Branch office phones

I am looking at having a central asterisk server(s) to run our branch offices with just a few people in them… mainly to replace key systems and to get them on 4 digit dialing.

Will it be feasible to have sip phones pulling addresses from a central DHCP server (we do this now with PCs) and pull the TFTP address from that server to go to the TFTP server at the central site?

My whole goal is to be able to ship a user a phone, have them plug it into their network which will at some point soon be connected by an MPLS network, and have it get a DHCP address and pull the config… with little to know user interaction except using the phone.

We have sites in Dallas, Chicago, LA, Pakistan, China, India, UK, and probably expanding into more areas in China, pakistan and probably Mexico.

Most of these sites will have maybe 10-15 users… many may only have 1 or 2.

Hi Short answer is yes you can.
The longer answer is yes but it will depend on your network having the correct ports open and mapped. If you are going MPLS then it shouldnt be too much of an issue.

how many people do you have in each of these sites / how much BW between them? I assume it’s all on the same routable network?

If so you’ll want to turn on reinvites (canreinvite=yes). That way calls between users won’t go all the way back to the server and use two calls worth of BW.

As always I recommend SNOM and AAstra phones (anybody who reads my posts alot is probably sick of hearing that) and they both support TFTP from DHCP.

Until then you might consider putting a * server in each office. Then route all interoffice calls over IAX in trunk mode with encryption on (I think you can do that…). That will save you some BW as trunk mode uses much less overhead. It does require a non-broken timing source on both sides tho. Then either use extension ranges (3xxx is dallas, 4xxx is chicago, etc) or maybe DUNDi or something to route…

Linkys sells a box that works as a small PBX ( I think its the 9000). I believe that you can set it up that for local calls it will use the box. If it needs to go out then it will connect to your server. This will cut down on the bandwith.

only problem with that- its limited to a certain number of SIP extensions, and it doesn’t (that I know of) support IAX. IMHO a better idea would be some kind of small form factor box running * and remote-syncing its configs…

IronHelix: you have a point. It may be worth it to find a router that you can load asterisk on it and configure it the way you want.

router might work only problem is iax2 trunk mode needs a timing source which I’m not sure a router could provide. Also iax2 encryption (if the OP uses it) might be more than a router could deal with…
but yeah definately some kind of small embedded device might be what he needs if he doesn’t have too many users…

Thank you for all your responses. I apologize for my late reply I have been on vacation.

Basically we are looking at a managed MPLS network with each site that will have voip having no less the 768k bandwidth, that is with about 3 users. Voice traffic will be prioritized and sent across the MPLS network first, and since it will be a private network outside of the internet, we should have clear QOS end to end.

I had been looking at the linksys 941 IP phone, it seemed to have good reviews, and we are looking for something cheap. Those seem to run about $130. Are the others you mentioned cheaper?

You mentioned canreinvite=yes, what exactly does that do, and where is it set.

Based on the fact of hopefully having a private MPLS network, with QOS running on it prioritizing SIP traffic, can anyone see problems with just running the central server? It may be hard to justify more hardware at the edge which can potentially eat away at our savings through using this.

  • Chris

You need voip to have priority on MPLS, how you do this is up to you. but keep in mind it must be two way- if going central -> branch packets have high qos but branch -> central packets are mixed in with everything else, you will have problems. I am assuming you have SOME kind of gear at each end, if it will respect a TOS/diffserv/vlan or whatever then you are fine as phones can set these things.

SIP reinvites are a way of redirecting media (voice) data…

In a normal sip call (canreinvite=yes) you have three parties, two endpoints (phones) and a server (asterisk).
phone1 calls phone2, and sends this call to the server.
server tells phone2 it has a call, it rings and is answered.
**server now re-invites one phone directly to the other- so the audio data goes directly from phone1 to phone2 without passing through the server.

This CAN be a bad thing. For a reinvite to work, both phones must be able to route RTP traffic directly to each other, thus if you have a NAT network, then IPs are non-routable so you can’t reinvite a phone or provider outside the network to a phone inside. If a reinvite happens when it shouldn’t, one or both parties will hear silence. Also media-dependant features like recording or monitoring are incompatible with reinvites.

However in a network like yours it will probably fulfill its purpose quite nicely- if two people in the same office call each other, the call will be reinvited using their internal IPs and the call will not use any uplink bandwidth, only internal LAN bandwidth which you have plenty of.

so you’ll want to set canreinvite=yes (the default behavior) and nat=no for all the internal phones.

if your network is NAT’d to the Internet then you will need to define externip= and localnet= in sip.conf, as well as set canreinvite=no for your SIP provider(s).

Note that IAX does not require such things- it handles nat without tweaking and will only reinvite when it can.

Ok, that makes sense… the only place we will have nat is at our HQ… where the * server will be. The connection will be coming into one of our firewall interfaces, basically like a DMZ so we can control access in and out of the MPLS cloud.

However I dont think it should be a problem because we nat to the same IP address so the Natting is in essence transparent on the MPLS side. ie. 192.168.50.X is natted to 192.168.50.X.