PJSIP multiple trunk to same destination

epasqualotto · March 30, 2022, 3:13pm

Hello, I’m trying to use Asterisk as SBC for Microsoft Teams. With one tenant all is working but I looking to manage more than one MS tenant with a single Asterisk box (using different TLS bind port)

This is the config I’m using:

TRANSPORT

[transport-tls]
type=transport
protocol=tls
bind=0.0.0.0:5061
cert_file=/etc/asterisk/ssl/fullchain.pem
priv_key_file=/etc/asterisk/ssl/privkey.pem
cipher=ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,DHE-RSA-AES256-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,DHE-RSA-AES128-SHA,AES256-SHA,AES128-SHA
method=tlsv1
external_media_address=x.x.x.x
external_signaling_address=x.x.x.x
domain=sbc.domain1.biz

[transportnet-tls]
type=transport
protocol=tls
bind=0.0.0.0:5062
cert_file=/etc/asterisk/ssl/fullchain.pem
priv_key_file=/etc/asterisk/ssl/privkey.pem
cipher=ECDHE-ECDSA-AES256-SHA,ECDHE-RSA-AES256-SHA,DHE-RSA-AES256-SHA,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA,DHE-RSA-AES128-SHA,AES256-SHA,AES128-SHA
method=tlsv1
external_media_address=x.x.x.x
external_signaling_address=x.x.x.x
domain=sbc.domain2.biz

ENDPOINT

[msteams_trunk_out]
type=endpoint
transport=transport-tls
disallow=all
allow=ulaw,alaw,gsm
aors = aor_msteams_trunk_out
media_encryption=sdes
from_domain=sbc.domain.biz
allow_transfer=yes

[aor_msteams_trunk_out]
type = aor
qualify_frequency=60
contact = sip:sip.pstnhub.microsoft.com

[aor_msteams_trunk_out_2]
type = aor
qualify_frequency=60
contact = sip:sip.pstnhub.microsoft.com

[msteams_trunk_in]
type = endpoint
transport=transport-tls
context = msteams_in
disallow = all
allow = ulaw, alaw, gsm
media_encryption=sdes
send_pai=no
rewrite_contact=no
allow_transfer=yes

[ident_msteams_trunk_in]
type=identify
endpoint=msteams_trunk_in
match=sip-all.pstnhub.microsoft.com

[ident_msteams_trunk_in_2]
type=identify
endpoint=msteams_trunk_in_2
match=sip-all.pstnhub.microsoft.com

[msteams_trunk_out_2]
type=endpoint
transport=transportnet-tls
disallow=all
allow=ulaw,alaw,gsm
aors = aor_msteams_trunk_out_2
media_encryption=sdes
from_domain=sbc.domain2.it
allow_transfer=yes

[msteams_trunk_in_2]
type = endpoint
transport=transportnet-tls
context = msteams_in
disallow = all
allow = ulaw, alaw, gsm
media_encryption=sdes
send_pai=no
rewrite_contact=no
allow_transfer=yes

seems with this config that the second trunk don’t goes UP (I can’t saw any try from Asterisk).
Anyone have suggestions?

david551 · March 30, 2022, 3:24pm

Having two identify’s with the same match isn’t going to work.

If they support it, you will need to specify line and endpoint in the registration.

However trying to maintain tenant IDs on a shared server is never going to be nice.

epasqualotto · March 30, 2022, 4:08pm

Thanks, I think registration isn’t possibile for that.
Any workaround possible to match the two identify?

Plan B is to create multiple “small” Asterisk box for every tenant but I need multiple public IP and manage lot of box is expensive.

sedwards · March 30, 2022, 5:52pm

Would tenant specific virtual machines or docker containers be viable?

david551 · March 30, 2022, 6:49pm

If virtual machines would work, you should also be able to run multiple instances of Asterisk in a single machine, by using different asterisk.conf files.

I haven’t done this recently , or in a production environment, but I used to do it for testing, to have a second Asterisk instance emulate the other end of a trunk.

jcolp · March 30, 2022, 7:03pm

It still works, it’s how the Asterisk testsuite works. Just have to ensure logical things don’t overlap, of course.

sedwards · March 30, 2022, 8:43pm

So there are 3 solutions?

Multiple instances on the base host running different configuration files. E.g.

        asterisk -C /etc/asterisk/tennant-xxx/asterisk.conf

Multiple instances running in separate virtual machines.
Multiple instances running in separate containers.

In all cases, each Asterisk instance has to bind to either different IP addresses or different ports.

Before VMs and containers, I used to use #1 by munging astagidir and astetcdir to specify client specific directories in client specific asterisk.conf to develop for multiple clients on the same host.

epasqualotto · April 1, 2022, 10:35am

Thanks all, multiple containers seems interesting and I’ll check with it.

system · May 1, 2022, 10:35am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.