Transparent SIP proxy / proxies

The current plan is to implement routing, though all of the fiber terminates in our main data center. This will probably change in the future, as we will likely be adding fiber between 2 of our axillary buildings to implement a "ring". My co-worker usually does all the network design.

The plan was to have 1 asterisk instance running for the whole thing (redundant with HA) so BLF info would be available to everyone.

I was planning to implement either a modified version of the solution presented at this link or use an Adtran or Audiocodes PRI to SIP gateway. The first option requires the asterisk server to process audio, so that may not be an option.

This would kill the ability to monitor BLF from another site.

I would really like to use OpenSER to do what I need it to, as I'm pretty sure it can do it. However, the learning curve is pretty steep and the documentation I have seen thus far doesn't really explain anything. If you know of a good guide for me to start off with, then please send it to me.

PS No, we're not a school district, but we are non profit.

I don't think it would. The way the redfone box works (I think) is it simply translates the PRI signal to TDMoE (TDM over ethernet). Any kind of high availability setup that is based on the linux HA software will require some setup, but after it is set up it pretty much takes care of itself. What I will probably end up doing is getting an audiocodes or adtran TDM to SIP device for my PRI's and sticking a cheap digium TDM card in each server for timing. If I have problems with audio, I will stick digium transcoder cards in. Also, I'm not married to trixbox, as they don't currently have a 64 bit edition. PBX in a Flash (from nerdvittles) has a 64 bit version in the making, and I can just as easily utilize the atrpms.net 64 bit packages and borrow the PBX in a flash web interface code. There are many ways to skin this cat :-)

No, we have a layer 3 switch. We have enough site to site fiber and in-building cat6 for me to run VoIP on a completely separate network for most of the buildings. Our cabling specialist (yes, we have one of those full time) had the foresight to put in enough cabling everywhere so we wouldn't have to go back later and put more cabling in or strain the already existing infrastructure.

Not entirely sure of what you are talking about here.

Most likely we will end up paying someone to hack together a config for OpenSER, or I will spend a week to learn it.

My goal is to at least get a 2 location system together that can eventually scale to the level we are needing before June 30th. Our current Nortel phone guy is going to have to move our current PBX from our building to a newly constructed building at that time and the IT dept. will be without telephone service for most likely a week. We are trying to implement a system before then and psuedo-integrate via PRI over fiber with the dinosaur Nortel option 11C to enable 4 digit dialing and incoming/outgoing calls.

Asterisk has built in TDMoE support, but you need a zap card to provide timing. The way the redfone box works is when the primary HA cluster node goes down, the secondary one kicks in, running the config program for the redfone, reconfiguring it to work with the secondary node instead of the primary node. The estimated outage time for asterisk is anywhere from 5-15 seconds during the fail over.

No offense taken. Layer 2 and 3 will probably be less of an issue than most installs simply because we have enough fiber to run a completely separate voice network. as an example, the fiber trunk that goes between our 2 main buildings has, I believe, 192 strands. I think we are currently using 24.

That sounds like that is phone side configuration. Am I wrong?

I'm going to have to shy away from that one. People move around a lot where I am, so if their phone moves with them and they register to a different SIP proxy based on their location, that BLF goes dead. Sorry, but I think I'll stick to asterisk for SIP hints.

What I'm trying for is to minimize the amount of administration (and possible things I can forget to configure) of day-to-day asterisk. I want the GUI (freePBX) to do all of my day to day moves/adds/changes (except for phone config, which I will probably write a separate GUI for as the trixbox one is pretty limited) that way everything is consistent. Typo's happen a lot :-)

I would like to get OpenSER to do as much work as possible. Skykingoh, can you list what your OpenSER box(es) do and, if possible, post a scrubbed config (IE remove sensitive info such as user/pass and IP info)

I will be calling Adtran support tomorrow to see if I can get any more info out of them on how to configure their transparent sip proxy. If it won't work, then I'll have to learn OpenSER.

Thanks. I have been working on designing this for about a month now. I have a 4x8 whiteboard on my wall that is almost full with just the basic layout. My goals this next week are to see if I can get the Adtran SIP proxy to work and getting all that information into Visio so I can move it around easier.

If I can't make the Adtran device work, then I will start crash coursing on OpenSER.

josh-

i have dozens of redfone HA clusters running. my experience is that the HA does in fact effectively untrix the box. first, the zaptel module that works with redfone is a specific version at the moment [either 1.2.19 - i think - and 1.4.5 work, appropriately patched by redfone] and of course the drbd kernel interface is version specific. the result is that once installed, it is really easy to screw up your system by running any of the package manager based updates. and of course, if you want to experience the kiss of death, just do "yum update -y"

i have found on these large scale installations that it is safer and at the end of the day, easier, to go with a bare metal asterisk install.

For item #8 in the original post, would it be possible to use dundi, IAX, and a separate trixbox install to at least get everything but BLF monitoring going? My original concern with dundi was voicemail forwarding, but if it will work, then it seems like a better idea. Does anyone know how to make voicemail forwarding work with dundi?

The sites that are going to require #8 are small (5 to 12 employees per site) and currently have separate PBX systems so they are unable to do BLF to other locations anyway.

eoo your insight has been helpful on the redfone bits.

My question now is, will dundi IAX trunks enable me to keep at least the ability to forward voicemails if FreePBX is used? If so, then I will probably implement separate asterisk installs at my smaller sites with dedicated POTS lines. If not, then I probably will set up dundi trunks anyway and they just won't have that ability.

Sorry, but we try to avoid cisco whenever possible. We stick with Adtran and HP for all of our networking stuff.

On a side note, I got the Adtran Total Access 908e to perform the proxy functions I want it to. (IE send all sip requests to the asterisk box EXCEPT for 911 calls which are diverted to the built on emergency FXO port, and if the connection to the asterisk box is lost, keep the sip phones alive and allow them to call any device that is connected to that same proxy and dial 911 on the emergency port.)

The device will not do what I want for #8 on the original list so most likely I will be putting separate asterisk installations at those locations. One of the downsides of the Adtran 908e, and perhaps why I will be looking at other options, is that in order for the SIP proxy to function, the device must function as a router. The problem I see with this is that if that device dies, the phones that connect to that device will be dead in the water, instead of being able to register with the main asterisk server (through the use of an alternate SIP registrar address configured in the phone, or DNS SRV records)

Does anyone know how to configure OpenSER to be a transparent proxy (meaning OpenSER doesn't permanently store any SIP registration information, it only stores it in it's real-time DB as a phone registers) and to divert emergency calls out of a separate SIP gateway? Also, does OpenSER have to be on a machine that functions as a router?

I like that it is written in python, as that is my favorite scripting language. As far as the actual software goes, it's not enough. In order to get what I needed out of that, I would have to set up a RADIUS server and tinker for days, possibly weeks getting it right.

If you guys know of a hardware device that will do what I need, without having to maintain a separate account store on each device (IE a transparent proxy) that enables me to send emergency dialing out a separate port or to a different SIP gateway, I'm all ears. The current crop of software looks like it's not what I need or requires a PhD in comp sci to master it.

For now, my current choice is the Adtran TotalAccess 908e unless a better device surfaces, as the tech support finally figured out why emergency dialing wasnt working.

Is there any Cisco device that might do this? I'm not completely opposed to Cisco as long as it isn't outrageously expensive and will get the job done.