Page 230 - Asterisk™: The Future of Telephony
P. 230
Asterisk and VoIP
It should come as no surprise that Asterisk loves to talk VoIP. But in order to do so,
Asterisk needs to know which function it is to perform: that of client, server, or both.
One of the most complex and often confusing concepts in Asterisk is the naming
scheme of inbound and outbound authentication.
Users and Peers and Friends—Oh My!
Connections that authenticate to us, or that we authenticate, are defined in the
iax.conf and sip.conf files as users and peers. Connections that do both may be defined
as friends. When determining which way the authentication is occurring, it is always
important to view the direction of the channels from Asterisk’s viewpoint, as connec-
tions are being accepted and created by the Asterisk server.
Users
A connection defined as a user is any system/user/endpoint that we allow to connect
to us. Keep in mind that a user definition does not provide a method with which to call
‖
that user; the user type is used simply to create a channel for incoming calls. A user
definition will require a context name to be defined to indicate where the incoming
authenticated call will enter the dialplan (in extensions.conf).
Peers
A connection defined as a peer type is an outgoing connection. Think of it this way:
users place calls to us, while we place calls to our peers. Since peers do not place calls
to us, a peer definition does not typically require the configuration of a context name.
However, there is one exception: if calls that originate from your system are returned
to your system in a loopback, the incoming calls (which originate from a SIP proxy,
not a user agent) will be matched on the peer definition. The default context should
handle these incoming calls appropriately, although it’s preferable for contexts to be
defined for them on a per-peer basis. #
In order to know where to send a call to a host, we must know its location in relation
to the Internet (that is, its IP address). The location of a peer may be defined either
statically or dynamically. A dynamic peer is configured with host=dynamic under the
peer definition heading. Because the IP address of a dynamic peer may change
‖ In SIP, this is not always the case. If the endpoint is a SIP proxy service (as opposed to a user agent), Asterisk
will authenticate based on the peer definition, matching the IP address and port in the Contact field of the
SIP header against the hostname (and port, if specified) defined for the peer (if the port is not specified, the
one defined in the [general] section will be used). See the discussion of the SIP insecure option in
Appendix A for more on this subject.
# For more information on this topic, see the discussion of the SIP context option in Appendix A.
202 | Chapter 8: Protocols for VoIP
