Sip2sim Source IPs: Difference between revisions
(Created page with "==Overview== With SIP2SIM, we register the SIM to the customer's SIP PBX just like a normal VoIP phone would do. However, unlike a normal VoIP phone we need to register and...") |
(clean up) |
||
(5 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
==Overview== |
|||
With SIP2SIM, we register the SIM to the customer's SIP PBX just like a normal VoIP phone would do. |
With SIP2SIM, we register the SIM to the customer's SIP PBX just like a normal VoIP phone would do. |
||
However, unlike a normal VoIP phone we need to register and route calls to the customer PBX in a resilient way - that means we have multiple devices at our side that are used for SIP2SIM registrations and call routing. This follows the SIP specification, but some PBXs have problems. |
However, unlike a normal VoIP phone we need to register and route calls to the customer PBX in a resilient way - that means we have multiple devices at our side that are used for SIP2SIM registrations and call routing. This follows the SIP specification, but some PBXs have problems. |
||
"Voiceless" is the name of our SIP platform. At the moment AAISP have 2 'voiceless' SIP servers. |
|||
==IP Addresses== |
==IP Addresses== |
||
We have reserved 10 IPv4 addresses for all of our VoIP control traffic. For our current platform "Voiceless" these are also used for the media (RTP) traffic. This makes firewalling simpler, etc. See the [[ |
We have reserved 10 IPv4 addresses for all of our VoIP control traffic. For our current platform "Voiceless" these are also used for the media (RTP) traffic. This makes firewalling simpler, etc. See the [[VoIP Firewall]] page for the details. |
||
==Asterisk Specific== |
==Asterisk Specific== |
||
Line 15: | Line 15: | ||
Customers using asterisk will know that the config for these can be somewhat complex, listing 10 hostnames each for IPv4 and [[IPv6]] as the way asterisk works is to look up an IP for a hostname, pick the first, and check that against the request IP address. Asterisk really needs fixing. |
Customers using asterisk will know that the config for these can be somewhat complex, listing 10 hostnames each for IPv4 and [[IPv6]] as the way asterisk works is to look up an IP for a hostname, pick the first, and check that against the request IP address. Asterisk really needs fixing. |
||
The "voiceless" call servers use two addresses per server for each of IPv4 and [[IPv6]]. These shall be: |
|||
For voiceless we have been using two addresses 81.187.30.111 and 81.187.30.112 as well as [[IPv6]] addresses 2001:8b0:0:30::5060::1 and 2001:8b0:0:30::5060::2. We recently tried a slight change on the [[IPv6]] addresses, and this caused some issues. What we are planning to do now, for the "voiceless" call servers is use two addresses per server for each of IPv4 and [[IPv6]]. These shall be 81.187.30.111 and 81.187.30.113 for the A server and 81.187.30.112 and 81.187.30.114 for the B server. You do not need to know if A or B. The additional two addresses will be used as "source" addresses for any request from these servers to you that need authentication. This allows asterisk to be configured separately for authenticated and unauthenticated requests. Requests may also come from other addresses within the published block when test servers are used, etc. We are also making the corresponding change to [[IPv6]] addresses using :1 and :3 for the A server and :2 and :4 for the B server. We may adjust which IPs are which server at a future date as we also have to consider how we expand beyond the two servers in use currently. These IPs will be accessible via DNS as a.voiceless.aa.net.uk and a.auth.voiceless.aa.net.uk, and so on. If your existing asterisk config is working as per the recommendations, no changes will be needed. The wiki will be updated to explain how you can use these changes. |
|||
81.187.30.111 |
|||
81.187.30.113 |
|||
2001:8b0:0:30:5060::1 |
|||
2001:8b0:0:30:5060::3 |
|||
(for the A server) |
|||
81.187.30.112 |
|||
81.187.30.114 |
|||
2001:8b0:0:30:5060::2 |
|||
2001:8b0:0:30:5060::4 |
|||
(for the B server) |
|||
You do not need to know if A or B. The additional two addresses will be used as "source" addresses for any request from these servers to you that need authentication. This allows asterisk to be configured separately for authenticated and unauthenticated requests. |
|||
Requests may also come from other addresses within the published block when test servers are used, etc. |
|||
We may adjust which IPs are which server at a future date as we also have to consider how we expand beyond the two servers in use currently. These IPs will be accessible via DNS as: |
|||
a.voiceless.aa.net.uk |
|||
a.auth.voiceless.aa.net.uk |
|||
b.voiceless.aa.net.uk |
|||
b.auth.voiceless.aa.net.uk |
|||
...and so on. |
|||
If your existing asterisk config is working as per the recommendations, no changes will be needed. The wiki will be updated to explain how you can use these changes. |
|||
[[Category: |
[[Category:Voice SIMs]] |
Latest revision as of 00:20, 18 August 2018
With SIP2SIM, we register the SIM to the customer's SIP PBX just like a normal VoIP phone would do.
However, unlike a normal VoIP phone we need to register and route calls to the customer PBX in a resilient way - that means we have multiple devices at our side that are used for SIP2SIM registrations and call routing. This follows the SIP specification, but some PBXs have problems.
"Voiceless" is the name of our SIP platform. At the moment AAISP have 2 'voiceless' SIP servers.
IP Addresses
We have reserved 10 IPv4 addresses for all of our VoIP control traffic. For our current platform "Voiceless" these are also used for the media (RTP) traffic. This makes firewalling simpler, etc. See the VoIP Firewall page for the details.
Asterisk Specific
We have a help page for Asterisk and SIP2SIM: Asterisk sip2sim
Customers using asterisk will know that the config for these can be somewhat complex, listing 10 hostnames each for IPv4 and IPv6 as the way asterisk works is to look up an IP for a hostname, pick the first, and check that against the request IP address. Asterisk really needs fixing.
The "voiceless" call servers use two addresses per server for each of IPv4 and IPv6. These shall be:
81.187.30.111 81.187.30.113 2001:8b0:0:30:5060::1 2001:8b0:0:30:5060::3 (for the A server) 81.187.30.112 81.187.30.114 2001:8b0:0:30:5060::2 2001:8b0:0:30:5060::4 (for the B server)
You do not need to know if A or B. The additional two addresses will be used as "source" addresses for any request from these servers to you that need authentication. This allows asterisk to be configured separately for authenticated and unauthenticated requests.
Requests may also come from other addresses within the published block when test servers are used, etc.
We may adjust which IPs are which server at a future date as we also have to consider how we expand beyond the two servers in use currently. These IPs will be accessible via DNS as:
a.voiceless.aa.net.uk a.auth.voiceless.aa.net.uk b.voiceless.aa.net.uk b.auth.voiceless.aa.net.uk ...and so on.
If your existing asterisk config is working as per the recommendations, no changes will be needed. The wiki will be updated to explain how you can use these changes.