Git Product home page Git Product logo

kamailio-private-public's Introduction

kamailio-public-private

Configuration for a Kamailio in a Public/Private network.

I'm posting this Kamailio configuration that will serve SIP and TLS/WSS, tested with JSSip and SIPML.

AWS doesn't actually assign a PUBLIC IP address to the instance's network interface. What it doesn is give you a private IP Address and assign a Public IP Address natted to your instance.

I needed a was to isolate the public from the private, so that the private nodes in the private network are not accessible.

alt text

In this architecture, Kamailio uses the same IP Address to "talk" to public IPs as well as private IP Address via the local IPs.

This configuration will:

  • Act as a REGISTRAR for external clients, SIP over UDP or WSS clients.
  • Serve requests from the public network SIP/UDP as well as SIP/WSS requests, and load-balance them to the internal freeswitches/asterisks.
  • Route requests from the private freeswitches/asterisk to the requested domains. In order to do this, in freeSWITCH you need to add to the gateway's configuration the proxy parameter: <param name="proxy" value="KAMAILIO-IP"/>
  • Proxy RTP via a locally-installed rtpengine.
  • Copy all SIP messages to the specified HOMER node.

Files included

  • kamailio.cfg: Kamailio configuration
  • aliases.cfg: You need to add the domain being served here, i.e.: sip-proxy.domain.com
  • kamctlrc: Kamailio's config for its db backend
  • rsyslog: logrotate's configuration to regularly remove big logs
  • definitions.cfg: All definitions used in Kamailio's config (explained below)

Definitions.cfg

Database-related config

- [KAM_PUBLIC_IP]: The EIP assigned by AWS, to be used when talking to public IPs
- [DBUSER]: The database username
- [DBPASS]: The database password
- [DBHOST]: The database ip address or FQDN

SIP-related config

- LISTEN_OUTSIDE_PORT: The port on which to bind, default: 5060
- LISTEN_OUTSIDE_PROTO: The protocol, default: udp
- [KAM_PRIVATE_IP]: Kamailio's private IP

XMLRPC-related config

- XMLRPC_PORT: Port wher we will receive XMLRPC commands, default: 5066

HOMER-related config

- HOMER_IP!sip:172.31.47.194:9060!g"

WebRTC-related config

- LISTEN_WSS_PORT: The port for incoming webrtc requests, default: 5067
- LISTEN_WSS_PROTO: The protocol for webrtc, default: tls
- LISTEN_WSS_IF: KAM_PRIVATE_IP: Kamailio's private IP

Installing RTPENGINE

git clone https://github.com/sipwise/rtpengine.git
cd rtpengine

INSTALL

apt-get install -y \
debhelper \
default-libmysqlclient-dev  \
gperf  \
iptables-dev \
libavcodec-dev \
libavfilter-dev \
libavformat-dev \
libavutil-dev \
libbencode-perl  \
libcrypt-openssl-rsa-perl  \
libcrypt-rijndael-perl  \
libcurl4-openssl-dev  \
libdigest-crc-perl  \
libdigest-hmac-perl  \
libevent-dev \
libglib2.0-dev \
libhiredis-dev  \
libio-multiplex-perl  \
libio-socket-inet6-perl  \
libiptc-dev  \
libjson-glib-dev  \
libnet-interface-perl  \
libpcre3-dev  \
libsocket6-perl  \
libssl-dev \
libswresample-dev \
libsystemd-dev  \
libxmlrpc-core-c3-dev \
markdown  \
zlib1g-dev \
dkms \
module-assistant && \
libnfsidmap2 && \
libtirpc1 && \
rpcbind && \
keyutils && \
nfs-common

INSTALL

Getting g729 From https://deb.sipwise.com/spce/mr6.2.1/pool/main/b/bcg729/

wget https://deb.sipwise.com/spce/mr6.2.1/pool/main/b/bcg729/libbcg729-0_1.0.4+git20180222-0.1~bpo9+1_amd64.deb
sudo dpkg -i libbcg729-0_1.0.4+git20180222-0.1~bpo9+1_amd64.deb

wget https://deb.sipwise.com/spce/mr6.2.1/pool/main/b/bcg729/libbcg729-dev_1.0.4+git20180222-0.1~bpo9+1_amd64.deb
sudo dpkg -i libbcg729-dev_1.0.4+git20180222-0.1~bpo9+1_amd64.deb

CHECK ALL IS OK WITH

cd rtpengine
dpkg-checkbuilddeps
dpkg-buildpackage

You should get no errors back.

cd ..

dpkg -i ngcp-rtpengine-kernel-dkms_7*.deb && \
dpkg -i ngcp-rtpengine-utils_7*.deb && \
dpkg -i ngcp-rtpengine-daemon_7*.deb && \
dpkg -i ngcp-rtpengine-iptables_7*.deb & \
dpkg -i ngcp-rtpengine-recording-daemon_7*.deb & \
dpkg -i ngcp-rtpengine_7*.deb & \
dpkg -i ngcp-rtpengine-kernel-source_7*.deb

AND SET VALUES SO IT STARTS ON BOOT

vim /etc/default/ngcp-rtpengine-daemon

Configure RTPEngine

Edit /etc/rtpengine/rtpengine.conf

and Set some paramters:

[rtpengine]
table = 0
interface = internal/[YOUR-INTERNAL-IP];external/[YOUR-EXTERNAL-IP]
listen-ng = 22222
listen-tcp = 25060
listen-udp = 12222
listen-cli = 9900
timeout = 60
silent-timeout = 30
tos = 184
pidfile = /var/run/ngcp-rtpengine-daemon.pid
fork = yes
port-min = 30000
port-max = 40000
log-level = 2
log-facility = daemon

Starting RTPEngine

service ngcp-rtpengine-daemon start

Then start kamailio: service kamailio restart

kamailio-private-public's People

Contributors

davidcsi avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.