Difference between revisions of "DUNDi configuration"
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
+ | In order to keep our config files clean, we edited the <tt>*_custom.conf</tt> files, where possible. | ||
+ | |||
==Configuring DUNDi== | ==Configuring DUNDi== | ||
− | + | For making DUNDi work, you have to edit three Asterisk configuration files. The three files are <tt>dundi.conf</tt>, <tt>iax.conf</tt>, and <tt>extensions.conf</tt>. These are in <tt>/etc/asterisk/</tt> on the Trixbox. | |
+ | * <tt>dundi.conf</tt> controls peer authentication. | ||
+ | * <tt>iax.conf</tt> is our transport protocol. | ||
+ | * <tt>extensions.conf</tt> contains your dialplans. | ||
− | + | This example connects three peers, '''PBX1''' , '''PBX2''' and '''PBX3'''. | |
− | |||
− | This example connects | ||
+ | ===iax.conf=== | ||
First edit <tt>iax.conf</tt>. Add the following lines, except for any that are duplicated in the <tt>[general]</tt> section: | First edit <tt>iax.conf</tt>. Add the following lines, except for any that are duplicated in the <tt>[general]</tt> section: | ||
− | [ | + | [koekje] |
− | + | type=user | |
− | + | dbsecret=dundi/secret ; the password used by others to make an IAX connection to this machine. | |
− | + | context=from-internal ; this context must not be changed when using Trixbox. | |
− | + | regcontext=d_adv ; used for registration of connected phones. | |
− | + | disallow=all | |
− | + | allow=ulaw | |
− | + | allow=alaw | |
+ | allow=gsm | ||
+ | ===dundi.conf=== | ||
Now edit <tt>dundi.conf</tt>. The default file is well commented and has lots of examples--you'll find definitions of all the directives in there. This is where your mapping contexts are defined, which follow this format: | Now edit <tt>dundi.conf</tt>. The default file is well commented and has lots of examples--you'll find definitions of all the directives in there. This is where your mapping contexts are defined, which follow this format: | ||
− | + | <tt>dundi_context => local_context,weight,technology,destination,[options]</tt> | |
The following configuration creates two DUNDi mapping contexts: | The following configuration creates two DUNDi mapping contexts: | ||
+ | The General section: | ||
[general] | [general] | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
port=4520 | port=4520 | ||
− | ; | + | entityid=00:0C:29:97:0B:98 ; This is the mac address of eth0 |
− | + | cachetime=5 | |
− | |||
− | cachetime= | ||
ttl=32 | ttl=32 | ||
autokill=yes | autokill=yes | ||
secretpath=dundi | secretpath=dundi | ||
− | + | *<tt>entityid</tt> is optional. When not specified, the MAC-address of the first networkcard is used. | |
+ | *<tt>ttl</tt> specifies the max. number of peer-redirects are allowed. | ||
+ | *<tt>cachetime</tt> is in seconds. | ||
+ | *<tt>autokill</tt> speeds up the requests when a peer is not available. | ||
+ | department=Rubzzzz | ||
+ | organization=Rubzzzz, Inc. | ||
+ | locality=Stad | ||
+ | stateprov=Gr | ||
+ | country=NL | ||
+ | email=your@email.com | ||
+ | phone=+12565551212 | ||
+ | |||
+ | The mappings tell us what to advertise in the DUNDi network. | ||
+ | N.B. each is 1 long line in the config file. | ||
[mappings] | [mappings] | ||
− | + | priv => dundi-priv-local-custom,0,IAX2,koekje:${SECRET}@192.168.1.101/${NUMBER},nounsolicited,nocomunsolicit,nopartial | |
− | + | ||
− | + | The peers each have a section with the MAC-address of the peer as name. | |
− | + | [00:0C:29:A7:E0:73] ; MAC address of TrixBox2 eth0 | |
− | + | model = symmetric | |
− | [ | + | host = 192.168.1.103 |
− | + | inkey = dundi | |
− | + | outkey = dundi | |
− | + | include = priv | |
− | + | permit = priv | |
− | + | qualify = yes | |
− | + | dynamic=yes | |
− | |||
− | |||
− | You need to create RSA authentication keys for your server. You may name them anything you want; a good naming convention is to use your server's fully-qualified domain name. Create keys with these commands: | + | ;[00:0C:29:D2:D8:EC] ; MAC address of TrixBox3 eth0 |
+ | ;model = symmetric | ||
+ | ;host = 192.168.1.106 | ||
+ | ;inkey = dundi | ||
+ | ;outkey = dundi | ||
+ | ;include = priv | ||
+ | ;permit = priv | ||
+ | ;qualify = yes | ||
+ | ;dynamic=yes | ||
+ | |||
+ | You need to create RSA authentication keys for your server. You may name them anything you want; a good naming convention is to use your server's fully-qualified domain name. | ||
+ | In the above example we used the same key for all PBX's. | ||
+ | Create keys with these commands: | ||
# cd /var/lib/asterisk/keys | # cd /var/lib/asterisk/keys | ||
# /usr/sbin/astgenkey -n myhost.mynet.com | # /usr/sbin/astgenkey -n myhost.mynet.com | ||
− | This creates two keys: <tt>myhost.mynet.com.pub</tt> and <tt>myhost.mynet.com.key</tt>. The public key, <tt>myhost.mynet.com.pub</tt>, must be distributed to all servers you are peering with. Post it on your Web site if you like. The ''private key'' is unencrypted, and like all private encryption keys '''must be guarded carefully'''. Then the <tt>res_crypto.so</tt> line interface: | + | This creates two keys: <tt>myhost.mynet.com.pub</tt> and <tt>myhost.mynet.com.key</tt>. The public key, <tt>myhost.mynet.com.pub</tt>, must be distributed to all servers you are peering with. (in the <tt>/var/lib/asterisk/keys |
+ | </tt> directory) Post it on your Web site if you like. The ''private key'' is unencrypted, and like all private encryption keys '''must be guarded carefully'''. Then the <tt>res_crypto.so</tt> line interface: | ||
# asterisk -r | # asterisk -r | ||
Line 70: | Line 89: | ||
asterisk1*CLI># reload pbx_dundi.so | asterisk1*CLI># reload pbx_dundi.so | ||
− | From here you can also run the command <tt>show keys</tt> to see all of your RSA keys. | + | From here you can also run the command <tt>show keys</tt> to see all of your RSA keys. |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
<tt>dundi/secret</tt> is an encryption key automatically generated by Asterisk. You may view this key by running the <tt>database show</tt> command from the Asterisk CLI. | <tt>dundi/secret</tt> is an encryption key automatically generated by Asterisk. You may view this key by running the <tt>database show</tt> command from the Asterisk CLI. | ||
+ | N.B. this key will change periodically (default 3600 sec) | ||
− | + | ===extensions_custom.conf=== | |
− | + | Finally, edit <tt>extensions_custom.conf</tt>; this is where you define what numbers to share and what to do with them. Telephone numbers must follow this format: | |
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
+ | <tt>country_code area_code prefix number</tt> | ||
+ | N.B. make sure you leave the lines at the beginning (2 <tt>#include</tt> lines) and the end (the <tt>[from-internal-custom]</tt> section) the same if you're using Trixbox. | ||
+ | ; This file contains example extensions_custom.conf entries. | ||
+ | ; extensions_custom.conf should be used to include customizations | ||
+ | ; to AMP's Asterisk dialplan. | ||
+ | ; All custom context should contain the string 'custom' in it's name | ||
+ | ; Extensions in AMP have access to the 'from-internal' context. | ||
+ | ; The context 'from-internal-custom' is included in 'from-internal' by default | ||
+ | #include extensions_trixbox.conf | ||
+ | #include extensions_hud.conf | ||
+ | [macro-dundi-lookup-custom] | ||
+ | ; Goto the extension number. Check the local context first, followed by lookup | ||
+ | ; dundi-priv-lookup is a pointer to the switch statement which will look for | ||
+ | ; extensions on other machines. This allows the convergence of multiple | ||
+ | ; Asterisk servers with different extension number blocks. Very cool! | ||
+ | ; | ||
+ | exten => s,1,Goto(${ARG1},1) | ||
+ | include => dundi-priv-local-custom | ||
+ | include => dundi-priv-lookup-custom | ||
+ | [dundi-pstn-local-custom] | ||
+ | [dundi-priv-local-custom] | ||
+ | ; we only have extensions 1300 -> 1399 locally | ||
+ | exten => _13XX,1,Macro(dial,${EXTEN}) | ||
+ | |||
+ | [dundi-priv-lookup-custom] | ||
+ | ; Check our private peers for the exten #. Search 'priv' dundi context | ||
+ | switch => DUNDi/priv | ||
+ | |||
+ | [dundi-priv-incoming-custom] | ||
+ | ; when we get an incoming call from a private peer, it gets directed here | ||
+ | include => dundi-priv-local-custom | ||
+ | ;------------------------------------------------------------------------------ | ||
+ | ; Outgoing Calls Contexts | ||
+ | ;------------------------------------------------------------------------------ | ||
+ | [local-custom] | ||
+ | ; For extensions starting with 1000 -> 1099 and 1600 -> 1699 do a dundi-lookup (private extens) | ||
+ | exten => _1[06]XX,1,Macro(dundi-lookup-custom,${EXTEN}) | ||
+ | [from-internal-custom] | ||
+ | include => local-custom | ||
+ | include => from-internal-trixbox | ||
== SIP registration == | == SIP registration == | ||
Line 119: | Line 159: | ||
-= 2 extensions (2 priorities) in 1 context. =- | -= 2 extensions (2 priorities) in 1 context. =- | ||
− | |||
− | |||
− | + | == DUNDi CLI-checks == | |
+ | ===1001@priv:=== | ||
+ | asterisk1*CLI> dundi lookup 1001@priv | ||
+ | 1. 0 IAX2/priv:ZUIkF+Wl0TuXtd13pK5UXQ@192.168.1.106/1001 (EXISTS|NOUNSLCTD|NOCOMUNSLTD) | ||
+ | from 00:0c:29:d2:d8:ec, expires in 5 s | ||
+ | DUNDi lookup completed in 89 ms | ||
+ | |||
+ | |||
+ | ===1301@priv:=== | ||
+ | asterisk1*CLI> dundi lookup 1301@priv | ||
+ | 1. 0 IAX2/priv:NbJdfOHodguANV0MOKuaQg@192.168.1.101/1301 (EXISTS|NOUNSLCTD|NOCOMUNSLTD) | ||
+ | from 00:0c:29:97:0b:98, expires in 5 s | ||
+ | DUNDi lookup completed in 52 ms | ||
+ | |||
+ | ===1601@priv:=== | ||
+ | asterisk1*CLI> dundi lookup 1601@priv | ||
+ | 1. 0 IAX2/priv:cZzQREFhaxEiS5w22f2Oag@192.168.1.103/1601 (EXISTS|NOUNSLCTD|NOCOMUNSLTD) | ||
+ | from 00:0c:29:a7:e0:73, expires in 5 s | ||
+ | DUNDi lookup completed in 44 ms | ||
+ | |||
− | + | * [[Asterisk DUNDi debug]] - Analysis of DUNDi traffic with Asterisk's debug. | |
+ | * [http://www.asteriskguru.com/tutorials/cli_cmd_14_page10.html List of Asterisk1.4 dundi-CLI-commands] |
Latest revision as of 11:21, 27 February 2007
In order to keep our config files clean, we edited the *_custom.conf files, where possible.
Contents
Configuring DUNDi
For making DUNDi work, you have to edit three Asterisk configuration files. The three files are dundi.conf, iax.conf, and extensions.conf. These are in /etc/asterisk/ on the Trixbox.
- dundi.conf controls peer authentication.
- iax.conf is our transport protocol.
- extensions.conf contains your dialplans.
This example connects three peers, PBX1 , PBX2 and PBX3.
iax.conf
First edit iax.conf. Add the following lines, except for any that are duplicated in the [general] section:
[koekje] type=user dbsecret=dundi/secret ; the password used by others to make an IAX connection to this machine. context=from-internal ; this context must not be changed when using Trixbox. regcontext=d_adv ; used for registration of connected phones. disallow=all allow=ulaw allow=alaw allow=gsm
dundi.conf
Now edit dundi.conf. The default file is well commented and has lots of examples--you'll find definitions of all the directives in there. This is where your mapping contexts are defined, which follow this format:
dundi_context => local_context,weight,technology,destination,[options]
The following configuration creates two DUNDi mapping contexts:
The General section:
[general] port=4520 entityid=00:0C:29:97:0B:98 ; This is the mac address of eth0 cachetime=5 ttl=32 autokill=yes secretpath=dundi
- entityid is optional. When not specified, the MAC-address of the first networkcard is used.
- ttl specifies the max. number of peer-redirects are allowed.
- cachetime is in seconds.
- autokill speeds up the requests when a peer is not available.
department=Rubzzzz organization=Rubzzzz, Inc. locality=Stad stateprov=Gr country=NL email=your@email.com phone=+12565551212
The mappings tell us what to advertise in the DUNDi network. N.B. each is 1 long line in the config file.
[mappings] priv => dundi-priv-local-custom,0,IAX2,koekje:${SECRET}@192.168.1.101/${NUMBER},nounsolicited,nocomunsolicit,nopartial
The peers each have a section with the MAC-address of the peer as name.
[00:0C:29:A7:E0:73] ; MAC address of TrixBox2 eth0 model = symmetric host = 192.168.1.103 inkey = dundi outkey = dundi include = priv permit = priv qualify = yes dynamic=yes
;[00:0C:29:D2:D8:EC] ; MAC address of TrixBox3 eth0 ;model = symmetric ;host = 192.168.1.106 ;inkey = dundi ;outkey = dundi ;include = priv ;permit = priv ;qualify = yes ;dynamic=yes
You need to create RSA authentication keys for your server. You may name them anything you want; a good naming convention is to use your server's fully-qualified domain name. In the above example we used the same key for all PBX's. Create keys with these commands:
# cd /var/lib/asterisk/keys # /usr/sbin/astgenkey -n myhost.mynet.com
This creates two keys: myhost.mynet.com.pub and myhost.mynet.com.key. The public key, myhost.mynet.com.pub, must be distributed to all servers you are peering with. (in the /var/lib/asterisk/keys directory) Post it on your Web site if you like. The private key is unencrypted, and like all private encryption keys must be guarded carefully. Then the res_crypto.so line interface:
# asterisk -r asterisk1*CLI># reload res_crypto.so asterisk1*CLI># reload pbx_dundi.so
From here you can also run the command show keys to see all of your RSA keys.
dundi/secret is an encryption key automatically generated by Asterisk. You may view this key by running the database show command from the Asterisk CLI. N.B. this key will change periodically (default 3600 sec)
extensions_custom.conf
Finally, edit extensions_custom.conf; this is where you define what numbers to share and what to do with them. Telephone numbers must follow this format:
country_code area_code prefix number
N.B. make sure you leave the lines at the beginning (2 #include lines) and the end (the [from-internal-custom] section) the same if you're using Trixbox.
; This file contains example extensions_custom.conf entries. ; extensions_custom.conf should be used to include customizations ; to AMP's Asterisk dialplan. ; All custom context should contain the string 'custom' in it's name ; Extensions in AMP have access to the 'from-internal' context. ; The context 'from-internal-custom' is included in 'from-internal' by default
#include extensions_trixbox.conf #include extensions_hud.conf
[macro-dundi-lookup-custom] ; Goto the extension number. Check the local context first, followed by lookup ; dundi-priv-lookup is a pointer to the switch statement which will look for ; extensions on other machines. This allows the convergence of multiple ; Asterisk servers with different extension number blocks. Very cool! ; exten => s,1,Goto(${ARG1},1) include => dundi-priv-local-custom include => dundi-priv-lookup-custom
[dundi-pstn-local-custom]
[dundi-priv-local-custom] ; we only have extensions 1300 -> 1399 locally exten => _13XX,1,Macro(dial,${EXTEN}) [dundi-priv-lookup-custom] ; Check our private peers for the exten #. Search 'priv' dundi context switch => DUNDi/priv [dundi-priv-incoming-custom] ; when we get an incoming call from a private peer, it gets directed here include => dundi-priv-local-custom
;------------------------------------------------------------------------------ ; Outgoing Calls Contexts ;------------------------------------------------------------------------------
[local-custom] ; For extensions starting with 1000 -> 1099 and 1600 -> 1699 do a dundi-lookup (private extens) exten => _1[06]XX,1,Macro(dundi-lookup-custom,${EXTEN})
[from-internal-custom] include => local-custom include => from-internal-trixbox
SIP registration
Add the following to sip.conf:
regcontext=sipregistration
Once the phones, in this example 201 and 202 register with the PBX, a context of [sipregistration] appears and can be shown in the Asterisk CLI:
asterisk1*CLI> show dialplan sipregistration [ Context 'sipregistration' created by 'SIP' ] '201' => 1. Noop(201) [SIP] '202' => 1. Noop(202) [SIP] -= 2 extensions (2 priorities) in 1 context. =-
DUNDi CLI-checks
1001@priv:
asterisk1*CLI> dundi lookup 1001@priv 1. 0 IAX2/priv:ZUIkF+Wl0TuXtd13pK5UXQ@192.168.1.106/1001 (EXISTS|NOUNSLCTD|NOCOMUNSLTD) from 00:0c:29:d2:d8:ec, expires in 5 s DUNDi lookup completed in 89 ms
1301@priv:
asterisk1*CLI> dundi lookup 1301@priv 1. 0 IAX2/priv:NbJdfOHodguANV0MOKuaQg@192.168.1.101/1301 (EXISTS|NOUNSLCTD|NOCOMUNSLTD) from 00:0c:29:97:0b:98, expires in 5 s DUNDi lookup completed in 52 ms
1601@priv:
asterisk1*CLI> dundi lookup 1601@priv 1. 0 IAX2/priv:cZzQREFhaxEiS5w22f2Oag@192.168.1.103/1601 (EXISTS|NOUNSLCTD|NOCOMUNSLTD) from 00:0c:29:a7:e0:73, expires in 5 s DUNDi lookup completed in 44 ms
- Asterisk DUNDi debug - Analysis of DUNDi traffic with Asterisk's debug.
- List of Asterisk1.4 dundi-CLI-commands