diff --git a/doc/ProvisionerDoc.md b/doc/ProvisionerDoc.md index 885391e..a740d22 100644 --- a/doc/ProvisionerDoc.md +++ b/doc/ProvisionerDoc.md @@ -245,17 +245,25 @@ to or from your SIP and RADIUS servers. SIP servers are defined using the sipservers option. Each SIP server that you have in your network should be included as a list item within the 'sipservers' option. Failure to configure SIP servers will prevent OpenLI from -performing any VOIP intercepts. A SIP server is configured using two parameters: +performing any VOIP intercepts. A SIP server is configured using the +following parameters: * ip -- the IP address of the SIP server -* port -- the port that the SIP server is listening on. +* port_lower -- the lowest port number that the SIP server is listening on. +* port_upper -- the highest port number that the SIP server is listening on. RADIUS servers are defined using the 'radiusservers' option. The configuration works much the same as for SIP, except that most RADIUS deployments will need -TWO server entries: one for the auth service and one for the accounting service, -as these are usually listening on different ports. A RADIUS server entry is -configured using two parameters: +to ensure that their port range covers both the auth service and the accounting +service, as these are usually listening on different ports. A RADIUS server +entry is configured using the same parameters as a SIP server, i.e.: * ip -- the IP address of the RADIUS server -* port -- the port that the RADIUS server is communicating on. +* port_lower -- the lowest port number that the RADIUS server is listening on. +* port_upper -- the highest port number that the RADIUS server is listening on. + +For SIP and RADIUS servers that are only listening on a single port, you may +choose to omit `port_lower` and `port_upper` and instead provide the following +parameter: +* port -- the single port that the server is listening on. ### Email Servers diff --git a/doc/exampleconfigs/running-intercept-example.yaml b/doc/exampleconfigs/running-intercept-example.yaml index 0ac50b5..83f77be 100644 --- a/doc/exampleconfigs/running-intercept-example.yaml +++ b/doc/exampleconfigs/running-intercept-example.yaml @@ -13,19 +13,23 @@ # List of SIP servers on our network (for managing VOIP intercepts) sipservers: + + # This server is listening on a single port -- we could have used the + # 'port' parameter instead, but I want to demonstrate how port_lower and + # port_upper would look for a single port configuration. - ip: 192.168.110.100 - port: 5060 + port_lower: 5060 + port_upper: 5060 # List of RADIUS servers on our network (for managing IP intercepts). -# NOTE: we have two entries with the same IP -- one for the Auth service -# on port 1812 and one for the Accounting service on port 1813. +# NOTE: the port range below must cover the listening ports for both the +# Authentication and Accounting services. # NOTE: make sure you are mirroring ALL RADIUS traffic into your collector(s), # even the Accounting-Response records as these are necessary for ETSI LI. radiusservers: - ip: 10.199.0.253 - port: 1812 - - ip: 10.199.0.253 - port: 1813 + port_lower: 1812 + port_upper: 1813 # List of GTP servers on our network (for managing mobile IP intercepts) gtpservers: