[Asterisk-Users] LCR with ENUM and DDNS: half the story

[William Waites]

Ok, so you've read the Wiki and gotten call routing using ENUM to work
(http://www.voip-info.org/tiki-index.php?page=Asterisk%20E164%20Call%20Routing)
with your own ENUM-alike domain, e164.example.com.

But how do you populate it with data? You can do it manually, but that gets
very tedious very quickly. Or you can use the nifty DDNS updating program
that comes with bind9.

The first thing is to set configure your e164.example.com to allow ddns updates.
A very good document describing how to do this (just ignore the DHCP stuff) is
http://ops.ietf.org/dns/dynupd/secure-ddns-howto.html

In a nutshell (I used TSIG keys for simplicity, the procedure is analogous with
SIG(0) asymettric keys) this is how you do it.

On the client computer that will be allowed to update the database do:

% dnssec-keygen -a HMAC-MD5 -b 512 -n HOST client.example.com
Kclient.example.com.+157+13404

This creates the shared key, which will live in a file called 
Kclient.example.com.+157+13404.key and .private

% cat Kclient.example.com.+157+13404.private
Private-key-format: v1.2
Algorithm: 157 (HMAC_MD5)
Key: I9FvX+F3fcSVLkzlPSVR9THww+oN6o0mj/JgKTu9auzMx0IM7lmBd9RIfk2cbHvoV9drGQVsk+svkrf+AeN0JQ==

Now on the server, let that key update e164.example.com. To do this, change named.conf
to have

key "client.example.com." {
	algorithm HMAC-MD5;
	secret "I9FvX+F3fcSVLkzlPSVR9THww+oN6o0mj/JgKTu9auzMx0IM7lmBd9RIfk2cbHvoV9drGQVsk+svkrf+AeN0JQ==";
};

zone "e164.example.com" {
	type master;
	file "dynamic/e164.example.com";
	update-policy {
		grant client.example.com. subdomain e164.example.com. ANY;
	};
};

and restart the nameserver.

That's it for the configuration.

Now, say you have just found a very good IAX2 peer, FooFone that offers /wonderful/ rates
to the ficticious country code 666. You can use a script like this, to tell the 
asterisk application EnumLookup (see the howto above) to use this peer for that country:

#!/bin/sh

TTL=3600
SERVER=nameserver.example.com
SERVER=sparx
ZONE=e164.example.com
KEYFILE=Kclient.example.com.+157+13404.key

nsupdate -v -k ${KEYFILE} << EOF
server ${SERVER}
zone ${ZONE}
update delete *.6.6.6.e164.example.com.
update add *.6.6.6.e164.example.com. ${TTL} NAPTR 100 100 "u" "E2U+IAX2" "!\\\\+(.*)!iax2:foofone/\\\\1!" .
update add *.6.6.6.e164.example.com. ${TTL} TXT "greate $0.00/minute rate from FooFone!"
show
send
EOF

the first update line deletes any existing records for +666, the second adds the NAPTR
record for ENUM call routing, and the third adds a nice informational message in the DNS
which is useful if you want a quick way to find out how much a call will be billed at.

Note the escaped-escaped-escape characters. The first is because the shell will try to
interpret \, so what actually gets sent to nsupdate is \\ which is correct for what BIND
wants.

And the second half of the puzzle? Figuring out how to know what to put in the DNS, 
calculating the best rates...

Hope someone finds this useful,
-w
-- 
/~\  The ASCII Ribbon Campaign
\ /    No HTML/RTF in email
 X     No Word docs in email
/ \  Respect for open standards