Am 29.03.2014 11:12, schrieb Thomas Rechberger:
Many ITSP are using loadbalancers, so if somebody registers on a sip
peer with specific dns host, an incoming call may be received from a
different ip and the host value in peer section doesnt match, so it will
go to default context.
For example Telekom or 11, biggest providers in Germany are using too
many different addresses that its not practical to define them all (up
to 50 hosts and they still add!), as this will also generate too much
traffic (especially with qualify and multiple registrations) and they
may even lock you out as untrusted, which may even result in that they
will block asterisk permanently for everybody. Thats not really desirable.
I think its also not recommended in terms of security to use default
context with allowguest=yes and sort the incoming calls by header,
because this can be faked easily.
From my understanding the permit/deny parameters are only used for
incoming calls if host is set to dynamic and then there will be no
outgoing registration to remote peer possible. permit/deny is used for
access, not for matching.
How about an additional parameter where an range of ip addresses can be
defined in peer section, which will be used for matching calls?
hostmatchrange=x.x.x.x/24
anyone here?
What do you think about using permit/deny for host matching?
--
_
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
