andrewgroup Posted January 8, 2010 Report Share Posted January 8, 2010 How many installation has the PBXnSIP community deployed where every user can unplug their office VoIP phone, carry it home and barring NAT firewall problems plug it in and Voila' ? Our Goal is to figure our how every installation past, present and future will work this way. To accomplish this the phones must be PNP, The Phones should register using SRV records On first glance, a common installation will likely have a Windows Server supporting DHCP... option 66 for configs is the obvious... but, the PBX might be on an internal lan, say 192.168.1.99, The pbx registration should pull the PBX registration and do a DNS SRV lookup, but it seems the Windows DNS server internally will need a SRV record to 192.168.1.99 sip_udp so that local phones stay on the local LAN. Carry the phone home, I assume the settings would retain the DNS look up info... Of course the real world DNS's would have a public IP srv records.. (The real world is the internal windows dns servers are not likely authoritative on the domain) I assume a firewall would port forward / ALG the sip stuff to the PBX, or the PBX would have a public IP also... I think this brings up a lot of misc. issues, and I would like to know if we've made this overly complicated, or have others wrestled with these issues? Quote Link to comment Share on other sites More sharing options...
shopcomputer Posted January 8, 2010 Report Share Posted January 8, 2010 How many installation has the PBXnSIP community deployed where every user can unplug their office VoIP phone, carry it home and barring NAT firewall problems plug it in and Voila' ? Our Goal is to figure our how every installation past, present and future will work this way. To accomplish this the phones must be PNP, The Phones should register using SRV records On first glance, a common installation will likely have a Windows Server supporting DHCP... option 66 for configs is the obvious... but, the PBX might be on an internal lan, say 192.168.1.99, The pbx registration should pull the PBX registration and do a DNS SRV lookup, but it seems the Windows DNS server internally will need a SRV record to 192.168.1.99 sip_udp so that local phones stay on the local LAN. Carry the phone home, I assume the settings would retain the DNS look up info... Of course the real world DNS's would have a public IP srv records.. (The real world is the internal windows dns servers are not likely authoritative on the domain) I assume a firewall would port forward / ALG the sip stuff to the PBX, or the PBX would have a public IP also... I think this brings up a lot of misc. issues, and I would like to know if we've made this overly complicated, or have others wrestled with these issues? I have it working, even for customers without SRV, internal DNS server has .my.pbx.com pointing to 192.168.0.10, public DNS server has same name pointing to public IP. Quote Link to comment Share on other sites More sharing options...
Vodia PBX Posted January 8, 2010 Report Share Posted January 8, 2010 To accomplish this the phones must be PNP,The Phones should register using SRV records Don't forget authentication. That was a royal problem for us! How can you trust a provisioning request? We are working on certificate-based authentication, so that devices with fab-certificates can be provisioned out of the box. All other devices must be manually set up with the username and password. Trusting the MAC is just a very pragmatic approach, I guess you guys know how easy it is to trick that. DNS SRV is not really happening. The IETF overengineered it and early Open Source implementations did get it totally wrong. And there is no real need for it, you can use as well DNS A. It might become a topic when people really are able to make peer to peer calls with something like "abc@company.com". Quote Link to comment Share on other sites More sharing options...
andrewgroup Posted January 8, 2010 Author Report Share Posted January 8, 2010 I have it working, even for customers without SRV, internal DNS server has .my.pbx.com pointing to 192.168.0.10, public DNS server has same name pointing to public IP. Is the internal DNS server a Windows Server? Is that DNS authoritative on the main domain name? Did you create a Stub Zone? We were figuring SRV would allow us to make a DHCP VLAN for phones that would pull the public DNS info and have an internal IP as high priority on srv and a secondary lower priority public IP... We would set our router to allow a triangle route so internal phones could register against the public IP if it went to the lower priority entry.. Quote Link to comment Share on other sites More sharing options...
hosted Posted January 10, 2010 Report Share Posted January 10, 2010 I never allow outside access unless the customer specifically requested it. Limit the liability. One thing I really dont like about pbxnsip is when you create and extension and dont put in a SIP password its blank... thats bad, very bad. Customers who have web access I warn them about this and often they dont remember or care. So I ever expose the pbx to the internet. pbxnsip should use random letters instead of leaving it blank. I also avoid DNS if possible. if you want to call info@nexsip.com then sure I will setup a SRV record. Aastra's used to be really bad with DNS, maybe better today dont know. Quote Link to comment Share on other sites More sharing options...
hosted Posted January 10, 2010 Report Share Posted January 10, 2010 there is no real need for it, you can use as well DNS A. No real need for it.... in a PBX environment. We use DNS SRV with some of our carrier connections for failure and load balancing. You cant do that with A records. Quote Link to comment Share on other sites More sharing options...
shopcomputer Posted January 10, 2010 Report Share Posted January 10, 2010 Is the internal DNS server a Windows Server?Is that DNS authoritative on the main domain name? Did you create a Stub Zone? We were figuring SRV would allow us to make a DHCP VLAN for phones that would pull the public DNS info and have an internal IP as high priority on srv and a secondary lower priority public IP... We would set our router to allow a triangle route so internal phones could register against the public IP if it went to the lower priority entry.. I my case the DNS and DHCP servers are usually windows servers, however it can be done with Linux too. If the internal and external domain names are the same then yes, otherwise, I just add a zone on the internal DNS server. I sometimes register a new domain name just for the VOIP. Quote Link to comment Share on other sites More sharing options...
Pablo Posted June 16, 2013 Report Share Posted June 16, 2013 No real need for it.... in a PBX environment. We use DNS SRV with some of our carrier connections for failure and load balancing. You cant do that with A records. @hosted, Would you mind sharing how you accomplish this? Quote Link to comment Share on other sites More sharing options...
hosted Posted June 28, 2013 Report Share Posted June 28, 2013 @hosted, Would you mind sharing how you accomplish this? sorry this is an old thread, what are you trying to do? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.