Michael Maier
2021-Feb-16 18:56 UTC
[asterisk-users] Change by Deutsche Telekom end of februar. Can someone help me?
Hi Luca, On 15.02.21 at 21:48 Luca Bertoncello wrote:> Am 15.02.2021 um 21:40 schrieb Michael Maier: > > Hi Michael, > >> They're switching to DNS NAPTR / SRV[1]. If you are using Asterisk / >> pjsip and hostnames (tel.t-online.de e.g. for the AllIP service), you > > Mmm... I'm using tel.t-online.de, but I'm not sure I'm using pjsip... > > module show say me: > > res_pjsip.so Basic SIP resource > 46 Running core > > Do I use pjsip?pjsip show registrations> You mean, I have to create a "fake" Zone tel.t-online.de in my Bind with > these settings? Looks like dangerous, if they changes something...If you do that statically -> yes, you're right. You have to do it dynamically. I attached a script, which can be used to dynamically build a rpz each 15 minutes e.g. It directly asks the telekom nameserver for naptr and srv entries. It looks like this: server 192.168.62.13 zone rpz-tonline update delete tel.t-online.de.rpz-tonline. update delete _sips._tcp.tel.t-online.de.rpz-tonline. update delete _sip._tcp.tel.t-online.de.rpz-tonline. update add tel.t-online.de.rpz-tonline. 60 NAPTR 10 0 "s" "SIPS+D2T" "" _sips._tcp.tel.t-online.de. update add tel.t-online.de.rpz-tonline. 60 NAPTR 30 0 "s" "SIP+D2T" "" _sip._tcp.tel.t-online.de. update add _sips._tcp.tel.t-online.de.rpz-tonline. 60 SRV 10 0 5061 s-eps-110.edns.t-ipnet.de. update add _sip._tcp.tel.t-online.de.rpz-tonline. 60 SRV 10 0 5060 s-epp-110.edns.t-ipnet.de. send You have to configure bind to use the rpz for all lookup calls resolving *.tel.t-online.de. I assume that the individual t-ipnet.de entries are "statically" and therefore resolved directly (w/o rpz). But this could be added to the script, too (would be a new rpz). At the moment, I'm using only one DNS server for digging the NAPTR and SRV entries - this could be enhanced to use 2 servers if the first fails. If the first fails, the script currently stops and does nothing. I assume, that the DNS server is stable. The script unregisters and registers the telekom trunks, if a change is detected. This is done as long as there is no call active. This works for me - but may not wort for others - feel free to change the code. Independently you have to add your own trunk names to get it working (telekomPJSIP-a, ...). You can verify if it's working by checking for entries like this in journalctl: Feb 16 19:35:46 myfw named[1516]: client @0x7ff574027bd0 192.168.62.13#25869 (tel.t-online.de): rpz QNAME NODATA rewrite tel.t-online.de via tel.t-online.de.rpz-tonline They are appearing at the moment asterisk starts a lookup. Hope this helps! Thanks Michael -------------- next part -------------- A non-text attachment was scrubbed... Name: check-t-online.pl Type: application/x-perl Size: 5021 bytes Desc: not available URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20210216/668328fd/attachment.bin>
Luca Bertoncello
2021-Feb-16 19:33 UTC
[asterisk-users] Change by Deutsche Telekom end of februar. Can someone help me?
Am 16.02.2021 um 19:56 schrieb Michael Maier: Hi Michael,>> Do I use pjsip? > > pjsip show registrationsgw*CLI> pjsip show registrations No objects found. So I don't use pjsip... :( Maybe could you send me an abstract of your configuration?>> You mean, I have to create a "fake" Zone tel.t-online.de in my Bind with >> these settings? Looks like dangerous, if they changes something... > > If you do that statically -> yes, you're right. You have to do it > dynamically. I attached a script, which can be used to dynamically build > a rpz each 15 minutes e.g. It directly asks the telekom nameserver for > naptr and srv entries. It looks like this: > > server 192.168.62.13 > zone rpz-tonline > update delete tel.t-online.de.rpz-tonline. > update delete _sips._tcp.tel.t-online.de.rpz-tonline. > update delete _sip._tcp.tel.t-online.de.rpz-tonline. > update add tel.t-online.de.rpz-tonline. 60 NAPTR 10 0 "s" > "SIPS+D2T" "" _sips._tcp.tel.t-online.de. > update add tel.t-online.de.rpz-tonline. 60 NAPTR 30 0 "s" > "SIP+D2T" "" _sip._tcp.tel.t-online.de. > update add _sips._tcp.tel.t-online.de.rpz-tonline. 60 SRV 10 0 > 5061 s-eps-110.edns.t-ipnet.de. > update add _sip._tcp.tel.t-online.de.rpz-tonline. 60 SRV 10 0 > 5060 s-epp-110.edns.t-ipnet.de. > sendSo if I undestand what you mean, you check the NAPTR and SRV für _sips._tcp.tel.t-online.de and save the record in a "virtual domain" rpz-tonline, is it correct? Then I suppose you use this domain instead of tel.t-online.de in the SIP configuratione as "host", "outboundproxy" and "fromdomain", is it correct?> The script unregisters and registers the telekom trunks, if a change is > detected. This is done as long as there is no call active. This works > for me - but may not wort for others - feel free to change the code.OK, I'll check it...> Independently you have to add your own trunk names to get it working > (telekomPJSIP-a, ...).Could you explain me that? I'm not an expert of Asterisk... :( Thanks a lot! Luca Bertoncello (lucabert at lucabert.de)