here's mine: it says "Network member" when I am disconnected, and "Now Online" when kphone is signed in. The HTML code required is
     
     
9. Incoming Phone Number: I registered an 0870 number so that people can call me from an ordinary phone. This can be done by and is FREE. They provide an 0870 number, which anyone can call, and it is charged at the standard BT UK National Rate. The process takes about 10 minutes to activate, and the number will remain mine provided that I use it at least every 3 months.
   
   
10. Outgoing phone calls (to other phones, including internationally). This requires money, and signing up with a provider. There are two alternatives here:
    • Select a paid provider, and use them directly for everything, including all SIP calls.
    • Use a paid provider like a calling card, accessing them when required to make a SIP->PSTN call. If this is chosen, they must have an "access code" which is accessible from the SIP phone used.
    I chose the latter, and picked IConnectHere.com, who are accessible from FreeWorldDialup using the access code **334. [There's a list of other providers, such as , who will handle the final-hop from SIP to the PSTN .]
    
    
11. Setup of IConnectHere.com: I chose to use , and selected the "Pay as you go" tariff; then paid them $10 to obtain an account number and password. [Refer to these as AAAAAAAA and PPPP respectively]. To make a call from the PC to any phone, do this:
    1. In Kphone, dial the access code for iconnecthere.com: **334
    2. When prompted "enter your pin", enter userid and password: AAAAAAAA PPPP
    3. Enter the number, in international format, without the international access code. Eg to dial 01223 445566 in the U.K., enter 44 1223 445566
    4. To make an additional call, key **#
    Don't worry if you don't hear all the DTMF tones.
    
    
12. Enjoy. All done - that's it! Update contacts, put your details on the web, and "reach out and touch someone"
    
    

Alternatives

• Sipcall.co.uk. Look promising, but slightly more expensive than ICH.
  
  
• Skype. Skype is actually more expensive than IConnectHere.com, and does not allow you to have an incoming PSTN number. There is also rather a lot of surrounding it. [Also, you have no control, whereas with SIP, you can run your own exchange if desired.]
  
  
• Sipphone.com. This is run by Michael Robertson of Lindows and MP3.com fame. However, they charge $70/year for an incoming number, and phonegaim won't compile!
  
  
• Gizmoproject.com. This could be rather a promising Skype-competitor, with easy to set up clients for Win/Mac (Linux coming soon), and being fully SIP compatible. But it isn't open-source.

Important Notes

• Do not use VoIP for Emergency Calls. At least, don't rely upon it.
  
  
• If Encryption is desired, SIP can be tunneled. However, don't try to tunnel it over SSH: this would effectively tunnel it over TCP/IP. Since TCP/IP is a reliable tansport, the packets are guaranteed to arrive, and in the correct order, but may be very late, especially if retransmission is required. But for VoIP, packet loss doesn't matter; low latency is important! It's necessary to tunnel over a secure UDP layer, eg IPSec.
  
  
• To use SIP on Windows, only of Messenger will work. Otherwise, one might try .
  
  
• If one has a NAT gateway/firewall, the alternative to using an external outbound proxy server is to run on the firewall. Siproxd is a proxy/masquerading daemon for the SIP protocol; a diagram may be found . The advantage of this is that you can have full control of your own system, and have a sip address in your own domain. (I haven't yet done this.)
  
  
• Trying to make various applications play nicely and use the soundcard simultaneously under Linux doesn't seem entirely straightforward. Using artsdsp will work in most cases (eg you can run multiple instances of 'artsdsp play file.wav'), but it doesn't help in the case of linphone. [The result is very blocky, broken-up sound.] Another possible solution may be to use the or dsnoop features of ALSA.

Other Resources

• - lots of information.
• is a proper Linux telephone exchange - if one wants to go the whole hog.

The End

Written by Richard Neill, 2005-01-07. Last updated 2005-07-21 Please feel free to copy, link, modify, redistribute etc.

Please do also send me .

Back to my .