$Id: INSTALL,v 1.40.2.1 2005/09/12 06:09:49 andrei Exp $ =========================================== SIP Express Router (ser) Installation Notes http://www.iptel.org/ser/ =========================================== This memo gives you hints how to set up SER quickly. To understand how SER works and how to configure it properly, read admin's guide available from SER website. We also urge you to read latest ISSUES (available from SER website too) and check for potential problems in this release. Users of previous releases are encouraged to read NEWS to learn how to move to this new SER version. TOC 1. Supported Architectures and Requirements 2. Howto Build ser From Source Distribution 3. Quick-Start Installation Guide A) Getting Help B) Disclaimers C) Quick Start D) ser with Persistent Data Storage 4. Troubleshooting 1. Supported Architectures and Requirements ------------------------------------------- Supported operating systems: Linux, FreeBSD, NetBSD, OpenBSD, Solaris, Darwin Supported architectures: i386, x86_64 (amd64), armv4l, sparc64, powerpc, powerpc64 Experimental architectures: mips1, mips2, sparc32, alpha (for other architectures the Makefiles might need to be edited) There are various configuration options defined in the Makefile. Requirements: - gcc or icc : gcc >= 2.9x; 3.[12] recommended (it will work with older version but it might require some options tweaking for best performance) - bison or yacc (Berkley yacc) - flex - GNU make (on Linux this is the standard "make", on *BSD and Solaris is called "gmake") version >= 3.79. - sed and tr (used in the makefiles) - GNU tar ("gtar" on Solaris) and gzip if you want "make tar" to work - GNU install, BSD install or Solaris install if you want "make install", "make bin", "make sunpkg" to work - libmysqlclient & libz (zlib) if you want mysql support (the mysql module) - libexpat if you want the jabber gateway support (the jabber module) - libxml2 if you want to compile the cpl-c (CPL support) or pa (presence) modules - libradiusclient-ng (> 5.0) if you need radius support (the auth_radius, group_radius, uri_radius and avp_radius modules) - libpq if you need postgres support (the postgres module) OS Notes: FreeBSD/OpenBSD/NetBSD: make sure gmake, bison or yacc & flex are installed. FreeBSD 5.4: If you want to compile all the modules, you will need the following packages: - mysql-client-* (any version, install one of the mysql*-client ports) for libmysqlclient - postgresql-libpqxx-2.4.2_1 (/usr/ports/databases/postgresql-libpqxx) for libpq - expat-1.95.8 (/usr/ports/textproc/expat2) for libexpat - libxml2-2.6.18 (/usr/ports/textproc/libxml2) for libxml2 - radiusclient-0.4.7 (/usr/ports/net/radiusclient) for libradiusclient-ng NOTE: you'll need to add radiusclient_ng=4 to the gmake command line if you use the 0.4.* version. Compile example (all the modules and ser in a tar.gz): gmake bin radiusclient_ng=4 include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius postgres pa" OpenBSD 3.7 - mysql-client-4.0.23 (/usr/ports/databases/mysql) for libmysqlclient - expat-1.95.6 (/usr/ports/textproc/expat) for libexpat - libxml-2.6.16p0 (/usr/ports/textproc/libxml) for libxml2 - radiusclient-ng-0.5.1 from http://download.berlios.de/radiusclient-ng/radiusclient-ng-0.5.1.tar.gz (you need to download and install it, since there is no "official" openbsd port for it) for libradiusclient-ng Compile example (all the modules and ser in a tar.gz): gmake bin include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius pa" NetBSD 2.0 - mysql-client-4.1.12 (/usr/pkgsrc/databases/mysql4-client) for libmysqlclient - expat-1.95.8nb2 (/usr/pkgsrc/textproc/expat) for libexpat - libxml2-2.6.19 (/usr/pkgsrc/textproc/libxml2) for libxml2 - radiusclient-ng-0.5.1 (see OpenBSD) Compile example (all the modules and ser in a tar.gz): gmake bin include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius pa" Solaris 10 As above; you can use Solaris's yacc instead of bison. You might need also gtar and ginstall. If you don't have ginstall you can use Solaris install, just make sure it's in the PATH (it's usually in /usr/sbin) and add INSTALL=install either to the environment or to the make command line (e.g.: gmake INSTALL=install all). Needed packages: [TODO] Compile example (all the modules and ser in a tar.gz): gmake bin INSTALL=install include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius postgres pa" Linux Needed packages for compiling all the modules: Debian: - libmysqlclient-dev for libmysqlclient - libpq-dev for libpq - libexpat1-dev for libexpat - libxml2-dev for libxml2 - libradiusclient-ng-dev for libradiusclient (you can download the package from http://apt.sip-router.org/debian/dists/unstable/main/binary-i386/libradiusclient-ng-dev_0.5.1-0.5_i386.deb ). NOTE: you can get up-to-date ser packages or libradiusclient packages from http://apt.sip-router.org: add to your /etc/apt/sources.list the following lines: deb http://apt.sip-router.org/debian testing main contrib non-free deb http://apt.sip-router.org/debian unstable main contrib non-free and then: apt-get update; apt-get install libradiusclient-ng-dev (or, if you want to use the pre-built modules: apt-get install ser ser-cpl-module ser-jabber-module ser-mysq-module ser-pa-module ser-postgres-module ser-radius-modules ) Compile example (all the modules and ser in a tar.gz): make bin include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius postgres pa" 2. Howto Build ser From Source Distribution ------------------------------------------- (NOTE: if make doesn't work try gmake instead) - compile with default options: make #builds only ser core, equivalent to make ser make modules or make all #builds everything By default make all will not build modules that require external libraries or that are considered to be "experimental". The modules that have external dependecies are: mysql, jabber, cpl-c, auth_radius, group_radius, uri_radius, avp_radius, postgres, pa. To build all of them (provided you have all the required libraries installed) use: make all include_modules="mysql jabber cpl-c auth_radius group_radius uri_radius avp_radius postgres pa" If you want to install or to build a binary package (a tar.gz with ser and the modules), substitute "all" in the above command with "install" or "bin". More compile examples: - compile with profiling make PROFILE=-pg all -compile debug mode version make mode=debug all -compile debug version with profiling make mode=debug PROFILE=-pg all -compile only the print module make modules=modules/print modules -compile all the "default" modules except textops and vm make skip_modules="textops vm" modules -compile all default modules and include uri_radius (not compiled by default): make include_modules="uri_radius" modules -compile all the modules from the modules subdirectory (even the one excluded by default): make exclude_modules="" modules -compile all the modules from the modules subdirectory excluding vm: make exclude_modules=vm modules or make exclude_modules="" skip_modules=vm modules -compile with the "tm" module statically linked and with profiling make static_modules=tm PROFILE=-pg all -compile with gcc-3.2 instead of gcc make CC=gcc-3.2 all or CC=gcc-3.2 make all Make targets: Clean: make clean (clean the modules too) make proper (clean also the dependencies) make distclean (the same as proper) make mantainer-clean (clean everything, including auto generated files, tags, *.dbg a.s.o) Compile: make proper make (or gmake on non-Linux systems) make modules or make modules exclude_modules="CVS print" etc. Make tags: make TAGS Create a tar.gz with the sources (in ../): make tar Create a tar.gz with the binary distribution (in ../): make bin Create a gzipped solaris package (in ../): make sunpkg Create debian packages (in ../): make deb or dpkg-buildpackage Install: make prefix=/usr/local install Note: If you use prefix parameter in make install then you also need to use this parameter in previous make commands, i.e. make, make modules, or make all. If you fail to do this then SER will look for the default configuration file in a wrong directory, because the directory of the default configuration file is hard coded into ser during compile time. When you use a different prefix parameter when installing then the directory hard coded in ser and the directory in which the file will be installed by make install will not match. (You can specify exact location of the configuration file using -f parameter of ser). For example, if you do the following: make all make prefix=/ install Then the installation will put the default configuration file into /etc/ser/ser.cfg (because prefix is /), but ser will look for the file in /usr/local/etc/ser/ser.cfg (because there was no prefix parameter in make all and /usr/local is the default value of prefix). Workaround is trivial, use the same parameters in all make commands: make prefix=/ all make prefix=/ install That applies to other make parameters as well (for example parameters "modules" or "excluded_modules"). 3. Quick-Start Installation Guide ---------------------------------------------- A) Getting Help This guide gives you instructions on how to set up the SIP Express Router (ser) on your box quickly. In case the default configuration does not fly, check documentation at ser site http://www.iptel.org/ser/ to learn how to configure SER for your site. If the documentation does not resolve your problem you may try contacting our user forum by E-mail at serusers@iptel.org -- that is the mailing list of ser community. To participate in the mailing list, subscribe at the following web address: http://mail.iptel.org/mailman/listinfo/serusers To participate in our commercial support program, contact info@iptel.org. The support program will provide you with most timely and accurate help for configuration, integration, development and any other technical activity. B) Disclaimers Note well the default "quick-start" configuration is very simple in order to be easily installable. It provides minimum features. Particularly, authentication is by default disabled, which means anyone can register using any name with the server. (This is on purpose to avoid installation dependencies on MySQL which is needed for storing user credentials.) C) Quick Start The following step-by step guide gives you instructions how to install the sql-free distribution of ser. If you need persistence and authentication, then you have to install additional MySql support -- proceed to section D) after you are finished with C). 1) Download an RPM or debian package from our site http://www.iptel.org/ser If you don't use an rpm or debian based distribution, try our tar.gz'ed binaries (ser-$(version)_$(os)_$(arch).tar.gz, e.g: ser-0.8.8_linux_i386.tar.gz). If you use Solaris 8 you can try our solaris package. If you use Gentoo Linux you do not have to download a package. 2) install the package RPM: rpm -i debian: dpkg -i gentoo: emerge ser (or if use only stable packets: ACCEPT_KEYWORDS="~x86" emerge ser) tar.gz: cd /; tar zxvf _os_arch.tar.gz (it will install in /usr/local/, and the configuration file in /usr/local/etc/ser/ser.cfg) Solaris: gunzip .gz ; pkgadd -d *BSD: pkg_add package_name 3) start the server RPM + gentoo: /etc/init.d/ser start debian: ser is started automatically after the install (in case something fails you can start it with /etc/init.d/ser start) tar.gz: the tar.gz does not include an init.d script, you'll have to create one of your own or adapt one from the source distribution (debian/init.d, rpm/ser.init.*, gentoo/ser.init) You can start ser directly with /usr/local/sbin/ser. Solaris: see tar.gz. 4) optionally, watch server's health using the serctl utility - to do so, first set the environment variable SIP_DOMAIN to your domain name, e.g., in Bourne shell, call export SIP_DOMAIN="myserver.foobar.com" - if you are using other than 'localhost' mysql server for maintaining subscriber database, change the variable 'SQL_HOST' to the proper host name in the serctl script - run the serctl utility /usr/sbin/serctl moni or /usr/local/sbin/serctl moni (if you installed from a tar.gz or solaris package) 5) Register with the server using your favorite SIP User Agent. You may want to look at configuration hints for use of iptel.org site at http://www.iptel.org/phpBB/viewforum.php?forum=1&8 For example, users of Windows Messenger need to set in Tools->Options->Accounts the following values: Sign-in Name: @ Advanced->Configure Settings (on) Advanced->Server: Connect Using: UDP D) ser with Persistent Data Storage The default configuration is very simple and features many simplifications. In particular, it does not authenticate users and loses User Location database on reboot. To provide persistence, keep user credentials and remember users' locations across reboots, ser can be configured to use MySQL. Before you proceed, you need to make sure MySQL is installed on your box. Your MySQL server must be configured to deal with a large number of connection. To increase it, set the following line in [mysqld] section of your configuration file: set-variable = max_connections=500 1) Download the package containing mysql support for ser from: http://www.iptel.org/ser/ (rpm and deb provided, most of the binary tar.gz distributions and the solaris package include it; if it is not present you'll have to rebuild from the source). For gentoo please include 'mysql' to your USE variable in /etc/make.conf or give it as variable to the emerge command. 2) install the package rpm -i or dpkg -i or emerge ser (if do not want to put 'mysql' into your USE variable you can type: USE="mysql" emerge ser) 3) create MySQL tables - if you have a previously installed SER on your system, use /usr/sbin/ser_mysql.sh reinstall to convert your SER database into new structures - otherwise, if this is your very first installation, use /usr/sbin/ser_mysql.sh create to create SER database structures (you will be prompted for password of MySql "root" user) 4) configure ser to use SQL uncomment all lines in configuration file ser.cfg which are related to authentication: - loadmodule "/usr/lib/ser/modules/mysql.so" - loadmodule "/usr/lib/ser/modules/auth.so" - loadmodule "/usr/lib/ser/modules/auth_db.so" - modparam("usrloc", "db_mode", 2) - modparam("auth", "calculate_ha1", yes) - modparam("auth_db", "password_column", "password") - if (!www_authorize("iptel.org", "subscriber")) { www_challenge("iptel.org", "0"); break; }; 5) be sure to replace realm, the first parameter in www_* actions, with name of your server; some broken UAC implementations don't authenticate otherwise; the authentication command in your configuration script should look then like this: if (!www_authorize("myserver.foobar.com", "subscriber")) { www_challenge("myserver.foobar.com", "0"); break; } 6) restart the server /etc/init.d/ser restart 7) you can now start managing the server using the serctl utility; you need to first set the environment variable SIP_DOMAIN to your local SIP realm, e.g., export SIP_DOMAIN="myserver.foobar.com" a) watch the server status using 'serctl moni' b) try to login with your SIP client as user 'admin' with password 'heslo' c) try adding new users using 'serctl add ' 4. Troubleshooting ------------------ Q: Windows Messenger authentication fails. A: The most likely reason for this problem is a bug in Windows Messenger. WM only authenticates if server name in request URI equals authentication realm. After a challenge is sent by SIP server, WM does not resubmit the challenged request at all and pops up authentication window again. If you want to authenticate WM, you need to set up your realm value to equal server name. If your server has no name, IP address can be used as realm too. Q: SIP requests are replied by ser with "483 Too Many Hops" or "513 Message Too Large" A: In both cases, the reason is probably an error in request routing script which caused an infinite loop. You can easily verify whether this happens by watching SIP traffic on loopback interface. A typical reason for misrouting is a failure to match local domain correctly. If a server fails to recognize a request for itself, it will try to forward it to current URI in believe it would forward them to a foreign domain. Alas, it forwards the request to itself again. This continues to happen until value of max_forwards header field reaches zero or the request grows too big. Solutions is easy: make sure that domain matching is correctly configured. A quick way to achieve that is to introduce a config option to ser.cfg: alias=domainname, where domainname shall be replaced with name of domain, which you wish to server and which appears in request-URIs.