Kamailio SIP proxy: an example of installation and minimum configuration

In the work of the system administrator involved in the implementation of telephony systems based on Asterisk, sooner or later a situation may arise when the hardware capabilities of one server to handle all calls are no longer enough. Accordingly, it is necessary to divide the load into several servers. One of the ways to solve this problem is to use SIP proxy, but it should be recognized that, unlike Asterisk, information on SIP proxy, forums, examples and descriptions is at least an order of magnitude less. The purpose of this article is to show with a simple example the possibility of using Kamailio's SIP proxy in conjunction with Asterisk so as to make it as easy as possible to master the SIP proxy for beginners.

All the settings in this example, we will produce on virtual machines hosted on the local network, although if they had public addresses and were in the cloud, there would be no fundamental difference.

Suppose that Asterisk is already installed in the organization, and employees process a large number of incoming calls that the server is no longer able to handle. We will add another Asterisk server (more precisely, we will clone the existing one), and SIP proxy will assume the role of “distributor” of incoming calls.

Let's start with the choice of SIP proxy. On Habré there is a good article on this topic, which discusses the history of the development of major projects. Unlike the author of this article, my choice fell on Kamailio and the web interface for it called Siremis.
')
Install Kamailio. We will use CentOs 6.8 as the OS.

First of all, you need to disable SELinux, update the packages and install the necessary dependencies:

yum -y update && yum -y groupinstall core && yum -y groupinstall base && yum -y install epel-release yum -y install httpd mysql-server php php-mysql php-gd php-curl 

We will need access to port 80 to work with the web-interface and to 5060 udp to work with sip, so we add the rules IPTables:

 iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT iptables -A INPUT -m state --state NEW -m udp -p udp --dport 5060 -j ACCEPT 

Create the file /etc/yum.repos.d/kamailio.repo with the contents:

 [kamailio] name=RPMs for Kamailio on CentOS 6 type=rpm-md baseurl=http://rpm.kamailio.org/stable/CentOS_6/ gpgcheck=1 gpgkey=http://rpm.kamailio.org/stable/CentOS_6/repodata/repomd.xml.key enabled=1 

And install kamailio:

 yum install kamailio kamailio-presence kamailio-mysql 

Do not forget to add demons to autoload:

 chkconfig mysqld on chkconfig httpd on chkconfig kamailio on 

Edit the / etc / kamailio / kamctlrc file: uncomment the line

 DBENGINE=MYSQL 

and specify SIP_DOMAIN. Due to the fact that we are setting up the system on the local network, it will be enough to specify the ip-address

 SIP_DOMAIN=192.168.0.237 

Below you can edit the parameters of connection to the database, but in the case of a training stand it is not necessary to change them.

Run MySQL and generate the necessary tables:

 service mysqld start kamdbctl create 

We answer all questions of the master in the affirmative.

Now edit the main configuration file /etc/kamailio/kamailio.cfg. Logically, it is divided into several sections: global parameters, loading of modules, installation of parameters of modules and routes. Each Kamailio module performs a specific function, so you can download only the necessary libraries for a specific task. The beginning of the file we bring to the form:

 #!KAMAILIO #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_USRLOCDB #!define WITH_PRESENCE #!define WITH_ACCDB 

As is clear from the comments below, these directives include the necessary modules, for example WITH_MYSQL, defined at the beginning of the file, below leads to the loading of the mysql.so module:

 #!ifdef WITH_MYSQL loadmodule "db_mysql.so" #!endif 

Of course, you can load all modules manually, but using the directive is much more convenient. WITH_AUTH, for example, allows users to register for Kamailio using a username and password, and you can see all the choices in the comments below.

For further correct operation of the web interface and statistics, we will make a few more changes:

After all the lines loadmodule add load two more:

 loadmodule "rtimer.so" loadmodule "sqlops.so" 

Before the section of the routes, which is separated by the line ####### Routing Logic ######## add the parameters of the loaded modules:

 modparam("rtimer", "timer", "name=cdr;interval=300;mode=1;") modparam("rtimer", "exec", "timer=cdr;route=CDRS") modparam("sqlops", "sqlcon", "cb=>mysql://kamailio:kamailiorw@localhost/kamailio") 

And add an additional route after the last section of the route in the region of 910 lines of the file:

 route[CDRS] { sql_query("cb","call kamailio_cdrs()","rb"); sql_query("cb","call kamailio_rating('default')","rb"); } 

Launch Kamailio and check that it started:

 service kamailio start ps aux | grep kamailio 

If Kamailio does not start, you need to look at the log / var / log / messages - this is where Kamailio errors will get, unless you additionally configure rsyslog, which is not a big deal.

The default MySQL database is kamailio with a user kamailio with password kamailiorw, unless of course you change the default settings in the / etc / kamailio / kamctlrc file before creating the database. In the event that you change these settings, it will not be superfluous to go through the autochange on the main configuration file kamailio.cfg and enter the correct connection data to the database.

In principle, Kamailio can work without a database - all the necessary values ​​for modules can be set in the configuration file or stored in external files, but using the database, especially on large projects, is much more convenient, plus the Siremis web interface will work with the database, which we will install now.

You need to download, unzip the files, copy them to the directory with which apache will work and give the correct rights:

 cd /usr/src wget http://siremis.asipto.com/pub/downloads/siremis/siremis-4.3.0.tgz tar zxvf siremis* cp -a siremis*/. /var/www/html cd /var/www/html make prepare rm -rf /var/www/html/Makefile rm -rf /var/www/html/Changelog rm -rf /var/www/html/README chown -R apache. /var/www/html 

In the section VirtualHost in the configuration apache for Siremis add

  <Directory "/var/www/html/siremis"> Options Indexes FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from all <FilesMatch "\.xml$"> Order deny,allow Deny from all </FilesMatch> <FilesMatch "\.inc$"> Order deny,allow Deny from all </FilesMatch> </Directory> <Directory "/var/www/html/openbiz"> AllowOverride All Order deny,allow Deny from all </Directory> <Directory "/var/www/html/misc"> AllowOverride All Order deny,allow Deny from all </Directory> 

Further installation of the latest version of Siremis 4.3.0 at the time of this writing may cause problems if you do not have date.timezone set, so it is recommended to make changes to php.ini right away:

 date.timezone = Europe/Moscow 

Siremis will require a separate database. Add user:

 mysql -e "GRANT ALL PRIVILEGES ON siremis.* TO siremis@localhost IDENTIFIED BY 'siremisrw';" 

You can change the parameters of the connection to the database, but do not forget to set the correct values ​​in the future.

Now you can restart apache and go to the final stage of installing Siremis - already through the browser. Go to your ip / siremis



If the system check is passed, you can start the installation.



Note: by default, default passwords from Kamailio and Siremis users are hidden under the asterisks, so if you haven’t made any changes before, you can also not forget the passwords manually at this step.

Be sure to tick all the checkboxes - Create Siremus DB, Import Dafault Data, Update SIP DB, Replace DB config.



Verify that the correct data is provided.



And the installation is complete.



Let's try to make the first call through Kamailio. To do this, go to the SIP Admin menu tab and add a new domain to the Domain List. Kamailio will only serve the domains listed here (or ip-addresses).



If a domain is attached to the address, and users can register either by specifying the ip-address or by specifying the domain, you should add the domain name to the list. In our case, we add only the ip-address of the server to which clients will contact.



To create an internal subscriber or subscriber, we will go to Subscriber Services -> Subscribers and add two numbers - 101 and 102, specifying passwords and a gray address for them as the domain (in our case, 192.168.0.237).



Now, using a softphone, for example Zoiper, we can register on the server and make a call from 101 to 102 numbers or vice versa and make sure that all previous actions were performed correctly.

Let's proceed to setting up the distribution of incoming calls. In the local network, we have 2 virtual machines with Asterisk at 192.168.0.234 and 192.168.0.235, and we need to equally distribute incoming calls between them. In this situation, we will use the dispatcher module, which provides the necessary functionality.

Back in the console, and add to the module loading section in kamailio.cfg

 loadmodule "dispatcher.so" 

as well as two parameters - connections to the database, in which the list of Asterisk servers will be stored, and the frequency of checking these servers so that the call will never go off the server:

 modparam("dispatcher", "db_url", "mysql://kamailio:kamailiorw@localhost/kamailio") modparam("dispatcher", "ds_ping_interval", 30) 

In general, the full list of modules, their parameters and functions can always be viewed on the official website . After connecting the module, restart Kamailio and make sure that it starts. In case of problems (modules may depend on others, require the installation of certain parameters for the module itself, and for those on which it depends), we will see an error in the log.

We now turn to the routes section. The routes created by default, in principle, provide the necessary minimum, for example, when trying to register with the wrong password, Kamailio will give an error 401, and if you try to call a nonexistent direction, 404. The difficulty in understanding Kamailio routing is the variables and functions that are provided by the various modules used. , and it is not always immediately possible to understand which variable or function belongs to which module. For our training purposes, the route will require a very simple one - at the very beginning of the main route we will add a condition:

 if ( method=="INVITE" ) { ds_select_dst("1","4"); sl_send_reply("100","Trying"); forward(); exit(); } 

If an INVITE request arrives, that is, an invitation to the beginning of a conversation, then we select one of the servers, which we later list in the table, from group 1 according to the selection strategy 4 - round-robin. Then we send the answer to the caller and transfer the call to the selected destination. Please note that now absolutely any INVITE will be processed in this way, so the opportunity to call from 101 numbers to 102 that we created earlier will be lost - calls from them will also fly to one of the Asterisk servers, and incoming INVITE requests will also be go directly to Asterisk without any verification of the source of the request.

In order for Asterisk to handle such calls, you need to add a peer of the following type to each of the servers:

 [kamailio] host=192.168.0.237 port=5060 insecure=invite type=friend context=from-pstn 

Now you can add the Asterisk server to the Kamailio database via the web-interface:



Setid will ask which server group the new server belongs to, Priority is not used in the round-robin selection strategy, but can be used in other strategies, and Flags in this case determines that by default we consider the server to be inactive and check its status.

After adding servers, you can either restart Kamailio, which is unacceptable in production, or execute the kamcmd dispatcher.reload command. The list of commands for each module can also be viewed on the official website .

You can proceed to testing. Using a softphone, for example, Zoiper, you can make a call directly to Kamailio, without any accounts and registrations. It is enough to enter sip in the field set: 1@192.168.0.237. Immediately after this, the call will be redirected to one of Asterisk and processed in accordance with the dialplan. The next call will go to the second server.

In principle, the training task that we faced was to distribute incoming calls equally between the servers, we decided. However, not every telecom operator is ready to send calls to your ip-address directly, without registration, and you will need to send REGISTER requests. This functionality is implemented by the uac module. Let's add one more Asterisk to our scheme - it will play the role of a provider. On it we will create some internal number, for example, 200200, which will require registration.

Load the module in the configuration file:

 loadmodule "uac.so" 

And we will set a couple of required parameters in our case:

 modparam("uac", "reg_db_url", "mysql://kamailio:kamailiorw@localhost/kamailio") modparam("uac", "reg_contact_addr", "192.168.0.237") 

In addition, you will need to make a change to the parameter of another module. Find the line in the file

 modparam("rr", "append_fromtag", 0) 

and replace with:

 modparam("rr", "append_fromtag", 1) 

Now you can configure the registration by restarting Kamailio so that the module loads:



Pay attention to the Realm field. By default, you can enter anything into it, but then registration will not take place, and in the log you will see something like:

 kamailio /usr/sbin/kamailio[26277]: ERROR: uac [uac_reg.c:799]: uac_reg_tm_callback(): realms do not match. requested realm: [asterisk] 

That is why if you experience any problems, you should not immediately re-read the manual, look for other instructions and doubt your abilities - most often an explanation can be found in the log.

It remains only to make sure that the subscriber 200200 is registered with Asterisk, which plays the role of a provider, and make a call from any other number to 200200.

We’ve finished this example of Kamailio setup, but note that the article does not cover the work behind NAT, security, outgoing call routing and much more that may be required in a real situation. However, I hope that this article will make it easier for you to master Kamailio.