Re: [SR-Users] Compressing SIP messages

[Alex Balashov]

On Mon, Apr 01, 2019 at 05:18:57PM +0200, Steve Davies wrote:

> Never quite got this.  UDP packets can be up to 64k, right?  And
> fragmentation is a standard IP feature if a packet is bigger than MTU
> size.

The issue is that the UDP header is only present in the first fragment. 

Some routers cannot deal with this intelligently, especially in concert
with NAT.

-- 
Alex Balashov | Principal | Evariste Systems LLC

Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) 
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

Well,

As suggested, i decided to go with a single ip address.
Thanks everyone!

Thanks to @Federico Cabiddu  i understood why
the ACK has no $du. This is because all record-routes have been consumed
because this is the final hop.

So no record-route, no $du. I have to use the ruri.

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 8:38 PM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> actually that's a good point, the default gateway.
> But, ven if i have 2 different IPs, those 2 would still have direct
> contact with the private IPs.
>
>
>
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Mon, Apr 1, 2019 at 8:27 PM Antony Stone <
> antony.st...@kamailio.open.source.it> wrote:
>
>> On Monday 01 April 2019 at 21:19:13, David Villasmil wrote:
>>
>> > point taken.
>> >
>> > But if i do have two separate interfaces, i would still have the same
>> > issue, wouldn't i?
>>
>> No, because (unless AWS works in some totally strange way that I can't
>> imagine
>> being the case) the two interfaces would have different IPs and different
>> routes, and only one would be your default route to the Internet (ie:
>> public
>> IP addresses).
>>
>> Then your "internal" machines would connect to the IP on an interface
>> which
>> only routes back to them and can't see the Internet, and public
>> connections
>> would come in to a different IP on another interface which can route back
>> to
>> them.
>>
>> Someone with personal familiarity with AWS systems may be able to inject
>> a
>> more definite answer here.
>>
>>
>> Antony.
>>
>> > On Mon, Apr 1, 2019 at 8:17 PM Antony Stone wrote:
>> > >
>> > > Do you prefer to ask "how can I make this strange networking setup
>> > > operate?"
>> > > or "how can I arrange my networking so that this service works?"
>>
>> --
>> There's a good theatrical performance about puns on in the West End.
>> It's a
>> play on words.
>>
>>Please reply to the
>> list;
>>  please *don't*
>> CC me.
>>
>> ___
>> Kamailio (SER) - Users Mailing List
>> sr-users@lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK [solved]

[David Villasmil]

Well,

As suggested, i decided to go with a single ip address.
Thanks everyone!

Thanks to @Federico Cabiddu  i understood why
the ACK has no $du. This is because all record-routes have been consumed
because this is the final hop.

So no record-route, no $du. I have to use the ruri.

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 9:01 PM Antony Stone <
antony.st...@kamailio.open.source.it> wrote:

> On Monday 01 April 2019 at 21:51:13, David Villasmil wrote:
>
> > They're not, they're in the same subnet. At least on my tests.
>
> In that case I can only wonder why AWS works like this.
>
> I think I've run out of networking-based suggestions to fulfilling your
> requirements.
>
>
> Antony.
>
> > On Mon, Apr 1, 2019 at 8:47 PM Antony Stone wrote:
> > >
> > > No, because (again, unless AWS works in some totally strange way that I
> > > can't imagine being the case) those two private IPs would be in
> different
> > > subnets, so only one is locally addressable by the other privately
> > > addressed machines.
>
> --
> "Can you keep a secret?"
> "Well, I shouldn't really tell you this, but... no."
>
>
>Please reply to the
> list;
>  please *don't* CC
> me.
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Antony Stone]

On Monday 01 April 2019 at 21:51:13, David Villasmil wrote:

> They're not, they're in the same subnet. At least on my tests.

In that case I can only wonder why AWS works like this.

I think I've run out of networking-based suggestions to fulfilling your 
requirements.


Antony.

> On Mon, Apr 1, 2019 at 8:47 PM Antony Stone wrote:
> > 
> > No, because (again, unless AWS works in some totally strange way that I
> > can't imagine being the case) those two private IPs would be in different
> > subnets, so only one is locally addressable by the other privately
> > addressed machines.

-- 
"Can you keep a secret?"
"Well, I shouldn't really tell you this, but... no."


   Please reply to the list;
 please *don't* CC me.

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

They're not, they're in the same subnet. At least on my tests.
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 8:47 PM Antony Stone <
antony.st...@kamailio.open.source.it> wrote:

> On Monday 01 April 2019 at 21:38:21, David Villasmil wrote:
>
> > actually that's a good point, the default gateway.
> > But, ven if i have 2 different IPs, those 2 would still have direct
> contact
> > with the private IPs.
>
> No, because (again, unless AWS works in some totally strange way that I
> can't
> imagine being the case) those two private IPs would be in different
> subnets, so
> only one is locally addressable by the other privately addressed machines.
>
> Antony.
>
> --
> The Royal Society for the Prevention of Cruelty to Animals was formed in
> 1824.
> The National Society for the Prevention of Cruelty to Children was not
> formed
> until 1884.
> That says something about the British.
>
>Please reply to the
> list;
>  please *don't* CC
> me.
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Antony Stone]

On Monday 01 April 2019 at 21:38:21, David Villasmil wrote:

> actually that's a good point, the default gateway.
> But, ven if i have 2 different IPs, those 2 would still have direct contact
> with the private IPs.

No, because (again, unless AWS works in some totally strange way that I can't 
imagine being the case) those two private IPs would be in different subnets, so 
only one is locally addressable by the other privately addressed machines.

Antony.

-- 
The Royal Society for the Prevention of Cruelty to Animals was formed in 1824.
The National Society for the Prevention of Cruelty to Children was not formed 
until 1884.
That says something about the British.

   Please reply to the list;
 please *don't* CC me.

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

actually that's a good point, the default gateway.
But, ven if i have 2 different IPs, those 2 would still have direct contact
with the private IPs.



Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 8:27 PM Antony Stone <
antony.st...@kamailio.open.source.it> wrote:

> On Monday 01 April 2019 at 21:19:13, David Villasmil wrote:
>
> > point taken.
> >
> > But if i do have two separate interfaces, i would still have the same
> > issue, wouldn't i?
>
> No, because (unless AWS works in some totally strange way that I can't
> imagine
> being the case) the two interfaces would have different IPs and different
> routes, and only one would be your default route to the Internet (ie:
> public
> IP addresses).
>
> Then your "internal" machines would connect to the IP on an interface
> which
> only routes back to them and can't see the Internet, and public
> connections
> would come in to a different IP on another interface which can route back
> to
> them.
>
> Someone with personal familiarity with AWS systems may be able to inject a
> more definite answer here.
>
>
> Antony.
>
> > On Mon, Apr 1, 2019 at 8:17 PM Antony Stone wrote:
> > >
> > > Do you prefer to ask "how can I make this strange networking setup
> > > operate?"
> > > or "how can I arrange my networking so that this service works?"
>
> --
> There's a good theatrical performance about puns on in the West End.  It's
> a
> play on words.
>
>Please reply to the
> list;
>  please *don't* CC
> me.
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Fred Posner]

The way I've always done this for things like AWS or natted is to use 
one ip/port and advertise the external address and then if I have 
another ip use that for internal... if I only have one IP, use a 
different port.


Example 1:

listen=udp:192.168.25.31:5060 advertise 1.2.3.4:5060 #-- Public Socket
listen=udp:192.168.25.33:5060 #-- Private Socket

Example 2:

listen=udp:192.168.25.31:5060 advertise 1.2.3.4:5060 #-- Public Socket
listen=udp:192.168.25.31:5080 #-- Private Socket

Fred Posner
f...@qxork.com
https://qxork.com
Direct/SMS: +1 (224) 334-3733
Direct/SMS: +1 (336) 439-3733

Need Fred? Call Fred. 336-HEY-FRED
Matrix: @fred:matrix.lod.com

On 4/1/19 3:26 PM, Antony Stone wrote:

On Monday 01 April 2019 at 21:19:13, David Villasmil wrote:


point taken.

But if i do have two separate interfaces, i would still have the same
issue, wouldn't i?


No, because (unless AWS works in some totally strange way that I can't imagine
being the case) the two interfaces would have different IPs and different
routes, and only one would be your default route to the Internet (ie: public
IP addresses).

Then your "internal" machines would connect to the IP on an interface which
only routes back to them and can't see the Internet, and public connections
would come in to a different IP on another interface which can route back to
them.

Someone with personal familiarity with AWS systems may be able to inject a
more definite answer here.


Antony.


On Mon, Apr 1, 2019 at 8:17 PM Antony Stone wrote:


Do you prefer to ask "how can I make this strange networking setup
operate?"
or "how can I arrange my networking so that this service works?"




___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Antony Stone]

On Monday 01 April 2019 at 21:19:13, David Villasmil wrote:

> point taken.
> 
> But if i do have two separate interfaces, i would still have the same
> issue, wouldn't i?

No, because (unless AWS works in some totally strange way that I can't imagine 
being the case) the two interfaces would have different IPs and different 
routes, and only one would be your default route to the Internet (ie: public 
IP addresses).

Then your "internal" machines would connect to the IP on an interface which 
only routes back to them and can't see the Internet, and public connections 
would come in to a different IP on another interface which can route back to 
them.

Someone with personal familiarity with AWS systems may be able to inject a 
more definite answer here.


Antony.

> On Mon, Apr 1, 2019 at 8:17 PM Antony Stone wrote:
> > 
> > Do you prefer to ask "how can I make this strange networking setup
> > operate?"
> > or "how can I arrange my networking so that this service works?"

-- 
There's a good theatrical performance about puns on in the West End.  It's a 
play on words.

   Please reply to the list;
 please *don't* CC me.

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

point taken.

But if i do have two separate interfaces, i would still have the same
issue, wouldn't i?


Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 8:17 PM Antony Stone <
antony.st...@kamailio.open.source.it> wrote:

> On Monday 01 April 2019 at 21:07:59, David Villasmil wrote:
>
> > Hello Antony,
> >
> > I suppose i could, but i don't much like the thought. I would like to
> have
> > totally separate IP/port combination.
>
> Okay.
>
> > And, in any case, it wouldn't really answer the question, right?
>
> No, but it might not be the right question to ask :)
>
> Do you prefer to ask "how can I make this strange networking setup
> operate?"
> or "how can I arrange my networking so that this service works?"
>
>
> Antony.
>
> > On Mon, Apr 1, 2019 at 8:03 PM Antony Stone wrote:
> > >
> > > Can't you use a single (private) IP and a single port number, but
> provide
> > > different services based on the peer's IP address (private or public)?
>
> --
> How I want a drink, alcoholic of course, after the heavy chapters
> involving
> quantum mechanics.
>
>  - mnemonic for 3.14159265358979
>
>Please reply to the
> list;
>  please *don't* CC
> me.
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Antony Stone]

On Monday 01 April 2019 at 21:07:59, David Villasmil wrote:

> Hello Antony,
> 
> I suppose i could, but i don't much like the thought. I would like to have
> totally separate IP/port combination.

Okay.

> And, in any case, it wouldn't really answer the question, right?

No, but it might not be the right question to ask :)

Do you prefer to ask "how can I make this strange networking setup operate?" 
or "how can I arrange my networking so that this service works?"


Antony.

> On Mon, Apr 1, 2019 at 8:03 PM Antony Stone wrote:
> > 
> > Can't you use a single (private) IP and a single port number, but provide
> > different services based on the peer's IP address (private or public)?

-- 
How I want a drink, alcoholic of course, after the heavy chapters involving 
quantum mechanics.

 - mnemonic for 3.14159265358979

   Please reply to the list;
 please *don't* CC me.

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

Hello Antony,

I suppose i could, but i don't much like the thought. I would like to have
totally separate IP/port combination.
And, in any case, it wouldn't really answer the question, right?

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 8:03 PM Antony Stone <
antony.st...@kamailio.open.source.it> wrote:

> On Monday 01 April 2019 at 20:50:46, David Villasmil wrote:
>
> > This is an AWS instance. And i want to segregate public from private.
> > AWS does not provide actual public IPs on the instances themselves, so on
> > the same interface:
> >
> > 5060 will serve public requests.
> > 5066 will server private requests.
> >
> > The firewall will only allow public traffic to port 5060 while blocking
> > 5066.
> > Only internal ips will be allowed to 5066.
>
> Can't you use a single (private) IP and a single port number, but provide
> different services based on the peer's IP address (private or public)?
>
>
> Antony.
>
> > On Mon, Apr 1, 2019 at 7:35 PM Antony Stone wrote:
> > >
> > > What is the purpose of this rather odd networking setup?
>
> --
> The Magic Words are Squeamish Ossifrage.
>
>Please reply to the
> list;
>  please *don't* CC
> me.
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Mauricio Tejeda]

Hello

Check your reply_route.

An example I use with public and private interfaces and mhomed=1


onreply_route[MANAGE_REPLY] {
xdbg("incoming reply\n");
if(t_check_status("(180|183|200)")){
fix_nated_contact();
}


El lun., 1 de abr. de 2019 12:38 p. m., David Villasmil <
david.villasmil.w...@gmail.com> escribió:

> Hello guys,
> I have public and private IPs, and i need to force the sending socket
> replying to internal out externals endpoint, so i'm using this:
>
> function to check the destination (i tried using $sndto(ip) but it always
> returns NULL):
>
> route[CHECK_DEST_NET] {
> if ( $du=~"sip:172\..*" ) {
> setflag(FLAG_TO_PRIVATE);
> xlog("L_ERR", "[CHECK_SOURCE] Packet going to PRIVATE -> [$du]\n" );
> } else {
> setflag(FLAG_TO_PUBLIC);
> xlog("L_ERR", "[CHECK_SOURCE] Packet going to PUBLIC -> [$du]\n" );
> }
>
> return;
> }
>
> on my relay:
>
> route(CHECK_DEST_NET);
>
> if (isflagset(FLAG_TO_PRIVATE)) {
> xlog("L_ERR", "[RELAY] forcing socket to PRIVATE NET\n" );
> force_send_socket(LISTEN_INSIDE_IF:LISTEN_INSIDE_PORT);
> } else {
> xlog("L_ERR", "[RELAY] forcing socket to PUBLIC NET\n" );
> force_send_socket(LISTEN_OUTSIDE_IF:LISTEN_OUTSIDE_PORT);
> }
>
>
> This works nicely, except for ACKs and potentially other packets sent
> statelessly?
>
> Anyone knows how to fix this?
>
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Antony Stone]

On Monday 01 April 2019 at 20:50:46, David Villasmil wrote:

> This is an AWS instance. And i want to segregate public from private.
> AWS does not provide actual public IPs on the instances themselves, so on
> the same interface:
> 
> 5060 will serve public requests.
> 5066 will server private requests.
> 
> The firewall will only allow public traffic to port 5060 while blocking
> 5066.
> Only internal ips will be allowed to 5066.

Can't you use a single (private) IP and a single port number, but provide 
different services based on the peer's IP address (private or public)?


Antony.

> On Mon, Apr 1, 2019 at 7:35 PM Antony Stone wrote:
> > 
> > What is the purpose of this rather odd networking setup?

-- 
The Magic Words are Squeamish Ossifrage.

   Please reply to the list;
 please *don't* CC me.

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

I think i see what's happening, ACK is going through the REALY route, but
at that point it does NOT have a$du (and $sndto(ip) is null)

note: all those ERROR is juts me logging.

ERROR: 

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

This is an AWS instance. And i want to segregate public from private.
AWS does not provide actual public IPs on the instances themselves, so on
the same interface:

5060 will serve public requests.
5066 will server private requests.

The firewall will only allow public traffic to port 5060 while blocking
5066.
Only internal ips will be allowed to 5066.

David

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 7:35 PM Antony Stone <
antony.st...@kamailio.open.source.it> wrote:

> On Monday 01 April 2019 at 20:29:22, David Villasmil wrote:
>
> > Sergiu,
> >
> > I don't think mhomed will help in this case, since both sockets are able
> to
> > reach the endpoint. They are both on the same subnet.
>
> Why?
>
> What is the purpose of this rather odd networking setup?
>
>
> Antony
>
> --
> "It would appear we have reached the limits of what it is possible to
> achieve
> with computer technology, although one should be careful with such
> statements;
> they tend to sound pretty silly in five years."
>
>  - John von Neumann (1949)
>
>Please reply to the
> list;
>  please *don't* CC
> me.
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Antony Stone]

On Monday 01 April 2019 at 20:29:22, David Villasmil wrote:

> Sergiu,
> 
> I don't think mhomed will help in this case, since both sockets are able to
> reach the endpoint. They are both on the same subnet.

Why?

What is the purpose of this rather odd networking setup?


Antony

-- 
"It would appear we have reached the limits of what it is possible to achieve 
with computer technology, although one should be careful with such statements; 
they tend to sound pretty silly in five years."

 - John von Neumann (1949)

   Please reply to the list;
 please *don't* CC me.

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

Sergiu,

I don't think mhomed will help in this case, since both sockets are able to
reach the endpoint. They are both on the same subnet.

listen=udp:172.31.69.53:5060 advertuse PUBLIC:5060
listen=udp:172.31.69.53:5066

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 7:23 PM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> Thanks Sergiu,
>
> yep, mhomed=1 is there
>
> But it's still failing to select the right socket
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Mon, Apr 1, 2019 at 7:19 PM Sergiu Pojoga  wrote:
>
>> Have you tried proposed suggestions?
>>
>> On Mon, Apr 1, 2019, 2:12 PM David Villasmil, <
>> david.villasmil.w...@gmail.com> wrote:
>>
>>> Hello guys,
>>>
>>>
>>> this is my scenario, as you see, the public-facing ip is using port 5060
>>> while the internal 5066.
>>> All works ok (with force_socket), but when forwarding the ACK, kamailio
>>> uses the wrong ip (5060), when it should be using 5066.
>>>
>>>
>>> U PUBLIC:58031 -> 172.31.69.53:5060
>>> INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.
>>>
>>> U 172.31.69.53:5060 -> PUBLIC:58031
>>> SIP/2.0 100 trying -- your call is important to us.
>>>
>>> U 172.31.69.53:5066 -> 172.31.65.238:5080
>>> INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.
>>>
>>> U 172.31.65.238:5080 -> 172.31.69.53:5066
>>> SIP/2.0 100 Trying.
>>>
>>> U 172.31.65.238:5080 -> 172.31.69.53:5066
>>> SIP/2.0 200 OK.
>>>
>>> U 172.31.69.53:5060 -> PUBLIC:58031
>>> SIP/2.0 200 OK.
>>>
>>> U PUBLIC:58031 -> 172.31.69.53:5060
>>> ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.
>>> BELOW*
>>>
>>> U 172.31.69.53:5060 -> 172.31.65.238:5080
>>> ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.
>>>
>>>
>>> Regards,
>>>
>>> David Villasmil
>>> email: david.villasmil.w...@gmail.com
>>> phone: +34669448337
>>>
>>>
>>> On Mon, Apr 1, 2019 at 7:08 PM Antony Stone <
>>> antony.st...@kamailio.open.source.it> wrote:
>>>
 On Monday 01 April 2019 at 17:37:45, David Villasmil wrote:

 > Hello guys,
 > I have public and private IPs, and i need to force the sending socket
 > replying to internal out externals endpoint

 > This works nicely, except for ACKs and potentially other packets sent
 > statelessly?
 >
 > Anyone knows how to fix this?

 Have you tried something like:

 ip rule add from int.ernal.ip.addr lookup mytable
 ip route add default dev external_interface_device table mytable

 echo "234 mytable" >>/etc/iproute2/rt_tables


 Antony.

 --
 3 logicians walk into a bar. The bartender asks "Do you all want a
 drink?"
 The first logician says "I don't know."
 The second logician says "I don't know."
 The third logician says "Yes!"

Please reply to the
 list;
  please *don't*
 CC me.

 ___
 Kamailio (SER) - Users Mailing List
 sr-users@lists.kamailio.org
 https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

>>> ___
>>> Kamailio (SER) - Users Mailing List
>>> sr-users@lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> ___
>> Kamailio (SER) - Users Mailing List
>> sr-users@lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Sergiu Pojoga]

I suppose you've also defined your `listen=` list?

On Mon, Apr 1, 2019 at 2:25 PM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> Thanks Sergiu,
>
> yep, mhomed=1 is there
>
> But it's still failing to select the right socket
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Mon, Apr 1, 2019 at 7:19 PM Sergiu Pojoga  wrote:
>
>> Have you tried proposed suggestions?
>>
>> On Mon, Apr 1, 2019, 2:12 PM David Villasmil, <
>> david.villasmil.w...@gmail.com> wrote:
>>
>>> Hello guys,
>>>
>>>
>>> this is my scenario, as you see, the public-facing ip is using port 5060
>>> while the internal 5066.
>>> All works ok (with force_socket), but when forwarding the ACK, kamailio
>>> uses the wrong ip (5060), when it should be using 5066.
>>>
>>>
>>> U PUBLIC:58031 -> 172.31.69.53:5060
>>> INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.
>>>
>>> U 172.31.69.53:5060 -> PUBLIC:58031
>>> SIP/2.0 100 trying -- your call is important to us.
>>>
>>> U 172.31.69.53:5066 -> 172.31.65.238:5080
>>> INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.
>>>
>>> U 172.31.65.238:5080 -> 172.31.69.53:5066
>>> SIP/2.0 100 Trying.
>>>
>>> U 172.31.65.238:5080 -> 172.31.69.53:5066
>>> SIP/2.0 200 OK.
>>>
>>> U 172.31.69.53:5060 -> PUBLIC:58031
>>> SIP/2.0 200 OK.
>>>
>>> U PUBLIC:58031 -> 172.31.69.53:5060
>>> ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.
>>> BELOW*
>>>
>>> U 172.31.69.53:5060 -> 172.31.65.238:5080
>>> ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.
>>>
>>>
>>> Regards,
>>>
>>> David Villasmil
>>> email: david.villasmil.w...@gmail.com
>>> phone: +34669448337
>>>
>>>
>>> On Mon, Apr 1, 2019 at 7:08 PM Antony Stone <
>>> antony.st...@kamailio.open.source.it> wrote:
>>>
 On Monday 01 April 2019 at 17:37:45, David Villasmil wrote:

 > Hello guys,
 > I have public and private IPs, and i need to force the sending socket
 > replying to internal out externals endpoint

 > This works nicely, except for ACKs and potentially other packets sent
 > statelessly?
 >
 > Anyone knows how to fix this?

 Have you tried something like:

 ip rule add from int.ernal.ip.addr lookup mytable
 ip route add default dev external_interface_device table mytable

 echo "234 mytable" >>/etc/iproute2/rt_tables


 Antony.

 --
 3 logicians walk into a bar. The bartender asks "Do you all want a
 drink?"
 The first logician says "I don't know."
 The second logician says "I don't know."
 The third logician says "Yes!"

Please reply to the
 list;
  please *don't*
 CC me.

 ___
 Kamailio (SER) - Users Mailing List
 sr-users@lists.kamailio.org
 https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

>>> ___
>>> Kamailio (SER) - Users Mailing List
>>> sr-users@lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> ___
>> Kamailio (SER) - Users Mailing List
>> sr-users@lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

Thanks Sergiu,

yep, mhomed=1 is there

But it's still failing to select the right socket
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 7:19 PM Sergiu Pojoga  wrote:

> Have you tried proposed suggestions?
>
> On Mon, Apr 1, 2019, 2:12 PM David Villasmil, <
> david.villasmil.w...@gmail.com> wrote:
>
>> Hello guys,
>>
>>
>> this is my scenario, as you see, the public-facing ip is using port 5060
>> while the internal 5066.
>> All works ok (with force_socket), but when forwarding the ACK, kamailio
>> uses the wrong ip (5060), when it should be using 5066.
>>
>>
>> U PUBLIC:58031 -> 172.31.69.53:5060
>> INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.
>>
>> U 172.31.69.53:5060 -> PUBLIC:58031
>> SIP/2.0 100 trying -- your call is important to us.
>>
>> U 172.31.69.53:5066 -> 172.31.65.238:5080
>> INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.
>>
>> U 172.31.65.238:5080 -> 172.31.69.53:5066
>> SIP/2.0 100 Trying.
>>
>> U 172.31.65.238:5080 -> 172.31.69.53:5066
>> SIP/2.0 200 OK.
>>
>> U 172.31.69.53:5060 -> PUBLIC:58031
>> SIP/2.0 200 OK.
>>
>> U PUBLIC:58031 -> 172.31.69.53:5060
>> ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.
>> BELOW*
>>
>> U 172.31.69.53:5060 -> 172.31.65.238:5080
>> ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.
>>
>>
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.w...@gmail.com
>> phone: +34669448337
>>
>>
>> On Mon, Apr 1, 2019 at 7:08 PM Antony Stone <
>> antony.st...@kamailio.open.source.it> wrote:
>>
>>> On Monday 01 April 2019 at 17:37:45, David Villasmil wrote:
>>>
>>> > Hello guys,
>>> > I have public and private IPs, and i need to force the sending socket
>>> > replying to internal out externals endpoint
>>>
>>> > This works nicely, except for ACKs and potentially other packets sent
>>> > statelessly?
>>> >
>>> > Anyone knows how to fix this?
>>>
>>> Have you tried something like:
>>>
>>> ip rule add from int.ernal.ip.addr lookup mytable
>>> ip route add default dev external_interface_device table mytable
>>>
>>> echo "234 mytable" >>/etc/iproute2/rt_tables
>>>
>>>
>>> Antony.
>>>
>>> --
>>> 3 logicians walk into a bar. The bartender asks "Do you all want a
>>> drink?"
>>> The first logician says "I don't know."
>>> The second logician says "I don't know."
>>> The third logician says "Yes!"
>>>
>>>Please reply to the
>>> list;
>>>  please *don't*
>>> CC me.
>>>
>>> ___
>>> Kamailio (SER) - Users Mailing List
>>> sr-users@lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> ___
>> Kamailio (SER) - Users Mailing List
>> sr-users@lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Sergiu Pojoga]

Have you tried proposed suggestions?

On Mon, Apr 1, 2019, 2:12 PM David Villasmil, <
david.villasmil.w...@gmail.com> wrote:

> Hello guys,
>
>
> this is my scenario, as you see, the public-facing ip is using port 5060
> while the internal 5066.
> All works ok (with force_socket), but when forwarding the ACK, kamailio
> uses the wrong ip (5060), when it should be using 5066.
>
>
> U PUBLIC:58031 -> 172.31.69.53:5060
> INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.
>
> U 172.31.69.53:5060 -> PUBLIC:58031
> SIP/2.0 100 trying -- your call is important to us.
>
> U 172.31.69.53:5066 -> 172.31.65.238:5080
> INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.
>
> U 172.31.65.238:5080 -> 172.31.69.53:5066
> SIP/2.0 100 Trying.
>
> U 172.31.65.238:5080 -> 172.31.69.53:5066
> SIP/2.0 200 OK.
>
> U 172.31.69.53:5060 -> PUBLIC:58031
> SIP/2.0 200 OK.
>
> U PUBLIC:58031 -> 172.31.69.53:5060
> ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.
> BELOW*
>
> U 172.31.69.53:5060 -> 172.31.65.238:5080
> ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.
>
>
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Mon, Apr 1, 2019 at 7:08 PM Antony Stone <
> antony.st...@kamailio.open.source.it> wrote:
>
>> On Monday 01 April 2019 at 17:37:45, David Villasmil wrote:
>>
>> > Hello guys,
>> > I have public and private IPs, and i need to force the sending socket
>> > replying to internal out externals endpoint
>>
>> > This works nicely, except for ACKs and potentially other packets sent
>> > statelessly?
>> >
>> > Anyone knows how to fix this?
>>
>> Have you tried something like:
>>
>> ip rule add from int.ernal.ip.addr lookup mytable
>> ip route add default dev external_interface_device table mytable
>>
>> echo "234 mytable" >>/etc/iproute2/rt_tables
>>
>>
>> Antony.
>>
>> --
>> 3 logicians walk into a bar. The bartender asks "Do you all want a drink?"
>> The first logician says "I don't know."
>> The second logician says "I don't know."
>> The third logician says "Yes!"
>>
>>Please reply to the
>> list;
>>  please *don't*
>> CC me.
>>
>> ___
>> Kamailio (SER) - Users Mailing List
>> sr-users@lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

Hello guys,


this is my scenario, as you see, the public-facing ip is using port 5060
while the internal 5066.
All works ok (with force_socket), but when forwarding the ACK, kamailio
uses the wrong ip (5060), when it should be using 5066.


U PUBLIC:58031 -> 172.31.69.53:5060
INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.

U 172.31.69.53:5060 -> PUBLIC:58031
SIP/2.0 100 trying -- your call is important to us.

U 172.31.69.53:5066 -> 172.31.65.238:5080
INVITE sip:*testc...@myserver.com;transport=UDP SIP/2.0.

U 172.31.65.238:5080 -> 172.31.69.53:5066
SIP/2.0 100 Trying.

U 172.31.65.238:5080 -> 172.31.69.53:5066
SIP/2.0 200 OK.

U 172.31.69.53:5060 -> PUBLIC:58031
SIP/2.0 200 OK.

U PUBLIC:58031 -> 172.31.69.53:5060
ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.
BELOW*

U 172.31.69.53:5060 -> 172.31.65.238:5080
ACK sip:*TESTCALL@172.31.65.238:5080;transport=udp SIP/2.0.


Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 7:08 PM Antony Stone <
antony.st...@kamailio.open.source.it> wrote:

> On Monday 01 April 2019 at 17:37:45, David Villasmil wrote:
>
> > Hello guys,
> > I have public and private IPs, and i need to force the sending socket
> > replying to internal out externals endpoint
>
> > This works nicely, except for ACKs and potentially other packets sent
> > statelessly?
> >
> > Anyone knows how to fix this?
>
> Have you tried something like:
>
> ip rule add from int.ernal.ip.addr lookup mytable
> ip route add default dev external_interface_device table mytable
>
> echo "234 mytable" >>/etc/iproute2/rt_tables
>
>
> Antony.
>
> --
> 3 logicians walk into a bar. The bartender asks "Do you all want a drink?"
> The first logician says "I don't know."
> The second logician says "I don't know."
> The third logician says "Yes!"
>
>Please reply to the
> list;
>  please *don't* CC
> me.
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Antony Stone]

On Monday 01 April 2019 at 17:37:45, David Villasmil wrote:

> Hello guys,
> I have public and private IPs, and i need to force the sending socket
> replying to internal out externals endpoint

> This works nicely, except for ACKs and potentially other packets sent
> statelessly?
> 
> Anyone knows how to fix this?

Have you tried something like:

ip rule add from int.ernal.ip.addr lookup mytable
ip route add default dev external_interface_device table mytable

echo "234 mytable" >>/etc/iproute2/rt_tables


Antony.

-- 
3 logicians walk into a bar. The bartender asks "Do you all want a drink?"
The first logician says "I don't know."
The second logician says "I don't know."
The third logician says "Yes!"

   Please reply to the list;
 please *don't* CC me.

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Rtpengine - no RTP packets going out

[Richard Fuchs]

On 01/04/2019 09.14, Istvan Mogyorosi wrote:

Dear all,

This is my first post after reading a lot in this mailing-list.
I'm trying to use Kamailio 5.1 with the dispatcher module and 
rtpengine acting as SIP + RTP proxy.
I have 6 asterisk servers in a private subnet that should talk with 
the peer via a single IP like this:


Asterisk 1..n|---> | GW.PRIVATE.IP -o- GW.PUBLIC.IP |> PEER.SIP.TRUNK

I'm on Centos 7, with firewalld configured, iptables module is loaded 
and the rule is well defined.

Packet forwarding is also enabled.

Chain rtpengine (1 references)
target prot opt source   destination
RTPENGINE  udp  --  anywhere anywhere RTPENGINE id:40

My call flow seems to be fine, Kamailio/rtpengine private IP is the 
outboundproxy parameter of Asterisk instances.


My problem is that RTP packets are not present on the public 
interface, the rtpengine final log showing
the 2 sessions, but I'm not sure this is what I want or simply the 
firewall does not let it out ?
(To be more precise PEER.SIP.TRUNK is the trunk for SIP traffic, I 
have multiple IP addresses

for media to connect to, reinvites are allowed)

Closing call due to timeout
Final packet stats:
--- Tag 'as6d12caea', created 1:00 ago for branch '', in dialogue with 
'as541b1e61'

-- Media #1 (audio over RTP/AVP) using unknown codec
- Port  GW.PRIVATE.IP:1 <> 192.168.30.13:11152, SSRC 0, 0 
p, 0 b, 0 e, 60 ts
- Port  GW.PRIVATE.IP:10001 <>   192.168.30.13:11153 (RTCP), 
SSRC 0, 0 p, 0 b, 0 e, 60 ts


--- Tag 'as541b1e61', created 1:00 ago for branch '', in dialogue with 
'as6d12caea'

-- Media #1 (audio over RTP/AVP) using unknown codec
- Port GW.PUBLIC.IP:1 <> PEER.SIP.TRUNK:28216, SSRC 0, 
0 p, 0 b, 0 e, 60 ts
- Port GW.PUBLIC.IP:10001 <> PEER.SIP.TRUNK:28217 (RTCP), 
SSRC 0, 0 p, 0 b, 0 e, 60 ts


These are all reception counters, so this is a problem of packets not 
being received. Having the iptables RTPENGINE rule installed does not 
automatically allow the packets to pass through your firewall. You have 
to do that separately.


Cheers


___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[Sergiu Pojoga]

mhomed=1

Kam will auto select the socket


On Mon, Apr 1, 2019 at 1:59 PM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> anyone? :)
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
>
> On Mon, Apr 1, 2019 at 4:37 PM David Villasmil <
> david.villasmil.w...@gmail.com> wrote:
>
>> Hello guys,
>> I have public and private IPs, and i need to force the sending socket
>> replying to internal out externals endpoint, so i'm using this:
>>
>> function to check the destination (i tried using $sndto(ip) but it always
>> returns NULL):
>>
>> route[CHECK_DEST_NET] {
>> if ( $du=~"sip:172\..*" ) {
>> setflag(FLAG_TO_PRIVATE);
>> xlog("L_ERR", "[CHECK_SOURCE] Packet going to PRIVATE -> [$du]\n" );
>> } else {
>> setflag(FLAG_TO_PUBLIC);
>> xlog("L_ERR", "[CHECK_SOURCE] Packet going to PUBLIC -> [$du]\n" );
>> }
>>
>> return;
>> }
>>
>> on my relay:
>>
>> route(CHECK_DEST_NET);
>>
>> if (isflagset(FLAG_TO_PRIVATE)) {
>> xlog("L_ERR", "[RELAY] forcing socket to PRIVATE NET\n" );
>> force_send_socket(LISTEN_INSIDE_IF:LISTEN_INSIDE_PORT);
>> } else {
>> xlog("L_ERR", "[RELAY] forcing socket to PUBLIC NET\n" );
>> force_send_socket(LISTEN_OUTSIDE_IF:LISTEN_OUTSIDE_PORT);
>> }
>>
>>
>> This works nicely, except for ACKs and potentially other packets sent
>> statelessly?
>>
>> Anyone knows how to fix this?
>>
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.w...@gmail.com
>> phone: +34669448337
>>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

anyone? :)

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337


On Mon, Apr 1, 2019 at 4:37 PM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> Hello guys,
> I have public and private IPs, and i need to force the sending socket
> replying to internal out externals endpoint, so i'm using this:
>
> function to check the destination (i tried using $sndto(ip) but it always
> returns NULL):
>
> route[CHECK_DEST_NET] {
> if ( $du=~"sip:172\..*" ) {
> setflag(FLAG_TO_PRIVATE);
> xlog("L_ERR", "[CHECK_SOURCE] Packet going to PRIVATE -> [$du]\n" );
> } else {
> setflag(FLAG_TO_PUBLIC);
> xlog("L_ERR", "[CHECK_SOURCE] Packet going to PUBLIC -> [$du]\n" );
> }
>
> return;
> }
>
> on my relay:
>
> route(CHECK_DEST_NET);
>
> if (isflagset(FLAG_TO_PRIVATE)) {
> xlog("L_ERR", "[RELAY] forcing socket to PRIVATE NET\n" );
> force_send_socket(LISTEN_INSIDE_IF:LISTEN_INSIDE_PORT);
> } else {
> xlog("L_ERR", "[RELAY] forcing socket to PUBLIC NET\n" );
> force_send_socket(LISTEN_OUTSIDE_IF:LISTEN_OUTSIDE_PORT);
> }
>
>
> This works nicely, except for ACKs and potentially other packets sent
> statelessly?
>
> Anyone knows how to fix this?
>
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

[SR-Users] ENUM for CNAM dips

[Spencer Thomason]

Hi all,
I’m interested in extending the ENUM module to add support for 
draft-ietf-enum-cnam-08 CNAM queries using ENUM.  I’m looking for high level 
guidance as to the best way to implement this and any feedback on naming of 
exported functions and parameters.  Maybe something like 
enum_cnam_query("pvar", "destination", [,"suffix" [,"service"]]) ?

Best regards,
Spencer
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Sergey Safarov]

Issue with fragmented UDP is NAT routers that cannot forward second and
follow fragments to SIP device.
Connection tracking must be enabled on router.

https://serverfault.com/questions/533704/why-is-iptables-rejecting-the-second-and-subsequent-fragments-of-an-allowed-pack

пн, 1 апр. 2019 г. в 18:44, Fred Posner :

> On 4/1/19 11:30 AM, Richard Fuchs wrote:
> >>
> >> of course, you're hoping that the fragmented packets arrive in order.
> >>
> > That really makes no difference. The network stack takes care of
> > reassembling the fragments no matter what order they arrive in.
> >
> > Issues only arrive from broken routers or firewalls, or if you have to
> > deal with packet loss.
> >
> > Cheers
> >
>
> I blame my initial response on a lack of coffee and attention to
> Kamailio Managed Cloud ;)
>
> --fred
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Fred Posner]

On 4/1/19 11:30 AM, Richard Fuchs wrote:


of course, you're hoping that the fragmented packets arrive in order.

That really makes no difference. The network stack takes care of 
reassembling the fragments no matter what order they arrive in.


Issues only arrive from broken routers or firewalls, or if you have to 
deal with packet loss.


Cheers



I blame my initial response on a lack of coffee and attention to 
Kamailio Managed Cloud ;)


--fred

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

[SR-Users] forcing socket doesn't work for ACK

[David Villasmil]

Hello guys,
I have public and private IPs, and i need to force the sending socket
replying to internal out externals endpoint, so i'm using this:

function to check the destination (i tried using $sndto(ip) but it always
returns NULL):

route[CHECK_DEST_NET] {
if ( $du=~"sip:172\..*" ) {
setflag(FLAG_TO_PRIVATE);
xlog("L_ERR", "[CHECK_SOURCE] Packet going to PRIVATE -> [$du]\n" );
} else {
setflag(FLAG_TO_PUBLIC);
xlog("L_ERR", "[CHECK_SOURCE] Packet going to PUBLIC -> [$du]\n" );
}

return;
}

on my relay:

route(CHECK_DEST_NET);

if (isflagset(FLAG_TO_PRIVATE)) {
xlog("L_ERR", "[RELAY] forcing socket to PRIVATE NET\n" );
force_send_socket(LISTEN_INSIDE_IF:LISTEN_INSIDE_PORT);
} else {
xlog("L_ERR", "[RELAY] forcing socket to PUBLIC NET\n" );
force_send_socket(LISTEN_OUTSIDE_IF:LISTEN_OUTSIDE_PORT);
}


This works nicely, except for ACKs and potentially other packets sent
statelessly?

Anyone knows how to fix this?

Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Richard Fuchs]

On 01/04/2019 11.22, Fred Posner wrote:

On 4/1/19 11:18 AM, Steve Davies wrote:
Never quite got this.  UDP packets can be up to 64k, right?  And 
fragmentation is a standard IP feature if a packet is bigger than MTU 
size.


Steve



of course, you're hoping that the fragmented packets arrive in order.

That really makes no difference. The network stack takes care of 
reassembling the fragments no matter what order they arrive in.


Issues only arrive from broken routers or firewalls, or if you have to 
deal with packet loss.


Cheers


___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Igor Olhovskiy]

Idea is to fit whole packet in MTU size.
Mainly cause fragmentation is not best option in case of UDP. Causes 
retransmissions on a high CPS values.

Regards, Igor
On Apr 1, 2019, 6:20 PM +0300, Steve Davies 
, wrote:
> Never quite got this.  UDP packets can be up to 64k, right?  And 
> fragmentation is a standard IP feature if a packet is bigger than MTU size.
>
> Steve
>
>
> > On Mon, 1 Apr 2019 at 16:43, Alex Balashov  
> > wrote:
> > > The customary inter-Kamailio solution is jumbo frames (if you control 
> > > network end-to-end) or TCP.
> > >
> > > —
> > > Sent from mobile, with due apologies for brevity and errors.
> > >
> > > On Apr 1, 2019, at 10:33 AM, Igor Olhovskiy  
> > > wrote:
> > >
> > > > Hi!
> > > >
> > > > Was looking on some way to compress SIP signalling between internal 
> > > > servers. But found out, there are no some pre-defined or recommended 
> > > > mechanism of doing this.
> > > > Yes, I found gzcompress module, but it will help only in case of big 
> > > > body, but not whole message itself. Like in some cases you can have 4-5 
> > > > RR headers, which is already a lot of info.
> > > >
> > > > What I googled is
> > > >
> > > > 1. > > > > SigComp
> > > > 2. > > > > Compact Header form
> > > >
> > > > As I found, SigComp is really not widely-used method and it support 
> > > > along opensource SIP servers/PBXes is not documented.
> > > > For Compact Header form - is there any way of using Kamailio to 
> > > > compress message this way?
> > > > Maybe also there is a way of having some intermediate proxy-layer 
> > > > software, that will gzip/gunzip SIP signalling in realtime?
> > > >
> > > > All of this actually cause info in SIP/SDP grows rapidly, unfortunately 
> > > > MTU size is not.
> > > > ___
> > > > Kamailio (SER) - Users Mailing List
> > > > sr-users@lists.kamailio.org
> > > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> > > ___
> > > Kamailio (SER) - Users Mailing List
> > > sr-users@lists.kamailio.org
> > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Daniel-Constantin Mierla]

Indeed, such issues related to UDP fragmentation should not happen, the
packets can be up to 64k, bigger than MTU size. I think linux had it for
more than 20 years and most of routers are based on it.

But surprisingly, there are still some routers that cannot cope with
that -- I get hit from time to time (not too often, I have to say it)
with support requests related to this matter and I also wonder how that
is still the case today.

Cheers,
Daniel

On 01.04.19 17:18, Steve Davies wrote:
> Never quite got this.  UDP packets can be up to 64k, right?  And
> fragmentation is a standard IP feature if a packet is bigger than MTU
> size.
>
> Steve
>
>
> On Mon, 1 Apr 2019 at 16:43, Alex Balashov  > wrote:
>
> The customary inter-Kamailio solution is jumbo frames (if you
> control network end-to-end) or TCP.
>
> —
> Sent from mobile, with due apologies for brevity and errors.
>
> On Apr 1, 2019, at 10:33 AM, Igor Olhovskiy
> mailto:igorolhovs...@gmail.com>> wrote:
>
>> Hi!
>>
>> Was looking on some way to compress SIP signalling between
>> internal servers. But found out, there are no some pre-defined or
>> recommended mechanism of doing this.
>> Yes, I found gzcompress module, but it will help only in case of
>> big body, but not whole message itself. Like in some cases you
>> can have 4-5 RR headers, which is already a lot of info.
>>
>> What I googled is
>>
>> 1.
>> SigComp
>> 2.
>> Compact Header form
>>
>> As I found, SigComp is really not widely-used method and it
>> support along opensource SIP servers/PBXes is not documented.
>> For Compact Header form - is there any way of using Kamailio to
>> compress message this way?
>> Maybe also there is a way of having some intermediate proxy-layer
>> software, that will gzip/gunzip SIP signalling in realtime?
>>
>> All of this actually cause info in SIP/SDP grows rapidly,
>> unfortunately MTU size is not.
>> Sent from Mailspring
>> ___
>> Kamailio (SER) - Users Mailing List
>> sr-users@lists.kamailio.org 
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org 
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Fred Posner]

On 4/1/19 11:18 AM, Steve Davies wrote:
Never quite got this.  UDP packets can be up to 64k, right?  And 
fragmentation is a standard IP feature if a packet is bigger than MTU size.


Steve



of course, you're hoping that the fragmented packets arrive in order.

--fred


___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Steve Davies]

Never quite got this.  UDP packets can be up to 64k, right?  And
fragmentation is a standard IP feature if a packet is bigger than MTU size.

Steve


On Mon, 1 Apr 2019 at 16:43, Alex Balashov 
wrote:

> The customary inter-Kamailio solution is jumbo frames (if you control
> network end-to-end) or TCP.
>
> —
> Sent from mobile, with due apologies for brevity and errors.
>
> On Apr 1, 2019, at 10:33 AM, Igor Olhovskiy 
> wrote:
>
> Hi!
>
> Was looking on some way to compress SIP signalling between internal
> servers. But found out, there are no some pre-defined or recommended
> mechanism of doing this.
> Yes, I found gzcompress module, but it will help only in case of big body,
> but not whole message itself. Like in some cases you can have 4-5 RR
> headers, which is already a lot of info.
>
> What I googled is
>
>1. SigComp
>2. Compact Header form
>
> As I found, SigComp is really not widely-used method and it support along
> opensource SIP servers/PBXes is not documented.
> For Compact Header form - is there any way of using Kamailio to compress
> message this way?
> Maybe also there is a way of having some intermediate proxy-layer
> software, that will gzip/gunzip SIP signalling in realtime?
>
> All of this actually cause info in SIP/SDP grows rapidly, unfortunately
> MTU size is not.
> [image: Sent from Mailspring]
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Antony Stone]

On Monday 01 April 2019 at 16:33:17, Igor Olhovskiy wrote:

> Hi!
> 
> Was looking on some way to compress SIP signalling between internal
> servers.

What problem are you trying to solve by compressing SIP?

> But found out, there are no some pre-defined or recommended mechanism of
> doing this. Yes, I found gzcompress module, but it will help only in case of
> big body, but not whole message itself. Like in some cases you can have 4-5
> RR headers, which is already a lot of info.

Surely you're still only talking about 100s to 1000s of bytes - how is that a 
problem for you?

> What I googled is
> SigComp
> 
> Compact Header form
> 
> As I found, SigComp is really not widely-used method and it support along
> opensource SIP servers/PBXes is not documented. For Compact Header form -
> is there any way of using Kamailio to compress message this way? Maybe
> also there is a way of having some intermediate proxy-layer software, that
> will gzip/gunzip SIP signalling in realtime?
> 
> All of this actually cause info in SIP/SDP grows rapidly, unfortunately MTU
> size is not.

So, are you trying to restrict the total amount of data being sent in a SIP 
request / response, or are you trying to control the MTU size of the packets / 
frames that data is sent in?


Antony.

-- 
"Measuring average network latency is about as useful as measuring the mean 
temperature of patients in a hospital."

 - Stéphane Bortzmeyer

   Please reply to the list;
 please *don't* CC me.

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Daniel-Constantin Mierla]

Hello,

using tcp would be an option, as Alex mentioned, if you can control the
udp mtu size. The alternative can be also sctp transport, which should
be better that tcp. If you have a recent kernel, that could be better.
However, I have to say that I haven't seen much use of sctp lately
myself, so do a little testing yourself before pushing to production.

Then, looking at the compress option, enhancing gzcompress also for
headers should be easy. But I think that it would require sort of
encoding at the beginning, to know is an encrypted packet and eventually
specify the algorithm for compression. Not sure if such protocol is
defined somewhere else and we can reuse it, or we just brew one ourselves.

Actually, the proposal above with gzcompress module would be to make it
simpler (as I thought of doing at some point when I sent packages over
long distance and narrow band), because that is already possible if you
use an embedded scripting language and corex module -- the example there
is pretty much what you are looking for:

  *
https://www.kamailio.org/docs/modules/stable/modules/corex.html#async.evr.network_io

Cheers,
Daniel

On 01.04.19 16:42, Alex Balashov wrote:
> The customary inter-Kamailio solution is jumbo frames (if you control
> network end-to-end) or TCP.
>
> —
> Sent from mobile, with due apologies for brevity and errors.
>
> On Apr 1, 2019, at 10:33 AM, Igor Olhovskiy  > wrote:
>
>> Hi!
>>
>> Was looking on some way to compress SIP signalling between internal
>> servers. But found out, there are no some pre-defined or recommended
>> mechanism of doing this.
>> Yes, I found gzcompress module, but it will help only in case of big
>> body, but not whole message itself. Like in some cases you can have
>> 4-5 RR headers, which is already a lot of info.
>>
>> What I googled is
>>
>> 1.
>> SigComp
>> 2.
>> Compact Header form
>>
>> As I found, SigComp is really not widely-used method and it support
>> along opensource SIP servers/PBXes is not documented.
>> For Compact Header form - is there any way of using Kamailio to
>> compress message this way?
>> Maybe also there is a way of having some intermediate proxy-layer
>> software, that will gzip/gunzip SIP signalling in realtime?
>>
>> All of this actually cause info in SIP/SDP grows rapidly,
>> unfortunately MTU size is not.
>> Sent from Mailspring
>> ___
>> Kamailio (SER) - Users Mailing List
>> sr-users@lists.kamailio.org 
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] db_redis and user

[Joan Salvatella]

Hi Andrew,

 

Unfortunately it wasn’t this parameter. It turns out that the default schema 
shipped with db_redis stores the values as timestamp but retrieves them as 
integers despite this parameter. I have issued a bug in Github to let them know 
about it.

 

Thanks! 

 

From: Andrew White 
Date: Sunday, 31 March 2019 at 08:08
To: "Kamailio (SER) - Users Mailing List" 
Cc: , Fede Buldin 
Subject: Re: [SR-Users] db_redis and user

 

Hi Joan,

 

My guess is you’re providing a string value from the phones/terminals, rather 
than an integer value.

 

 9(39) ERROR:  [db_ut.c:92]: db_str2int(): Unexpected characters: [-03-29 
18:16:36]

 9(39) ERROR:  [db_val.c:76]: db_str2val(): error while converting 
integer value from string

 9(39) ERROR: db_redis [redis_dbase.c:1062]: db_redis_convert_row(): Failed to 
convert redis column 'expires' to db value

 

I’m guessing the string given is “2019-03-29 18:16:38”. I don’t know the 
location DB well in Kamailio, but I’d guess this is meant to be an epoch 
timestamp.

 

I’ve not really ever used usrloc, but having a look, I’d say maybe you need to 
set the “expires_type” value in the module? 
https://www.kamailio.org/docs/modules/devel/modules/usrloc.html#usrloc.p.expires_type

 

Someone who knows USRLOC could probably confirm this!

Best of luck fellow Redis user!



Andrew White - Director
uConnected
Email: and...@uconnected.com.au
Web: www.uConnected.com.au



On 30 Mar 2019, at 5:17 am, Joan Salvatella  wrote:

 

Hello,

 

We are working on a project that's using two active-active Kamailio 5.2 
instances that redirect traffic to several Asterisk 15.4 instances. Kamailio is 
acting as a registrar and should store the location information of the 
registered terminals. The backend database is db_redis.

 

Phone terminals get registered and the information gets looked up from the 
subscriber schema in redis (That's cool) but we are having problems with the 
locations. This is the related code:

 

modparam("db_redis", "keys", 
"location=entry:ruid:username,domain:partition,keepalive")

 

if(ds_is_from_list("1", "2", "sip:$fd:5080")) {

record_route();

route(INVITE_ASTERISK);

exit;

}

 

route[INVITE_ASTERISK] {

xlog("L_INFO", "[R-INVITE-RESOLVER:$ci] Entering ASTERISK INVITE 
resolver\n");

if (!lookup("location")) {

    sl_send_reply("404", "User Not Found");

    return;

    }

route(INVITE_POSTROUTE);

}

 

route[INVITE_POSTROUTE] {

   rtpproxy_manage();

   t_on_reply("MAIN_REPLY");

 

if(!t_relay()) 

    sl_reply_error();

}

 

When looking up the location schema this errors appear:

 

9(39) WARNING: db_redis [redis_dbase.c:1098]: db_redis_perform_query(): 
performing full table scan on table 'location' while performing query

 9(39) WARNING: db_redis [redis_dbase.c:1101]: db_redis_perform_query():   scan 
key 0 is 'expires'

 9(39) WARNING: db_redis [redis_dbase.c:1101]: db_redis_perform_query():   scan 
key 1 is 'expires'

 9(39) ERROR:  [db_ut.c:92]: db_str2int(): Unexpected characters: [-03-29 
18:16:36]

 9(39) ERROR:  [db_val.c:76]: db_str2val(): error while converting 
integer value from string

 9(39) ERROR: db_redis [redis_dbase.c:1062]: db_redis_convert_row(): Failed to 
convert redis column 'expires' to db value

 9(39) ERROR: db_redis [redis_dbase.c:1231]: db_redis_perform_query(): Failed 
to convert redis reply for row

 9(39) ERROR: db_redis [redis_dbase.c:1243]: db_redis_perform_query(): failed 
to perform the query

 9(39) ERROR: db_redis [redis_dbase.c:1829]: db_redis_query(): failed to do the 
query

 9(39) ERROR: usrloc [udomain.c:981]: udomain_contact_expired_cb(): db_query 
failed

 

Any hints?

 

Thanks and regards,

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

 

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Compressing SIP messages

[Alex Balashov]

The customary inter-Kamailio solution is jumbo frames (if you control network 
end-to-end) or TCP.

—
Sent from mobile, with due apologies for brevity and errors.

> On Apr 1, 2019, at 10:33 AM, Igor Olhovskiy  wrote:
> 
> Hi!
> 
> Was looking on some way to compress SIP signalling between internal servers. 
> But found out, there are no some pre-defined or recommended mechanism of 
> doing this.
> Yes, I found gzcompress module, but it will help only in case of big body, 
> but not whole message itself. Like in some cases you can have 4-5 RR headers, 
> which is already a lot of info.
> 
> What I googled is
> SigComp
> Compact Header form
> As I found, SigComp is really not widely-used method and it support along 
> opensource SIP servers/PBXes is not documented.
> For Compact Header form - is there any way of using Kamailio to compress 
> message this way?
> Maybe also there is a way of having some intermediate proxy-layer software, 
> that will gzip/gunzip SIP signalling in realtime?
> 
> All of this actually cause info in SIP/SDP grows rapidly, unfortunately MTU 
> size is not.
> 
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

[SR-Users] Compressing SIP messages

[Igor Olhovskiy]

Hi!

Was looking on some way to compress SIP signalling between internal servers. 
But found out, there are no some pre-defined or recommended mechanism of doing 
this.
Yes, I found gzcompress module, but it will help only in case of big body, but 
not whole message itself. Like in some cases you can have 4-5 RR headers, which 
is already a lot of info.

What I googled is
SigComp

Compact Header form

As I found, SigComp is really not widely-used method and it support along 
opensource SIP servers/PBXes is not documented.
For Compact Header form - is there any way of using Kamailio to compress 
message this way?
Maybe also there is a way of having some intermediate proxy-layer software, 
that will gzip/gunzip SIP signalling in realtime?

All of this actually cause info in SIP/SDP grows rapidly, unfortunately MTU 
size is not.___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Use Kamailio as forward proxy between two networks

[Denys Pozniak]

Hello!

Maybe it will help you:
https://kamailio.org/docs/modules/devel/modules/rtpproxy.html#rtpproxy.f.rtpproxy_ofrer


*i, e - these flags specify the direction of the SIP message. These flags
only make sense when rtpproxy is running in bridge mode. 'i' means internal
network (LAN), 'e' means external network (WAN). 'i' corresponds to
rtpproxy's first interface, 'e' corresponds to rtpproxy's second interface.
You always have to specify two flags to define the incoming network and the
outgoing network. For example, 'ie' should be used for SIP message received
from the local interface and sent out on the external interface, and 'ei'
vice versa. Other options are 'ii' and 'ee'. So, for example if a SIP
requests is processed with 'ie' flags, the corresponding response must be
processed with 'ie' flags.*


пн, 1 апр. 2019 г. в 16:59, Lauritz :

> Hello,
>
> I am trying to implement the following network setup using Kamailio and
> RTPProxy, but was not able to find any recent documentation or blog posts
> with hints:
>
> local_net1   :  local_net2
> 10.250.10.*  :  10.250.11.*
>  :
> (1)(2)   :
> +-+   +--+
> +--+
> ! !.11.12 ! Proxy!.21 ! Debian
> Host  !.22
> ! Starface!---! + Kamailio   !<<--! +
> Linphone   !.23
> ! !   ! + RTPProxy   !
> !  !
> +-+   +--+
> +--+
>   eth0   :  eth1
>  :
>  :
>
>
> As you can see, the proxy has two interfaces and its purpose is to forward
> traffic from the client's network to the Starface's network.
>
> Has anyone experience to share or got any other hints where to start?
> Thank you very much for your help :)
>
> Kind regards,
> Lauritz
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>


-- 

BR,
Denys Pozniak
___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

[SR-Users] Use Kamailio as forward proxy between two networks

[Lauritz]

Hello,

I am trying to implement the following network setup using Kamailio and 
RTPProxy, but was not able to find any recent documentation or blog posts with 
hints:


> local_net1 : local_net2
> 10.250.10.* : 10.250.11.*
> :
> (1) (2) :
> +-+ +--+ +--+
> ! !.11 .12 ! Proxy !.21 ! Debian Host !.22
> ! Starface !---! + Kamailio !<<--! + Linphone !.23
> ! ! ! + RTPProxy ! ! !
> +-+ +--+ +--+
> eth0 : eth1
> :
> :
> 

As you can see, the proxy has two interfaces and its purpose is to forward 
traffic from the client's network to the Starface's network.
Has anyone experience to share or got any other hints where to start?
Thank you very much for your help :)

Kind regards,
Lauritz

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

[SR-Users] Rtpengine - no RTP packets going out

[Istvan Mogyorosi]

Dear all,

This is my first post after reading a lot in this mailing-list.
I'm trying to use Kamailio 5.1 with the dispatcher module and rtpengine 
acting as SIP + RTP proxy.
I have 6 asterisk servers in a private subnet that should talk with the 
peer via a single IP like this:


Asterisk 1..n|---> | GW.PRIVATE.IP -o- GW.PUBLIC.IP |> PEER.SIP.TRUNK

I'm on Centos 7, with firewalld configured, iptables module is loaded 
and the rule is well defined.

Packet forwarding is also enabled.

Chain rtpengine (1 references)
target prot opt source   destination
RTPENGINE  udp  --  anywhere anywhere RTPENGINE 
id:40


My call flow seems to be fine, Kamailio/rtpengine private IP is the 
outboundproxy parameter of Asterisk instances.


My problem is that RTP packets are not present on the public interface, 
the rtpengine final log showing
the 2 sessions, but I'm not sure this is what I want or simply the 
firewall does not let it out ?
(To be more precise PEER.SIP.TRUNK is the trunk for SIP traffic, I have 
multiple IP addresses

for media to connect to, reinvites are allowed)

Closing call due to timeout
Final packet stats:
--- Tag 'as6d12caea', created 1:00 ago for branch '', in dialogue with 
'as541b1e61'

-- Media #1 (audio over RTP/AVP) using unknown codec
- Port  GW.PRIVATE.IP:1 <>   192.168.30.13:11152, SSRC 0, 0 
p, 0 b, 0 e, 60 ts
- Port  GW.PRIVATE.IP:10001 <>   192.168.30.13:11153 (RTCP), 
SSRC 0, 0 p, 0 b, 0 e, 60 ts


--- Tag 'as541b1e61', created 1:00 ago for branch '', in dialogue with 
'as6d12caea'

-- Media #1 (audio over RTP/AVP) using unknown codec
- Port GW.PUBLIC.IP:1 <>   PEER.SIP.TRUNK:28216, SSRC 0, 
0 p, 0 b, 0 e, 60 ts
- Port GW.PUBLIC.IP:10001 <>   PEER.SIP.TRUNK:28217 (RTCP), 
SSRC 0, 0 p, 0 b, 0 e, 60 ts


Best regards,

Istvan

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

[SR-Users] Kamailio Managed Cloud

[Alex Balashov]

For immediate release:

ATLANTA, GA (1 April 2019)--Following its long tradition of forward-thinking
innovation in open-source Real-Time Communications (RTC), the leadership of the
Kamailio SIP server project (formerly known as OpenSER) has launched the
Kamailio Managed Cloud (KMC).

Alex Balashov of Evariste Systems and Fred Posner of The Palner Group were
among several key North American stakeholders on hand to discuss it further.

As Posner told us, "Kamailio Managed Cloud is a new, best-of-breed managed
Kamailio hosting environment. We provide elasticity by leveraging human
capital. Using our patent-pending Orchestration Turk system, our managed cloud
technicians will purchase your SuperMicro bare-metal server, known as a KamBox,
drive to the data centre, and rack-and-stack it on demand -- all in response to
a SOAP API call! And when you want to remove your on-demand KamBox, just issue
a 'delete' operation and we will decommission the hardware -- live!"

"Dedicated KamBox colocation really puts the Management in Managed Cloud,"
emphasised Balashov. 

"But that doesn't mean we keep the customer out of the loop. We are using the
most modern XMLHttpRequest and 'AJAX' techniques to provide a real-time
dashboard with KamBox status to all users, though it will not work with
Internet Explorer 6 -- we're addressing that."

"Anyway, there are numerous other cloud platforms out there, many of which rely
on virtualisation and automated orchestration and the like. It really takes the
human touch out of the equation and gives the short shrift to quality, while
also taking away jobs. And besides, how can a so-called 'virtual' machine be
truly carrier-grade?"

Kamailio Managed Cloud launched in two principal regions today -- US-EAST-1,
located in Jacksonville, Florida, USA, and EU-CENTRAL-1, based in the booming
tech hub of central Europe and birthplace of OpenSER: Berlin, Germany. Unnamed
sources tell us that strategic expansion is planned for several other regions,
including Flint, Michigan, USA.

The mechanics of Kamailio Managed Cloud have invited questions about how other
elastic cloud resources are managed, more especially elastic storage. According
to KMC senior management, storage is provided via a mechanism developed by
ASIPTO StorageWorks. 

ASIPTO chief Daniel-Constantin Mierla was on hand at the KMC launch to explain:

"It's very easy. When a customer requests more space with a simple and
lightweight SOAP call with just a little custom XML namespaces, then depending
on the region, Fred or I receive an SMS on our smartphones from our advanced
PHP backend and drive to the data centre to insert another hard drive into one
of the KamBox's several drive bays.

We are using the latest in advanced mobile communications, SMS, to ensure
fastest response time. Of course our service level is comprehensive and
includes Managed Partition Table Labelling and Managed LVM Insertion. Also
there is optional Managed Filesystem Formatting for a complete portfolio of
managed services. 

ASIPTO StorageWorks moves at the speed of global e-business. Just text us your
desired filesystem layout and partitioning scheme. It is really that easy!"

When asked about business focus, marketing turnaround veteran Henning
Westerholt, Executive Vice President of Business Development for KMC responded:

"Our target customer is a socially conscious Millennial-run corporation or
start-up who see value in the unique blend of managed services and an
artisanal, hand-crafted, organic approach that is compatible with social
justice and takes a people-centric view."

Asked to elaborate upon his vision of social justice, Westerholt added: 

"Virtualisation, orchestration and auto-scaling take the people out of the
equation, and Kamailio is, in the end, about people, as communication in
general is about people. What would it be without the people? 

Moreover, these mechanisms take away gainful opportunities from hard-working
university graduates.  Kubernetes, Docker Swarm, VMWare, and KVM contravene the
social policy objective of full employment."

At press time, Posner, who also heads up KMC Labs North America, was said to be
lending his pioneering business vision and knack for seeing around technology
trend corners to intensive work on next-generation, bleeding-edge functionality
for KMC. 

While Posner was tight-lipped about the specifics, he did state that the
'dispatcher' module is slated to be deprecated in favour of a "human
load-balancing approach to SIP requests that is both cloud-native and
eco-conscious". 

Industry analysts agree that protocol-aware load-balancing strategies are
complicated and that the application of human judgment to the problem
represents a fertile field for dynamic innovation and investment.

Reports from regional press confirm that KMC Labs are in the process of
building a fullfilment centre for this innovative offering, said to be branded
"Central Switchboard", at an undisclosed site in Bangladesh, where thousands 

Re: [SR-Users] Kamailio stop to process incoming SIP traffic via TCP.

[Daniel-Constantin Mierla]

Hello,

an update on this issue -- I spent a bit of time looking at
libssl/libcrypto library and the problem can be the type of mutexes they
use now internally starting with v1.1, respectively the pthread mutex.
They are not process shared and kamailio is a multi-process application,
working with the same tls connection from multiple processes.

Today I wrote to openssl mailing list, waiting now to see if I get any
hints from there.

Cheers,
Daniel

On 01.04.19 10:33, Kristijan Vrban wrote:
> Hi Andrew,
>
> yes, with openssl 1.0.2 Kamailio is now up and running since five
> days. Looks good so far.
>
> Kristijan
>
> Am Do., 28. März 2019 um 11:09 Uhr schrieb Andrew Pogrebennyk
> :
>> On 3/26/19 3:52 PM, Kristijan Vrban wrote:
 Just curious, did you get to compile with OpenSSL 1.0 and test?
>>> Just compiled with OpenSSL 1.0 . Gone test now.
>> Kristijan,
>> any new occurrences since you have recompiled kamailio with openssl 1.0?
>>
>> Regards,
>> Andrew
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com


___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Port 5060 omitted in Record-Route

[Daniel-Constantin Mierla]

Hello,

not sure I understood properly, but if you want to use port 5060 for
both tcp and tls is not working. Better just use it for tls only.

Cheers,
Daniel

On 29.03.19 03:26, Lợi Đặng wrote:
> Hi Joel, thanks for verification, it was ok to me when using the
> default 5060 for udp/tcp with port omitted in the RR, the calls should
> be routed properly.
> But it don't work if i use the same port 5060 for tls (i know this is
> a bit weird, but i want to re-use the port due to customer firewall
> restriction), the port is still omitted and `ACK/BYE` routed wrongly
> to *MY_ADDR;transport=tls* (5061).
>
> I only want to make sure whether it is not able to explicitly add 5060
> port to the RR when using tls or i just make it wrong with my
> configuration.
>
> rgds,
> Loi Dang Thanh
> Phone : +84. 774.735.448
> Email : loi.dangth...@gmail.com 
>
>
> On Thu, Mar 28, 2019 at 10:19 PM Joel Serrano  > wrote:
>
> By SIP definition if the port is the default (5060 for udp/tcp,
> 5061 for tls) it's not mandatory, that's why if you choose any
> other port you specifically see it in the RR.
>
>
>
>
> On Thu, Mar 28, 2019 at 3:30 AM Lợi Đặng  > wrote:
>
> Hi all, i was using kamailio 4.2.1 located in 2 networks
>
> listen = tcp:MY_ADDR:5060 advertise MY_ADDR:5060
> listen = tls:MY_ADDR:5061 advertise PUBLIC_NAT_ADDR:5061
>
>
> when the call made from the inside network to out side,
> running `record_route()` resulted in 2 Record-Route headers
> added (enable_double_rr=1)
>
> Record-Route: PUBLIC_NAT_ADDR:5061;transport=tls;lr
> Record-Route: MY_ADDR;transport=tcp;lr
>
>
> That was totally fine omitting the port in the first
> Record-Route when using tcp (or udp) on the first realm, but
> when i start switching to tls, it caused trouble
>
> Record-Route: PUBLIC_NAT_ADDR:5061;transport=tls;lr
> Record-Route: MY_ADDR;transport=tls;lr
>
>
> The client is then told to send ACK/BYE to
> `MY_ADDR;transport=tls` located at `MY_ADDR:5061` as per
> rfc3263, then the call would failed.
>
> I had another try with
> `record_route_preset("PUBLIC_NAT_ADDR:5061;transport=tls",
> "MY_ADDR:5060;transport=tls");`, it really did add what i want
> with explicit 5060 port on RR, `ACK/BYE` travel on the correct
> path, but `loose_route()` only consumes the local `Route`
> header (it should consume 2). So my assumption is to stick
> with `record_route()` function to make `loose_route()` work
> properly.
>
> I tried using another port on the local realm, e.g: 5062 and
> the port is explicitly added to the Record-Route header
> `MY_ADDR:5062;transport=tls;lr`
> So is `5060` couldn't be explicitly added to the inbound
> Record-Route, or i just missed something?
>
> Any help will be appreciated.
>
> P/S: I also tried 4.4.7 and it still omit my 5060 port in the RR.
>
> rgds,
> Loi Dang Thanh
> Phone : +84. 774.735.448
> Email : loi.dangth...@gmail.com 
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org 
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org 
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Kamailio v5.2 kamctl alias add problem

[Daniel-Constantin Mierla]

Hello,

are you looking to add a record for alias_db table? If yes, then the
command is:

kamctl aliasdb ...

The kamctl alias is something related to usrloc module.

Cheers,
Daniel

On 29.03.19 11:35, Igor Potjevlesch wrote:
> Hi Kamailios,
>
> Any upadte about this subject ? 
>
> Bests Regards, 
>
> Igor
>
> Le lun. 4 mars 2019 à 17:05, Igor Potjevlesch
> mailto:igor.potjevle...@gmail.com>> a écrit :
>
> Hi kamailios, 
>
> I meet a problem with the " kamctl alias add" command in the 5.2
> version, I saw that the module used to add an alias had changed,
> and now the command result with an error :
>
> [kamailio]# kamctl alias add @ sip:X@ 
> {
>   "jsonrpc":  "2.0",
>   "error":  {
>     "code": 500,
>     "message":  "Not enough parameters or wrong format"
>   },
>   "id": X
> }
>
> I read the function who return this message " static void
> ul_rpc_add(rpc_t* rpc, void* ctx)" in the ul_rpc.c in the usr_loc
> module. 
> I tried to pass the command with two more parameters :
>
> # kamctl alias add 0175951...@trunk7.bornsip.fr
> 
> sip:0175951...@trunk7.bornsip.fr
>  NULL NULL
> {
>   "jsonrpc":  "2.0",
>   "result": {
>   },
>   "id": 29200
> }
>
> And this time it works correctly, but I saw thaht the test
> prameters was in the field "path" , do you know why we have to
> indicate a path ? 
> Are we obliged to indicate this two more parameters ? 
> What is the utility of this field ? 
> Thank you in advance,
>
> Igor
>
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] where to find the cfg languaje for program on it?

[Daniel-Constantin Mierla]

Hello,

that the link with most of the docs for scripting language. The return
code evaluation is detailed at:

  * https://www.kamailio.org/wiki/cookbooks/devel/core#return

You have also the option to use other scripting languages instead of the
own brewed one, see more at:

  * http://kamailio.org/docs/tutorials/devel/kamailio-kemi-framework/

Cheers,
Daniel

On 31.03.19 11:48, PICCORO McKAY Lenz wrote:
> recently i wrote a portion of my cfg file but i found that
> i based my code in other sources and results of try/tach experiments
>
> i cannot found the documents for the languaje of the core
>
> i only found the link: https://www.kamailio.org/wiki/cookbooks/devel/core
> but in that link there's no references about languaje per see
>
> only about how to write portions of the file and sections..
>
> maybe i wrong or the document are wrote in different way?
>
> by example how to evaluate the output of a custom function/section?
>
> Lenz McKAY Gerardo (PICCORO)
> http://qgqlochekone.blogspot.com
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] drop before exit and send ok reply first can be done?

[Daniel-Constantin Mierla]

Hello,

for request_route, drop or exit do the same.

Also, both drop and exit stop execution of config file, so makes no
sense to use one after the other. Drop is different that exit in
branch_route, onreply_route and onsend_route, telling the core not to
send the message out. But in request route, an explicit t_relay() or
forward() has to be used to send the request out, without it, kamailio
is not doing it.

Cheers,
Daniel

On 31.03.19 21:36, SamyGo wrote:
> Hi,
> Can you please elaborate about the part where you said "drop rest of
> the packets".
>
> If an OPTIONs is incoming you can send reply and then exit; a drop is
> like silently discarding a packet as far as I know.
>  
> Do you meant to discard any further packets in same dialog or
> transaction to be matched and discarded/dropped ? 
>
> Regards,
> Sammy
>
> On Sun, Mar 31, 2019, 5:54 AM PICCORO McKAY Lenz,
> mailto:mckaygerh...@gmail.com>> wrote:
>
> h have this for a custom rule agains spoecific messages:
>
>         sl_send_reply("200", "OK");
>    drop();
>         exit;
>
> my question are if that rules are correct:
>
> i want to drop but send firts to client a ok response..
> i mean client receive "all are ok dont worry" and then drop the
> rest packets..
>
> that's correct?
>
> Lenz McKAY Gerardo (PICCORO)
> http://qgqlochekone.blogspot.com
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org 
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
>
> ___
> Kamailio (SER) - Users Mailing List
> sr-users@lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] Kamailio stop to process incoming SIP traffic via TCP.

[Kristijan Vrban]

Hi Andrew,

yes, with openssl 1.0.2 Kamailio is now up and running since five
days. Looks good so far.

Kristijan

Am Do., 28. März 2019 um 11:09 Uhr schrieb Andrew Pogrebennyk
:
>
> On 3/26/19 3:52 PM, Kristijan Vrban wrote:
> >> Just curious, did you get to compile with OpenSSL 1.0 and test?
> > Just compiled with OpenSSL 1.0 . Gone test now.
>
> Kristijan,
> any new occurrences since you have recompiled kamailio with openssl 1.0?
>
> Regards,
> Andrew

___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

Re: [SR-Users] kamailio and rtpengine

[Henning Westerholt]

Am Sonntag, 31. März 2019, 23:58:04 CEST schrieb David Villasmil:
> I was using 5.2
> I just downgraded to 5.0 and it starts properly.
> [..]

Hello David,

good that you found a workaround.

As this is only a temporary solution (5.0 will be end of life after the 
release of 5.3), please create a bug report about that on our tracker.

Best regards,

Henning


-- 
Henning Westerholt - https://skalatan.de/blog/
Kamailio services - https://skalatan.de/services


___
Kamailio (SER) - Users Mailing List
sr-users@lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users