In our last episode we took a look at two excellent hard IP phones, the Polycom Soundpoint IP 430 and IP 650. Today we shall set them up for pain-free provisioning.
Getting your DNS set up ‘just so’ is the key to making this as easy as falling
over. Using DNS SRV records will make your life a whole lot easier, because
then you can point your phones to a domain instead of specific servers.
SRV records with Dnsmasq
Dnsmasq is great for quickly setting up a nice little test network. It supplies both DNS and DHCP to your LAN, and you can use any old weirdo domain you care to invent—which is great for testing. Here is a complete working /etc/dnsmasq.conf, starring our excellent local domain, alrac.net, and our SipX server, which is named pbx1:
#don't forward local addresses or #hostnames outside the local network domain-needed bogus-priv # #set the local domain name local=/alrac.net/ # #automatically append the domain #name to hostnames expand-hosts domain=alrac.net # #Make dnsmasq use its own resolver listen-address=127.0.0.1 # #Listen for DNS requests only on the LAN interface listen-address=192.168.1.50 bind-interfaces # #upstream ISP nameservers server=188.8.131.52 server=184.108.40.206 # #srv records for SipX server srv-host=_sip._tcp.alrac.net,pbx1.alrac.net srv-host=_sip._udp.alrac.net,pbx1.alrac.net # #FTP server for Polycom phones #don't forget the quotes!! dhcp-option=66,"192.168.1.90" # #NTP server dhcp-option=42,192.168.1.90
Then you’ll need some entries in /etc/hosts on the Dnsmasq machine:
127.0.0.1 localhost 192.168.1.50 router1 192.168.1.90 pbx1.alrac.net pbx1
And there is a complete, working DNS server for your LAN, and for your Polycom phones. You have a local caching resolver, nice SRV records for your SipX server, the FTP server for your phones, and a time server which you absolutely need or your phones will not have the correct time. The NTP server can be anywhere; SipX thoughtfully includes one.
Since this configuration means you are not using the DNS server on the SipX server, make sure that /etc/resolv.conf on your SipX server points to your real DNS server, and not to itself. Just to be sure, turn off the DNS server on SipX:
# /etc/init.d/named stop
Restart Dnsmasq, then run a few tests from the router or any LAN PC:
$ ping pbx1 PING pbx1.alrac.net (192.168.1.90) 56(84) bytes of data. 64 bytes from pbx1.alrac.net (192.168.1.90): icmp_seq=1 ttl=64 time=6.18 ms $ dig -t A pbx1.alrac.net [..] ;; QUESTION SECTION: ;pbx1.alrac.net. IN A ;; ANSWER SECTION: pbx1.alrac.net. 0 IN A 192.168.1.90 [...] $ dig -t SRV _sip._tcp.alrac.net [..] ;; QUESTION SECTION: ;_sip._tcp.alrac.net. IN SRV ;; ANSWER SECTION: _sip._tcp.alrac.net. 0 IN SRV 0 0 1 pbx1.alrac.net. ;; ADDITIONAL SECTION: pbx1.alrac.net. 0 IN A 192.168.1.90 [...]
We are perfect! Now let us hook up our phones and make them go.
Follow four steps for a quick start:
- Go to Devices -> Phones in the SipX configuration server and create a new phone. The phone’s serial number is on a sticker on the back of the phone
- Assign it to a user
- Add at least one phone line
- Click the checkbox to select the phone, then click the “send profiles” button
If all goes well, the new profile will be created in /var/sipxdata/configserver/phone/profile/tftproot. Plug your new phone into the network and SipX takes care of the rest. It takes about 20 seconds for the phone to register and greet you with a chirp.
What if it doesn’t work? The first thing to is make sure the phone’s profile was created. Verify this on the Diagnostics -> Job Status page when you first create the profile. Then look in /var/sipxdata/configserver/phone/profile/tftproot; you should see a file like 0004f2136b24.cfg.
You can follow along with tcpdump; plug in the phone, find the IP address of the new phone with nmap, then start tcpdump:
# nmap -sP 192.168.1.* [...] Host 192.168.1.167 appears to be up. MAC Address: 00:04:F2:13:6B:24 (Polycom) # tcpdump dst host 192.168.1.167 [...] 16:24:01.192109 IP pbx1.alrac.net.ftp > 192.168.1.167.1024: S 4277886761:4277886761(0) 16:24:01.198671 IP pbx1.alrac.net.ftp > 192.168.1.167.1024: P 1:21(20) ack 1 win 5840 16:24:01.199704 IP pbx1.alrac.net.ftp > 192.168.1.167.1024: . ack 16 win 5840 16:24:01.200318 IP pbx1.alrac.net.ftp > 192.168.1.167.1024: P 21:55(34) ack 16 win 5840 [...]
When you run tcpdump you should see a lot of lines like the example. If you don’t, or if you just see a few lonesome ARP requests, it means the phone is not finding your server, so you need to re-check your DNS and network settings.
Using the SipX Nameserver
SipX creates a complete BIND configuration for itself, which is a very nice and friendly thing to do. You may add to this and use it as your LAN’s nameserver, or you may simply add a delegation to it on your existing nameserver. There are a couple of gotchas here for those of us who are not elite DNS gurus: one, the SipX server must be in a different domain. Most folks use a subdomain, like sipx.alrac.net. Two, if you enabled the SipX DNS server at installation, it will point to itself, so make sure /etc/resolv.conf points to your main DNS server.
Adding a delegation to Dnsmasq means adding a single line:
Don’t use the fully qualified server name, which could be something like
pbx1.sipx.alrac.net, just the domain name. This tells Dnsmasq to direct
all DNS requests for sipx.alrac.net to the IP address that you enter. It
won’t get confused and try to resolve alrac.net requests there, or any
other domain. You don’t need SRV records or entries in /etc/hosts on your
Dnsmasq box, because that’s all handled by the SipX BIND server. Test your new
delegation with dig:
$ dig -t SRV _sip._tcp.sipx.alrac.net $ dig -t A sipx.alrac.net
Dnsmasq is a caching resolver and DHCP server; it is not an authoritative name server. You can use it in conjunction with BIND, MaraDNS, or other authoritative servers.
SipX comes with a neat little script for generating a BIND zone file if you somehow missed out on having one already, sipx-dns. The syntax is sipx-dns sip-domain server-name/server-ip, so our subdomain sipx.alrac.net looks like this:
$ sipx-dns sipx.alrac.net pbx1.sipx.alrac.net/192.168.1.90
This does not change anything; it just outputs a configuration you can copy directly into a zone file—or modify to suit.
That seemed an awful lot like work! But for elite DNS gurus, it’s routine stuff. Once you have the name services and networking guff set up, adding new Polycom phones and making changes is as easy as falling over.