Scribd
Upload
135 views1 page

SEMS Configuration - Yeti Documentation

The document describes the configuration file format for SEMS, the signaling and media server component of Yeti-Switch. Key sections include general settings, signaling interfaces, media interfaces, and modules. General settings cover node ID, logging levels, and threading. Signaling interfaces define SIP transport listeners and ACLs. Media interfaces and modules configure codec support.

Uploaded by

kvz62s8nbd
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
135 views1 page

SEMS Configuration - Yeti Documentation

The document describes the configuration file format for SEMS, the signaling and media server component of Yeti-Switch. Key sections include general settings, signaling interfaces, media interfaces, and modules. General settings cover node ID, logging levels, and threading. Signaling interfaces define SIP transport listeners and ACLs. Media interfaces and modules configure codec support.

Uploaded by

kvz62s8nbd
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

$ Yeti

Docs » SEMS Documentation » SEMS configuration View page source


Search docs

General information
Yeti-Switch is developed in Ukraine
ADMINISTRATION It is not intended to be used in Russia or by companies paying taxes to russian budget
Base system installation

Call trace storage configuration

CDR export configuration

LDAP Authentication
SEMS configuration
Invoice PDF generation
Yeti uses modified SEMS that has other configuration file format than mainstream version Configuration located at /etc/sems/[Link].
Yeti CLI utility

Customer Portal Section general "


Monitoring
Section general contains some global daemon parameters:
Databases performance tuning

Data retention general section example¶


OPERATION general {
node_id = 8
Admin WEB interface and routing logic
daemon = yes
Guideline on Quick start of Yeti stderr = no
syslog_loglevel = 2
Internal disconnect codes syslog_facility = LOCAL0
Headers filtering
shutdown_mode {
Best practices code = 508
reason = "Node in shutdown mode"
API DOCUMENTATION allow_uac = true
}
Customer API
#~ pcap_upload_queue = pcap
Administration API
media_processor_threads = 1
SEMS AND INTERNALS COMPONENTS session_processor_threads = 1
rtp_receiver_threads=
=1
% SEMS Documentation
sip_udp_server_threads = 1
% SEMS configuration sip_tcp_server_threads = 1

Section general dead_rtp_time=


=30

Section signaling-interfaces
max_shutdown_time = 10
Section media-interfaces max_forwards = 70

Section modules session_limit {


limit = 4000
Section routing
code = 509
Module yeti reason = "Node overloaded"
}
Module prometheus_exporter

Module opus enable_srtp = yes


enable_zrtp = yes
Module gsm }

Module ilbc

Module l16 node_id


Module g722
Unique node identifier. Value should be unique across cluster.
Module g729bcg

Module di_log daemon

Module wav To daemonize SEMS or not


Module mp3
stderr
Module jsonrpc
Enable logging to stderr. Usable for debug purposes.

syslog_loglevel

Logs level for syslog log destination.

syslog_facility

Syslog facility value

shutdown_mode

Subsection to define behavior in shutdown mode

shutdown_mode->code

SIP error code for new initial INVITES in shutdown mode

shutdown_mode->reason

SIP error reason for new initial INVITES in shutdown mode

shutdown_mode->allow_uac

Allow new LegB creation in shutdown mode.

pcap_upload_queue

TODO

media_processor_threads

TODO

session_processor_threads

TODO

sip_udp_server_threads

TODO

sip_tcp_server_threads

TODO

dead_rtp_time

TODO

Section signaling-interfaces
signaling-interfaces configuration example¶
signaling--interfaces {
interface input {
default
default- -media--interface = input
ip4 {
sip-
-udp {
address = [Link]
port = 5061
use-
-raw--sockets = off
origination--acl {
whitelist = { [Link]/ /24 }
method = drop
}
register
register- -acl {
whitelist = { [Link]/ /24 }
method = drop
}
}
sip-
-tcp {
address = [Link]
port = 5061
connect--timeout = 2000
static
static- -client-
-port = on
idle--timeout=
=900000
use-
-raw--sockets = off
origination--acl {
whitelist = { [Link]/ /24 }
method = drop
}
register
register- -acl {
whitelist = { [Link]/ /24 }
method = drop
}
}
sip-
-tls {
address = [Link]
port = 5061
static
static- -client-
-port = on
connect--timeout = 2000
idle--timeout = 900000
client {
protocols = { TLSv1, TLSv1.1, TLSv1.2 }
certificate = / etc/
/sems//ssl/
/[Link]- -switch
[Link].crt_bundle
certificate_key = / etc//sems/
/ssl//[Link]--switch
[Link].pkcs8
verify_certificate_chain = false
verify_certificate_cn = false
}
server {
protocols = { TLSv1, TLSv1.1, TLSv1.2 }
certificate = / etc/
/sems//ssl/
/[Link]- -switch
[Link].crt_bundle
certificate_key = / etc//sems/
/ssl//[Link]--switch
[Link].pkcs8
ciphers = {ChaCha20Poly1305, AES-256/ /GCM, AES-128/
/GCM, AES-256/
/CCM, AES-128/
/CCM, AES-256, AES-128}
macs = {AEAD, SHA-256, SHA-384, SHA-1}
verify_client_certificate = false
require_client_certificate = false
}
}
}
ip6 {
sip-
-udp {
address = 2001::67c:
:1324: :101::
::24
port = 5061
use-
-raw--sockets = off
origination--acl {
whitelist = { 2001::67c::1324:
:101::/
::/64 }
method = drop
}
register
register- -acl {
whitelist = { 2001::67c::1324:
:101::/
::/64 }
method = drop
}
}
sip-
-tcp {
address = 2001::67c:
:1324: :101::
::24
port = 5061
connect--timeout = 2000
static
static- -client-
-port = on
idle--timeout=
=900000
use-
-raw--sockets = off
origination--acl {
whitelist = { 2001::67c::1324:
:101::/
::/64 }
method = drop
}
register
register- -acl {
whitelist = { 2001::67c::1324:
:101::/
::/64 }
method = drop
}
}
sip-
-tls {
address = 2001::67c:
:1324: :101::
::24
port = 5061
static
static- -client-
-port = on
connect--timeout = 2000
idle--timeout = 900000
client {
protocols = { TLSv1, TLSv1.1, TLSv1.2 }
certificate = / etc/
/sems//ssl/
/[Link]- -switch
[Link].crt_bundle
certificate_key = / etc//sems/
/ssl//[Link]--switch
[Link].pkcs8
verify_certificate_chain = false
verify_certificate_cn = false
}
server {
protocols = { TLSv1, TLSv1.1, TLSv1.2 }
certificate = / etc/
/sems//ssl/
/[Link]- -switch
[Link].crt_bundle
certificate_key = / etc//sems/
/ssl//[Link]--switch
[Link].pkcs8
ciphers = {ChaCha20Poly1305, AES-256/ /GCM, AES-128/
/GCM, AES-256/
/CCM, AES-128/
/CCM, AES-256, AES-128}
macs = {AEAD, SHA-256, SHA-384, SHA-1}
verify_client_certificate = false
require_client_certificate = false
}
}
}
}
}

Section media-interfaces
media-interfaces configuration example¶
media--interfaces {
interface intern {
ip4 {
rtp {
address = 2001::67c:
:1324::101::
::24
low-
-port = 16383
high--port = 32767
dscp = 46
use-
-raw--sockets = off
srtp {
enable_srtp=
=yes
sdes {
profiles = { AES_256_CM_HMAC_SHA1_80, AES_256_CM_HMAC_SHA1_32, AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32 }
}
dtls {
client {
protocols = { DTLSv1, DTLSv1.2 }
certificate = / etc/
/sems//ssl/
/[Link]--switch
[Link].crt_bundle
certificate_key = / etc/
/sems//ssl/
/[Link]--switch
[Link].pkcs8
profiles = { AES_256_CM_HMAC_SHA1_80, AES_256_CM_HMAC_SHA1_32, AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32 }
verify_certificate_chain = false
verify_certificate_cn = false
}
server {
protocols = { DTLSv1, DTLSv1.2 }
certificate = / etc/
/sems//ssl/
/[Link]--switch
[Link].crt_bundle
certificate_key = / etc/
/sems//ssl/
/[Link]--switch
[Link].pkcs8
profiles = { AES_256_CM_HMAC_SHA1_80, AES_256_CM_HMAC_SHA1_32, AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32 }
ciphers = {ChaCha20Poly1305, AES-256/ /GCM, AES-128/
/GCM, AES-256/
/CCM, AES-128/
/CCM, AES-256, AES-128}
macs = {AEAD, SHA-256, SHA-384, SHA-1}
verify_client_certificate = false
require_client_certificate = false
}
}
}
}
}
ip6 {
rtp {
address = 2001::67c:
:1324::101::
::24
low-
-port = 16383
high--port = 32767
dscp = 46
use-
-raw--sockets = off
srtp {
enable_srtp=
=yes
sdes {
profiles = { AES_256_CM_HMAC_SHA1_80, AES_256_CM_HMAC_SHA1_32, AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32 }
}
dtls {
client {
protocols = { DTLSv1, DTLSv1.2 }
certificate = / etc/
/sems//ssl/
/[Link]--switch
[Link].crt_bundle
certificate_key = / etc/
/sems//ssl/
/[Link]--switch
[Link].pkcs8
profiles = { AES_256_CM_HMAC_SHA1_80, AES_256_CM_HMAC_SHA1_32, AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32 }
verify_certificate_chain = false
verify_certificate_cn = false
}
server {
protocols = { DTLSv1, DTLSv1.2 }
certificate = / etc/
/sems//ssl/
/[Link]--switch
[Link].crt_bundle
certificate_key = / etc/
/sems//ssl/
/[Link]--switch
[Link].pkcs8
profiles = { AES_256_CM_HMAC_SHA1_80, AES_256_CM_HMAC_SHA1_32, AES_CM_128_HMAC_SHA1_80, AES_CM_128_HMAC_SHA1_32 }
ciphers = {ChaCha20Poly1305, AES-256/ /GCM, AES-128/
/GCM, AES-256/
/CCM, AES-128/
/CCM, AES-256, AES-128}
macs = {AEAD, SHA-256, SHA-384, SHA-1}
verify_client_certificate = false
require_client_certificate = false
}
}
}
}
}
}
}

Section modules
Section modules describles which modules should be loaded. Module can optionally accept configuration.

modules configuration example¶


modules {
module "Module1" {
/* Module1 configuration */
}

module "Module2" {
/* Module2 configuration */
}
}

SEMS will lookup modules(.so binary libraries) at /usr/lib/sems/plug-in/ directory.

Section routing
SEMS is application server so it is possible to load multiple application at same time and route incoming requests/sessions based on some conditions. Routing section
allows to configure rules how to route incoming requests/dialogs.

routing configuration example¶


routing {
application = yeti
}

# Previous Next !

© Copyright [Link]. Last updated on Jan 12, 2024.


& Language English '

You might also like