Asterisk 系統
advertisement
Asterisk 系統 Asterisk 系統架構與說明 http://downloads.oreilly.com/books/978 0596510480.pdf Asterisk 系統架構與介紹 •什麼是Asterisk PSTN VoIP Asterisk 系統架構與介紹 簡單的應用 Basic Extension(Dialplan) Basic Web page(HTML) exten exten exten exten <html> => => => => 100,1,Answer() 100,n,wait(1) 100,n,Play(hello) Hangup() <head> </head> <body> <h1>Hello World!</h1> </body> </html> 複雜的應用 •複雜的VoIP 服務 •複雜的網路服務 搞定Asterisk 的關鍵要素 •Linux 基本管理能力 •TCP/IP 網路基礎 •VoIP 基礎 •Script 程式概念 Asterisk 硬體測試結果 •硬體 : • AMD Athlon64 X2 4200 • 1G RAM • 80G SATA •測試方式 : SIP call • Connection • Wait • Play audio • disconnection 同時通話數 330 330 550 CPU 使用率 149% 14.8% 57.6% 平均負載 49 25 60 儲存裝置 硬碟 RAM Disk RAM Disk Asterisk 軟體系統 Asterisk : System Service Linux Operating System Web DNS DHCP mail proxy firewall Asterisk : module channels Linux Operating System SIP IAX2 Skype DAHDI Asterisk : module resource Linux Operating System SIP IAX2 Skype DAHDI CDR Codec Format Config Asterisk : Command Line Interface Linux Operating System SIP IAX2 Skype DAHDI Codec Format Config CLI CDR Asterisk : Applications and Functions Linux Operating System SIP IAX2 Skype CLI DAHDI Applications Functions CDR Codec Format Config Asterisk : Manager Interface(AMI) Linux Operating System SIP IAX2 Skype Applications CLI AMI CDR DAHDI Dialplan Codec Format Functions Config Asterisk : Manager Interface(AMI) Linux Operating System SIP IAX2 Skype Applications CLI AMI CDR DAHDI Dialplan Codec Format Functions Config Asterisk Call flow •B2BUA : Back to Back User Agent PSTN Internet Asterisk Call process 101 Ring! Phone 102 SIP channel driver sip.conf [100] type=friend host=dynamic context=inside Phone 101 PBX Engine SIP channel driver extensions.conf [inside] exten => 101,1,Dial(SIP/101,20) exten => 101,n,Voicemail(101) exten => 102,1,Dial(SIP/102,20) exten => 102,n,Voicemail(102) Asterisk : Connectivity Asterisk Solution : PBX Asterisk •全球已經有非常多以Asterisk • • • Freepbx Elastix PBX in a flash •有非常多的硬體廠商 • • • Digium Sangoma Voicetronix •有非常多的add-on • • • • • CDR ODBC Voicemail Security Conference 為基礎的系統 Digium’s AsteriskNOW Asterisk Applications •VoIP Gateway •IVR •Call Center •Conference Bridge Asterisk 系統建置 Asterisk 系統建置 Asterisk 系統調整 SIP client 軟體(Windows/Mac) SIP Client軟體(for Android) SIP hardphone SIP.conf Extension.conf tcpdump/Wireshark Asterisk CLI command 相關連結 •使用手冊 •http://ofps.oreilly.com/titles/9780596517342/index.html •AsteriskNOW •https://www.asterisk.org/downloads •SIP Client •Windows •http://www.counterpath.com/x-lite-4-for-windows-download.html •Mac •http://www.counterpath.com/x-lite-4-for-mac-download.html •iPad •http://www.counterpath.com/bria-ipad-edition.html •Android •https://play.google.com/store/apps/details?id=com.csipsimple&hl=zh_TW •Wireshark •https://www.wireshark.org/download.html AsteriskNOW Installing AsteriskNOW Installing AsteriskNOW Installing AsteriskNOW Installing AsteriskNOW Installing AsteriskNOW Installing AsteriskNOW Installing AsteriskNOW Installing AsteriskNOW Installing AsteriskNOW Installing AsteriskNOW •要啟動的服務 •httpd •ntpd •sendmail •sshd 啟動 NTP 以做為時間校準 •為了確保通話時間記錄的精確性, 以及讓Asterisk 和其他程式間正 確地運作, 因此必須保持時間的正確性. •Ntpd deamon 可以確保你的系統時間的正確性. # yum install ntp ... Is this ok [y/N]: y ... # ntpdate pool.ntp.org # chkconfig ntpd on # service ntpd start •透過AsteriskNOW, 我們只要啟動ntpd 後, 系統便可以和其他ntp server 進行時間較正, 並可以提供做為其他電腦的系統校正, 以達到 整體系統時間的正確性. 新增系統管理者 •一般來說, 使用root 帳號做為管理有極大的風險. •建議新增一個非root 的管理者, 但使用權限與root 相近. •透過adduser command 可以新增一個使用者. •密碼切勿使用範例或易猜的數字、英文名. # adduser asteriskpbx # passwd asteriskpbx Changing password for user asteriskpbx. New UNIX password: Retype new UNIX password: 新增系統管理者 supervisor do (sudo) 的權限, 我 們透過visudo 這個程式來修改sudoer這個設定檔, 以提高 asteriskpbx 這個使用者的權限.如果一開始沒有安裝, 可以後續 再安裝此package. •為了讓我們新增的使用者有 # yum install sudo •透過visudo 行的設定. , 可以先找到下面這行, 把前面的# 取消, 以啟動此 # visudo ## Allows people in group wheel to run all commands %wheel ALL=(ALL) ALL 新增系統管理者 或nano 修改 /etc/group 這個檔案, 以讓我們這個 asteriskpbx 帳號可以和root 的權限群組一致. •然後用vi wheel:x:10:root,asteriskpbx •存檔, 登出root, 然後用asteriskpbx 帳號登入. 透過下面指令試看看 是否可以使用 $ sudo ls /root/ [sudo] password for asteriskpbx: •因為是初次登入, 所以會確認此帳號的密碼, 以確認其權限無誤. 正確的 狀況下, 應該可以看到linux 顯示 root 底下的檔案及目錄. 新增系統管理者 •為了方便使用, 不要經常輸入整個路徑, 所以我們要將常用的路徑加到 系統裡, 或修改bash 使用者檔案, 以方便使用. •在AsteriskNOW下, CentOS 提供bash , 所以我們可以修改我們使用 者路徑底下的 .bash_profile 檔案. •此檔案放在使用者asteriskpbx 目錄下的隱藏檔. 在裡面修改如下: $ vim ~/.bash_profile PATH=$PATH:$HOME/bin:/usr/sbin:/s bin asterisk.conf •The [directories] Section •TableValue/Example Option Notes astetcdir /etc/asterisk The location where the Asterisk configuration files are stored. astmoddir /usr/lib/asterisk/modules The location where loadable modules are stored. astvarlibdir /var/lib/asterisk The base location for variable state information used by various parts of Asterisk. This includes items that are written out by Asterisk at runtime. astdbdir /var/lib/asterisk Asterisk will store its internal database in this directory as a file called astdb. astkeydir /var/lib/asterisk Asterisk will use a subdirectory calledkeys in this directory as the default location for loading keys for encryption. astdatadir /var/lib/asterisk This is the base directory for system-provided data, such as the sound files that come with Asterisk. astagidir /var/lib/asterisk/ agi-bin Asterisk will use a subdirectory calledagi-bin in this directory as the default location for loading AGI scripts. astspooldir /var/spool/asterisk The Asterisk spool directory, where voicemail, call recordings, and the call origination spool are stored. astrundir /var/run/asterisk The location where Asterisk will write out its UNIX control socket as well as its process ID (PID) file. astlogdir /var/log/asterisk The directory where Asterisk will store its log files. asterisk.conf •The Option [options] Section - 1 Value/Example Notes verbose 3 Sets the default verbose setting for the Asterisk logger. This value is also set by the -v command-line option. The verbose level is 0by default. debug 3 Sets the default debug setting for the Asterisk logger. This value is also set by the -d command-line option. The debug level is 0 by default. alwaysfork yes Forking forces Asterisk to always run in the background. This option is set to no by default. nofork yes Forces Asterisk to always run in the foreground. This option is set to no by default. quiet yes Quiet mode reduces the amount of output seen at the console when Asterisk is run in the foreground. This option is set tono by default. timestamp yes Adds timestamps to all output except output from a CLI command. This option is set to noby default. execincludes yes Enables the use of #exec in Asterisk configuration files. This option is set to no by default. console yes Runs Asterisk in console mode. Asterisk will run in the foreground and will present a prompt for CLI commands. This option is set tono by default. asterisk.conf •The [options] Section - 2 Option Value/E xample Notes highpriority yes Runs the Asterisk application with real-time priority. This option is set to no by default. initcrypto yes Loads keys from the astkeydir at startup. This option is set to no by default.[a] nocolor yes Suppresses color output from the Asterisk console. This is useful when saving console output to a file. This option is set to no by default. dontwarn yes Disables a few warning messages. This option was put in place to silence warnings that are generally correct, but may be considered to be so obvious that they become an annoyance. This option is set to no by default. dumpcore yes Tells Asterisk to generate a core dump in the case of a crash. This option is set to no by default.[b] yes Configures how the prompt language is used in building the path for a sound file. By default, this is yes, which places the language before any subdirectories, such asen/digits/1.gsm. Setting this option to no causes Asterisk to behave as it did in previous versions, placing the language as the last directory in the path, (e.g. digits/en/1.gsm). languageprefix asterisk.conf •The [options] Section - 3 Option Value/E xample Notes internal_timing yes Uses a timing source to synchronize audio that will be sent out to a channel in cases such as file playback or music on hold. This option is set to yes by default and should be left that way; its usefulness has greatly diminished over the last few major versions of Asterisk. systemname my_ syste m _name Gives this instance of Asterisk a unique name. When this has been set, the system name will be used as part of the uniqueid field for channels. This is incredibly useful if more than one system will be logging CDRs to the same database table. By default, this option is not set. autosystemnam e yes Automatically sets the system name by using the hostname of the system. This option is set tono by default. maxcalls 100 Sets a maximum number of simultaneous inbound channels. No limit is set by default. maxload 0.9 Sets a maximum load average. If the load average is at or above this threshold, Asterisk will not accept new calls. No threshold is set by default. 1 Sets the minimum number of megabytes of free memory required for Asterisk to continue accepting calls. If Asterisk detects that there is less free memory available than this threshold, new calls will not be accepted. This option is not set by default. minmemfree asterisk.conf •The [options] Section - 4 Option Value/E xample Notes runuser asterisk Sets the system user that the Asterisk application should run as. This option is not set by default, meaning that the application will continue to run as the user that executed the application. rungroup asterisk Sets the system group that the Asterisk application should run as. This option is not set by default. en_US The built-in documentation for Asterisk applications, functions, and other things is included in an external XML document. This option specifies the preferred language for documentation. If it is not available, the default ofen_US will be used. yes Setting this option to yes causes Asterisk to not display notifications of remote console connections and disconnections at the Asterisk CLI. This is useful on systems where there are scripts that use remote consoles heavily. The default setting is no. no When this option is enabled, the Asterisk configuration directory will be protected with a lock. This helps protect against having more than one application attempting to write to the same file at the same time. The default value isno. documentation_l anguage hideconnect lockconfdir asterisk.conf •The [files] Section Option Value/Example Notes astctlpermissions 0660 Sets the permissions for the Asterisk control socket. astctlowner root Sets the owner for the Asterisk control socket. astctlgroup apache Sets the group for the Asterisk control socket. astctl asterisk.ctl Sets the filename for the Asterisk control socket. The default is asterisk.ctl. asterisk.conf •The Option pbx_realtime res_agi app_set [compat] Section Value/Example Notes 1.6 In versions earlier than Asterisk 1.6.x, thepbx_realtime module would automatically convert pipe characters into commas for arguments to Asterisk applications. This is no longer done by default. To enable this previous behavior, set this option to 1.4. 1.6 In versions earlier than Asterisk 1.6.x, theEXEC AGI command would automatically convert pipe characters into commas for arguments to Asterisk applications. This is no longer done by default. To enable this previous behavior, set this option to 1.4. 1.6 Starting with the Asterisk 1.6.x releases, theSet() application only allows setting the value of a single variable. Previously, Set() would allow setting more than one variable by separating them with a &. This was done to allow any characters in the value of a variable, including the & character, which was previously used as a separator. MSet() is a new application that behaves like Set() used to. However, setting this option to 1.4 makesSet() behave like MSet(). modules.conf •The [modules] Section Option Value/Example Notes yes Instead of explicitly listing which modules to load, you can use this directive to tell Asterisk to load all modules that it finds in the modules directory, with the exception of modules listed as not to be loaded using the noload directive. The default, and our recommendation, is to set this option to yes. preload res_odbc.so Indicates that a module should be loaded at the beginning of the module load order. This directive is much less relevant than it used to be; modules now have a load priority built into them that solves the problems that this directive was previously used to solve. load chan_sip.so Defines a module that should be loaded. This directive is only relevant if autoload is set to no. noload chan_alsa.so Defines a module that should not be loaded. This directive is only relevant if autoload is set to yes. require chan_sip.so Does the same thing as load; additionally, Asterisk will exit if this module fails to load for some reason. preload-require res_odbc.so Does the same thing as preload; additionally, Asterisk will exit if this module fails to load for some reason. autoload indications.conf • • • 不同國家, 不同電信業者, 對於其電話系統發出的 聲音頻率, 如dialtone, busy, ringback 等聲音 可能會不同. Indications.conf 定義了電話系統應該發出的聲 響頻率, 以利和voip 做對應. (預設是us) 也可以透過CHANNEL(tonezone)= .. 的應用程 式重新設定. musiconhold.conf •音效檔路徑 •/var/lib/asterisk/moh •也可以取得免費的音樂, 重新convert後置於上述路徑. •DBS ITCrew Free MOH: CC BY-SA (free, royalty free, commercially usable) on hold music. •StarTel Free Music On Hold: Download Royalty Free Music for your PBX •建議將音效檔轉成asterisk •*.sln •*.wav •*.pcm •*.gsm 可能有效應用的檔案為最佳: Sip.conf 設定sip.conf • 輸入[general] [general] context=unauthenticated allowguest=no srvlookup=yes udpbindaddr=0.0.0.0 service port tcpenable=no 為服務port ; 預設撥進來的context ; 不充許未經許可的撥號 ; 將DNS查詢的功能開啟 ; 使用udp 做為所有介面的 ; 不使用 tcp port 做 設定sip.conf • 設定sip channel 和 設備 [000F90B0B771] type=friend 比對 ; 定義一個section ; Channel driver 會先去 ; honst name, 再比對IP context=LocalSets dialplan host=dynamic asterisk註冊 nat=yes 後 secret=s3CuR#p@s5 dtmfmode=auto disallow=all reset allow=ulaw allow=alaw ; 指定由此進來的call 所對應的 ; 此設定IP動態, 要跟 ; 此設備可在 NAT ; 指定此設備的密碼; ; 接受dtmf ; 將此設備可接受的codec ; 此設備可使用ulaw ; 此設備可使用alaw extensions.conf 設定extensions.conf [LocalSets] exten => 900,1,Answer() exten => 900,2,PlayBack(hello-world) Exten => 900,3,Hangup() * Sip.conf * * * 設定sip.conf •輸入[general] [general] context=unauthenticated ; 預設撥進來的context, 因為我們不會另外 ; 設定一個叫 unauthenticated 的context, ; 即表示進來的 需求, 如果不在我們設定的 ; context內, 那就不會被接受 allowguest=no srvlookup=yes udpbindaddr=0.0.0.0 port tcpenable=no ; 不充許未經許可的撥號 ; 將DNS查詢的功能開啟 ; 使用udp 做為所有介面的service ; 不使用 tcp port 做為服務port * * 設定sip.conf •設定sip channel 和 設備 [c42c031ed01d] type=friend 去比對 ; 定義一個 section ; Channel driver 會先 ; honst name, 再比對IP context=LocalSets dialplan host=dynamic nat=yes secret=s3CuR#p@s5 dtmfmode=auto disallow=all reset allow=ulaw allow=alaw ; 指定由此進來的call 所對應的 ; 此設定IP動態, 要跟asterisk註冊 ; 此設備可在 NAT 後 ; 指定此設備的密碼; ; 接受dtmf ; 將此設備可接受的codec ; 此設備可使用ulaw ; 此設備可使用alaw * Sip.conf •type = friend * * Sip.conf •context=LocalSets •當設備順利登入asterisk 後, 後續的撥碼計劃(dialplan) 則對應到此設定內的Context. •此context 在extensions.conf 裡也會有一個對應的 section, 否則即表示此設備僅會使用預設的dialplan 或 無法使用. •此範例所指即為 LocalSets * * Sip.conf •host = dynamic •當asterisk 要撥給此設備時, asterisk 必須先知道此設 備在網路上的何處. •當設定為dymamic 時, 表示此設備在登入時即會提供 ip 告知asterisk. 一般即表示此設備為動態IP, 或其IP 有可能變動. •若因安全性需求, 必須指定固定IP 時, 僅需將dynamic 改為設備IP 即可, 如: •host = 192.168.10.200 * * Sip.conf •nat = yes •告知asterisk 此設備可能在NAT網路後, 要開啟部分 NAT功能, 以利其SIP的運作. •因為SIP 在溝通時會帶其IP, 若此設備在NAT網路內, 卻未進行此設定, 會造成此設備在SIP 連線時, 產生連 線失敗的狀況. * * Sip.conf •secret = s3CuR#p@s5 •此設備在登入asterisk 時所使用的密碼. •密碼安全性越高越好, 避免被cracker入侵, 產生盜打 的現象. •國際上有很多盜打的集團, 專門找安全性差的IP PBX, 以進行盜打的行為, 做為獲利的來源. •此設定為非必要. 端看使用者需求. •可在linux shell 下此script, 以隨機取個一個安全性高 的密碼: $dd if=/dev/random count=1 bs=8 2>/dev/null | base64 | sed -e 's/=*$//' * * Sip.conf •dtmfmode=auto •此設定用來定義DTMF (即電話鍵盤) 的格式, 好用來 比對電話所送來的DTMF 是否與定義的相符. •可用的選項如下: : 使用SIP 的INFO 方式收碼 •inband : 使用inband 音效格式 •rfc2833 : 使用RFC 定義的 out-of-band 方式 •auto : 由asterisk 自動判斷何種格式. 預設以rfc2833為優 先. •info * * Sip.conf •disallow=all •allow=ulaw •此選項用來指定何種音效編碼方式可在此設備上收送. = all 放在前面, 用來reset 之前可能在別的 section 內的設定. •all = … 用來指定此設備可接受的編碼方式. 依出現的 前後順序表示其優先順序. •disable * * Don’t forget •因為已重新設定過sip.conf (or sip_custom.conf), 因此要讓asterisk 知道有新的設定. •重新啟動sip的方式: •在linux shell下: #asterisk -x 'sip reload' •在asterisk CLI下: localhost*CLI> sip reload * * extension s.conf * * 設定extensions.conf •extensions_custom.conf [LocalSets] exten => 900,1,Answer() exten => 900,2,PlayBack(hello-world) Exten => 900,3,Hangup() * sip.conf 與 extensions.conf sip.conf [123456789ABC0] context=LocalSets_A extensions.conf [general] [globals] [LocalSets_A] exten => 105,1,Dial(SIP/1234567 89ABC5] [123456789ABC5] host=dynamic * 設定extensions.conf •設定此設備的分機 [LocalSets] exten => 100,1,Dial(SIP/c42c031ed01d) ;當撥100時, 則對應到000F90B0B771這個sip channel去 exten => 900,1,Answer() exten => 900,2,PlayBack(hello-world) exten => 900,3,Hangup() *
