The dnssec module was added during the development of v4.1.0 (expected to be released later in 2013). Therefore this tutorial presents how to add DNSSEC module in the default configuration file of Kamailio, following GIT installation guidelines.

In short, this tutorial focuses on:

• install Kamailio development version from GIT repository on Ubuntu 12.04 32b
• enable user authentication and persistent location service using MySQL server
• add DNSSEC support to configuration file

Note: Ubuntu 12.04 was chosen because dnssec tools devel library are provided for this distribution.

For reading more about DNSSEC, head to:

• http://en.wikipedia.org/wiki/Domain_Name_System_Security_Extensions

Many related resources, including the required libraries for Kamailio's DNSSEC module, are available at:

• http://www.dnssec-tools.org/

The dnssec-tools package should be available on recent Debian/Ubuntu, to install it us:

  apt-get install dnssec-tools

You need these libraries to compile Kamailio's DNSSEC module. You can download the libraries from:

• http://dnssec-tools.org/download/#gotoBinaries

The files are:

dns-validator_2.0-1_i386.deb
libval-threads_2.0-1_i386.deb
libsres_2.0-1_i386.deb
libval-threads-dev_2.0-1_i386.deb
libsres-dev_2.0-1_i386.deb

Once you download the deb files, install them with dpkg -i …

Here is a quick guide to install Kamailio development version from GIT repository. If you look for a more detailed tutorial, check:

• Install Kamailio Devel Version From GIT

Install the packages needed to build Kamailio:

apt-get install make autoconf gcc flex bison git-core
apt-get install libmysqlclient-dev libssl-dev

First of all, you have to create a directory on the file system where the sources will be stored.

  mkdir -p /usr/local/src/kamailio-devel
  cd /usr/local/src/kamailio-devel

Download the sources from GIT using the following commands.

  git clone --depth 1 git://git.sip-router.org/sip-router kamailio
  cd kamailio

Run next set of commands:

  cd /usr/local/src/kamailio-devel/kamailio
  make cfg include_modules="db_mysql dnssec"
  make all
  make install

The binaries and executable scripts were installed in:

  /usr/local/sbin

These are:

• kamailio - Kamailio SIP server
• kamdbctl - script to create and manage the databases
• kamctl - script to manage and control Kamailio SIP server
• kamcmd - CLI - command line tool to interface with Kamailio SIP server

To be able to use the binaries from command line, make sure that '/usr/local/sbin' is set in PATH environment variable. You can check that with 'echo $PATH'. If not and you are using 'bash', open '/root/.bash_profile' and at the end add:

  PATH=$PATH:/usr/local/sbin
  export PATH

Kamailio modules are installed in:

  /usr/local/lib/kamailio/modules/

Note: On 64 bit systems, /usr/local/lib64 may be used.

The documentation and readme files are installed in:

  /usr/local/share/doc/kamailio/

The man pages are installed in:

  /usr/local/share/man/man5/
  /usr/local/share/man/man8/

The configuration file was installed in:

  /usr/local/etc/kamailio/kamailio.cfg

kamctl is command line tool useful to control Kamailio. It can add or remove SIP user profiles.

Edit /usr/local/etc/kamailio/kamctlrc, locate DBENGINE variable and set it to MYSQL:

DBENGINE=MYSQL

Also, you can set SIP_DOMAIN to you server hostname or IP address.

You can change other values in kamctlrc file, at least it is recommended to change the default passwords for the users to be created to connect to database.

Once you are done updating kamctlrc file, run the script to create the database used by Kamailio:

  /usr/local/sbin/kamdbctl create

You can call this script without any parameter to get some help for the usage. You will be asked for the domain name Kamailio is going to serve (e.g., mysipserver.com) and the password of the 'root' MySQL user. The script will create a database named 'kamailio' containing the tables required by Kamailio. You can change the default settings in the kamctlrc file mentioned above.

The script will add two users in MySQL:

- kamailio - (with default password 'kamailiorw') - user which has full access rights to 'kamailio' database

- kamailioro - (with default password 'kamailioro') - user which has read-only access rights to 'kamailio' database

Do change the passwords for these two users to something different that the default values that come with sources.

Next step is to enable user authentication, persistent location service and add dnssec module. You have to edit the configuration file.

  /usr/local/etc/kamailio/kamailio.cfg

Follow the instruction in the comments to enable usage of MySQL. Basically you have to add several lines at the top of config file, like:

#!define WITH_MYSQL
#!define WITH_AUTH
#!define WITH_USRLOCDB

If you changed the password for the 'kamailio' user of MySQL, you have to update the value for DBURL define.

You have to load dnssec module in kamailio.cfg:

loadmodule "dnssec.so"

Add the above line somewhere before the first line starting with modparam.

The module does not require any parameter, you are ready to use the configuration file now.