$Id$ ================================================== SIP Express Router and Kamailio Installation Notes http://sip-router.org http://www.kamailio.org ================================================== Welcome! This is an amazingly flexible, robust and secure SIP server built on years of experience in several Open Source projects. It's a merge of the SIP Express Router (SER) and the Kamailio (OpenSER) products produced by a joint development team. When not explicitely mentioned, SIP server refers to any of these two applications. This memo gives you hints how to set up the SIP server quickly. To understand how SIP server works and how to configure it properly, please read the admin's guide available from the http://sip-router.org website. We also urge you to read latest ISSUES (available from website too) and check for potential problems in this release. Users of previous releases are encouraged to read NEWS to learn how to move to this new SIP server version. Table of Contents ================= 1. SIP Server Flavours 2. Supported Architectures and Requirements 3. Howto Build SIP Server From the Source Distribution 4. Quick-Start Installation Guide A) Getting Help B) Disclaimers C) Quick Start D) SIP Server with Persistent Data Storage 5. Troubleshooting 1. SIP Server Flavours ---------------------- The two major SIP server flavours are: - SIP Express Router (aka SER) - Kamailio (former OpenSER) Starting with version 3.0.0, the two SIP server flavours are built from same source code three. SER flavor is the one built by default - historically speaking, it is the first open source SIP server started in 2001. Kamailio forked from SER in 2005 under the initial name OpenSER. Starting with version 3.1.0 the differences between the two flavours are very few, Kamailio enabling next compile time flags: - internal statistics - application server extensions in tm module Switching between flavours is a matter of 'make' command parameters. Several installation tutorials for Kamailio are available on the web wiki: - http://www.kamailio.org/wiki/ 2. Supported Architectures and Requirements ------------------------------------------- Supported operating systems: - Linux (Debian, Ubuntu, Fedora, RedHat, CentOS, OpenSUSE, Gentoo, a.s.o.) - FreeBSD, NetBSD, OpenBSD, Dragonfly BSD - Solaris - OS/X, Darwin Partially supported - Windows+Cygwin (core + static modules only, no IPv6, no TCP, no dynamic modules) Supported architectures - i386, x86_64 (amd64), armv4l, sparc64, powerpc, powerpc64 Experimental architectures: - mips1, mips2, sparc32, alpha (for other architectures the Makefiles might need to be edited) There are various configuration options defined in the Makefile. Requirements: - gcc or icc : gcc >= 2.9x; 3.[12] recommended (it will work with older version but it might require some options tweaking for best performance) - bison or yacc (Berkley yacc) - flex - GNU make (on Linux this is the standard "make", on *BSD and Solaris it is called "gmake") version >= 3.80 (recommended 3.81). - sed and tr (used in the makefiles) - GNU tar ("gtar" on Solaris) and gzip if you want "make tar" to work - GNU install, BSD install or Solaris install if you want "make install", "make bin", "make sunpkg" to work - libmysqlclient & libz (zlib) if you want Mysql support (the db_mysql module) - libxml2 if you want to compile the cpl-c (CPL support) or pa (presence) modules - libradiusclient-ng (> 5.0) if you need radius support (the auth_radius, group_radius, uri_radius and avp_radius modules) - libpq if you need PostgreSQL support (the db_postgres module) - libexpat if you want the jabber gateway support (the jabber module) or the XMPP gateway support - libxml2 if you want to use the cpl-c (Call Processing Language) or the presence modules (presence and pua*) - libradius-ng -libs and devel headers- if you want to use functionalities with radius support - authentication, accounting, group support, etc - unixodbc - libs and devel headers - if you want UNIXODBC support as DB underlayer - libxmlrpc-c3 - libs and devel headers - if you want to have XML-RPC support for the Management interface (MI) - libperl - libs and devel headers - if you want PERL connector to support perl scripting from you config file (perl module) - libsnmp9 - libs and devel headers - if you want SNMP client functionality (SNMP AgentX subagent) for Kamailio - libldap libs and devel headers v2.1 or greater - if you want LDAP support - libconfuse and devel headers - if you want to compile the carrierroute module - libpcre libs and devel headers - if you want to compile the lcr and dialplan modules - libsctp devel headers - if you want to compile the SCTP transport in the core OS Notes: FreeBSD/OpenBSD/NetBSD: make sure gmake, bison or yacc & flex are installed. FreeBSD 5.4: ------------ If you want to compile all the modules, you will need the following packages: - mysql-client-* (any version, install one of the mysql*-client ports) for libmysqlclient - postgresql-libpqxx-2.4.2_1 (/usr/ports/databases/postgresql-libpqxx) for libpq - expat-1.95.8 (/usr/ports/textproc/expat2) for libexpat - libxml2-2.6.18 (/usr/ports/textproc/libxml2) for libxml2 - radiusclient-0.4.7 (/usr/ports/net/radiusclient) for libradiusclient-ng NOTE: you'll need to add radiusclient_ng=4 to the gmake command line if you use the 0.4.* version. Compile example (all the modules and SIP server core in a tar.gz): gmake bin radiusclient_ng=4 include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius postgres pa" OpenBSD 3.7 ----------- - mysql-client-4.0.23 (/usr/ports/databases/mysql) for libmysqlclient - expat-1.95.6 (/usr/ports/textproc/expat) for libexpat - libxml-2.6.16p0 (/usr/ports/textproc/libxml) for libxml2 - radiusclient-ng-0.5.1 from http://download.berlios.de/radiusclient-ng/radiusclient-ng-0.5.1.tar.gz (you need to download and install it, since there is no "official" openbsd port for it) for libradiusclient-ng Compile example (all the modules and SIP server core in a tar.gz): gmake bin include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius pa" NetBSD 2.0 ---------- - mysql-client-4.1.12 (/usr/pkgsrc/databases/mysql4-client) for libmysqlclient - expat-1.95.8nb2 (/usr/pkgsrc/textproc/expat) for libexpat - libxml2-2.6.19 (/usr/pkgsrc/textproc/libxml2) for libxml2 - radiusclient-ng-0.5.1 (see OpenBSD) Compile example (all the modules and SIP server in a tar.gz): gmake bin include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius pa" Solaris 10 ---------- As above; you can use Solaris's yacc instead of bison. You might also need gtar and ginstall. If you don't have ginstall you can use Solaris install, just make sure it's in the PATH (it's usually in /usr/sbin) and add INSTALL=install either to the environment or to the make command line (e.g.: gmake INSTALL=install all). Needed packages: [TODO] Compile example (all the modules and SIP server in a tar.gz): gmake bin INSTALL=install include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius postgres pa" Linux ----- Needed packages for compiling all the modules: * Debian: - libmysqlclient-dev for libmysqlclient - libpq-dev for libpq - libexpat1-dev for libexpat - libxml2-dev for libxml2 - libradiusclient-ng-dev for libradiusclient - other libraries are needed for some other modules, see README of the module you want to use Both SER and Kamailio flavours have APT deb repositories that allow you to install the binaries easily - see the web sites for more details: - http://iptel.org/ser - http://kamailio.org Cygwin (alpha state, partial support) -------------------------------------- make sure make, bison, flex, minires and minires-devel (needed for the resolver functions) are installed. Only building SIP server's core and some static modules is supported for now. Stuff known not to work: - IPv6 (cygwin doesn't support it yet) - TCP (the tcp code heavily depends on file descriptor passing between processes, which is not yet supported by cygwin) - dynamic modules (non statically linked -- not supported because backlinking doesn't work in windows by design) Compile example (all the modules and SIP server in a tar.gz): make bin include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius postgres pa" 3. Howto Build SIP Server From Source Distribution ------------------------------------------- (NOTE: if make doesn't work try gmake instead) A) Set SIP Server Flavour If you don't have a clean source tree, first do: make proper To build SER flavour, you don't need to do anything special, continue to read the section 3.B). To build Kamailio flavour, you have to run first: make FLAVOUR=kamailio cfg The parameter 'FLAVOUR=kamailio' must be given all the time when make target is 'cfg'. B) Build Commands SIP server is split in four main parts: The core, the modules, the utilties, and scripts/examples. When you build, you can decide to build only the core, the modules, both, or all. * Compile SIP server core only: make Compile modules except some explicitly excepted (see below) make modules - all modules in the modules/ directory (common modules) make modules_s - all modules in the modules_s/ directory (ser modules) make modules_k - all modules in the modules_k/ directory (kamailio modules) make modules-all or make every-module - all the modules (modules, modules_s and module_k) * Compile all: make all * Explicitly excepted modules: By default make all will not build modules that require external libraries or that are considered to be "experimental". For example, modules that have external dependencies are: db_mysql, jabber, cpl-c, auth_radius, group_radius, uri_radius, avp_radius, db_postgres, db_berkely, carrierroute, ... Including groups of modules: Instead of compiling the default modules only, you can specify groups of modules to include, according to their status: - standard - Modules in this group are considered a standard part of SIP server (due to widespread usage) but they have no dependencies (note that some of these interplay with external systems. However, they don't have compile or link dependencies). - db - Modules in this group use databases and need a database driver to run. Included are drivers for the text mode db (dbtext) and for dumping large ammount of data to files (db_flatstore). See also the mysql or postgres groups. - standard_dep - Modules in this group are considered a standard part of SIP server(due to widespread usage) but they have dependencies that most be satisfied for compilation. NOTE! All presence modules (dialog, pa, presence_b2b, rls, xcap) have been included in this group due to interdependencies - stable - Modules in this group satisfy specific or niche applications, but are considered stable for production use. They may or may not have dependencies - experimental - Modules in this group are either not complete, untested, or without enough reports of usage to allow the module into the stable group. They may or may not have dependencies. There is another set of groups mainly used by Kamailio flavour, where modules are grouped based on Debian packaging rules. For example: - kstandard - Kamailio flavour's standard modules - kpresence - Kamailio flavour's SIMPLE presence server modules * To compile core with standard modules: make group_include="standard" all * To compile all modules (provided you have all the required libraries installed) use: make group_include="standard standard-dep stable experimental" all There are also in addition some "convenience" groups: mysql - Include all the db modules dependent and the mysql db driver postgres - Include all the db modules and the postgres db driver radius - Include all modules on radiusclient presence - Include all the presence modules Ex. to make a standard installation with Mysql, use: make group_include="standard mysql" all In addition to group_include (or instead), you can use include_modules="modA modB" to specify exactly the modules you want to include, ex. make include_modules="mymodule" modules You can also explicitly skip modules using skip_modules. Let's say you want all the standard and standard-dep modules except domain: make group_include="standard standard-dep" skip_modules="domain" all NOTE!!! As this mechanism is very powerful, you may be uncertain which modules that will be included. Just replace all (or modules) with print-modules and you will see which modules will be included and excluded, ex: make print-modules will show which modules are excluded by default. If you want to install or to build a binary package (a tar.gz with SIP server core and the modules), substitute "all" in the above command with "install" or "bin". * More compile examples: - compile with profiling make PROFILE=-pg all - compile debug mode version make mode=debug all - compile debug version with profiling make mode=debug PROFILE=-pg all - compile only the print module make modules=modules/print modules - compile by default only the print module, in debuging mode and with profiling: make cfg modules=modules/print mode=debug PROFILE=-pg make all - change & save the modules list without rebuilding the whole config (so that already compiled modules won't be re-compiled by make all/make modules): make modules-cfg include_modules="mysql postgress" - change only the compile/build options, without changing the modules list: make cfg-defs CPU=ultrasparc PROFILE=-pg - compile by default all the usual modules + mysql and postgres, optimized for pentium-m and for space (saves both the build options and the module list) make cfg include_modules="mysql postgres" CPU=pentium-m CC_EXTRA_OPTS=-Os make all - compile all the "default" modules except textops and vm make skip_modules="textops vm" modules - save the above option in the make config, so that all make commands will use it by default: make cfg skip_modules="textops vm" - compile all default modules and include uri_radius (not compiled by default): make include_modules="uri_radius" modules - compile all the modules from the modules subdirectory (even the one excluded by default): make exclude_modules="" modules - compile all the modules from the modules subdirectory excluding vm: make exclude_modules=vm modules or make exclude_modules="" skip_modules=vm modules - compile with the "tm" module statically linked and with profiling make static_modules=tm PROFILE=-pg all - compile with gcc-3.2 instead of gcc make CC=gcc-3.2 all or CC=gcc-3.2 make all Make targets: ============= Configure: ---------- * make cfg or make config - force config and module list regeneration Example: make cfg include_modules=mysql mode=debug All future make invocations will include the mysql module and will build in debug mode Note: if config.mak doesn't exist (e.g. initial checkout or after a make proper) or if Makefile.defs was changed, the config will be re-generated automatically by the first make command. For example: make cfg include_modules=db_mysql; make all is equivalent to rm config.mak modules.lst; make include_modules=db_mysql. * make cfg-defs (force config regeneration, but don't touch the module list) Example: make cfg-defs CPU=ultrasparc CC_EXTRA_OPTS=-Os PROFILE=-pg make modules-cfg or make modules-list saves the module list, without regenerating the build config Example: make modules-list include_modules="tls" skip_modules="print" Clean: ------ * make clean - clean the base and modules too * make proper - clean also the dependencies and the config, but not the module list * make distclean - the same as proper * make maintainer-clean - clean everything, including make's config, saved module list, auto generated files, tags, *.dbg a.s.o * make clean-all - clean all the modules in modules/* * make proper-all - like make proper but for all the modules in modules/* Config clean: * make clean-cfg (cleans the compile config) * make clean-modules-cfg (cleans the modules list) Reduced" clean: * make local-clean - cleans only the core, no libs, utils or modules * make clean-modules - like make clean, but cleans only the modules * make clean-libs - like make clean, but cleans only the libs * make clean-utils - like make clean, but cleans only the utils * make proper-modules - like make proper, but only for modules * make proper-libs - like make proper, but only for libs * make proper-utils - like make proper, but only for utils Compile: -------- * make proper optional: make cfg * make or gmake on non-Linux systems * make modules or make modules exclude_modules="CVS print" etc. Other make targets: ------------------- Make tags: make TAGS Create a tar.gz with the sources (in ../): make tar Create a tar.gz with the binary distribution (in ../): make bin Create a gzipped solaris package (in ../): make sunpkg Create debian packages (in ../): make deb or dpkg-buildpackage Documentation: -------------- Regenerate the README for all the "default" modules (include_modules, skip_modules a.s.o can be used to alter the module list). make README Generates a manpage for all the modules that support it (.xml file in the module directory). make man Generates README file for modules_k/foo. make modules=modules_k/foo modules-readme Install: -------- make prefix=/usr/local install Note: If you use prefix parameter in make install then you also need to use this parameter in previous make commands, i.e. make, make modules, or make all. If you fail to do this then SIP Router will look for the default configuration file in a wrong directory, because the directory of the default configuration file is hard coded into SIP server during compile time. When you use a different prefix parameter when installing then the directory hard coded in SIP server and the directory in which the file will be installed by make install will not match. (You can specify exact location of the configuration file using -f parameter of SIP server). For example, if you do the following: make all make prefix=/ install Then the installation will put the default configuration file into /etc/ser/ser.cfg or /etc/kamailio/kamailio.cfg (because prefix is /), but SIP server will look for the file in /usr/local/etc/ser/ser.cfg or /usr/local/etc/kamailio/kamailio.cfg (because there was no prefix parameter make all and /usr/local is the default value of prefix). Workaround is trivial, use the same parameters in all make commands: make prefix=/ all make prefix=/ install or save the desired prefix in the make config (e.g.: make cfg prefix=/). That applies to other make parameters as well (for example parameters "modules" or "excluded_modules"). 3. Quick-Start Installation Guide ---------------------------------------------- A) Getting Help This guide gives you instructions on how to set up the SIP server (SER or Kamailio) on your box quickly. In case the default configuration does not fly, please check the documentation at the SIP server web site http://sip-router.org to learn how to configure SIP server for your site. If the documentation does not resolve your problem you may try contacting our user forum by E-mail at sr-users@lists.sip-router.org -- that is the mailing list of the SIP server community. To participate in the mailing list, please subscribe at the following web address: http://lists.sip-router.org/cgi-bin/mailman/listinfo B) Disclaimers Note well the default "quick-start" configuration is very simple in order to be easily installable. It provides minimum features. Particularly, authentication is by default disabled, which means anyone can register using any name with the server. (This is on purpose to avoid installation dependencies on a database, which is needed for storing user credentials.) C) Quick Start The following step-by step guide gives you instructions how to install the SQL-free distribution of SIP server. If you need persistence and authentication, then you have to install additional database support -- proceed to section D) after you are finished with C). 1) Download an RPM or debian package from site ****** site not available yet If you don't use an rpm or debian based distribution, try our tar.gz'ed binaries ******* not available yet If you use Solaris 8 you can try our solaris package. If you use Gentoo Linux you do not have to download a package. 2) Install the package RPM: rpm -i debian: dpkg -i gentoo: emerge ser or emerge kamailio (or if use only stable packets: ACCEPT_KEYWORDS="~x86" emerge ser or ACCEPT_KEYWORDS="~x86" emerge kamailio) tar.gz: cd /; tar zxvf _os_arch.tar.gz (it will install in /usr/local/, and the configuration file in /usr/local/etc/ser/ser.cfg or /usr/local/etc/kamailio/kamailio.cfg) Solaris: gunzip .gz ; pkgadd -d *BSD: pkg_add package_name 3) Start the server RPM + gentoo: /etc/init.d/ser start or /etc/init.d/kamailio start debian: SER or Kamailio is started automatically after the install (in case something fails you can start it with '/etc/init.d/ser start' or '/etc/init.d/kamailio start') tar.gz: Solaris: the tar.gz does not include an init.d script, you'll have to create one of your own or adapt one from the source distribution (pkg/debian/init.d, pkg/rpm/ser.init.*, pkg/gentoo/ser.init, pkg/kamailio/rpm/kamailio.init, pkg/kamailio/deb/debian/kamailio.init, a.s.o.) You can start SIP server directly with /usr/local/sbin/ser or /usr/local/sbin/kamailio. 4) optionally, watch server's health using the serctl or kamctl utility - to do so, first set the environment variable SIP_DOMAIN to your domain name, e.g., in Bourne shell, call export SIP_DOMAIN="myserver.foobar.com" - if you are using other than 'localhost' mysql server for maintaining subscriber database, change the variable 'SQL_HOST' to the proper host name in the serctl script - run the serctl utility /usr/sbin/serctl moni or /usr/sbin/kamctl moni or /usr/local/sbin/serctl moni (if you installed SER flavour from a tar.gz or solaris package) or /usr/local/sbin/kamctl moni (if you installed Kamailio flavour from a tar.gz or solaris package) 5) Connect SIP phones Register with the server using your favorite SIP User Agent. You may want to look at configuration hints for use of various clients on iptel.org site at http://www.iptel.org/phpBB/viewforum.php?forum=1&8 In most cases, you need to set the following options: Proxy server: host name of your server Domain: the sip domain your server is configured to handle User name: the account name for your device Auth user: the ID used for authentication Secret/Password: The configured authentication password D) SIP Server with Persistent Data Storage ------------------------------------------ The default configuration is very simple and features many simplifications. In particular, it does not authenticate users and loses User Location database on reboot. To provide persistence, keep user credentials and remember users' locations across reboots, SIP server can be configured to use a database, like MySQL. Before you proceed, you need to make sure MySQL is installed on your box. Your MySQL server must be configured to deal with a large number of connection. To increase it, set the following line in [mysqld] section of your my.ini configuration file: set-variable = max_connections=500 1) Download the package containing mysql support for SIP server from: **** site not available yet (rpm and deb provided, most of the binary tar.gz distributions and the solaris package include it; if it is not present you'll have to rebuild from the source). For gentoo please include 'mysql' to your USE variable in /etc/make.conf or give it as variable to the emerge command. 2) install the package rpm -i or dpkg -i or emerge ser or emerge kamailio (if do not want to put 'mysql' into your USE variable you can type: USE="mysql" emerge ser) 3.1) create MySQL tables for SER flavour - if you have a previously installed SER on your system, use /usr/sbin/ser_mysql.sh reinstall to convert your SER database into new structures - otherwise, if this is your very first installation, use /usr/sbin/ser_mysql.sh create to create SER database structures (you will be prompted for password of MySql "root" user) 3.2) create MySQL tables for Kamailio flavour - if you have a previously installed Kamailio on your system, use /usr/sbin/kamdbctl reinstall to convert your Kamailio database into new structures - otherwise, if this is your very first installation, use /usr/sbin/kamdbctl create to create Kamailio database structures (you will be prompted for password of MySql "root" user) 4) configure SIP server to use SQL uncomment all lines in configuration file ser.cfg or kamilio.cfg which are related to authentication: - loadmodule "db_mysql.so" - loadmodule "auth.so" - loadmodule "auth_db.so" - modparam("usrloc", "db_mode", 2) - modparam("auth", "calculate_ha1", yes) - modparam("auth_db", "password_column", "password") - if (!www_authorize("sip-router.org", "subscriber")) { www_challenge("sip-router.org", "0"); break; } 5) be sure to replace realm, the first parameter in www_* actions, with name of your server; some broken UAC implementations don't authenticate otherwise; the authentication command in your configuration script should look then like this: if (!www_authorize("myserver.foobar.com", "subscriber")) { www_challenge("myserver.foobar.com", "0"); break; } 6) restart the server /etc/init.d/ser restart or /etc/init.d/kamailio restart 7) you can now start managing the server using the serctl or kamctl utility; you need to first set the environment variable SIP_DOMAIN to your local SIP realm, e.g., export SIP_DOMAIN="myserver.foobar.com" a) watch the server status using 'serctl moni' or 'kamctl moni' b) try to login with your SIP client as user 'admin' with password 'heslo' c) try adding new users using 'serctl add ' or 'kamctl add ' 4. Troubleshooting ------------------ Q: Windows Messenger authentication fails. A: The most likely reason for this problem is a bug in Windows Messenger. WM only authenticates if server name in request URI equals authentication realm. After a challenge is sent by SIP server, WM does not resubmit the challenged request at all and pops up authentication window again. If you want to authenticate WM, you need to set up your realm value to equal server name. If your server has no name, IP address can be used as realm too. Q: SIP requests are replied by SIP server with "483 Too Many Hops" or "513 Message Too Large" A: In both cases, the reason is probably an error in request routing script which caused an infinite loop. You can easily verify whether this happens by watching SIP traffic on loopback interface. A typical reason for misrouting is a failure to match local domain correctly. If a server fails to recognize a request for itself, it will try to forward it to current URI in believe it would forward them to a foreign domain. Alas, it forwards the request to itself again. This continues to happen until value of max_forwards header field reaches zero or the request grows too big. Solutions is easy: make sure that domain matching is correctly configured. A quick way to achieve that is to introduce a config option to ser.cfg or kamailio.cfg: alias=domainname, where domainname shall be replaced with name of domain, which you wish to server and which appears in request-URIs.