iptel’s sip express router (ser) sip proxy server sip workshop aarnet by stephen kingham...
TRANSCRIPT
2
Outline and Objectives
• What is SER• Installation• Configuration (user and routing)• Modules• Authentication
3
What is SER?• SIP Express Router• Open Source, and can be commercially supported.• It is a Location Server, a Proxy Server, and a Redirect Server.• Very popular in the Research and Education Sector.• Very efficient, very fast, handle huge call loads (New Yorks busy hour on a
medium sized Pentium with 1Gbyte of RAM)• Has Voice Mail.• Has (SIMPLE Protocol) to Jabber interface for Instant Messaging and
Presence.• Has Web programming interface• Can write your own modules to add features (Internet2 ISN is a good
example).• Uses SQL database
4
Installation• Easy to install. Source is available, so are a wide range of
packages for a very large range of Unix platforms.• Warning: The “how to”s for “webser” do not match the
installations.• The MySQL datsbase is called “ser” and the “database root”
password (“heslo”).
• http://www.aarnet.edu.au/events/conferences/2005/apan-taipei/sip/install-SER.html
5
Sources for information to install• http://www.aarnet.edu.au/events/conferences/2005/apan-
taipei/sip/install-SER.htmlOr• http://www.howtoforge.com/perfect_setup_fedora_core_4http://www.openser.org/ and get the latest RPM.Or• Freebsd comes with SER already!And of course• http://www.openser.org/dokuwiki/doku.php
6
Configuration• All done in /etc/ser/ser.cfg• Once the configuration is changed restart with
/etc/rc.d/init.d/ser restart• First half of /etc/ser/ser.cfg is loading modules and setting some
default.• Second half is how every SIP Message is processed and is like a
programme.• Good primer for the conf is here: http://mit.edu/sip/sip.edu/ser.shtml• And www.operser.org as well as google
7
Example for routing ENUMloadmodule “/srv/ser/modules/enum.so"# if it is a number in correct format, ie with + in front, eg +61262223575If (method=="INVITE" && uri="sip:\+[0-9]{2,15}. *") { # # search for service type "sip" or "voice:sip" or "video:sip" # note the '+' sign in front of the second parameter if ( ! enum_query("e164.arpa.","+sip+voice:sip+video:sip") { # # Did not find sip in e164.arpa # search for "e2u+sip" in freenum.org enum_query("freenum.org."); if ( ! enum_query("+sip+voice:sip+video:sip") { { xlog ( "L_NOTICE", "DEBUG: Did not find enum in e164.arpa or freenum\n" ); }; };};
8
SER programming• Main “route” block processes each sip message• You can have “sub route blocks” called from the main.• You can set flags, (maximum of 30 by default) and test if they are
set or not latter. • Flags can also be defined as a trigger. Eg Setting a flag 2 to
trigger creation of an accounting record.• There no user defined variables, only the standard sip variables
eg– src_ip– from_uri– method
http://www.openser.org/dokuwiki/doku.php
9
Authorisation in SER• Users are put into groups (serctl acl show). The groups are defined in the
serctl programme, look for the following line in the program: ACL_GROUPS="local ld int voicemail free-pstn“I like to add mobile
• Commands in the script:If ( uri =~ “sip:0[1-9][0-9]{7} ) { # destintion is a local number if ( ! is_user_in ( “credentials”, “local”) ) { # user is not in local group, deny the call sl_send_reply(“403”, “No permission for local calls”); break; # exit from script }}consume_credentials() # for calls leaving this domain# route call
©Stephen [email protected]
10
SER administration• Standard error messages from SER go to /var/log/messages
check /var/log/messages to find out why ser does not starteg tail –f /var/log/messages
• Take a look at the “xlog” command in the ser.cfg file to send more information to /var/log/messages.
• You can turn on debugging and run from the command line.• The programme “serctl”. Use this very useful programme for
maintenance, as well as moves adds and changes.
11
SER debug: use xlog• Into ser.cfg add loadmodule "/usr/lib/ser/modules/xlog.so”• xlog(level, format):
level = L_ALERT | L_CRIT | L_ERR | L_WARN | L_NOTICE | L_INFO | L_DBG Format = %rm : request's method
%ru : request's r-uri %tu : 'To' uri %tt : 'To' tag %mi : SIP message id %pp : process id (pid) %is : IP source address
%% : '%' %Ts : unix time stamp %Tf : string formatted time %ci : call-id %cs : cseq %ct : contact header %fu : 'From' uri %ft : 'From' tag
I like xlog ( "L_NOTICE", "DEBUG: uri <%ru> from uri <%fu> to uri <%tu>\n\n" );
12
phpMyAdmin – to manage mysql tables
• serctl programme– The programme “serctl”. Real time monitoring as well as ADD,
MOVES, and CHANGES to users and telephones.– Serctl and serweb write directly to /tmp/ser_fifo.
• phpMyAdmin – to manage mysql tables – Excellent for managing the SER Proxy Server data stored in the mysql
data base.– Get it from www.phpmyadmin.net.– Any changes here do not go via /tmp/ser_fifo and thus to activate
changes ser must be restarted with /etc/rc.d/init.d/ser restart
13
DNS• SIP relies on DNS for routing (eg finding other SIP Servers). If
something goes wrong with DNS then call setups can block for several seconds. Mitigate by:– Cache DNS (eg nscd daemon in Linux)– Have plenty of free children (threads) in the Proxy Server– Process transactions statefully to absorb retransmissions without additional
DNS lookups.
14
NAT Support• On the Server, install and run the STUN Daemon.
• Refer to talk by Dr. Saverio Niccolini ([email protected]) at Tereena 2005 : http://www.terena.nl/conferences/tnc2005/core/getfile.php?file_id=587
15
Routing Telephone numbers!• WWW and email work by using the Domain Name Service
(DNS).– DNS turns human addresses into Internet addresses,– DNS on it’s own is very uninteresting or useful!
• The ENUM standard teaches DNS about Telephone numbers!– VoIP users can discover that they can make VoIP calls to a
number without routing it first to the PSTN!– Traditional Carriers around the world do not like ENUM.
Join the ACMA’s ENUM Trial, ref: enum.edu.au
©Stephen [email protected]
16
Authorisation in SER• Users are put into groups (serctl acl show, add using ). The groups are defined in the
serctl programme, look for ACL_GROUPS="local ld int voicemail free-pstn“I like to add mobile and ld-aarnet-local-cost
• The above is done within the mysql tables.• Commands in the script:
If ( uri =~ “sip:0[1-9][0-9]{7} ) { # destintion is a local number if ( ! is_user_in ( “credentials”, “local”) ) { # user is not in local group, deny the call sl_send_reply(“403”, “No permission for local calls”); break; # exit from script }}consume_credentials() # for calls leaving this domain# route call
©Stephen [email protected]
18
Hard telephones
• All can tftp or ftp their config file.• Some can be configured using web interface.• Generally all can be configured from the keyboard.
• http://www.aarnet.edu.au/events/conferences/2004/sip/UAs/cisco7960/cisco7960.html
• http://www.aarnet.edu.au/events/conferences/2004/sip/UAs/zultys/index.html
• http://www.aarnet.edu.au/events/conferences/2004/sip/UAs/polycom/index.html
19
Radvision MCU and Gateway
• Cisco IOS gased Gateway:http://www.aarnet.edu.au/events/conferences/2004/sip/UAs/ciscoVoIPGateways/ciscoas5300.html
• Radvision MCUhttp://www.aarnet.edu.au/events/conferences/2004/sip/UAs/radvision-viaip400/index.html