Setting up Asterisk on Ubuntu Bionic

               .$$$$$$$$$$$$$$$=..      
            .$7$7..          .7$$7:.    
          .$$:.                 ,$7.7   
        .$7.     7$$$$           .$$77  
     ..$$.       $$$$$            .$$$7 
    ..7$   .?.   $$$$$   .?.       7$$$.
   $.$.   .$$$7. $$$$7 .7$$$.      .$$$.
 .777.   .$$$$$$77$$$77$$$$$7.      $$$,
 $$$~      .7$$$$$$$$$$$$$7.       .$$$.
.$$7          .7$$$$$$$7:          ?$$$.
$$$          ?7$$$$$$$$$$I        .$$$7 
$$$       .7$$$$$$$$$$$$$$$$      :$$$. 
$$$       $$$$$$7$$$$$$$$$$$$    .$$$.  
$$$        $$$   7$$$7  .$$$    .$$$.   
$$$$             $$$$7         .$$$.    
7$$$7            7$$$$        7$$$      
 $$$$$                        $$$       
  $$$$7.                       $$  (TM)     
   $$$$$$$.           .7$$$$$$  $$      
     $$$$$$$$$$$$7$$$$$$$$$.$$$$$$      
       $$$$$$$$$$$$$$$$.                

Requirements

SIP is time sensitive,

systemctl status ntp #should not run
apt -y install ntpdate
ntpdate -u 0.ru.pool.ntp.org
hwclock --systohc

apt -y install ntp
systemctl status ntp
ntpq -p
vi /etc/ntp.conf

restrict x.x.x.0 mask 255.255.255.0

systemctl restart ntp

jansson libraries need to be >= 2.11, hence Xenial does not do (2.7). Bionic is ok.

lsb_release -a
apt -y install build-essential subversion libncurses5-dev libssl-dev libxml2-dev
apt -y install wget libnewt-dev linux-headers-`uname -r`
apt -y install libedit-dev uuid-dev libjansson-dev libsqlite3-dev
apt -y install libsrtp0-dev

Build & Install

wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-15-current.tar.gz
tar xzf asterisk-15-current.tar.gz
cd asterisk-15.5.0/
./configure
#./configure NOISY_BUILD=yes
grep -i srtp config.log 

should get,

PBX_SRTP='1:0'
...
#define HAVE_SRTP 1

and compile,

#make menuconfig
grep ^proc /proc/cpuinfo
time make -j4 > make.log && echo done
#time make -j5 > make.log && echo done
tail -20 make.log
make install

install the configuration samples,

make samples
ls -l /etc/asterisk/
#make basic-pbx

avoid running it as root (eventuall choose a specific GUI and UID for it),

useradd -s /bin/false -d /var/lib/asterisk asterisk
chown -R asterisk:asterisk /var/spool/asterisk /var/lib/asterisk /var/run/asterisk /var/log/asterisk/cdr-csv

deploy some init script,

cp contrib/init.d/rc.debian.asterisk /etc/init.d/asterisk
vi /etc/init.d/asterisk

DAEMON=/usr/sbin/asterisk
ASTVARRUNDIR=/var/run/asterisk
ASTETCDIR=/etc/asterisk

cp contrib/init.d/etc_default_asterisk /etc/default/asterisk
vi /etc/default/asterisk

AST_USER="asterisk"
AST_GROUP="asterisk"

fortunately, that still works on Bionic,

update-rc.d asterisk defaults
update-rc.d asterisk enable

Ready to go

Check the path and version,

which asterisk
asterisk -V
#asterisk -cvvv

Run the daemon,

/etc/init.d/asterisk status
/etc/init.d/asterisk start
#/etc/init.d/asterisk stop
ps auxw | grep asterisk
netstat -lntp

SIP Peers and Dial Plan

Warning: using chan_sip not pjsip yet.

cd /etc/asterisk

prepare for device registration,

mv sip.conf sip.conf.dist
sed '/^[[:space:]]*;/d; /^$/d' sip.conf.dist > sip.conf
vi sip.conf

[general]
...
qualify=yes

[testphone]
        type=friend
        context=phones
        allow=ulaw,alaw
        secret=PASS
        host=dynamic

[testphone2]
        type=friend
        context=phones
        allow=ulaw,alaw
        secret=PASS2
        host=dynamic

register the contextes, extensions and define applications that will get used,

mv extensions.conf extensions.conf.dist
sed '/^[[:space:]]*;/d; /^$/d' extensions.conf.dist > extensions.conf
vi extensions.conf

[phones]

exten => 101,1,NoOp(testphone is being called)
exten => 101,2,Dial(SIP/testphone)
exten => 101,3,Hangup

exten => 102,1,NoOp(testphone2 is being called)
exten => 102,2,Dial(SIP/testphone2)
exten => 102,3,Hangup

Get to the CLI with verbosity level 3, and apply,

/etc/init.d/asterisk status
asterisk -rvvv

sip reload
sip show peers

core show applications like dial
dialplan reload
dialplan show 101@phones
dialplan show 102@phones

Register SIP Peers

Setup your SIP phone, be it soft or hard, against your registrar/domain, with the according name.

You should see some NOTICE appear. Then check,

sip show peers

You might have to,

chown asterisk:asterisk /var/lib/asterisk/astdb.sqlite3

Asterisk to Asterisk

TLS & SRTP

Note. cipher selection could be improved.

vi extensions.conf

[internal]
...
exten => 105,1,NoOp(malcolm is being called)
exten => 105,2,Dial(SIP/malcolm)
exten => 105,3,Hangup

Got SRTP libs at compile-time? Then,

    encryption=yes
    ;avpf=no
    ;force_avp=yes

GNU Ring

When using GNU Ring, eventually fully exit the app and re-start it, for it to appear fine as an SIP peer on the Asterisk CLI. The account name also gets fixed.

Also be very careful about the port number that you are using (advanced settings), it may conflict with the Asterisk server… Especially if you are doing TLS, 5061 is not tunable on Ring, as of today (Aug 2018). Only the non-TLS port is tunable.

Eventually start from scratch,

rm -rf ~/.config/ring/

References

Troubleshooting

At first run of v15 on Ubuntu Bionic, the daemon loads eventhough there is an ERROR,

WARNING[22596]: res_phoneprov.c:1230 get_defaults: Unable to find a valid server address or name.

ERROR[22596]: ari/config.c:312 process_config: No configured users for ARI

WARNING[22596]: res_hep_rtcp.c:161 load_module: res_hep is not loaded or running; declining module load

WARNING[22596]: res_hep_pjsip.c:238 load_module: res_hep is not loaded or running; declining module load

==> TODO

When reloading sip.conf, you might get this,

ERROR[32021]: chan_sip.c:4274 __sip_reliable_xmit: Serious Network Trouble; __sip_xmit returns error for pkt data

==> make sure you do not have misconfigured user-agents formaly connected.

When registering a TLS-enabled user-agent,

ERROR[17799]: iostream.c:620 ast_iostream_start_tls: Problem setting up ssl connection: error:00000005:lib(0):func(0):DH lib, Underlying BIO error: Success
ERROR[17799]: iostream.c:525 ast_iostream_close: SSL_shutdown() failed: error:00000001:lib(0):func(0):reason(1), Internal SSL error

==> check the client certificates and pass-phrase.

Once TLS is enabled and while setting up a call,

WARNING[18808][C-00000007]: chan_sip.c:10801 process_sdp: Rejecting secure audio stream without encryption details: audio 32638 RTP/SAVP 104 9 112 111 110 8 0 101

==> ignorecryptolifetime=yes does not help. avpf=no & force_avp=yes either. SOLUTION IS TO INSTALL SRTP LIBS AND RE-COMPILE.