Difference between revisions of "DUNDi configuration"

From TD-er's Wiki
Jump to navigationJump to search
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
In order to keep our config files clean, we edited the <tt>*_custom.conf</tt> files, where possible.
 +
 
==Configuring DUNDi==
 
==Configuring DUNDi==
([http://www.linuxplanet.com/linuxplanet/tutorials/6270/2/ Source])
+
For making DUNDi work, you have to edit three Asterisk configuration files. The three files are <tt>dundi.conf</tt>, <tt>iax.conf</tt>, and <tt>extensions.conf</tt>. These are in <tt>/etc/asterisk/</tt> on the Trixbox.  
 
+
* <tt>dundi.conf</tt> controls peer authentication.
Warm up your favorite text editor, because we're going to edit three Asterisk configuration files. The three files are <tt>dundi.conf</tt>, <tt>iax.conf</tt>, and <tt>extensions.conf</tt>. These are in <tt>/etc/asterisk/</tt> on Asterisk@Home. <tt>dundi.conf</tt> controls peer authentication, <tt>iax.conf</tt> is our transport protocol, and <tt>extensions.conf</tt> contains your dialplans.  
+
* <tt>iax.conf</tt> is our transport protocol.
 +
* <tt>extensions.conf</tt> contains your dialplans.  
  
This example connects two peers, ''MyHost'' and ''OtherHost''.  
+
This example connects three peers, '''PBX1''' , '''PBX2''' and '''PBX3'''.  
  
 +
===iax.conf===
 
First edit <tt>iax.conf</tt>. Add the following lines, except for any that are duplicated in the <tt>[general]</tt> section:  
 
First edit <tt>iax.conf</tt>. Add the following lines, except for any that are duplicated in the <tt>[general]</tt> section:  
  
  [dundi]
+
  [koekje]
    type=user
+
type=user
    dbsecret=dundi/secret
+
dbsecret=dundi/secret ; the password used by others to make an IAX connection to this machine.
    context=dundi-local
+
context=from-internal ; this context must not be changed when using Trixbox.
    disallow=all
+
regcontext=d_adv      ; used for registration of connected phones.
    allow=ulaw
+
disallow=all
    allow=alaw
+
allow=ulaw
    allow=g726
+
allow=alaw
 +
allow=gsm
  
 +
===dundi.conf===
 
Now edit <tt>dundi.conf</tt>. The default file is well commented and has lots of examples--you'll find definitions of all the directives in there. This is where your mapping contexts are defined, which follow this format:  
 
Now edit <tt>dundi.conf</tt>. The default file is well commented and has lots of examples--you'll find definitions of all the directives in there. This is where your mapping contexts are defined, which follow this format:  
  
dundi_context => local_context,weight,technology,destination,[options]
+
<tt>dundi_context => local_context,weight,technology,destination,[options]</tt>
  
 
The following configuration creates two DUNDi mapping contexts:  
 
The following configuration creates two DUNDi mapping contexts:  
  
 +
The General section:
 
  [general]
 
  [general]
;put your own information here
 
department=Boss's office
 
organization=Alrac, Inc.
 
locality=Portland
 
stateprov=OR
 
country=US
 
email=hrh@alrac.com
 
phone=15035551212
 
;
 
bindaddr=0.0.0.0
 
 
  port=4520
 
  port=4520
  ;
+
  entityid=00:0C:29:97:0B:98 ; This is the mac address of eth0
;use the server's MAC address for the entityid
+
  cachetime=5
entityid=11.22.33.44.55.66
 
  cachetime=3600
 
 
  ttl=32
 
  ttl=32
 
  autokill=yes
 
  autokill=yes
 
  secretpath=dundi
 
  secretpath=dundi
  ;
+
*<tt>entityid</tt> is optional. When not specified, the MAC-address of the first networkcard is used.
 +
*<tt>ttl</tt> specifies the max. number of peer-redirects are allowed.
 +
*<tt>cachetime</tt> is in seconds.
 +
*<tt>autokill</tt> speeds up the requests when a peer is not available.
 +
  department=Rubzzzz
 +
organization=Rubzzzz, Inc.
 +
locality=Stad
 +
stateprov=Gr
 +
country=NL
 +
email=your@email.com
 +
phone=+12565551212
 +
 
 +
The mappings tell us what to advertise in the DUNDi network.
 +
N.B. each is 1 long line in the config file.
 
  [mappings]
 
  [mappings]
  ;copy this as shown, substituting your own server and hostname
+
  priv => dundi-priv-local-custom,0,IAX2,koekje:${SECRET}@192.168.1.101/${NUMBER},nounsolicited,nocomunsolicit,nopartial
;this should be one long unbroken line
+
 
dundi-peer1 => dundi-priv-local,0,IAX2,dundi:${SECRET}@myhost.mynet.com ${NUMBER},nounsolicited,nocomunsolicit,nopartial
+
The peers each have a section with the MAC-address of the peer as name.
;our OtherHost peer is configured here
+
  [00:0C:29:A7:E0:73] ; MAC address of TrixBox2 eth0
;and is allowed access only to dundi-peer1
+
model = symmetric
  [aa:bb:cc:dd:ee:ff] ;MAC address of otherhost.elsewhere.com
+
host = 192.168.1.103
  model = symmetric
+
inkey = dundi
  host = otherhost.elsewhere.com
+
outkey = dundi
  inkey = otherhost.elsewhere.com
+
include = priv
  outkey = myhost.mynet.com
+
permit = priv
  include = dundi-peer1
+
qualify = yes
  permit = dundi-peer1
+
dynamic=yes
  qualify = yes
 
  dynamic=yes
 
  
You need to create RSA authentication keys for your server. You may name them anything you want; a good naming convention is to use your server's fully-qualified domain name. Create keys with these commands:  
+
;[00:0C:29:D2:D8:EC] ; MAC address of TrixBox3 eth0
 +
;model = symmetric
 +
;host = 192.168.1.106
 +
;inkey = dundi
 +
;outkey = dundi
 +
;include = priv
 +
;permit = priv
 +
;qualify = yes
 +
;dynamic=yes
 +
 +
You need to create RSA authentication keys for your server. You may name them anything you want; a good naming convention is to use your server's fully-qualified domain name.  
 +
In the above example we used the same key for all PBX's.
 +
Create keys with these commands:  
  
 
  # cd /var/lib/asterisk/keys
 
  # cd /var/lib/asterisk/keys
 
  # /usr/sbin/astgenkey -n myhost.mynet.com
 
  # /usr/sbin/astgenkey -n myhost.mynet.com
  
This creates two keys: <tt>myhost.mynet.com.pub</tt> and <tt>myhost.mynet.com.key</tt>. The public key, <tt>myhost.mynet.com.pub</tt>, must be distributed to all servers you are peering with. Post it on your Web site if you like. The ''private key'' is unencrypted, and like all private encryption keys '''must be guarded carefully'''. Then the <tt>res_crypto.so</tt> line interface:
+
This creates two keys: <tt>myhost.mynet.com.pub</tt> and <tt>myhost.mynet.com.key</tt>. The public key, <tt>myhost.mynet.com.pub</tt>, must be distributed to all servers you are peering with. (in the <tt>/var/lib/asterisk/keys
 +
</tt> directory) Post it on your Web site if you like. The ''private key'' is unencrypted, and like all private encryption keys '''must be guarded carefully'''. Then the <tt>res_crypto.so</tt> line interface:
  
 
  # asterisk -r
 
  # asterisk -r
Line 70: Line 89:
 
  asterisk1*CLI># reload pbx_dundi.so
 
  asterisk1*CLI># reload pbx_dundi.so
  
From here you can also run the command <tt>show keys</tt> to see all of your RSA keys. Now go back to <tt>iax.conf</tt> and add the dundi user.
+
From here you can also run the command <tt>show keys</tt> to see all of your RSA keys.  
 
 
Here is a quick Linux tip: you don't have to exit the Asterisk CLI to return to the Linux command line. If you're logging in remotely, just open a second SSH session. If you're on the Asterisk server, switch to a second console with Alt+F2.
 
 
 
This allows remote access to your server:
 
 
 
[dundi]
 
  type=user
 
  dbsecret=dundi/secret
 
  context=dundi-priv-local
 
  disallow=all
 
  allow=ulaw
 
  allow=g726
 
  
 
<tt>dundi/secret</tt> is an encryption key automatically generated by Asterisk. You may view this key by running the <tt>database show</tt> command from the Asterisk CLI.  
 
<tt>dundi/secret</tt> is an encryption key automatically generated by Asterisk. You may view this key by running the <tt>database show</tt> command from the Asterisk CLI.  
 +
N.B. this key will change periodically (default 3600 sec)
  
Finally, edit <tt>extensions.conf</tt>; this is where you define what numbers to share and what to do with them. Telephone numbers must follow this format:
+
===extensions_custom.conf===
  
country_code area_code prefix number
+
Finally, edit <tt>extensions_custom.conf</tt>; this is where you define what numbers to share and what to do with them. Telephone numbers must follow this format:
 
 
This is a simple example that answers incoming calls, directs them via the ''SIP'' protocol to extension ''200'', which is the digital assistant, sends the caller to voicemail if there is no answer, then hangs up.  
 
 
 
[dundi-priv-local]
 
  exten => 15035551212,1,Answer( )
 
  exten => 15035551212,n(call),Dial(SIP/200)
 
  exten => 15035551212,n,Voicemail(u200)
 
  exten => 15035551212,n,Hangup( )
 
  
 +
<tt>country_code area_code prefix number</tt>
  
 +
N.B. make sure you leave the lines at the beginning (2 <tt>#include</tt> lines) and the end (the <tt>[from-internal-custom]</tt> section) the same if you're using Trixbox.
  
 +
; This file contains example extensions_custom.conf entries.
 +
; extensions_custom.conf should be used to include customizations
 +
; to AMP's Asterisk dialplan.
 +
; All custom context should contain the string 'custom' in it's name
 +
; Extensions in AMP have access to the 'from-internal' context.
 +
; The context 'from-internal-custom' is included in 'from-internal' by default
  
 +
#include extensions_trixbox.conf
 +
#include extensions_hud.conf
  
 +
[macro-dundi-lookup-custom]
 +
; Goto the extension number. Check the local context first, followed by lookup
 +
; dundi-priv-lookup is a pointer to the switch statement which will look for
 +
; extensions on other machines. This allows the convergence of multiple
 +
; Asterisk servers with different extension number blocks. Very cool!
 +
;
 +
exten => s,1,Goto(${ARG1},1)
 +
include => dundi-priv-local-custom
 +
include => dundi-priv-lookup-custom
  
 +
[dundi-pstn-local-custom]
  
 +
[dundi-priv-local-custom]
 +
; we only have extensions 1300 -> 1399 locally
 +
exten => _13XX,1,Macro(dial,${EXTEN})
 +
 +
[dundi-priv-lookup-custom]
 +
; Check our private peers for the exten #. Search 'priv' dundi context
 +
switch => DUNDi/priv
 +
 +
[dundi-priv-incoming-custom]
 +
; when we get an incoming call from a private peer, it gets directed here
 +
include => dundi-priv-local-custom
  
 +
;------------------------------------------------------------------------------
 +
; Outgoing Calls Contexts
 +
;------------------------------------------------------------------------------
  
 +
[local-custom]
 +
; For extensions starting with 1000 -> 1099 and 1600 -> 1699 do a dundi-lookup (private extens)
 +
exten => _1[06]XX,1,Macro(dundi-lookup-custom,${EXTEN})
  
 +
[from-internal-custom]
 +
include => local-custom
 +
include => from-internal-trixbox
  
 
== SIP registration ==
 
== SIP registration ==
Line 121: Line 161:
  
 
== DUNDi CLI-checks ==
 
== DUNDi CLI-checks ==
* '''dundi lookup''':
+
===1001@priv:===
  asterisk1*CLI> dundi lookup 301@priv bypass
+
  asterisk1*CLI> dundi lookup 1001@priv
  1.    0 IAX2/priv:ByWFbOGKgGmZbM43BJHSZw@2.4tw.nl/301 (EXISTS)
+
  1.    0 IAX2/priv:ZUIkF+Wl0TuXtd13pK5UXQ@192.168.1.106/1001 (EXISTS|NOUNSLCTD|NOCOMUNSLTD)
      from 00:0c:29:d2:d8:ec, expires in 3600 s
+
    from 00:0c:29:d2:d8:ec, expires in 5 s
  DUNDi lookup completed in 113 ms
+
  DUNDi lookup completed in 89 ms
  
asterisk1*CLI> dundi lookup 202@priv
 
  1.    0 IAX2/priv:+DmRAz4RjwF6GQMC3zopfQ@1.4tw.nl/202 (EXISTS)
 
      from 00:0c:29:e4:14:80, expires in 3570 s
 
DUNDi lookup completed in 13 ms
 
  
* [http://www.asteriskguru.com/tutorials/cli_cmd_14_page10.html List of Asterisk1.4 dundi-CLI-commands]
+
===1301@priv:===
 +
asterisk1*CLI> dundi lookup 1301@priv
 +
  1.    0 IAX2/priv:NbJdfOHodguANV0MOKuaQg@192.168.1.101/1301 (EXISTS|NOUNSLCTD|NOCOMUNSLTD)
 +
    from 00:0c:29:97:0b:98, expires in 5 s
 +
DUNDi lookup completed in 52 ms
  
== Alternatives to DUNDi ==
+
===1601@priv:===
You can also try the TDMoE zaptel driver. This is similar to the ztdummy driver in some ways but it will link 2 or more PBX's on the same physical network with zap channels. So on a 100Mb ethernet interface you could potentially get the equivalent of about 50 PRI lines. Overkill maybe, but you can set the number of channels you want. This should be good for interconnecting a voicemail only Trixbox with another tribox handling the calls. In larger installs this would be useful as it offloads the voicemail agi scripts and transcoding to another box. TDMoE is also much simpler to configure in comparison to DUNDI.
+
asterisk1*CLI> dundi lookup 1601@priv
 +
  1.    0 IAX2/priv:cZzQREFhaxEiS5w22f2Oag@192.168.1.103/1601 (EXISTS|NOUNSLCTD|NOCOMUNSLTD)
 +
    from 00:0c:29:a7:e0:73, expires in 5 s
 +
DUNDi lookup completed in 44 ms
  
you get many of the same features as you do with normal zap channels. It is also very efficient on bandwidth and cpu.
 
  
DUNDI is a good solution for remote PBX's. ([http://www.trixbox.org/modules/newbb/viewtopic.php?topic_id=4361&forum=1 Source])
+
* [[Asterisk DUNDi debug]] - Analysis of DUNDi traffic with Asterisk's debug.
 +
* [http://www.asteriskguru.com/tutorials/cli_cmd_14_page10.html List of Asterisk1.4 dundi-CLI-commands]

Latest revision as of 11:21, 27 February 2007

In order to keep our config files clean, we edited the *_custom.conf files, where possible.

Configuring DUNDi

For making DUNDi work, you have to edit three Asterisk configuration files. The three files are dundi.conf, iax.conf, and extensions.conf. These are in /etc/asterisk/ on the Trixbox.

  • dundi.conf controls peer authentication.
  • iax.conf is our transport protocol.
  • extensions.conf contains your dialplans.

This example connects three peers, PBX1 , PBX2 and PBX3.

iax.conf

First edit iax.conf. Add the following lines, except for any that are duplicated in the [general] section:

[koekje]
type=user
dbsecret=dundi/secret ; the password used by others to make an IAX connection to this machine.
context=from-internal ; this context must not be changed when using Trixbox.
regcontext=d_adv      ; used for registration of connected phones.
disallow=all
allow=ulaw
allow=alaw
allow=gsm

dundi.conf

Now edit dundi.conf. The default file is well commented and has lots of examples--you'll find definitions of all the directives in there. This is where your mapping contexts are defined, which follow this format:

dundi_context => local_context,weight,technology,destination,[options]

The following configuration creates two DUNDi mapping contexts:

The General section:

[general]
port=4520
entityid=00:0C:29:97:0B:98 ; This is the mac address of eth0
cachetime=5
ttl=32
autokill=yes
secretpath=dundi
  • entityid is optional. When not specified, the MAC-address of the first networkcard is used.
  • ttl specifies the max. number of peer-redirects are allowed.
  • cachetime is in seconds.
  • autokill speeds up the requests when a peer is not available.
department=Rubzzzz
organization=Rubzzzz, Inc.
locality=Stad
stateprov=Gr
country=NL
email=your@email.com
phone=+12565551212

The mappings tell us what to advertise in the DUNDi network. N.B. each is 1 long line in the config file.

[mappings]
priv => dundi-priv-local-custom,0,IAX2,koekje:${SECRET}@192.168.1.101/${NUMBER},nounsolicited,nocomunsolicit,nopartial

The peers each have a section with the MAC-address of the peer as name.

[00:0C:29:A7:E0:73] ; MAC address of TrixBox2 eth0
model = symmetric
host = 192.168.1.103
inkey = dundi
outkey = dundi
include = priv
permit = priv
qualify = yes
dynamic=yes
;[00:0C:29:D2:D8:EC] ; MAC address of TrixBox3 eth0
;model = symmetric
;host = 192.168.1.106
;inkey = dundi
;outkey = dundi
;include = priv
;permit = priv
;qualify = yes
;dynamic=yes

You need to create RSA authentication keys for your server. You may name them anything you want; a good naming convention is to use your server's fully-qualified domain name. In the above example we used the same key for all PBX's. Create keys with these commands:

# cd /var/lib/asterisk/keys
# /usr/sbin/astgenkey -n myhost.mynet.com

This creates two keys: myhost.mynet.com.pub and myhost.mynet.com.key. The public key, myhost.mynet.com.pub, must be distributed to all servers you are peering with. (in the /var/lib/asterisk/keys directory) Post it on your Web site if you like. The private key is unencrypted, and like all private encryption keys must be guarded carefully. Then the res_crypto.so line interface:

# asterisk -r
asterisk1*CLI># reload res_crypto.so
asterisk1*CLI># reload pbx_dundi.so

From here you can also run the command show keys to see all of your RSA keys.

dundi/secret is an encryption key automatically generated by Asterisk. You may view this key by running the database show command from the Asterisk CLI. N.B. this key will change periodically (default 3600 sec)

extensions_custom.conf

Finally, edit extensions_custom.conf; this is where you define what numbers to share and what to do with them. Telephone numbers must follow this format:

country_code area_code prefix number

N.B. make sure you leave the lines at the beginning (2 #include lines) and the end (the [from-internal-custom] section) the same if you're using Trixbox.

; This file contains example extensions_custom.conf entries.
; extensions_custom.conf should be used to include customizations
; to AMP's Asterisk dialplan.
; All custom context should contain the string 'custom' in it's name 
; Extensions in AMP have access to the 'from-internal' context.
; The context 'from-internal-custom' is included in 'from-internal' by default
#include extensions_trixbox.conf
#include extensions_hud.conf
[macro-dundi-lookup-custom]
; Goto the extension number. Check the local context first, followed by lookup
; dundi-priv-lookup is a pointer to the switch statement which will look for
; extensions on other machines. This allows the convergence of multiple
; Asterisk servers with different extension number blocks. Very cool!
;
exten => s,1,Goto(${ARG1},1)
include => dundi-priv-local-custom
include => dundi-priv-lookup-custom
[dundi-pstn-local-custom]
[dundi-priv-local-custom]
; we only have extensions 1300 -> 1399 locally
exten => _13XX,1,Macro(dial,${EXTEN})

[dundi-priv-lookup-custom]
; Check our private peers for the exten #. Search 'priv' dundi context
switch => DUNDi/priv

[dundi-priv-incoming-custom]
; when we get an incoming call from a private peer, it gets directed here
include => dundi-priv-local-custom
;------------------------------------------------------------------------------
; Outgoing Calls Contexts
;------------------------------------------------------------------------------
[local-custom]
; For extensions starting with 1000 -> 1099 and 1600 -> 1699 do a dundi-lookup (private extens)
exten => _1[06]XX,1,Macro(dundi-lookup-custom,${EXTEN})
[from-internal-custom]
include => local-custom
include => from-internal-trixbox

SIP registration

Add the following to sip.conf:

regcontext=sipregistration

Once the phones, in this example 201 and 202 register with the PBX, a context of [sipregistration] appears and can be shown in the Asterisk CLI:

asterisk1*CLI> show dialplan sipregistration
[ Context 'sipregistration' created by 'SIP' ]
  '201' =>          1. Noop(201)                                  [SIP]
  '202' =>          1. Noop(202)                                  [SIP]
-= 2 extensions (2 priorities) in 1 context. =-


DUNDi CLI-checks

1001@priv:

asterisk1*CLI> dundi lookup 1001@priv
 1.     0 IAX2/priv:ZUIkF+Wl0TuXtd13pK5UXQ@192.168.1.106/1001 (EXISTS|NOUNSLCTD|NOCOMUNSLTD)
    from 00:0c:29:d2:d8:ec, expires in 5 s
DUNDi lookup completed in 89 ms


1301@priv:

asterisk1*CLI> dundi lookup 1301@priv
 1.     0 IAX2/priv:NbJdfOHodguANV0MOKuaQg@192.168.1.101/1301 (EXISTS|NOUNSLCTD|NOCOMUNSLTD)
    from 00:0c:29:97:0b:98, expires in 5 s
DUNDi lookup completed in 52 ms

1601@priv:

asterisk1*CLI> dundi lookup 1601@priv
 1.     0 IAX2/priv:cZzQREFhaxEiS5w22f2Oag@192.168.1.103/1601 (EXISTS|NOUNSLCTD|NOCOMUNSLTD)
    from 00:0c:29:a7:e0:73, expires in 5 s
DUNDi lookup completed in 44 ms