Skip to main content
Version: 0.9.14

TelPro service operations

The TelPro service is the public-facing telephony gateway. It always runs Kamailio (SIP proxy) and RTPEngine (media proxy). When WebRTC is enabled, it also runs Janus (WebRTC gateway) and coturn (TURN server). Inbound SIP calls and WebRTC sessions arrive here and route to Voice instances for AI processing. Single instance, static IP.

Instance

Instance vCPU and RAM are in Provision instances. Delphi has validated the reference size (3 vCPU / 4 GB RAM) at ~1000 concurrent calls on a single TelPro instance.

FieldValue
NetworkPublic static IP + private network
ScalableNo — single instance

Containers

Rows marked webrtc are present only when the webrtc flag is enabled. SIP-only deployments can leave the Janus, TURN, and TURN-relay firewall ports closed.

ContainerBasePort(s)Purpose
voiceai-telproKamailio 6.1.1-bookworm (ghcr.io/kamailio/kamailio)5060 UDP/TCP · 5061 TLSSIP signaling
voiceai-rtpengineRTPEngine 26.0 (dfx.at channel)22222/UDP ng · 20000–40000/UDP RTPMedia proxy
voiceai-webrtcJanus v1.3.3 (built from source)JANUS_WS_PORT (default 443) WSS · 10000–12000/UDP RTPWebRTC gateway (webrtc)
voiceai-turncoturn/coturn:4.6.23478 / 5349 · 49152–51152/UDP relayTURN server (webrtc)
log-to-spanalpine:3.19 + Go binaryStructured-log → OTLP spans for Kamailio / RTPEngine / Janus
voiceai-otel-collectorotel/opentelemetry-collector-contrib:0.154.0Telemetry collector
Where versions come from

The Kamailio, Janus, and RTPEngine versions are pinned in the image source under .docker/voiceai-{telpro,webrtc,rtpengine}/Dockerfile; coturn and the OTel collector are pinned in .infrastructure/services/telpro/docker-compose.yml. See Version sources.

WebRTC image notes

voiceai-webrtc is the Janus Gateway container that ships with the TelPro service when the webrtc flag is on:

  • Image — pulled from ECR as ${ECR_REGISTRY}/voiceai-webrtc:${ECR_TAG} like the rest of the Delphi images.
  • Runtime — Janus v1.3.3 built from source with the SIP plugin enabled.
  • TLS material — mounts /opt/services/telpro/tls/server.{crt,key}, shared with Kamailio.
  • Signaling path — exposes WSS on JANUS_WS_PORT and connects outbound to Kamailio through the Janus SIP plugin.

Firewall

Base SIP deployments need TCP 22/80/5060/5061, UDP 5060, and UDP 20000–40000 for RTPEngine media. When webrtc is enabled, also open TCP 443 for Janus WSS, UDP 10000–12000 for Janus RTP, TCP/UDP 3478/5349 for TURN, and UDP 49152–51152 for TURN relay. These WebRTC-only TelPro rules are this release's only feature-flagged public port requirements.

SIP signaling

TelPro is the SIP edge — Kamailio terminates the carrier/WebRTC hop, anchors RTP through RTPEngine, and dispatches to Voice. Voice owns Asterisk channel state and TelPhi conversation logic; TelPro owns reachability, egress pools, and carrier-facing headers.

For which SIP methods and response codes are logged, capture points, PRACK/CANCEL/481 behaviour, and SigNoz / Debug ladder queries, use the dedicated SIP signaling reference.

Quick routing scenarios:

ScenarioTelPro roleFirst debug step
Inbound to a base numberMatch trunk, pick Voice from Redis, relay INVITEDebug ladder + SMEMBERS voiceai:telsys:server_ips
No Voice targetReject INVITE before TelSysKamailio dispatcher / Voice heartbeats
Outbound transferEgress pool + header allowlistsLadder telpro_egress_to_outside + TelPhi action logs
Carrier errorRelay upstream code when possibleLadder on telpro_ingress_from_outside

See also