VoIPowering Your Office with Asterisk: Getting Free Long Distance, Part 2

Last week we learned how to use FreeWorldDialup to connect to other VoIP users.
Today we’ll set up distributed Asterisk peering with the DUNDi (Distributed
Universal Number Discovery) protocol. DUNDi is a peer-to-peer system for finding
Internet gateways to telephony services. It operates like a blend of DNS and
routing, only there is no central authority analogous to the root DNS servers.
All participants publish their own authoritative routing information and share
it with authorized peers. When Server A wants to know how to connect to Server
B, it asks around until it receives an answer. Then it stores the information
so that it can also respond to requests. You have complete control over what
information and resources you choose to share—it’s not a wide-open free-for-all.

This gives you a number of great options, like getting PSTN access through another server, and making long-distance calls appear as local extensions. Nearly any services that an Asterisk server provides can be made available to other peers. One way to test this and be part of an existing peer network is to join the DUNDi-test network, a free, open test network that includes PSTN termination. To prevent abuse, everyone who joins this network is required to sign and agree to abide by the General Peering Agreement, which you will find on Dundi.com. It contains instructions on how to execute it.

Configuring DUNDi
Warm up your favorite text editor, because we’re going to edit three Asterisk
configuration files. The three files are dundi.conf, iax.conf, and extensions.conf.
These are in /etc/asterisk/ on [email protected] dundi.conf controls
peer authentication, iax.conf is our transport protocol, and extensions.conf
contains your dialplans.

This example connects two peers, MyHost and OtherHost.

First edit iax.conf. Add the following lines, except for any that are duplicated in the [general] section:


Now edit dundi.conf. The default file is well commented and has lots
of examples—you’ll find definitions of all the directives in there. This is where
your mapping contexts are defined, which follow this format:

dundi_context => local_context,weight,technology,destination,[options]

The following configuration creates two DUNDi mapping contexts:

;put your own information here
department=Boss's office
organization=Alrac, Inc.
[email protected]
;use the server's MAC address for the entityid
;copy this as shown, substituting your own server and hostname
;this should be one long unbroken line
dundi-peer1 => dundi-priv-local,0,IAX2,dundi:${SECRET}@myhost.mynet.com/${NUMBER},
;our OtherHost peer is configured here
;and is allowed access only to dundi-peer1
[aa:bb:cc:dd:ee:ff] ;MAC address of otherhost.elsewhere.com
  model = symmetric
  host = otherhost.elsewhere.com
  inkey = otherhost.elsewhere.com
  outkey = myhost.mynet.com
  include = dundi-peer1
  permit = dundi-peer1
  qualify = yes

You need to create RSA authentication keys for your server. You may name them anything you want; a good naming convention is to use your server’s fully-qualified domain name. Create keys with these commands:

# cd /var/lib/asterisk/keys
# /usr/sbin/astgenkey -n myhost.mynet.com

This creates two keys: myhost.mynet.com.pub and myhost.mynet.com.key. The public key, myhost.mynet.com.pub, must be distributed to all servers you are peering with. Post it on your Web site if you like. The private key is unencrypted, and like all private encryption keys must be guarded carefully. Then the res_crypto.so line interface:

# asterisk -r
asterisk1*CLI># reload res_crypto.so
asterisk1*CLI># reload pbx_dundi.so

From here you can also run the command show keys to see all of your RSA keys. Now go back to iax.conf and add the dundi user.

Here is a quick Linux tip: you don’t have to exit the Asterisk CLI to return to the Linux command line. If you’re logging in remotely, just open a second SSH session. If you’re on the Asterisk server, switch to a second console with Alt+F2.

This allows remote access to your server:


dundi/secret is an encryption key automatically generated by Asterisk. You may view this key by running the database show command from the Asterisk CLI.

Finally, edit extensions.conf; this is where you define what numbers to share and what to do with them. Telephone numbers must follow this format:

country_code area_code prefix number

This is a simple example that answers incoming calls, directs them via the SIP protocol to extension 200, which is the digital assistant, sends the caller to voicemail if there is no answer, then hangs up.

  exten => 15035551212,1,Answer( )
  exten => 15035551212,n(call),Dial(SIP/200)
  exten => 15035551212,n,Voicemail(u200)
  exten => 15035551212,n,Hangup( )

Correcting Mistakes
If you make a typo, run the dundi flush command from the Asterisk command shell, because entries are cached for the time you specified (cachetime 3600, which is one hour).

Configuring the Peer
Whoever you peer with has to perform the same steps. You can test this easily enough by adding a second Asterisk server to your test lab. Once you succeed in doing this, you know enough to connect to the DUNDi-test network.

Distributed Universal Number Discovery (DUNDi)
E.164 number and DNS
DUNDi Aims to Open VoIP Peering
Asterisk Documentation Project” has a downloadable free copy of the book “Asterisk: The Future of Telephony.” It can also be purchased at the usual outlets. (Hint: supporting authors financially is a splendid thing to do.) This book is an essential reference, and contains all the Asterisk commands and configuration options.

Latest Articles

Follow Us On Social Media

Explore More