New User Several Questions

Asterisk Asterisk Support
1

Hi All,

First of all a bit of background information on myself. I’m a software developer at a telecommunications company and I am looking to develop asterisk for use as a hosted solution.

This doesn’t paramilitary phase me as asterisk seems a fairly logical application to use, I do however have some questions.

Is it possible to have multi-tenanted use of asterisk on one installation, or would this require multiple instance of asterisk, perhaps vserver?

And what impact would this have in regards to using a mysql db for configuration, obviously this question may become obvious depending on the answer to the first question.

Hope i’ve explained myself well enough.

Regards

2

Hello,
it’s possible to have more than one asterisk in a single server, have done it more than once, you just need to use different configuration and working directory per asterisk server and use different listening ports for the services provided by asterisk.
Here is draft on how to to this, let’s say you have 2 asterisk server, “normal” asterisk server configured as usually and another server called pbx1, with only sip channels and the ami (so disable all other services on pbx1 or remember to change the listening ports):

  1. create the directory /etc/asterisk/pbx1;

  2. copy all the files in /etc/asterisk to /etc/asterisk/pbx1;

  3. change the “directories” section of the /etc/asterisk/pbx1/asterisk.conf from
    astetcdir => /etc/asterisk
    astmoddir => /usr/lib/asterisk/modules
    astvarlibdir => /var/lib/asterisk
    astdatadir => /var/lib/asterisk
    astagidir => /var/lib/asterisk/agi-bin
    astspooldir => /var/spool/asterisk
    astrundir => /var/run
    astlogdir => /var/log/asterisk
    to
    astetcdir => /etc/asterisk/pbx1
    astmoddir => /usr/lib/asterisk/modules
    astvarlibdir => /var/lib/asterisk/pbx1
    astdatadir => /var/lib/asterisk/pbx1
    astagidir => /var/lib/asterisk/pbx1/agi-bin
    astspooldir => /var/spool/asterisk/pbx1
    astrundir => /var/run/pbx1
    astlogdir => /var/log/asterisk/pbx1

  4. change the ami listening port from 5038 to 5039 in /etc/asterisk/pbx1/manager.conf;

  5. change the sip listening port from 5060 to 5061 in /etc/asterisk/pbx1/sip.conf;

  6. change the rtp ports range in /etc/asterisk/pbx1/rtp.conf, use a different range from the one set in /etc/asterisk/rtp.conf;

  7. create the directory /var/lib/asterisk/pbx1;

  8. copy all the contents in /var/lib/asterisk to /var/lib/asterisk/pbx1;

  9. create the directory /var/spool/asterisk/pbx1;

  10. copy all the contents in /var/spool/asterisk to /var/spool/asterisk/pbx1;

  11. create the directory /var/log/asterisk/pbx1;

  12. copy all the contents in /var/log/asterisk to /var/log/asterisk/pbx1;

  13. create the directory /var/run/pbx1;

Now you can start the pbx1 with “asterisk -cvvvvv -C /etc/asterisk/pbx1/asterisk.conf”, to connect to it when it’s running use “asterisk -rvvvv -C /etc/asterisk/pbx1/asterisk.conf”.

If it works for you then you’ll be able to make a copy of the /etc/init.d/asterisk file and change it a little to start/stop the pbx1 flawlessly.

Hope I haven’t forgotten something :smile:

Good luck.

Cheers.

Marco Bruni
marcobruni.net

3

Asterisk provides low level primitives, rather than high level PABX operations. This means it can be configured to do many things, providing you do so directly, rather than through a GUI.

If you can segregate incoming calls, you can use a different set of contexts for each tenant.

4

@mbruni -> Thank you for that awesomely detailed reply :smile:

@david55 -> Does this mean I could do something like this?

[2000]
type=friend
context=tenant1
secret=xxxx
host=dynamic

[2000]
type=friend
context=tenant2
etc etc

Or can each extension only be used once regardless of context? If this is the case I can see my having to use multiple instances of asterisk.

5

2000, in your example, is a device name, not an extension.

Device names can only be used once, however:

  • you can fairly trivially discriminate tenants by prefixing them with a tenant name;
  • it is often better to use something like the MAC address, at least for authentication purposes, as it makes it difficult for a hacker to guess valid names.

I don’t have a lot of practice at configuring SIP devices in a production context, but you ought to be able to have tenant1-2000, with an authentication user of their MAC address, and with.

…,n,Dial(SIP/tenant1-${EXTEN})

in the dialplan context for calls to that tenant.

6

Ok, so my next question is how would you go about assigning extensions to these device names? Sorry I think I’m just getting my self confused here.

Are you able to provide example sip.conf and extensions.conf for 2 tenants each with 2 users. Each user should be able to dial extensions within their own tenancy if that makes sense? I think that would help clarify in my own mind what I should be aiming for.

7

[tenant1]
include => tenant1-incoming
include => tenant1-outgoing

[tenant1-incoming]
exten => 2XXX,1,Dial(SIP/tenant1-${EXTEN})

Assumes local numbers start with 2 and no clever processing.

Incoming lines for tenant1 would be in tenant1-incoming, or you would have dialplan logic to work out which tenant the line belonged to which then did a goto tenant1-incoming. You don’t want to give callers access to tenant1-outgoing, which typically would have the ability to make toll calls.

8

David55 I appreciate your help thus far though I’m still rather confused!

Could you possibly post a lamens sip.conf and extensions.conf, for this example.

Where I’m struggling to understand is how people can be designated extensions by this?

9

I’ve given you the relevant part of extensions.conf. I can’t give you the fine detals of sip.conf without actually modelling it and testing it, however the basic skeleton is:

[tenant1-2000]
context=tenant1

[tenant2-2000]
context=tenant1

However, whilst it makes for simple use of dialplan patterns (if you have no multiple appearence numbers), using simple derivatives of the primary extension number for devices is bad security practice - see item 6 in blogs.digium.com/2009/03/28/sip-security/ It is safer to have a Dial line for every callable phone. I.E.

[tenant1-incoming]
exten => 2000,1, Dial(SIP/ac6d7e67865f)
exten => 2001,1, Dial(SIP/…

If you have not already read it, you should read Asterisk: The Future of Telephony, e.g. from asteriskdocs.org/

There is a jobs forum for paid support requests.

10

david55, thanks for that, thats actually a lot clearer in my mind. Thank you for all your assistance.