«

SIP Chef

Packet capture and analysis optimised for scale.

Description

SIP Chef in an idea borne out of frustration with the performance of HOMER 7 at scale. The idea for SIP Chef is to implement a lean and fast collection & analysis tool, relying on proven, battle hardened tech. At some point it will live at sipchef.com.

Motivation

At Dstny, we send and receive a gigantic volume of SIP packets every day. Our monitoring tool of choice is HOMER, for both engineers and 3rd line support. In 2023 we migrated from HOMER 5 with AWS-hosted MySQL databases to HOMER 7 with Azure-hosted Postgres databases, but this turned out to be a bad move. Azure has some great cloud services but please avoid their hosted Postgres database product for the sake of your sanity.

We trialled HOMER 10, but it's a completely different (Grafana-based) service that is missing some critical features. Commercial competitior services were also considered but the cost at our scale was always too prohibitive. We now have a workable solution with Homer 7 and own self-hosted Postgres databases, but in the meantime it got me thinking: this shouldn't be too hard to build from scratch!

Implementation

At the time that we were struggling with HOMER, I was looking for an excuse to build something with Rust to try out the language features, and this was a timely project. It currently consists of a Rust-based HEP3 parser - a protocol designed in tandem with HOMER, which works brilliantly - and a simple visualisation web app built with SvelteKit. I originally planned to use Elasticsearch but the more I implemented, the more it seemed too heavyweight for the project. The current version of the project uses InfluxDB instead.

Future Work

This project stalled once we had a scalable solution using HOMER 7 and self-posted Postgres. However, I would be interested to pick it up again in future if we find a need, or if inspiration strikes. I would probably not try and turn it into a commercial product, other than providing support. Let me know if you're interested in collaborating.