Hi all,
I am studying and improving my understanding of how kamailio works, I have used asterisk for a few years(and starting learning freeswitch too), and I use an application to manage extensions, trunks and other media services. I'm building a new scenario where kamailio is facing the internet and the asterisk(s) are internally on private networks, would like the opinion of you who are more experienced with more complex environments than me.
I cannot change the application that uses asterisk for now, due to the effort to develop event monitoring, cdr and other features that I use today.
I imagined and working on making kamailio functional by saving the registration of extensions with location on DB, and with the UAC module making the registration of extensions on asterisk(s), replacing the registration address with the address of kamailio, its functional at this point, but data replication with extensions turns things some hard to mantain manually.
I think about using the DNS domain for each asterisk and make this forwarded, each asterisk response for a fqdn and its extensions, like ( pbx1.example.com is forwarded to asterisk1, pbx2.example.com to asterisk2) and so on.
Read about the dispatcher, rr, htable,carrierroute module to identify the domain and forward based on that , none made me sure to be chosen for the role, however, everyone has the resources to do it.
I am very wrong to follow this path, which option in your opinion is "less" painful for a beginner apprentice like me?
I think about simple proxy based on domain requests(all messages and dialogs) to asterisk where is responsible for the domain(realm) but, loss the ability to use great security features of kamailio, is what I understand now with the knowledge I have.
Sorry and forgive my english, i'm not very good at writing.
Hi Daian,
Rather than reoriginaring registrations with Kamailio’s UAC module, I suggest you look into the Path extension and Kamailio’s PATH module as a means of relaying registrations inward to Asterisk.
You can still benefit from security features of Kamailio in that case, while removing 90% of the complexity in your proposal. :-)
— Alex
— Sent from mobile, with due apologies for brevity and errors.
On May 28, 2021, at 10:24 AM, Daian Conrad daian.conrad@gmail.com wrote:
Hi all,
I am studying and improving my understanding of how kamailio works, I have used asterisk for a few years(and starting learning freeswitch too), and I use an application to manage extensions, trunks and other media services. I'm building a new scenario where kamailio is facing the internet and the asterisk(s) are internally on private networks, would like the opinion of you who are more experienced with more complex environments than me.
I cannot change the application that uses asterisk for now, due to the effort to develop event monitoring, cdr and other features that I use today.
I imagined and working on making kamailio functional by saving the registration of extensions with location on DB, and with the UAC module making the registration of extensions on asterisk(s), replacing the registration address with the address of kamailio, its functional at this point, but data replication with extensions turns things some hard to mantain manually.
I think about using the DNS domain for each asterisk and make this forwarded, each asterisk response for a fqdn and its extensions, like (pbx1.example.com is forwarded to asterisk1, pbx2.example.com to asterisk2) and so on.
Read about the dispatcher, rr, htable,carrierroute module to identify the domain and forward based on that , none made me sure to be chosen for the role, however, everyone has the resources to do it.
I am very wrong to follow this path, which option in your opinion is "less" painful for a beginner apprentice like me?
I think about simple proxy based on domain requests(all messages and dialogs) to asterisk where is responsible for the domain(realm) but, loss the ability to use great security features of kamailio, is what I understand now with the knowledge I have.
Sorry and forgive my english, i'm not very good at writing.
--
**Daian Conrad**
E-mail: daian.conrad@gmail.com OpenS Team (DaCoD) Linux user: #248912
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
Heads-up though, before you get over excited about the suggested simplicity of using PATH. Don't try it if your asterisk farm runs on PJSIP - it simply won't work.
On Fri, May 28, 2021 at 11:53 AM Alex Balashov abalashov@evaristesys.com wrote:
Hi Daian,
Rather than reoriginaring registrations with Kamailio’s UAC module, I suggest you look into the Path extension and Kamailio’s PATH module as a means of relaying registrations inward to Asterisk.
You can still benefit from security features of Kamailio in that case, while removing 90% of the complexity in your proposal. :-)
— Alex
— Sent from mobile, with due apologies for brevity and errors.
On May 28, 2021, at 10:24 AM, Daian Conrad daian.conrad@gmail.com wrote:
Hi all,
I am studying and improving my understanding of how kamailio works, I have used asterisk for a few years(and starting learning freeswitch too), and I use an application to manage extensions, trunks and other media services. I'm building a new scenario where kamailio is facing the internet and the asterisk(s) are internally on private networks, would like the opinion of you who are more experienced with more complex environments than me.
I cannot change the application that uses asterisk for now, due to the effort to develop event monitoring, cdr and other features that I use today.
I imagined and working on making kamailio functional by saving the registration of extensions with location on DB, and with the UAC module making the registration of extensions on asterisk(s), replacing the registration address with the address of kamailio, its functional at this point, but data replication with extensions turns things some hard to mantain manually.
I think about using the DNS domain for each asterisk and make this forwarded, each asterisk response for a fqdn and its extensions, like ( pbx1.example.com is forwarded to asterisk1, pbx2.example.com to asterisk2) and so on.
Read about the dispatcher, rr, htable,carrierroute module to identify the domain and forward based on that , none made me sure to be chosen for the role, however, everyone has the resources to do it.
I am very wrong to follow this path, which option in your opinion is "less" painful for a beginner apprentice like me?
I think about simple proxy based on domain requests(all messages and dialogs) to asterisk where is responsible for the domain(realm) but, loss the ability to use great security features of kamailio, is what I understand now with the knowledge I have.
Sorry and forgive my english, i'm not very good at writing.
--
**Daian Conrad**
E-mail: daian.conrad@gmail.com OpenS Team (DaCoD) Linux user: #248912
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
On 5/28/21 12:47 PM, Sergiu Pojoga wrote:
Heads-up though, before you get over excited about the suggested simplicity of using PATH. Don't try it if your asterisk farm runs on PJSIP - it simply won't work.
Why, did they break Path?
Yeah, PATH implimentation is broken in PJSIP. There's a ticket with Digium pending for the last 2+ years, low importance, according to them...
On Fri., May 28, 2021, 12:52 p.m. Alex Balashov, abalashov@evaristesys.com wrote:
On 5/28/21 12:47 PM, Sergiu Pojoga wrote:
Heads-up though, before you get over excited about the suggested simplicity of using PATH. Don't try it if your asterisk farm runs on PJSIP - it simply won't work.
Why, did they break Path?
-- Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
On 5/28/21 1:00 PM, Sergiu Pojoga wrote:
Yeah, PATH implimentation is broken in PJSIP. There's a ticket with Digium pending for the last 2+ years, low importance, according to them...
How sad. Thanks for the heads up.
Just to add a bit more context, its probably this particular issue: https://issues.asterisk.org/jira/browse/ASTERISK-28211
Cheers,
Henning
-- Henning Westerholt – https://skalatan.de/blog/ Kamailio services – https://gilawa.comhttps://gilawa.com/
From: sr-users sr-users-bounces@lists.kamailio.org On Behalf Of Sergiu Pojoga Sent: Friday, May 28, 2021 7:00 PM To: Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org Subject: Re: [SR-Users] Architecture - your opinion is welcome and your experience too
Yeah, PATH implimentation is broken in PJSIP. There's a ticket with Digium pending for the last 2+ years, low importance, according to them...
On Fri., May 28, 2021, 12:52 p.m. Alex Balashov, <abalashov@evaristesys.commailto:abalashov@evaristesys.com> wrote: On 5/28/21 12:47 PM, Sergiu Pojoga wrote:
Heads-up though, before you get over excited about the suggested simplicity of using PATH. Don't try it if your asterisk farm runs on PJSIP - it simply won't work.
Why, did they break Path?
-- Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * sr-users@lists.kamailio.orgmailto:sr-users@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Maybe you need to rethink wether you want the users registered on the asterisks, instead registering on kamailio? Is that an option?
On Fri, 28 May 2021 at 18:28, Henning Westerholt hw@skalatan.de wrote:
Just to add a bit more context, its probably this particular issue:
https://issues.asterisk.org/jira/browse/ASTERISK-28211
Cheers,
Henning
--
Henning Westerholt – https://skalatan.de/blog/
Kamailio services – https://gilawa.com
*From:* sr-users sr-users-bounces@lists.kamailio.org *On Behalf Of *Sergiu Pojoga *Sent:* Friday, May 28, 2021 7:00 PM *To:* Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org *Subject:* Re: [SR-Users] Architecture - your opinion is welcome and your experience too
Yeah, PATH implimentation is broken in PJSIP. There's a ticket with Digium pending for the last 2+ years, low importance, according to them...
On Fri., May 28, 2021, 12:52 p.m. Alex Balashov, < abalashov@evaristesys.com> wrote:
On 5/28/21 12:47 PM, Sergiu Pojoga wrote:
Heads-up though, before you get over excited about the suggested simplicity of using PATH. Don't try it if your asterisk farm runs on PJSIP - it simply won't work.
Why, did they break Path?
-- Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
On 5/28/21 2:01 PM, David Villasmil wrote:
Maybe you need to rethink wether you want the users registered on the asterisks, instead registering on kamailio? Is that an option?
I would agree with that. Besides, I've heard that chan_pjsip has made it a lot easier to have an outboard registrar.
On 5/28/21 2:01 PM, David Villasmil wrote:
Maybe you need to rethink wether you want the users registered on the asterisks, instead registering on kamailio? Is that an option?
He had stated it was too difficult to redo the asterisk side I believe...
Generally, you can put Kamailio as a mid-registrar and you could either move Asterisk to private IP and proxy the RTP or have a domain lookup (htable or module) to forward the domain to the proper PBX.
Many different ways to approach it of course.
I'm trying to take this decision David, is hard to change application on asterisk side by now.
Yes Fred, I think is the way, use htable to choose asterisk's.
thanks guys, your answers motivate me to keep looking for the best solution ;-)
Em sex., 28 de mai. de 2021 às 15:03, David Villasmil < david.villasmil.work@gmail.com> escreveu:
Maybe you need to rethink wether you want the users registered on the asterisks, instead registering on kamailio? Is that an option?
On Fri, 28 May 2021 at 18:28, Henning Westerholt hw@skalatan.de wrote:
Just to add a bit more context, its probably this particular issue:
https://issues.asterisk.org/jira/browse/ASTERISK-28211
Cheers,
Henning
--
Henning Westerholt – https://skalatan.de/blog/
Kamailio services – https://gilawa.com
*From:* sr-users sr-users-bounces@lists.kamailio.org *On Behalf Of *Sergiu Pojoga *Sent:* Friday, May 28, 2021 7:00 PM *To:* Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org *Subject:* Re: [SR-Users] Architecture - your opinion is welcome and your experience too
Yeah, PATH implimentation is broken in PJSIP. There's a ticket with Digium pending for the last 2+ years, low importance, according to them...
On Fri., May 28, 2021, 12:52 p.m. Alex Balashov, < abalashov@evaristesys.com> wrote:
On 5/28/21 12:47 PM, Sergiu Pojoga wrote:
Heads-up though, before you get over excited about the suggested simplicity of using PATH. Don't try it if your asterisk farm runs on PJSIP - it simply won't work.
Why, did they break Path?
-- Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
-- Regards,
David Villasmil email: david.villasmil.work@gmail.com phone: +34669448337 __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
Thanks for the answers and the discussion guys,
yes, i'm trying module PATH, but just work for me if I use kamailio like proxy(by-passing) to asterisk(pjsip)
* # Add path for REGISTER if ((is_method("REGISTER"))) { add_path(); } $du = "sip:172.29.1.24:5060 http://172.29.1.24:5060"; route(RELAY); exit;*
In this case I lost statefull and security features in my config, registrations works.
Question: Can I use route[REQINIT] (default) before forward request to asterisk or need adjusts, try to soften SIP brute-forces?
Em sex., 28 de mai. de 2021 às 14:27, Henning Westerholt hw@skalatan.de escreveu:
Just to add a bit more context, its probably this particular issue:
https://issues.asterisk.org/jira/browse/ASTERISK-28211
Cheers,
Henning
--
Henning Westerholt – https://skalatan.de/blog/
Kamailio services – https://gilawa.com
*From:* sr-users sr-users-bounces@lists.kamailio.org *On Behalf Of *Sergiu Pojoga *Sent:* Friday, May 28, 2021 7:00 PM *To:* Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org *Subject:* Re: [SR-Users] Architecture - your opinion is welcome and your experience too
Yeah, PATH implimentation is broken in PJSIP. There's a ticket with Digium pending for the last 2+ years, low importance, according to them...
On Fri., May 28, 2021, 12:52 p.m. Alex Balashov, < abalashov@evaristesys.com> wrote:
On 5/28/21 12:47 PM, Sergiu Pojoga wrote:
Heads-up though, before you get over excited about the suggested simplicity of using PATH. Don't try it if your asterisk farm runs on PJSIP - it simply won't work.
Why, did they break Path?
-- Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
Kamailio - Users Mailing List - Non Commercial Discussions
- sr-users@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
-
Alex Balashov -
Daian Conrad -
David Villasmil -
Fred Posner -
Henning Westerholt -
Sergiu Pojoga