Aniruddha Niranjan

1
10/20/2008
Inter-Asterisk eXchange (IAX)

• Aniruddha Niranjan
• Computer Science Department
• VoIP Security COMS W4995
• Professor Henning Schulzrinne

2
Overview

• Creation and use
• What IAX aims to do
• IAX at work
• Message Types
• Trunking
• Drawbacks
• Security
• A comparison with SIP
• Conclusion

2
3
Creation and use of IAX

• Created by Mark Spencer
• Designed for transmission and control of VoIP
  data
• Between two servers or a server and a client
• Current version is IAX2
• IAX2 works well with streaming video or any other
  multimedia type
• Uses UDP Transport protocol, on port 4569

3
4
Main Goals

• Provide both control and media transmissions
• Reduce bandwidth required at the same time
• Binary protocol
• Address NAT traversal, firewalls
• Single path for both signalling and data
• Transmission of dialplan information

4
5
Operation

• Each node has a call number
• Call number Set of digits uniquely identifying
  the caller and callee
• Call consist of different sections legs
• Some of the legs can use other protocols, e.g.
  SIP
• Two unique identifiers mark one leg

5
6
Operation
Call Link Management and Call Control
Actual media transfer using full, mini and meta
frames. Full frames must be sent every 65536 ms.
Call Teardown can be started by either side
6
7
Reliable Frame

• Also called a full frame
• Controls the main operations of an IAX call
• Can carry either signalling or media data
• ACK message or appropriate response necessary
• Contains full call identifier - one call number
  from each peer involved
• Timestamp Number of milliseconds since first
  transmission of call

7
8
Reliable Frame
8
1kHZ clock used (RTP uses 90 kHz clock)
Usually an extension (e.g. 1002)
9
Non-guaranteed frames

• Mini-Frames
• 4 octets
• No signalling information, only media data
• Contain only originating peers call identifier
• Source call number only

Lower 16 bits of full timestamp
9
10
Non-guaranteed frames

• Meta-Frames
• 4 octets
• Meta video frames to carry the video data with
  an optimized header
• Meta Indicator 15 bits, all set to 0

10
11
Trunking

• Exchange of multiple media flows by combining
  media payload into a single packet
• Can occur in any direction between two peers
• Trunked media data are sent using meta frames
• Contents of a trunked call
• Source number of call
• Length of media data in octets
• Media data
• Timestamps

11
12
Security

• Supports Public Key Infrastructure for
  authentication between two servers
• User authentication is via RSA or MD5
• 3DES encryption for protecting private keys
  during user authentication
• AES encryption for protecting the frames
• 16 to 32 byte padding
• Each 16 byte block is XORed with previous block

12
13
Drawbacks

• Server loses track of call during transfer from
  centralized server to media gateway (may happen
  during call completion)
• Attackers can use up all available sessions or
  all available call numbers
• Without handshake (in some implementations),
  guest can consume the network resources
• Lacks a generic extension mechanism

13
14
A Comparison with SIP
14
15
Conclusion

• A robust yet simple protocol
• Highly optimized for VoIP calls placing emphasis
  on low overhead and low bandwidth consumptions
• Multiplexing data and signalling, trunking are
  key features
• More progress needed in the security domain
• In time, may catch up with some of the more
  widely used protocols

16
References

• M. Spencer, B. Capouch, E.Guy, F.Miller,
  K.Shumard IAX Inter-Asterisk eXchange Version 2
  draft-guy-iax-05 Oct. 6 2008
• http//www.voip-info.org/wiki-IAX
• http//www.voipforo.com/en/IAX/IAX-example-message
  s.php
• http//tutorialsforu.info/mix-totorials-zone/aster
  isk-zone/iax2-inter-asterisk-exchange-version-2.ht
  ml
• Kai-Oliver Detken, Evren Eren VoIP Security
  Regarding the Open Source Software Asterisk
  CITSA 2008
• http//www.voip-info.org/wiki/view/IAXversusSIP