Configure OpenSIPS to Receive Calls from DIDX DID Number Coverage

Hello to your new rich IP comunications business that includes OpenSIPS Open Source SIP proxy/server for voice, video, IM, presence and any other SIP extensions … multi-functional, multi-purpose signaling SIP server and DIDX direct inward dialing!


There is a misspelling of “Interop” at the beginning of this video. We apologize. We deeply appreciate Bogdan Iancu, founder of OpenSIPS for making it really easy to understand how to configure OpenSIPS to receive calls from DID of DIDX.net!

How To: Achieve Interoperability Between DIDX and OpenSIPS

 

In this tutorial, we will expand an existing OpenSIPS server configuration so that it will accept incoming traffic from a given list of DIDX servers.

 

To find out which particular DIDX IP address will send traffic for a given DID number, you may login to your DIDX account and visit the “DID INFO” page of that number. Alternatively, you may visit https://www.didx.net/pages/configs for the list of all DIDX IPs.

 

Regarding OpenSIPS, we assume that it is already running alongside an SQL database. Depending on your Linux OS, you may install and immediately start OpenSIPS from either https://apt.opensips.org or https://yum.opensips.org. For the database, a quick tutorial on how to import the OpenSIPS database schema into your SQL engine of choice is available at https://www.opensips.org/Documentation/Install-DBDeployment-2-4

 

The typical way to authenticate the SIP sender is via digest authentication (with username and password). As this mechanism is suitable for authenticating endpoints (users), it does not fit when comes to authenticate gateways, DID servers or other types of remote SIP Servers. For such purposes is it better to use IP authentication – the SIP sender is recognized and authenticated based on the source IP at the IP level.

 

Typically, most OpenSIPS config files (including the default config file) provide support for digest authentication, so we need to add to your config file the support for IP authentication in order to recognize and trust the calls sent by the DIDX servers.

 

First, open the /etc/opensips/opensips.cfg OpenSIPS configuration file using your favorite text editor. If OpenSIPS is installed from sources, the default path is /usr/local/etc/opensips/opensips.cfg. Within the initial section of the script, load the “permissions” module and configure a database URL for it:

 

loadmodule “permissions.so”

modparam(“permissions”, “db_url”,                  “mysql://opensips:opensipsrw@localhost/opensips”)

 

The “permissions” module is an in-memory storage for lists of IPs and network masks. We will use it to store the list of DIDX servers and validate all incoming calls against this list. With regards to the “validation” part, we only want to perform it when a call starts (i.e. initial INVITE receival). We recommend placing this check near your SIP digest authentication script code, and skipping the digest authentication altogether if the source is whitelisted:

 

 

if (!is_method(“REGISTER”)) {

if (check_source_address(“11”)) {

xlog(“Call from DIDX, skipping SIP digest authentication\n”);

} else if (is_myself(“$fd”)) {

# authenticate local subscriber

}

}

 

We apply the config file changes by restarting OpenSIPS:

 

opensipsctl stop

opensipsctl start

# or

/etc/init.d/opensips restart

 

Next, we provision the DIDX IPs under group 11 into the SQL database using opensipsctl. Note that you need to provision the DB support via opensipsctlrc file (typically under /etc/opensips/ directory):

 

# list the  current addresses from DB (should show nothing)

opensipsctl address show

# add the addresses one by one to DB

opensipsctl address add 11 198.199.87.53 32 0 udp

# list again to see all the addresses from DB

opensipsctl address show

 

Finally, we refresh the OpenSIPS “permissions” module cache with the new IPs:

 

# list the current in-memory addresses (should show nothing)

opensipsctl address dump

# instruct OpenSIPS to refresh in-memory cache with the DB content

opensipsctl address reload

# list again to see the addresses loaded from DB

opensipsctl address dump

And we’re done! OpenSIPS will now accept IP authenticated inbound traffic from the DIDX service. Awesome!

BTW, also don’t miss a single OpenSIPS Summit! Super informative, hands-on, welcoming event each year in Amsterdam, Netherlands.