*Has anyone seen if this post is true?* ** *http://qxip.net/mediawiki/index.php/SIPX_IPv6_HACK*<http://qxip.net/mediawiki/index.php/SIPX_IPv6_HACK> ** *Has anyone seen if this post is true?
Could indicate what are the security measures required in the server OpenUcand Sipxecs? Thank you.* ** SIPX <http://qxip.net/mediawiki/index.php/SipXecs_Hacks>: *SIPX IPv6 HACK*(very experimental) Documentation on sipXecs support for IPv6 is somewhat confusing or pointing at possible issues with many posts suggesting to disable it completely (?) - No fancy transformations and routing hacks with IPv6 Day coming up? As usual there's FreeSWITCH to save the day! Let's try route some IPv6 traffic to our FS/SIPX instance and setup a dedicated profile/ip to handle the traffic. Since we're running on the same host, we'll proxy media to sipX and have FS perform all translations - since it's great at all it does - why not? NOTICE: This hack is nothing more than a work in progress/unfinished/unsecured... PRE-REQUISITES: - sipXecs 4.4.0 or higher - IPv6 enabled network & IPv6 address at sipX host (or 6to4 tunnel) - DNS IPv6 AAAA records for your SIP topology - SIP clients supporting IPv6 *(Linphone forever!)* THE LOGIC: - Create SIPX/FreeSwitch/IPv6 Profile running on port 15080 (separate ip) - IPv6 calls routed to FS/IPv6 via additional SRV - UA[6] > IPv6 > FS/IPv6 > FS/IPv4 > sipXecs > UA[4] *NOTE: of course you could as well use plain 5060 since we're on a different interface, we prefer to introduce no confusion at this stage* CHANGES: *FreeSwitch:* Create new profile: in the directory /etc/sipxpbx/freeswitch/conf/sip_profiles/ipv6gw.xml: <profile name="ipv6gw"> <gateways> </gateways> <aliases> </aliases> <domains> <domain name="all" alias="false" parse="true"/> </domains> <settings> <param name="debug" value="0"/> <param name="sip-trace" value="no"/> <param name="rfc2833-pt" value="101"/> <param name="sip-port" value="15080"/> <param name="dialplan" value="XML"/> <param name="context" value="ipv6gw"/> <param name="dtmf-duration" value="100"/> <param name="inbound-codec-prefs" value="$${global_codec_prefs}"/> <param name="outbound-codec-prefs" value="$${outbound_codec_prefs}"/> <param name="hold-music" value="$${hold_music}"/> <param name="rtp-timer-name" value="soft"/> <param name="local-network-acl" value="localnet.auto"/> <param name="manage-presence" value="false"/> <param name="inbound-codec-negotiation" value="generous"/> <param name="nonce-ttl" value="60"/> <param name="auth-calls" value="false"/> <param name="accept-blind-auth" value="true"/> <param name="rtp-ip" value="YOUR_IPv6_ADDRESS"/> <param name="sip-ip" value="YOUR_IPv6_ADDRESS"/> <param name="ext-rtp-ip" value="YOUR_IPv6_ADDRESS"/> <param name="ext-sip-ip" value="YOUR_IPv6_ADDRESS"/> <param name="rtp-timeout-sec" value="300"/> <param name="rtp-hold-timeout-sec" value="1800"/> <param name="tls" value="$${external_ssl_enable}"/> <param name="tls-bind-params" value="transport=tls"/> <param name="tls-sip-port" value="$${external_tls_port}"/> <param name="tls-cert-dir" value="$${external_ssl_dir}"/> <param name="tls-version" value="$${sip_tls_version}"/> </settings> </profile> Create separate dialplan: in the directory /etc/sipxpbx/freeswitch/conf/dialplan/ipv6gw.xml: <include> <context name="ipv6gw"> <extension name="unloop"> <condition field="${unroll_loops}" expression="^true$"/> <condition field="${sip_looped_call}" expression="^true$"> <action application="deflect" data="${destination_number}"/> </condition> </extension> <extension name="outside_call" continue="true"> <condition> <action application="set" data="outside_call=true"/> </condition> </extension> <extension name="call_debug" continue="true"> <condition field="${call_debug}" expression="^true$" break="never"> <action application="info"/> </condition> </extension> <condition field="destination_number" expression="^(\d+)$"/> <action application="set" data="effective_caller_id_number=${outbound_caller_id_number}"/> <action application="set" data="effective_caller_id_name=${outbound_caller_id_name}"/> <action application="bridge" data="sofia/your.host.net/[email protected]:5080"/> </condition> </extension> <X-PRE-PROCESS cmd="include" data="ipv6gw/*.xml"/> </context> </include> or simply start with this barebone and add your requirements/rules later: <context name="ipv6gw"> <extension name="ipv6gw"> <condition> <action application="set" data="proxy_media=true"/> <action application="bridge" data="sofia/host.net/${destination_number}@your.host.net"/> </condition> </extension> </context> Activate the new configuration and reload mod_sofia from your shell: /opt/freeswitch/bin/fs_cli -x "reloadxml" /opt/freeswitch/bin/fs_cli -x "reload mod_sofia" TEST IT: - Setup a DNS AAAA entry for your host (ipv6.host.net) - Start your IPv6 SIP Client (Linphone, I bet!) - Dial sip:[email protected]:15080 - Enjoy your IPv6 to IPv4 Call NEXT: - Making some sense of the above... but it works!
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
