1

Building Web-base SIP Analyzer with Ajax Approach

Speaker: Yan-Hsiang Wang

Adviser: Dr. Quincy Wu

School: National Chi Nan University

Unit: Graduate Institute of CSIE

Date: 2007.03.16

2

Motivation

Session Initiation Protocol is widely used as signaling protocol for Voice over IP.

It’s inconvenient for user to find reasons when failed calls were occurred.

Traditional web-base SIP analyzer can’t update information in real time.

3

Ethereal

4

AJAX

Asynchronous Javascript And XML This noun was born on February 2005. It isn't a technology; it's an approach. Connect Web Browser and Web Serve

r asynchronously. Create interactive web applications. Reload data without refresh page.

5

Ajax engine

6

Ajax application

Drag & Drop (UrMap) http://www.urmap.com.tw/

Auto-Complete (Yahoo Dictionary) http://tw.dictionary.yahoo.com/

Real-Time Viewer (Digg Spy) http://digg.com/spy

Slider (Google Finance) http://finance.google.com/finance?q=twx

7

System Architecture

ApacheMySQL

Ethernet card

Captor (libpcap)

AJAX engine

HTML +Cascading Style SheetsData

JavaScript Call

SIP Extractor (php)

Server-side system Browser client

web browser

HTTP Request XML Data

PHP Query

Data

Ethernet Frame

SIP Message

SIP Header Field

8

Server-side system

We use Libpcap to capture packets on port 5060.

Strip off the Ethernet, IP and UDP headers by PHP script.

Store the SIP message in database for user’s querying.

9

Client-side system

Our querying page is based on Ajax engine. Refresh data seamlessly Update the latest packet in real time Provide desktop application like interface

friendly Use tree menu as message browser.

Expend the message dynamically

10

Implementation

11

Advantage

User can find the history with ordinary privilege.

Surfing web-base system is convenient and easy.

We can package these messages in a Pcap format file that user may fetch it through a email and parse it by other tools.

12

Update in real time

Refresh the query table when new message has been captured. Query the latest record from database

per second Compare the latest record from database

and the current record in browser Refresh the message table if these two

record is different

13

Experiment

CPU loading test Step1: only httpd, mysqld, ser Step2: begin to stress test Step3: begin to captor and pipe to dissector Step4: enable live update on browser Step5: work continuously but no traffic

Invite scenario (SIPp - a traffic generator) Current calls: 200, 500, 1000, 3000, 5000, 700

0, 9000 Total 20000 calls

14

Improvement

Version 1 Consume the CPU loading a little much

Version 2 Improve some syntax

Timestamp filter:'%20070316%' => '20070316%'

Query:ORDER BY ASC=> ORDER BY DESC and fetch rows in reverse order

15

CPU loading

00.5

11.5

22.5

33.5

4

Step1 Step2 Step3 Step4 Step5

CPU

One

Min

ute

Load

Ave

rage

20050010003000500070009000

0

0.5

1

1.5

2

2.5

3

3.5

4

Step1 Step2 Step3 Step4 Step5CPU

One

Min

ute

Load

Ave

rage

20050010003000500070009000

Reduce 0.5~1at step 4

Reduce 1~1.5at step 5

Version 2

Version 1

16

Reference

Tcpdump http://www.tcpdump.org

Ethereal http://www.ethereal.com/

Ajax: A New Approach to Web Applications http://www.adaptivepath.com/publications/essay

s/archives/000385.php SIPp

http://sipp.sourceforge.net/

17

Q&A

Thanks for your coming!!