VoIPowering Your Office: Painless Polycom Provisioning

In our last episode we took a look at two excellent hard IP phones, the Polycom Soundpoint IP 430 and IP 650. Today we shall set them up for pain-free provisioning.

Getting your DNS set up ‘just so’ is the key to making this as easy as falling
over. Using DNS SRV records will make your life a whole lot easier, because
then you can point your phones to a domain instead of specific servers.

SRV records with Dnsmasq
Dnsmasq is great for quickly setting up a nice little test network. It supplies both DNS and DHCP to your LAN, and you can use any old weirdo domain you care to invent—which is great for testing. Here is a complete working /etc/dnsmasq.conf, starring our excellent local domain, alrac.net, and our SipX server, which is named pbx1:

#don't forward local addresses or
#hostnames outside the local network
#set the local domain name
#automatically append the domain
#name to hostnames
#Make dnsmasq use its own resolver
#Listen for DNS requests only on the LAN interface
#upstream ISP nameservers
#srv records for SipX server
#FTP server for Polycom phones
#don't forget the quotes!!
#NTP server

Then you’ll need some entries in /etc/hosts on the Dnsmasq machine:       localhost    router1    pbx1.alrac.net   pbx1

And there is a complete, working DNS server for your LAN, and for your Polycom phones. You have a local caching resolver, nice SRV records for your SipX server, the FTP server for your phones, and a time server which you absolutely need or your phones will not have the correct time. The NTP server can be anywhere; SipX thoughtfully includes one.

Since this configuration means you are not using the DNS server on the SipX server, make sure that /etc/resolv.conf on your SipX server points to your real DNS server, and not to itself. Just to be sure, turn off the DNS server on SipX:

# /etc/init.d/named stop

Restart Dnsmasq, then run a few tests from the router or any LAN PC:

$ ping pbx1
PING pbx1.alrac.net ( 56(84) bytes of data.
64 bytes from pbx1.alrac.net ( icmp_seq=1 ttl=64 time=6.18 ms
$ dig  -t A pbx1.alrac.net
;pbx1.alrac.net.                        IN      A
pbx1.alrac.net.         0       IN      A
$ dig -t SRV _sip._tcp.alrac.net
;_sip._tcp.alrac.net.           IN      SRV
_sip._tcp.alrac.net.    0       IN      SRV     0 0 1 pbx1.alrac.net.
pbx1.alrac.net.         0       IN      A

We are perfect! Now let us hook up our phones and make them go.

Polycom configurations
Follow four steps for a quick start:

  1. Go to Devices -> Phones in the SipX configuration server and create a new phone. The phone’s serial number is on a sticker on the back of the phone
  2. Assign it to a user
  3. Add at least one phone line
  4. Click the checkbox to select the phone, then click the “send profiles” button

If all goes well, the new profile will be created in /var/sipxdata/configserver/phone/profile/tftproot. Plug your new phone into the network and SipX takes care of the rest. It takes about 20 seconds for the phone to register and greet you with a chirp.

What if it doesn’t work? The first thing to is make sure the phone’s profile was created. Verify this on the Diagnostics -> Job Status page when you first create the profile. Then look in /var/sipxdata/configserver/phone/profile/tftproot; you should see a file like 0004f2136b24.cfg.

You can follow along with tcpdump; plug in the phone, find the IP address of the new phone with nmap, then start tcpdump:

# nmap -sP 192.168.1.* 
Host appears to be up.
MAC Address: 00:04:F2:13:6B:24 (Polycom)
# tcpdump dst host
16:24:01.192109 IP pbx1.alrac.net.ftp > S 4277886761:4277886761(0)
16:24:01.198671 IP pbx1.alrac.net.ftp > P 1:21(20) ack 1 win 5840
16:24:01.199704 IP pbx1.alrac.net.ftp > . ack 16 win 5840
16:24:01.200318 IP pbx1.alrac.net.ftp > P 21:55(34) ack 16 win 5840

When you run tcpdump you should see a lot of lines like the example. If you don’t, or if you just see a few lonesome ARP requests, it means the phone is not finding your server, so you need to re-check your DNS and network settings.

Using the SipX Nameserver
SipX creates a complete BIND configuration for itself, which is a very nice and friendly thing to do. You may add to this and use it as your LAN’s nameserver, or you may simply add a delegation to it on your existing nameserver. There are a couple of gotchas here for those of us who are not elite DNS gurus: one, the SipX server must be in a different domain. Most folks use a subdomain, like sipx.alrac.net. Two, if you enabled the SipX DNS server at installation, it will point to itself, so make sure /etc/resolv.conf points to your main DNS server.

Adding a delegation to Dnsmasq means adding a single line:


Don’t use the fully qualified server name, which could be something like
pbx1.sipx.alrac.net, just the domain name. This tells Dnsmasq to direct
all DNS requests for sipx.alrac.net to the IP address that you enter. It
won’t get confused and try to resolve alrac.net requests there, or any
other domain. You don’t need SRV records or entries in /etc/hosts on your
Dnsmasq box, because that’s all handled by the SipX BIND server. Test your new
delegation with dig:

$ dig -t SRV _sip._tcp.sipx.alrac.net
$ dig -t A sipx.alrac.net

Dnsmasq is a caching resolver and DHCP server; it is not an authoritative name server. You can use it in conjunction with BIND, MaraDNS, or other authoritative servers.

SipX comes with a neat little script for generating a BIND zone file if you somehow missed out on having one already, sipx-dns. The syntax is sipx-dns sip-domain server-name/server-ip, so our subdomain sipx.alrac.net looks like this:

$ sipx-dns sipx.alrac.net pbx1.sipx.alrac.net/ 

This does not change anything; it just outputs a configuration you can copy directly into a zone file—or modify to suit.

That seemed an awful lot like work! But for elite DNS gurus, it’s routine stuff. Once you have the name services and networking guff set up, adding new Polycom phones and making changes is as easy as falling over.

DNS Configuration

Latest Articles

Follow Us On Social Media

Explore More