Re: [SR-Users] Kamailio - passing registration to another sip server
Am 25.08.2016 um 16:19 schrieb E. Schmidbauer: Hi Matt, Check out this post and config: https://blog.voipxswitch.com/2016/08/11/kamailio-and-freeswitch-on-the-same-server-with-nsq-and-jansson-rpc/ It demonstrates how to handle NAT & forward a REGISTER to FreeSWITCH (on localhost) Thanks, Emmanuel Just a comment (I found this thread as I currently have the some problem). Both provided solutions do use PATH which of course requires PATH support on the registrar. If the reigstrar does not support PATH then things get complicated. I see 2 solutions: a) if the registrar does NAT traversal (and thus always send SIP messages to the IP:port it received the REGISTER), does not manipulate the received Contact header and the client does not care about manipulated Contact header it may be possible by just applying "fix_nated_contact()" and route messages from the registrar to the client by using the R-URI in the incoming request. b) if the Contact header must be preserved (strict clients) or if the registrar does not apply NAT traversal, then it is necessary to do heavy message rewriting and registration in the proxy too: - the URI in the Contact forwarded to the registrar must point to the proxy - this URI must be mapped by the proxy to the clients received/NAT address - depending on the requirements (e.g. multiple registrars, multiple domains) the mapping can be simple or complex Thus, I think a generic solution for registrars without PATH support involves plenty of message manipulation and lot of time and testing. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] A question to you, SIP providers: what is your policy on PBXes calling themselves
Am 07.06.2015 um 05:06 schrieb Antonio Gómez Soto: Hello, This is question on PBX behavior, what is the right thing to do, and how do PBX's generally behave. If a user on a phone, dials a number, which happens to be configured on the same phone system (for example another tenant), there are two options: 1. The PBX notices this, and directly connects the phone to the DID on that system (breaking separation of tenants) 2. The PBX sends the call out on the SIP trunk, and the provider-routing sends the call back as an incoming call. What are the pros and cons of each option from the SIP provider point of view? How do PBX's generally behave? Thanks, Antonio (a bit late but maybe still interesting) I always keep the call local to my environment, but not local to a single PBX. E.g: PBX1---\ \ PBX2GW- TRUNK - PSTN-Provider / PBX3---/ Calls which are internally to a customer stay on the PBX (as these are not charged usually). Calls between my customers are always routed to my Gateway, which decides the routing, e.g. sends the call back to the same PBX or some other PBX (for local DIDs) or to the PSTN termination provider. This way I always have the same routing and CDRs regardless if the user is on the same PBX or some other. For billing I only use the CDRs generated by the Gateway SIP server (I use Asterisk). In a small setup this may seem a bit complicated. But you soon may have multiple PBX servers (lots of customers, different PBX software versions ). regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] IPSec supporting open source SIP Server
Hi! I think he refers to IMS where IPsec is used dynamically. With the first REGISTER the client and the server exchange data which can be used (together with the password) to calculate the IPsec security associations. Then the client and the SIP server communicate with the OS to setup the IPsec session. All following SIP requests will then be sent via IPsec (automatically encrypted and decrypted by the OS if the IPsec SAs match). Further, Linux (unfortunately) does not use tunnel interfaces for IPsec anymore. regards Klaus Am 02.06.2015 um 12:15 schrieb Daniel-Constantin Mierla: Hello, an ipsec tunnel appears as an network interface, therefore a lower layer than a SIP server deals with. As soon as you get the ipsec tunnel running, kamailio can be started and receive traffic on it. Nothing else special needed for kamailio. Also, you can run kamailio on a single interface and instruct kernel to do packet forwarding from many tunnels to it. Cheers, Daniel On 01/06/15 11:21, Priyaranjan Nayak wrote: Hi All, I need one IPSec supported opensource SIP server for testing my sip client endpoint.Could you please tell me which SIP server supporting IPSec ? Thanks in advance. Thanks Priyaranjan ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla http://twitter.com/#!/miconda -http://www.linkedin.com/in/miconda Kamailio World Conference, May 27-29, 2015 Berlin, Germany -http://www.kamailioworld.com ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] rtpproxy 2.0
Hi! I just found out that there is a new rtpproxy release: http://www.rtpproxy.org/post/v2release/ Has anybody tested it and want to share some experiences? Or have people turned to rtpengine meanwhile? (I am still using rtpproxy 1.2 as I do not need new features). regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] log_prefix not working in reply_route
On 18.05.2015 15:41, Daniel-Constantin Mierla wrote: Hello, On 18/05/15 14:57, Klaus Darilion wrote: Hi! Should log_prefix also work for xlog in reply routes? In my case it doesn't (Kamailio 4.2.2) it should work for received sip replies. Not here, neither in the default reply route, nor in others: I tested log_prefix=$si:$sp:$proto $rm $mt $fU-$tU: and log_prefix=TEST: [request-route] May 18 16:31:17 VoIP-Test /usr/sbin/kamailio[22270]: 11.22.33.3:24721:udp INVITE 1 004314099401-00433311160036: INFO: script: 1489:onsend_route: Access sensitive node granted ... [default-reply-route] May 18 16:31:17 VoIP-Test /usr/sbin/kamailio[22271]: INFO: script: 1563:DEFAULT REPLYROUTE: incoming response: 100 Trying from 22.33.128.132:5060 [reply-route] May 18 16:31:17 VoIP-Test /usr/sbin/kamailio[22271]: INFO: script: 1571:REPLYROUTE CONTACT_RTP: activate media relay and fix contact: incoming response: 100 Trying from 22.33.128.132:5060 Also logmessages in failure-route are not prefixed with log_message. shall I file a bug report? I am suing 4.2.2. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Dialog module generates error since upgrade to 4.2.2
Hi Daniel! Your fix solves the problem (not heavily tested) - now the dialog module destroys the dialog after config exit. thanks Klaus On 24.01.2015 23:05, Daniel-Constantin Mierla wrote: Can you try the latest version of branch 4.2? I pushed a fix that should solve this one as well. Let me know the results. Cheers, Daniel On 23/01/15 13:40, Jan Hazenberg wrote: Daniel, Let me know if you need some debugs from my side. I have 4.2.2 and 4.2.1 running and can reproduce the problem if needed. Jan Daniel-Constantin Mierla schreef op 2015-01-23 13:38: I hope to get the time to look into it either this evening or over the weekend. I have some other logs sent to me for a dialog issue. Daniel On 23/01/15 12:40, Jan Hazenberg wrote: I indeed see the same spiral messages in the logs as well: Jan 22 14:50:33 sip /usr/sbin/kamailio[14084]: DEBUG: dialog [dlg_handlers.c:831]: dlg_new_dialog(): Callid '035a329653a80be399f7b45e6c734415@192.168.149.126' found, must be a spiraled request Jan Klaus Darilion schreef op 2015-01-23 11:38: I think the problem with 4.2.2. is the following: After dialog cleanup code is not executed after script exit. Thus, if the dialog is created without generating a transaction, e.g.: ... dialog_manage(); ... some checks sl_send_reply(); exit; the dialog is created, but not destroyed after exit. Thus, next time a request with identical dialog IDs (e.g the second INVITE after authentication) is received, Kamailio finds the un-destroyed dialog and falsely think this message belongs to a spiraled request and thus does not register the tm_callbacks for the responses. Thus, the dialog stays in state 1 forever. Probably there are 2 bugs: 1. The dialog callbacks are not executed on script exit (this works fine in Kamailio 4.1.7) 2. The spiral detection code is buggy. Just because a dialog exists is not a proof for a spiral. In fact, a request with only 1 Via header can never be a spiraled request. regards Klaus On 22.01.2015 21:02, Jan Hazenberg wrote: Klaus, Yes, that solves the problem here as well. Thanks, Jan Klaus Darilion schreef op 2015-01-22 16:16: Hi Jan! I replaced dlg_manage with setflag(dialog flag). This way the dialog is created only when a transaction is created. It solved my problems. regards Klaus On 22.01.2015 14:47, Klaus Darilion wrote: Nice, I have the same problem after upgrading from 4.1.7 to 4.2.2. . in my case it seems the dialog callbacks are not executed for responses ... I am still debugging . On 22.01.2015 13:25, Jan Hazenberg wrote: Hi All, I'm running into a issue with the dialog module since the upgrade from 4.2.1 to 4.2.2. I use the dialog module to add extra vars to the cdr's generated by the ACC module. I use the following config: # - dialog params - modparam(dialog, enable_stats, 1) modparam(dialog, dlg_match_mode, 1) modparam(dialog, dlg_flag, FLT_DLG) modparam(dialog, rr_param, did) modparam(dialog, wait_ack, 1) # Create dialog if (method==INVITE) { # Create Dialog dlg_manage(); # Add test dialog var $dlg_var(src_ua) = $hdr(User-Agent); } This seems to work fine on kamailio 4.2.1 but after the upgrade i see the following errors in the logs: Jan 22 13:16:57 sip /usr/sbin/kamailio[2773]: CRITICAL: dialog [dlg_hash.c:901]: log_next_state_dlg(): bogus event 6 in state 1 for dlg 0x7f2f0332ed40 [3693:11222] with clid '9192c5fc24627a14c2ec42f084a96587@192.168.149.126' and tags '4017642921' '' Jan 22 13:17:01 sip /usr/sbin/kamailio[2770]: CRITICAL: dialog [dlg_hash.c:901]: log_next_state_dlg(): bogus event 7 in state 1 for dlg 0x7f2f0332ed40 [3693:11222] with clid '9192c5fc24627a14c2ec42f084a96587@192.168.149.126' and tags '4017642921' '' If i'm correct bogus event 6 in state 1 indicates that a ACK whas received while the dialog still was in unconfirmed state. Should i catch the 200 OK on the INVITE to update the dialog? Thanks, Jan Hazenberg ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Dialog module generates error since upgrade to 4.2.2
I think the problem with 4.2.2. is the following: After dialog cleanup code is not executed after script exit. Thus, if the dialog is created without generating a transaction, e.g.: ... dialog_manage(); ... some checks sl_send_reply(); exit; the dialog is created, but not destroyed after exit. Thus, next time a request with identical dialog IDs (e.g the second INVITE after authentication) is received, Kamailio finds the un-destroyed dialog and falsely think this message belongs to a spiraled request and thus does not register the tm_callbacks for the responses. Thus, the dialog stays in state 1 forever. Probably there are 2 bugs: 1. The dialog callbacks are not executed on script exit (this works fine in Kamailio 4.1.7) 2. The spiral detection code is buggy. Just because a dialog exists is not a proof for a spiral. In fact, a request with only 1 Via header can never be a spiraled request. regards Klaus On 22.01.2015 21:02, Jan Hazenberg wrote: Klaus, Yes, that solves the problem here as well. Thanks, Jan Klaus Darilion schreef op 2015-01-22 16:16: Hi Jan! I replaced dlg_manage with setflag(dialog flag). This way the dialog is created only when a transaction is created. It solved my problems. regards Klaus On 22.01.2015 14:47, Klaus Darilion wrote: Nice, I have the same problem after upgrading from 4.1.7 to 4.2.2. . in my case it seems the dialog callbacks are not executed for responses ... I am still debugging . On 22.01.2015 13:25, Jan Hazenberg wrote: Hi All, I'm running into a issue with the dialog module since the upgrade from 4.2.1 to 4.2.2. I use the dialog module to add extra vars to the cdr's generated by the ACC module. I use the following config: # - dialog params - modparam(dialog, enable_stats, 1) modparam(dialog, dlg_match_mode, 1) modparam(dialog, dlg_flag, FLT_DLG) modparam(dialog, rr_param, did) modparam(dialog, wait_ack, 1) # Create dialog if (method==INVITE) { # Create Dialog dlg_manage(); # Add test dialog var $dlg_var(src_ua) = $hdr(User-Agent); } This seems to work fine on kamailio 4.2.1 but after the upgrade i see the following errors in the logs: Jan 22 13:16:57 sip /usr/sbin/kamailio[2773]: CRITICAL: dialog [dlg_hash.c:901]: log_next_state_dlg(): bogus event 6 in state 1 for dlg 0x7f2f0332ed40 [3693:11222] with clid '9192c5fc24627a14c2ec42f084a96587@192.168.149.126' and tags '4017642921' '' Jan 22 13:17:01 sip /usr/sbin/kamailio[2770]: CRITICAL: dialog [dlg_hash.c:901]: log_next_state_dlg(): bogus event 7 in state 1 for dlg 0x7f2f0332ed40 [3693:11222] with clid '9192c5fc24627a14c2ec42f084a96587@192.168.149.126' and tags '4017642921' '' If i'm correct bogus event 6 in state 1 indicates that a ACK whas received while the dialog still was in unconfirmed state. Should i catch the 200 OK on the INVITE to update the dialog? Thanks, Jan Hazenberg ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] RFC: best way to create dialogs
Hi! I use the dialog module to count and limit concurrent calls per user. It worked fine with 4.1.7 but fails with 4.2.2. My config basically looks like: route{ ... dlg_manage() ... authentication (stateless replies + exit) ... t_on_reply() t_on_branch() ... t_relay() exit; } initial_cbs_inscript uses the default value 1. Using 4.1.7, after stateless reply+exit, Kamailio executes dialog callbacks and deletes the dialog: [dlg_var.c:55]: dlg_cfg_cb(): new dialog with no trasaction after config execution [dlg_hash.c:872]: dlg_unref(): unref dlg 0xb233c3a0 with 1 - 1 [dlg_hash.c:872]: dlg_unref(): unref dlg 0xb233c3a0 with 1 - 0 [dlg_hash.c:872]: dlg_unref(): ref =0 for dialog 0xb233c3a0 [dlg_hash.c:355]: destroy_dlg(): destroying dialog 0xb233c3a0 (ref 0) With 4.2.2, after stateless reply+exit, Kamailio just exits without calling any dialog callback (to destroy the dialog) I think I could work around the problem by creating the transaction later. Here are some ideas and I would be happy about your comments and best practices. - set initial_cbs_inscript to 0 - call dlg_manage() just before t_relay - do not use dlg_manage() but use the dialog flag and set the flag somewhere before t_relay Finally, do t_on_reply() and t_on_branch() already create the transaction or is it created with t_relay()? Thanks Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Dialog module generates error since upgrade to 4.2.2
Nice, I have the same problem after upgrading from 4.1.7 to 4.2.2. . in my case it seems the dialog callbacks are not executed for responses ... I am still debugging . On 22.01.2015 13:25, Jan Hazenberg wrote: Hi All, I'm running into a issue with the dialog module since the upgrade from 4.2.1 to 4.2.2. I use the dialog module to add extra vars to the cdr's generated by the ACC module. I use the following config: # - dialog params - modparam(dialog, enable_stats, 1) modparam(dialog, dlg_match_mode, 1) modparam(dialog, dlg_flag, FLT_DLG) modparam(dialog, rr_param, did) modparam(dialog, wait_ack, 1) # Create dialog if (method==INVITE) { # Create Dialog dlg_manage(); # Add test dialog var $dlg_var(src_ua) = $hdr(User-Agent); } This seems to work fine on kamailio 4.2.1 but after the upgrade i see the following errors in the logs: Jan 22 13:16:57 sip /usr/sbin/kamailio[2773]: CRITICAL: dialog [dlg_hash.c:901]: log_next_state_dlg(): bogus event 6 in state 1 for dlg 0x7f2f0332ed40 [3693:11222] with clid '9192c5fc24627a14c2ec42f084a96587@192.168.149.126' and tags '4017642921' '' Jan 22 13:17:01 sip /usr/sbin/kamailio[2770]: CRITICAL: dialog [dlg_hash.c:901]: log_next_state_dlg(): bogus event 7 in state 1 for dlg 0x7f2f0332ed40 [3693:11222] with clid '9192c5fc24627a14c2ec42f084a96587@192.168.149.126' and tags '4017642921' '' If i'm correct bogus event 6 in state 1 indicates that a ACK whas received while the dialog still was in unconfirmed state. Should i catch the 200 OK on the INVITE to update the dialog? Thanks, Jan Hazenberg ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] fix_nated_contact and IPv6
Sounds like a bug. Anyway, as fix_nated_contact is not standard conform, it is better to use handle_ruri_alias() and add_contact_alias() (see the Kamailio default config file). Maybe they handle also IPv6 correct. regards Klaus On 22.01.2015 16:26, Sebastian Damm wrote: Hi, I'm trying to set up a Kamailio (4.1.3) server which converts between IPv6 and IPv4. Everything looks pretty good. Now I have a test client which sends packets via IPv6, but in contact header, SDP etc. there are still IPv4 addresses. (This comes from some converting from v4 to v6 earlier.) Thus, Kamailio tries to do a fix_nated_contact(). But after fixing, the Contact URI is wrong. Example: inbound Contact: sip:bob@192.168.8.132 mailto:sip%3Abob@192.168.8.132 outbound Contact: sip:bob@1234:1234:0:1234:0:0:0:2 The correct way of transforming the Contact URI would be: Contact: sip:bob@[1234:1234:0:1234:0:0:0:2] This incorrect Contact URI doesn't hurt first, but when the called party wants to hang up the call, it addresses the URI from Contact header, and Kamailio can't parse the Request URI: Jan 22 12:03:48 router /usr/sbin/kamailio[21309]: ERROR: pv [pv_core.c:304]: pv_get_ruri_attr(): failed to parse the R-URI Jan 22 12:03:48 router /usr/sbin/kamailio[21309]: ERROR: rr [loose.c:934]: loose_route(): failed to parse Request URI Jan 22 12:03:48 router /usr/sbin/kamailio[21309]: ERROR: domain [domain.c:140]: is_uri_host_local(): error while parsing R-URI Is this a bug in the nathelper module? Was it never meant to handle IPv6 addresses? Or do I understand something wrong? Best Regards, Sebastian ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Dialog module generates error since upgrade to 4.2.2
Hi Jan! I replaced dlg_manage with setflag(dialog flag). This way the dialog is created only when a transaction is created. It solved my problems. regards Klaus On 22.01.2015 14:47, Klaus Darilion wrote: Nice, I have the same problem after upgrading from 4.1.7 to 4.2.2. . in my case it seems the dialog callbacks are not executed for responses ... I am still debugging . On 22.01.2015 13:25, Jan Hazenberg wrote: Hi All, I'm running into a issue with the dialog module since the upgrade from 4.2.1 to 4.2.2. I use the dialog module to add extra vars to the cdr's generated by the ACC module. I use the following config: # - dialog params - modparam(dialog, enable_stats, 1) modparam(dialog, dlg_match_mode, 1) modparam(dialog, dlg_flag, FLT_DLG) modparam(dialog, rr_param, did) modparam(dialog, wait_ack, 1) # Create dialog if (method==INVITE) { # Create Dialog dlg_manage(); # Add test dialog var $dlg_var(src_ua) = $hdr(User-Agent); } This seems to work fine on kamailio 4.2.1 but after the upgrade i see the following errors in the logs: Jan 22 13:16:57 sip /usr/sbin/kamailio[2773]: CRITICAL: dialog [dlg_hash.c:901]: log_next_state_dlg(): bogus event 6 in state 1 for dlg 0x7f2f0332ed40 [3693:11222] with clid '9192c5fc24627a14c2ec42f084a96587@192.168.149.126' and tags '4017642921' '' Jan 22 13:17:01 sip /usr/sbin/kamailio[2770]: CRITICAL: dialog [dlg_hash.c:901]: log_next_state_dlg(): bogus event 7 in state 1 for dlg 0x7f2f0332ed40 [3693:11222] with clid '9192c5fc24627a14c2ec42f084a96587@192.168.149.126' and tags '4017642921' '' If i'm correct bogus event 6 in state 1 indicates that a ACK whas received while the dialog still was in unconfirmed state. Should i catch the 200 OK on the INVITE to update the dialog? Thanks, Jan Hazenberg ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] tsilo question
Hi! Currently tsilo allows to add branches in failure route or request route (e.g. on REGISTER). would be be possible to allow this function also in reply routes? E.g. if one branch replies with 3xx, to add a new branch to the CFWD target but still have the other branches ringing. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] reREGISTER problems: contact is inserted instead updated
Hi! Kamailio 4.1.6 with default settings for usrloc and registrar modul and db_mode=1 (write through). Fritzbox sends a reREGISTER and Kamailio tries to insert the contact into the database, but this fails as this contact for this AoR already exists. So I think there are 2 scenarios: Kamailio false INSERTs instead of UPDATEs the contact, or the contact was deleted from usrloc, but not from the database. Frankly I see the in the mysql logfile that immediately after the failed INSERT the record is deleted from DB. Does anybody have a pointer what might be the problem here? AFAIS the client always uses the same Contact and the same call-id. only Cseq increases. Thanks Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] reREGISTER problems: contact is inserted instead updated
I just found out that a previous call to this user was rejected with 480. This means, that the client was not registered. Thus, the INSERT into the DB seems correct. So, was the contact expired from usrloc but not deleted from DB? Do you know such problems? Thanks Klaus On 18.11.2014 18:20, Klaus Darilion wrote: Hi! Kamailio 4.1.6 with default settings for usrloc and registrar modul and db_mode=1 (write through). Fritzbox sends a reREGISTER and Kamailio tries to insert the contact into the database, but this fails as this contact for this AoR already exists. So I think there are 2 scenarios: Kamailio false INSERTs instead of UPDATEs the contact, or the contact was deleted from usrloc, but not from the database. Frankly I see the in the mysql logfile that immediately after the failed INSERT the record is deleted from DB. Does anybody have a pointer what might be the problem here? AFAIS the client always uses the same Contact and the same call-id. only Cseq increases. Thanks Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] uac_from_replace does not restore when changing display name only
Hi! It seems that uac_replace_from does restore the original URI only if the From URI is changed. Only changing the Display-name, eg: uac_replace_from($avp(pad),); does not add the RR-cookie, thus the original will not be restored (e.g. on responses). Is this on purpose or a bug? regards Klaus PS: The workaround is: uac_replace_from($avp(pad),$fu); ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] uac_from_replace does not restore when changing display name only
Further more, auto mode with restore_dlg=1 does automatically change the From-uri for in-dialog requests, but not the From-display name. Is this also intended? Thanks Klaus On 10.10.2014 16:02, Klaus Darilion wrote: Hi! It seems that uac_replace_from does restore the original URI only if the From URI is changed. Only changing the Display-name, eg: uac_replace_from($avp(pad),); does not add the RR-cookie, thus the original will not be restored (e.g. on responses). Is this on purpose or a bug? regards Klaus PS: The workaround is: uac_replace_from($avp(pad),$fu); ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] [sr-dev] RFC: updating default values
On 02.10.2014 10:48, Juha Heinanen wrote: Daniel-Constantin Mierla writes: One more came in my mind: - failure_reply_mode in tm set to 3 (now is 0) i have been using 3 there. IMO this makes sense ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Relaying ACK to Asterisk
Something is going wrong here: On 24.09.2014 18:41, Igor Potjevlesch wrote: DEBUG: rr [loose.c:90]: is_preloaded(): is_preloaded: No That's correct. The ACK is not pre-loaded (with a route set). Checking first local URI (either alias= or listen= statement) DEBUG: core [socket_info.c:583]: grep_sock_info(): grep_sock_info - checking if host==us: 14==14 [IP_KAMAILIO_ASTERISK] == [IP_KAMAILIO_ASTERISK] DEBUG: core [socket_info.c:587]: grep_sock_info(): grep_sock_info - checking if port 5060 (advertise 0) matches port 4060 Checking seconf local URI (either alias= or listen= statement) DEBUG: core [socket_info.c:583]: grep_sock_info(): grep_sock_info - checking if host==us: 14==12 [IP_KAMAILIO_ASTERISK] == [192.168.0.19] DEBUG: core [socket_info.c:587]: grep_sock_info(): grep_sock_info - checking if port 5060 (advertise 0) matches port 4060 DEBUG: core [forward.c:448]: check_self(): check_self: host != me Correctly detects that the RURI does not address Kamailio, but DEBUG: rr [loose.c:674]: after_strict(): Next hop: 'sip:IP_KAMAILIO_ASTERISK;lr=on' is loose router This means, that check_self returned 1 (match) although it didn't matched. This means that the _check_self_func_list (forward.c) is populated and matches the RURI. Thus, the RURI does not match one of the standard aliases (the ones learned by the listen=... statements) but some other module registered a callback which returns MATCH, and thus Kamailio thinks the previous hop is a strict router: DEBUG: rr [loose.c:724]: after_strict(): The last route URI: 'sip:IP_KAMAILIO_ASTERISK;lr=on' please post your complete alias= and listen=... config. Further, I suspect that you register additional aliases via domain or corex module and these additional aliases match the RURI. So review your domain and corex configuration. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Relaying ACK to Asterisk
Proxy-Authorization: Digest username=ABCDEFGHIJ,realm=sip.fqdn.tld,nonce=VCGI/FQhh9AbPlF1XLMvEaetTC aGX9CM,uri=sip:1...@sip.fqdn.tld,algorithm=MD5,response=55ca32ecf5ab7b328 95fd2e545d7033c Authentication Scheme: Digest Username: ABCDEFGHIJ Realm: sip.fqdn.tld Nonce Value: VCGI/FQhh9AbPlF1XLMvEaetTCaGX9CM Authentication URI: sip:1...@sip.fqdn.tld Algorithm: MD5 Digest Authentication Response: 55ca32ecf5ab7b32895fd2e545d7033c Contact: 22 sip:ABCDEFGHIJ@IP_UAC:5060 SIP Display info: 22 Contact URI: sip:ABCDEFGHIJ@IP_UAC:5060 Contact URI User Part: ABCDEFGHIJ Contact URI Host Part: IP_UAC Contact URI Host Port: 5060 User-Agent: Linksys/WRP400-2.00.32 Content-Length: 0 Regards, Igor. -Message d'origine- De : sr-users-boun...@lists.sip-router.org [mailto:sr-users-boun...@lists.sip-router.org] De la part de Klaus Darilion Envoyé : mardi 23 septembre 2014 16:04 À : Kamailio (SER) - Users Mailing List Objet : Re: [SR-Users] Relaying ACK to Asterisk dump the whole ACK packet received by Kamailio, and the packet looped by Kamailio regards Klaus On 20.08.2014 18:38, Igor Potjevlesch wrote: Hello, I’m having trouble with this scenario (Kamailio and Asterisk are working on the same server, Asterisk listens on 4060 instead of 5060): the UAC sends an ACK request with the following R-URI: sip:955*95%23@IP_ASTERISK/KAMAILIO:4060 sip:955*95%23@%3cIP_ASTERISK/KAMAILIO%3e:4060. When I’m doing a capture on loopback interface, I just see an ACK request from IP IP_ASTERISK/KAMAILIO:5060 to IP IP_ASTERISK/KAMAILIO:5060. So the ACK seems to loop inside Kamailio. What could explain that the good port defined by the UAC is deleted? Regards, Igor. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] upgrade question to Kamailio 4, how to handle ruid in location/aliases
Hi! I have to upgrade a production server from 3.x to 4.x. 4.x added a unique constraint on ruid. I have plenty of entries in aliases and usrloc table. How do I update these entries to get the ruid field populated? Can I do an upgrade reusing the entries stored in the usrloc table or do I have to truncate the table and then wait until every client reREGISTERs? Thanks Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Relaying ACK to Asterisk
dump the whole ACK packet received by Kamailio, and the packet looped by Kamailio regards Klaus On 20.08.2014 18:38, Igor Potjevlesch wrote: Hello, I’m having trouble with this scenario (Kamailio and Asterisk are working on the same server, Asterisk listens on 4060 instead of 5060): the UAC sends an ACK request with the following R-URI: sip:955*95%23@IP_ASTERISK/KAMAILIO:4060 sip:955*95%23@%3cIP_ASTERISK/KAMAILIO%3e:4060. When I’m doing a capture on loopback interface, I just see an ACK request from IP IP_ASTERISK/KAMAILIO:5060 to IP IP_ASTERISK/KAMAILIO:5060. So the ACK seems to loop inside Kamailio. What could explain that the good port defined by the UAC is deleted? Regards, Igor. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Location of Encryption Algorithm in TLS Module
The TLS module uses OpenSSL libraries. You can force a dedicated algorithm with the standard OpenSSL methods. If you want to change an algorithm, you have to change OpenSSL. regards Klaus On 10.09.2014 08:09, aawaise wrote: Hello, I have downloaded and unzipped kamailio package available online. I want to know about TLS module, My question is that where is the encryption module located in TLS module ?? Is it in some .c file of TLS module or does TLS module use AES encryption available in LINUX or UNIX systems?? This question arises because I want to customize AES algorithm ?? Can it be done in TLS module or not ?? Regards, Aawaise -- View this message in context: http://sip-router.1086192.n5.nabble.com/Location-of-Encryption-Algorithm-in-TLS-Module-tp130442.html Sent from the Users mailing list archive at Nabble.com. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] [sr-dev] new module db_kazoo
Kazoo seems to be a product name of 2600Hz. If the module is generic, then I would suggest to name it amqp, which better describe what it does. regards Klaus On 09.09.2014 14:44, Daniel-Constantin Mierla wrote: Hello, I see there are some new functions prefixed with kazoo_, using a terminology familiar with presence extensions. Also, looking at the source code a bit, the module doesn't seem to be an implementation of a database connector. Am I right? I mean, just for example, it cannot be used as a replacement for db_mysql. If it is not a database connector, then I would suggest to remove the db_ prefix from the name of the module, because it creates confusion. Several years ago, database connectors used to have any kind of name, but it was decided to prefix them with 'db_' to be easier to spot and manage. As I see it right now, I would choose either simply 'kazoo', 'amqp_kazoo' or something else without db_ prefix. Cheers, Daniel On 09/09/14 14:12, Luis Azedo wrote: Hi Daniel, you can check our current code at https://github.com/2600hz/kazoo-kamailio/tree/4.0https://github.com/2600hz/kazoo-kamailio/tree/4.0 this is already compatible with master from kamailio (tests running ok). we will start to update the docs when we commit to master and will get it ready before 4.2. For a better clarification, do the json payloads flowing via AMQP have a structure specific for kazoo? I mean the object structure, how are the fields name set, from the name of the columns? Is there a wrapper to specify the command (e.g., insert, delete, select)? Or maybe you can provide an example of such object... No, the payloads are what you want. here's a sample on how we are using to handle REGISTER messages if ($sht(auth_cache=$Au) != $null pv_auth_check($fd, $sht(auth_cache=$Au), 0, 0)) { xlog(L_INFO, $ci|log|authenticated $Au via cached SIP creds); } else { ## RABBITMQ - Credentials fetch ## build the payload $var(amqp_payload_request) = {'Event-Category' : 'directory' , 'Event-Name' : 'authn_req', 'Method' : 'REGISTER', 'Auth-Realm' : ' + $fd + ', 'Auth-User' : ' + $fU + ', 'From' : ' + $fu + ', 'To' : ' + $tu +' }; $var(amqp_routing_key) = authn.req. + $(fd{kz.encode}); // kz.encode is a helper function to encode properly to amqp if(kazoo_query(callmgr, $var(amqp_routing_key), $var(amqp_payload_request))) { // kazoo_query publishes and expects answer xlog(L_DBG, $ci|log|amqp_result = $kzR); // $kzR is the result payload $var(password) = $(kzR{kz.json,Auth-Password}); // kz.json is a helper to extract values from payload, nested values are permitted // it could be something like $(kzR{kz.json,*Channels[0].switch_url* }) if($var(password) != $null) { if (!pv_auth_check($fd, $var(password), 0, 0)) { we build the payload and publish it to rabbitmq, in this case we wait for a correlated msg to get the result. kazoo_publish - sends only kazoo_query - sends and waits for correlated answer here's an example on how we subscribe to a exchange event_route[kazoo:mod-init] { #!ifdef PRESENCE-ROLE $var(payload) = { 'exchange' : 'dialoginfo' , 'type' : 'direct', 'queue' : 'BLF-QUEUE-MY_HOSTNAME', 'routing' : 'BLF-MY_HOSTNAME', 'auto_delete' : 0, 'durable' : 1, 'no_ack' : 0, 'wait_for_consumer_ack' : 1 }; kazoo_subscribe($var(payload)); #!endif } and how we react when we get a message event_route[kazoo:consumer-event-presence-update] { xlog(L_INFO, received $(kzE{kz.json,Event-Package}) update for $(kzE{kz.json,From})); kazoo_pua_publish($kzE); pres_refresh_watchers($(kzE{kz.json,From}), $(kzE{kz.json,Event-Package}), 1); } the event_route name is built from the payload we receive on the subscription kazoo:consumer-event - fixed -presence - taken from parameter amqp_consumer_event_key -update - taken from parameter amqp_consumer_event_subkey amqp_consumer_event_key and amqp_consumer_event_subkey are for now parameters for the module but we want to make by subscription. from the above example we will change it to $var(payload) = { *'key' : 'fieldname', 'subkey' : 'fieldname'*, 'exchange' : 'dialoginfo' , 'type' : 'direct', 'queue' : 'BLF-QUEUE-MY_HOSTNAME', 'routing' : 'BLF-MY_HOSTNAME', 'auto_delete' : 0, 'durable' : 1, 'no_ack' : 0, 'wait_for_consumer_ack' : 1 }; right now, all interaction is made from configuration script. the long term will be to create a bind structure so that other modules can interact directly with it. let me know if that helps Best *From:* Daniel-Constantin Mierla [mico...@gmail.com] *Sent:* Tuesday, September 09, 2014 4:45 AM *To:*
Re: [SR-Users] [sr-dev] How to uniquely identify SIP WS / WSS endpoint
On 03.09.2014 03:09, Muhammad Shahzad wrote: Thank you so much for your informative response. Yes the peer may be correct term in this sense as i am trying to identify devices (SIP UAs or Proxy) that are directly connected to Kamailio via SIP signalling (i.e. there is no other intermediate SIP device [SIP UA or Proxy] in the middle). That is why top most VIA header looks interesting as it has peer network address that can be used to identify that peer uniquely for both incoming and outgoing SIP requests and responses. However, this works perfectly fine ONLY for TCP, TLS and UDP transports. For WS and WSS, there is no network address, just some random string, which is not guaranteed to be unique in peer context. Anyways for the moment the only workaround i see fit for the situation is to modify WS client code such that i generates this random string uniquely (e.g. something like GUID used by Windows OS or UUID generated by libuuid in Linux). Any other suggestions are warmly welcome. I disagree. IMO it is a bad choice to rely on the Via header. Your software should use only data which is generated locally (and thus trustworthy). The Via header is generated by the peer and may be false or manipulated, and it does not serve your needs. Thus, instead of changing clients to add data tot he Via header you should look for another option. For example, when a client uses outbound and GRUU, Kamailio also has to map some identifiers to transport connections. Thus, I guess there is already some code in Kamailio. Another method, as stated in my previous email, is the IP:port:proto. But not extracted from the Via header, but extracted from the transport layer (e.g. $si, $sp, $proto, ) regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] [sr-dev] How to uniquely identify SIP WS / WSS endpoint
Not sure what you trying to do, but the Via header is for transactions. It may be different for every transaction. Thus, if you need transaction matching (requests to responses) then you are fine and should use purely the branch id. If you want to match messages from one transaction to messages from another transaction (e.g. dialog matching or matching multiple dialogs from the same user) then the Via is probably the wrong choice. Please also note, that the user can put any data into the Via header and this may confuse your application if you blindly trusts all the data in the Via header. For matching dialogs you should use call-id and tags (or use the dialog module). For matching requests from a certain user agent: I think there is no reliable way - GRUU may work if available. But as you are talking about encryption it is more peer related then user-agent related. I say peer as the peer may be another proxy with several user agents behind. To identify peers you should use the data from the transport: IP, port, protocol. That should be unique for a peer. For received messages it should be simple to extract them, for sending, the data should be available too (e.g. in DURI or some references to a TCP connection). regards Klaus On 22.08.2014 02:26, Muhammad Shahzad wrote: Sorry for putting this question on both dev and user mailing lists, as it is a rather theoretical question and i hope some SIP guru on either mail list will answer. For non-WS endpoints which use TCP or UDP for SIP transport, each upstream request has top most VIA header pointing to the previous hop which forwarded the request to current hop while each downstream request has top most VIA header pointing to next hop to which it will be forwarded from current hop. But for WS endpoints, the top most VIA has dummy static value, so there is no way to identify who sent this request or to whom the reply is going to. Please note that i am not specifically interested in network address of remote endpoint (though VIA header is suppose to provide it), i only need to match requests and responses from / to a specific device using SIP v2.0 standard. Any help is highly appreciated. Thank you. ___ sr-dev mailing list sr-...@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Support for TLS server_name extension (aka SNI=server name indication)
Adding SNI was rather easy. I used the original SNI patch for Apache and copy-pasted this patch into Kamailio. We could do this again, but this patch does not have any license details, thus I would recommend to not do it. Unfortunately I haven't found proper SNI API desription of libssl. Maybe we can find some software with SNI support and BSD license and then copy/paste the code. regards Klaus On 02.09.2014 16:49, Daniel-Constantin Mierla wrote: Hi Klaus, thanks for updating on the status. Do you remember what implied to add support for SNI? It should be brought back if we lost it. Maybe you can adapt the old patch if it not something that complex and you have time to look at it. Otherwise, any further details about what you had to do in the past would help to add support for it again. Daniel On 02/09/14 15:57, Klaus Darilion wrote: Indeed, currently Kamailio does not support SNI (was dropped with ser merge) Klaus On 29.08.2014 16:11, Daniel-Constantin Mierla wrote: Hello, starting with 3.0 we got the implementation from SER at that time (being more flexible with config and later getting asynchronous support). A quick grep in the sources shows things related to server_name, but apparently is just for accessing them via cfg selects. I cc-ed Jan who is author of some commits related to server name and Klaus who did the patch for old kamailio -- maybe they remember how far it got with server name implementation and if it got at least the parts from old kamailio to 3.0. Cheers, Daniel On 29/08/14 15:25, Barry Flanagan wrote: Hi, Back in Kamailio 1.5, the release notes state: support for TLS server_name extension (aka SNI=server name indication) However, I cannot find any indication of this in the current TLS docs, and trying to set tls_server_name or server_name in tls.cfg fails with unsupported option. Is this actually supported? Thanks. -Barry Flanagan ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Daniel-Constantin Mierla http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Next Kamailio Advanced Trainings 2014 - http://www.asipto.com Sep 22-25, Berlin, Germany ::: Oct 15-17, San Francisco, USA ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Late parallel forking
On 21.07.2014 14:59, Daniel-Constantin Mierla wrote: Hello, you may get similar results using t_cancel_callid((): - http://kamailio.org/docs/modules/stable/modules/tmx.html#idm8272 For each call you have to store the call-id, cseq and the target user somehow (e.g., using htable). Then, when you have a registration, see if the user has an ongoing call towards him/her. If yes, cancel that transaction and you end up in failure route. Based the flags, you can see it was canceled on purpose and can do another lookup location to get now two branches. You would need to store the initial caller address before looking up location, revert to it in failure route before looking up location again. The behavior is not exactly the same as you requested, as first branch is canceled. But given that the branch will be called again in short time, the user might not notice anything in terms of ringing interruption. The problem may be that there is a missed called on device 1. Maybe this can be avoided by adding the reason header with cause=200 if the client supports it. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Strange avp_check behavior
Answering myself: This is a feature. Assigning AVPs multiple times add an additional AVP with the same name. To overwrite an existing AVP the following syntax is needed: $(avp(pattern)[*]) = . regards Klaus On 07.07.2014 12:50, Klaus Darilion wrote: Hi! Kamailio 4.1.4. When using avp_check with fnmatch and AVP the result is always TRUE if it is true for 1 time. It only happens with $avp(), but not with $var(). Is this a bug or some special behavior of AVPs? xlog(L_ERR, === with $$avp(...)); $avp(rpid) = +499539110; $avp(pattern) = +499539[2-5]; # NO MATCH if (avp_check($avp(rpid), fm/$avp(pattern)/g)) { xlog(L_ERR, $avp(rpid) matches $avp(pattern): YES); } else { xlog(L_ERR, $avp(rpid) matches $avp(pattern): NO); } $avp(pattern) = +499539*; # MATCH if (avp_check($avp(rpid), fm/$avp(pattern)/g)) { xlog(L_ERR, $avp(rpid) matches $avp(pattern): YES); } else { xlog(L_ERR, $avp(rpid) matches $avp(pattern): NO); } $avp(pattern) = +499539[2-5]; # NO MATCH if (avp_check($avp(rpid), fm/$avp(pattern)/g)) { xlog(L_ERR, $avp(rpid) matches $avp(pattern): YES); } else { xlog(L_ERR, $avp(rpid) matches $avp(pattern): NO); } xlog(L_ERR, === with $$var(...)); $var(rpid) = +499539110; $var(pattern) = +499539[2-5]; # NO MATCH if (avp_check($var(rpid), fm/$var(pattern)/g)) { xlog(L_ERR, $var(rpid) matches $var(pattern): YES); } else { xlog(L_ERR, $var(rpid) matches $var(pattern): NO); } $var(pattern) = +499539*; # MATCH if (avp_check($var(rpid), fm/$var(pattern)/g)) { xlog(L_ERR, $var(rpid) matches $var(pattern): YES); } else { xlog(L_ERR, $var(rpid) matches $var(pattern): NO); } $var(pattern) = +499539[2-5]; # NO MATCH if (avp_check($var(rpid), fm/$var(pattern)/g)) { xlog(L_ERR, $var(rpid) matches $var(pattern): YES); } else { xlog(L_ERR, $var(rpid) matches $var(pattern): NO); } -- The result is: script: === with $avp(...) script: +499539110 matches +499539[2-5]: NO script: +499539110 matches +499539*: YES script: +499539110 matches +499539[2-5]: YES script: === with $var(...) script: +499539110 matches +499539[2-5]: NO script: +499539110 matches +499539*: YES script: +499539110 matches +499539[2-5]: NO Thanks Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] Strange avp_check behavior
Hi! Kamailio 4.1.4. When using avp_check with fnmatch and AVP the result is always TRUE if it is true for 1 time. It only happens with $avp(), but not with $var(). Is this a bug or some special behavior of AVPs? xlog(L_ERR, === with $$avp(...)); $avp(rpid) = +499539110; $avp(pattern) = +499539[2-5]; # NO MATCH if (avp_check($avp(rpid), fm/$avp(pattern)/g)) { xlog(L_ERR, $avp(rpid) matches $avp(pattern): YES); } else { xlog(L_ERR, $avp(rpid) matches $avp(pattern): NO); } $avp(pattern) = +499539*; # MATCH if (avp_check($avp(rpid), fm/$avp(pattern)/g)) { xlog(L_ERR, $avp(rpid) matches $avp(pattern): YES); } else { xlog(L_ERR, $avp(rpid) matches $avp(pattern): NO); } $avp(pattern) = +499539[2-5]; # NO MATCH if (avp_check($avp(rpid), fm/$avp(pattern)/g)) { xlog(L_ERR, $avp(rpid) matches $avp(pattern): YES); } else { xlog(L_ERR, $avp(rpid) matches $avp(pattern): NO); } xlog(L_ERR, === with $$var(...)); $var(rpid) = +499539110; $var(pattern) = +499539[2-5]; # NO MATCH if (avp_check($var(rpid), fm/$var(pattern)/g)) { xlog(L_ERR, $var(rpid) matches $var(pattern): YES); } else { xlog(L_ERR, $var(rpid) matches $var(pattern): NO); } $var(pattern) = +499539*; # MATCH if (avp_check($var(rpid), fm/$var(pattern)/g)) { xlog(L_ERR, $var(rpid) matches $var(pattern): YES); } else { xlog(L_ERR, $var(rpid) matches $var(pattern): NO); } $var(pattern) = +499539[2-5]; # NO MATCH if (avp_check($var(rpid), fm/$var(pattern)/g)) { xlog(L_ERR, $var(rpid) matches $var(pattern): YES); } else { xlog(L_ERR, $var(rpid) matches $var(pattern): NO); } -- The result is: script: === with $avp(...) script: +499539110 matches +499539[2-5]: NO script: +499539110 matches +499539*: YES script: +499539110 matches +499539[2-5]: YES script: === with $var(...) script: +499539110 matches +499539[2-5]: NO script: +499539110 matches +499539*: YES script: +499539110 matches +499539[2-5]: NO Thanks Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] check for the number of open branches in Reply
It may work catching 200 OK in reply_route, but catching =300 in failure route. The failure route is executed only once for all branches (it chooses the most important response code) regards Klaus Am 04.06.2014 11:49, schrieb Sebastian Damm: Hi, I have a scenario where I want to send a custom SIP package whenever a call is successfully established or definitely missed. This works pretty well, except when a user has multiple devices online. I need to send exactly one packet. When initiating the call I set a flag, in the reply route I check for that flag, and on the first 4xx or 2xx response the packet gets sent out. After that I reset the flag, so no other packet is generated for another response coming in. Now when a user has two devices and rejects the call on the first one but accepts it on the second, I see this call as missed, not answered. So I need to use the first 2xx response or the last 4xx response. For that I need to find out how many branches are open at the moment. But I'm missing something. I registered two devices on the same AOR. I tried accessing $branch(count) in the onreply route, but it is always 0. $br and $bR are null. Does anyone have an idea, how to get that information in the reply_route? Best Regards, Sebastian ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] many-to-one network topology hide with TOPOH
Seems like you should an B2BUA/SBC (take a look at sems) Am 05.06.2014 20:53, schrieb Maciej Marczyn'ski: Hi Everyone, recently I'm playing around with the topoh module but I couldn't find the functionality I'm looking for. I'd like to hide my network topology before the end-user but not only the IPs of all VIA and RR but also the amount of hops - so to map 4 VIAs to 1 different VIA etc. The idea is to reduce the size of packets as some of my subscribers suffers from packets fragmentation. Do you think it's possible now or maybe easy to implement? Best Regards, Maciej ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Installing Kamailio on Ubuntu
you have to configure APT: http://www.kamailio.org/wiki/packages/debs On 19.03.2014 10:26, Swetha Raj wrote: Hi, I am trying to install Kamailio on Ubuntu 12.04,but hitting the below issue. root@test:/usr/local# apt-get install kamailio kamailio-mysql-modules kamailio-tls-modules Reading package lists... Done Building dependency tree Reading state information... Done E: Unable to locate package kamailio E: Unable to locate package kamailio-mysql-modules E: Unable to locate package kamailio-tls-modules Can anybody point me the right steps to do the same Thanks ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] How to encode domain in username for Asterisk REGISTER forwarding (was: How to configure Kamailio + Asterisk (on same server) to route between several disjoint networks?)
AFAIK Asterisk supports multiple domains, but it seems that is not used for registration. On 09.03.2014 00:58, Alex Villacís Lasso wrote: The above is the non-encoding version. What is the best way to modify it to do a domain encoding in the username? Or, if a better solution exists, what is it? It should work this way: $uac_req(furi)=sip: + $au + _ + $fd + @ + $var(rip) + :5060; $uac_req(turi)=sip: + $au + _ + $td + @ + $var(rip) + :5060; Be aware that $fd/$td can contain an optional port (depends on what the client sends and if you want to accept not only domain.com but also domain.com:5060). So you may need to use one of the transformations to URI-escape the domain part. Of course in the incoming part you have to restore the original URI before lookup() the user. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] how to get value of route param?
On 10.03.2014 06:18, Juha Heinanen wrote: rr module has check_route_param(re) function that can be used to check if local route header has a param that matches re. however, there does not exist a function to find out what is the value of a given rr param. for example, if route header has param ;param=foo, how to extract value foo of param? there is @rr.uri.params select that together with {param.value,name} transformation might be able to do the job? I do it this way: $var(param) = @msg.header.Route[1].nameaddr.uri.params[param]; -- $var(param) == foo regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] [sr-dev] New official Debian and Ubuntu repository
Thanks to all involved On 03.03.2014 14:16, Victor Seva wrote: The new build system for Debian and Ubuntu packages is now in place. This service is kindly sponsored by SipWise [0] thanks to Andreas Granig [1]. Sipwise is providing the hosting and man power to create and manage this new system. deb.kamailio.org is based on jenkins-debian-glue[2] project running on AWS EC2 environment thanks to Michael Prokop [3] and myself. All the needed files, scripts and info to reproduce this system is kept public at [4]. In [5] is described all the repositories available. * nightly builds are been built if a change is detected in the branch, once by night. - kamailiodev-nightly branch: - 'master' distributions: jessie, wheezy, squeeze, precise - kamailio41-nightly branch: - '4.1' distributions: jessie, wheezy, squeeze, precise - kamailio40-nightly branch: - '4.0' distributions: lenny, squeeze, wheezy, lucid, precise - kamailio33-nightly branch: - '3.3' distributions: lenny, squeeze, wheezy, lucid, precise * tags are been built if a new tag is detected once by night. - kamailio41 branch: - '*/tags/4.1*' distributions: jessie, wheezy, squeeze, precise - kamailio40 branch: - '*/tags/4.0*' distributions: lenny, squeeze, wheezy, lucid, precise - kamailio33 branch: - '*/tags/3.3*' distributions: lenny, squeeze, wheezy, lucid, precise Now there is no 4.1.1 package built so the default kamailio repository is pointing to a empty repository. As soon as we release 4.1.2 this will be fixed. Regards, Victor Seva ( kamailio admin hat on ) [0] http://www.sipwise.com/ [1] http://www.kamailio.org/w/andreas-granig/ [2] https://github.com/mika/jenkins-debian-glue [3] http://michael-prokop.at/ [4] https://github.com/sipwise/kamailio-deb-jenkins [5] http://deb.kamailio.org/index.html ___ sr-dev mailing list sr-...@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] prevent relaying to myself
Am 26.02.2014 22:48, schrieb Henry Fernandes: Is there a way to prevent relaying requests to myself in route[RELAY]? To relyable prevent this (eg. the destination IP address (your server IP address) may be hidden behind others domain) you have to check the destination in the branch route. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Replacing an ACME Packet Net-Net SBC
For sure I would use Kamailio as an SBC, but nevertheless I see these sortcoming in Kamailio (I don't know hov other SBCs handle this) - config changes require a restart: most of the time this goes fast, but sometimes processes may fail to start (ports not freed by the OS, ...). Further, statefull cal handling/filtering will be interrupted by the restart. - multiple 'virtual' SBCs. I may want to have multiple SBC instances on my SBC. If I want to separate them (optionally different config, or crashes should not crash other instances), then I need to start multiple Kamailio servers. Combined with plenty of workers per Kamailio and high private instance this may eat my servers memory. - registration forwarding: If you have a registrar which does not support Path, and you can not change the behavior of the registrar, then usually you have to rewrite the Contact header in REGISTER requests and responses. There is no method in Kamailio to properly do this nice and transparently in all headers. There are plenty of functions to mangle with the contacts in many ways, but the logic is hard to implement. And for paranoid security I would add a B2BUA. regards Klaus Am 27.02.2014 10:43, schrieb Carsten Bock: Hi Luis, i wouldn't be too sure of that: - HMR can be done with Text-Ops - all the SIP-Routing options can be done by routing-logic (e.g. by Route-Header, by Time of day, by method, ...) The only thing missing here, is maybe acting as a B2BUA and proper support for Session-Timers (which are end-to-end). But if you combine Kamailio with e.g. a SEMS-SBC, you won't miss a thing. One can even discuss, if a B2BUA and Session-Timers are a required feature for an SBC. If you go for the commercial Big-Brother of SEMS (Frafos ABC-SBC), you even get live-failovers without service-interruption as with an AcmePacket-SBC; together with a web-based frontend for administering your services. The difficulty is, that you have to implement the routing logic for Kamailio youself instead of having a CLI or a Windows App for administering your SBC. After working with AcmePacket, Kamailio and SEMS, i don't miss any feature of AcmePacket. Just my $0.02, Carsten 2014-02-27 10:29 GMT+01:00 Luis Silva luisfilsi...@gmail.com: Don't understand how is it possible to compare Kamailio with the Acme Packet SBC. Just to give an example, the DoS mechanism available on the AP SBC can't be compared with any other solution available on the market. You will also have HMRs, SIP Routing options out-of-the-box (like time of the day routing, sip method based, cost based, traffic classification based, lb, trunk group, enum,lrt, multistage, route header based, redirect, etc etc) and infinite number of features that you will for sure miss if you plan on making that replacement. On Thu, Feb 27, 2014 at 8:54 AM, Olle E. Johansson o...@edvina.net wrote: On 27 Feb 2014, at 07:29, Alex Balashov abalas...@evaristesys.com wrote: No howto for that, and more than there is a howto for developing a messenger and selling it to Facebook for $20bn. Damn. I can stop googling now then. /O :-) ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] How to configure Kamailio + Asterisk (on same server) to route between several disjoint networks?
Am 27.02.2014 23:43, schrieb Alex Villacís Lasso: Is this setup recognizable as an already-solved problem (minus the localhost trick)? How is it done correctly? I think your setup is too complex. If I didn't missed your requirements I think you can do it this way: From routing point of view, you could do the setup with Asterisk, without KAmailio. IF you need Kamailio too (for whatever features) then what about this: | Server | || client1---net1---| IP1:5060 Kamailio |---\ | | \ client2---net2---| IP2:5060 Kamailio |--\ | || / / | 0.0.0.0:5070 Asterisk |--- | 0.0.0.0:1-2: Asterisk RTP | Block port 5070 from outside with iptables, so clients are forced through Kamailio. For the communication between Asterisk and Kamailio use the same socket as for the communication with the clients and Kamailio, eg: client1-IP --- IP1:5060 --- Kamailio IP1:5060 | IP1:5070 \ Asterisk / IP2:5070 --- | client2-IP --- IP2:5060 --- Kamailio IP2:5060 Asterisk usually uses the local routing table to find the IP address to put in the SDP. As the communication with client 1 is via Kamailio IP1 and with client 2 via Kamailio IP2, Asterisk should populate the SDP correctly. Further, if you configure Kamailio with mhomed=1 and forward to ASterisk always using the proper IP, e.g a request which is received on IP1:5060 is forwarded to IP1:5070, then also the Route/Record-Route and Via headers should be populated correctly. For REGISTER routing I think it is best to use Path header (new Asterisks should support this). regards Klaus PS: I have not tried it but I am quite sure it should work. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] How to configure Kamailio + Asterisk (on same server) to route between several disjoint networks?
Puh, too many questions in one email. First, you should describe what you want to achieve. Eg. is there routing between the networks done by the server? E.g. can a clinet on 10.1.0.0/24 ping a client on 192.168.0.0/16? If yes, there is no need for Kamailio/Asterisk to listen on multiple interfaces. If there is no routing, you need to have a media relay too. Either use rtpproxy or just configure Asterisk with canreinvite=no to avoid media offloading. So, what setup have you choosen? Then we can think about problems. regards Klaus Am 25.02.2014 23:31, schrieb Alex Villacís Lasso: As part of a project, I have installed a CentOS 6 test system (a virtual machine) with Asterisk 11.7.0 and Kamailio 4.1.1 downloaded from http://download.opensuse.org/repositories/home:/kamailio:/telephony/CentOS_CentOS-6/x86_64/. I am trying to setup a combination of Kamailio and Asterisk that will route SIP calls between all the configured networks in the test setup, in addition to being capable of using Asterisk in order to handle PSTN and IAX2 calls. I am using the following online guide to modify my kamailio.cfg: http://kb.asipto.com/asterisk:realtime:kamailio-4.0.x-asterisk-11.3.0-astdb . Based on this, I generated the attached patch for my Kamailio configuration My test setup has the following network interfaces: eth0: 10.1.0.3, on network 10.1.0.0/24 eth1: 192.168.5.18, on network 192.168.0.0/16 eth2: 10.0.0.2, on network 10.0.0.0/24 lo: 127.0.0.1, on network 127.0.0.0/8 I first configured Asterisk with SIP realtime support (with no Kamailio), and tested that all configured accounts could register from all interfaces, and that Asterisk could properly route media between any two disjoint networks. After installing Kamailio, the guide called for disabling Asterisk SIP authentication by setting passwords to NULL, and moving Asterisk SIP to a different port (I chose 5080) so that Asterisk and Kamailio could run on the same machine. At this point, the SIP clients (one softphone and one VoIP phone) can now register at port 5080 without authentication. In the process of changing my Kamailio configuration according to the attached patch, the guide says that I should configure the IP of the network interface as the value of asterisk.bindip and kamailio.bindip. After performing all required changes, Kamailio does take over authentication at the default port of 5060. Testing shows that for all SIP clients with IPs belonging to the same network as the configured asterisk.bindip, both registration and media exchange work correctly, and that the SIP clients are still capable of calling into the Asterisk dialplan, and therefore, routing into Asterisk resources. For SIP clients in disjoint networks, the failure mode depends on whether mhomed is enabled or disabled in kamailio.cfg. For mhomed=0 (or unset), I have the following situation between the two SIP clients (one at 10.1.0.1, the other at 10.0.0.3), as shown by sip show peers in Asterisk (when asterisk.bindip is set to 192.168.5.18): Privilege escalation protection disabled! See https://wiki.asterisk.org/wiki/x/1gKfAQ for more details. Name/username Host Dyn Forcerport ACL Port Status Description Realtime gatitoscomx64am_100/gatit 10.1.0.3 D N A 5060 OK (16 ms) Cached RT gatitoscomx64am_101/gatit 10.0.0.2 D N A 5060 OK (36 ms) Cached RT gatitoscomx64am_IM101 (Unspecified) D N A 0 UNREACHABLE Cached RT 3 sip peers [Monitored: 2 online, 1 offline Unmonitored: 0 online, 0 offline] If I try to call from one SIP client to an extension in the Asterisk dialplan that does NOT map to a SIP client in a disjoint network, the media exchange works (with negotiatied media IP in the same network as the SIP client), regardless of whether the calling client belongs in the same network as asterisk.bindip. If I try to call from the same SIP client to an extension that maps to a SIP client in a disjoint network, the call fails, and I get the spoken message about the user at extension such-and-such being unavailable. Additionally, I get the following error message in the Asterisk logs: [Feb 25 16:53:14] NOTICE[13807][C-0003] chan_sip.c: Call from 'gatitoscomx64am_101' (10.0.0.2:5060) to extension 'gatitoscomx64am_101' rejected because extension not found in context 'gatitoscomx64am-from-internal'. For mhomed=1, the output of sip show peers changes to the following (when asterisk.bindip is set to 192.168.5.18): Privilege escalation protection disabled! See https://wiki.asterisk.org/wiki/x/1gKfAQ for more details. Name/username Host Dyn Forcerport ACL Port Status Description Realtime gatitoscomx64am_100/gatit 192.168.5.18 D N A 5060 OK (19 ms) Cached RT gatitoscomx64am_101/gatit 192.168.5.18 D N A
Re: [SR-Users] websocket relay
listen=tcp:10.2.3.4:5080 You only have a single socket: TCP. If you want to use websocket over TLS you need at least also: listen=tls:10.2.3.4:5090 (or whatever port you like, eg. 443) Further, if you talk to Asterisk with UDP, you also need a udp listen statement. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Change of source ip address
I am a bit confused. I suspect with SBC you mean the Kamailio proxy? On 05.02.2014 14:54, Diego Alejandro Ozuna Escalada wrote: When a UA sends an INVITE to the SBC, the responses (back) to UA are being sent with the correct external source IP (X.X.248.194) but if there are retransmissions of these responses, after 6 seconds, the source IP changes to the internal ip (X.X.248.21) Are you sure it is a retransmission, or maybe it is a new branch of an existing transaction, e.g. triggered by a failure route? You can differ them by different branch id in the topmost Via header (carefully check the last character). If it is really due to a new branch created in a failure route, make sure to force the send socket also in the failure route. PS: If you have a nice working IP setup, e.g. one external interface (used by the default route) and one internal interface (a different subnet, dedicated routes for the internal network) then you could just set mhomed=1 in kamailio.cfg and Kamailio can automatically always select the correct send-socket. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] NAT helper frustrations with multiple kamailios
On 05.02.2014 11:20, Daniel Tryba wrote: The problem I have with add_contact_alias/handle_ruri_alias is that any kamailio in the path will parse these hints whether or not it is actually ment for that kamailio. handle_ruri_alias should only be used by the last proxy in the chain, thus by the proxy which does forwarding based on the RURI, not on Router headers. This is actually what the default config does: # URI update for dialog requests 802 route[DLGURI] { 803 #!ifdef WITH_NAT 804 if(!isdsturiset()) { 805 handle_ruri_alias(); 806 } 807 #!endif 808 return; 809 } loose_route() will no set the dest-uri if it is the last proxy in the chain. If you do not use record-routing, but some static routing, then you have to implement a different logic. btw: unless you need to save bandwith on media relays you can skip the uac_nat_tests and always* add_contact_alias() *of course always only on the first proxy which receives the request (request or response). With requests it is easy: There must be only 1 Via header. For responses it is more difficult - thus you need some manual logic, for example: if you send to an external domain, than the external domain must do the NAT traversal, if you send the request within you local domain, then the proxy should have proper knowledge if the request is sent to a SIP client, or some other proxy. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] kamailio as sip router and rtp proxy without reg on kamailio
Read the default configuration to understand how routing within Kamailio works. Regarding REGISTER: just remove all the REGISTER handling (and PUBLISH, SUBSCRIBE and NOTIFY) in the config, then the REGISTERs will be routed like all other messages. Then take a look at the PSTN gateway feature. Use this (or similar) to route the calls to Asterisk (just do not analyze the userpart if it is a phone number but handle all requests like PSTN calls and send them to the gateway (- the Asterisk server). Further, use 2 listen statements: listen=udp:external-IP:port listen=udp:internal-IP:port When sending from internal to external (or in the othe direction) use the force_send_socket() to force the proper outgoing socket. regards Klaus On 04.02.2014 17:41, *sm1Ly wrote: hello all again. trying the third day... my cfg is: http://pastebin.com/vMHd7kki I need scheme like: any_sip_device_on_internet_nated_and_not = kamailio ext ip (194.190.8.171) | kamailio int ip (50.0.0.1) = asterisk (50.0.0.10) a do not need realtime configuration of asterisk. I only need forward everything to asterisk. and after signalling will work, I need rtp too... but its the long way I think. so how I must config kamailio that it doesnt answer 200 when I send register? it looks like sip device send register, kamailio fwd it, but answer to device 200. and than my device doesnt resend register normal. some dump: 20:40:44.649660 IP (tos 0x0, ttl 121, id 14950, offset 0, flags [none], proto UDP (17), length 583) 77.37.241.151.5060 194.190.8.171.5060: SIP, length: 555 REGISTER sip:194.190.8.171 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.119:5060;branch=z9hG4bK009318ba288ce311b95a985a85ad1a82;rport From: sip:1001@194.190.8.171 mailto:sip%3A1001@194.190.8.171;tag=3041452802 To: sip:1001@194.190.8.171 mailto:sip%3A1001@194.190.8.171 Call-ID: 00C48A3A-288C-E311-B956-985A85AD1A82@192.168.1.119 mailto:00C48A3A-288C-E311-B956-985A85AD1A82@192.168.1.119 CSeq: 4 REGISTER Contact: sip:1001@192.168.1.119:5060 http://sip:1001@192.168.1.119:5060;Expires=0;+sip.instance=urn:uuid:8012D316-1188-E311-99FF-536675A7CDE6 Allow: INVITE, OPTIONS, ACK, BYE, CANCEL, INFO, NOTIFY, MESSAGE, UPDATE Max-Forwards: 70 User-Agent: SIPPER for PhonerLite Expires: 0 Content-Length: 0 20:40:44.651668 IP (tos 0x10, ttl 64, id 33739, offset 0, flags [none], proto UDP (17), length 422) 194.190.8.171.5060 77.37.241.151.5060: SIP, length: 394 SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.119:5060;branch=z9hG4bK009318ba288ce311b95a985a85ad1a82;rport=5060;received=77.37.241.151 From: sip:1001@194.190.8.171 mailto:sip%3A1001@194.190.8.171;tag=3041452802 To: sip:1001@194.190.8.171 mailto:sip%3A1001@194.190.8.171;tag=c5aea4efd01978ba46557f38f3d08cfc.63a1 Call-ID: 00C48A3A-288C-E311-B956-985A85AD1A82@192.168.1.119 mailto:00C48A3A-288C-E311-B956-985A85AD1A82@192.168.1.119 CSeq: 4 REGISTER Server: kamailio (4.1.1 (x86_64/linux)) Content-Length: 0 20:40:44.653916 IP (tos 0x10, ttl 64, id 33740, offset 0, flags [none], proto UDP (17), length 582) 194.190.8.171.5060 77.37.241.151.5060: SIP, length: 554 SIP/2.0 401 Unauthorized Via: SIP/2.0/UDP 192.168.1.119:5060;received=77.37.241.151;branch=z9hG4bK009318ba288ce311b95a985a85ad1a82;rport=5060 From: sip:1001@194.190.8.171 mailto:sip%3A1001@194.190.8.171;tag=3041452802 To: sip:1001@194.190.8.171 mailto:sip%3A1001@194.190.8.171;tag=as40c64a63 Call-ID: 00C48A3A-288C-E311-B956-985A85AD1A82@192.168.1.119 mailto:00C48A3A-288C-E311-B956-985A85AD1A82@192.168.1.119 CSeq: 4 REGISTER Server: Asterisk PBX 1.8.20.0 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH Supported: replaces, timer WWW-Authenticate: Digest algorithm=MD5, realm=asterisk, nonce=4cffbc95 Content-Length: 0 20:40:45.073854 IP (tos 0x0, ttl 121, id 14953, offset 0, flags [none], proto UDP (17), length 575) 77.37.241.151.5060 194.190.8.171.5060: SIP, length: 547 REGISTER sip:194.190.8.171 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.119:5060;branch=z9hG4bK009318ba288ce311b1713a64da149374;rport From: sip:1001@194.190.8.171 mailto:sip%3A1001@194.190.8.171;tag=3123771917 To: sip:1001@194.190.8.171 mailto:sip%3A1001@194.190.8.171 Call-ID: 009318BA-288C-E311-B16F-3A64DA149374@192.168.1.119 mailto:009318BA-288C-E311-B16F-3A64DA149374@192.168.1.119 CSeq: 1 REGISTER Contact: sip:1001@192.168.1.119:5060 http://sip:1001@192.168.1.119:5060;+sip.instance=urn:uuid:8012D316-1188-E311-99FF-536675A7CDE6 Allow: INVITE, OPTIONS, ACK, BYE, CANCEL, INFO, NOTIFY, MESSAGE, UPDATE Max-Forwards: 70 User-Agent: SIPPER for PhonerLite Expires: 900 Content-Length: 0
Re: [SR-Users] Asterisk re-INVITE race condition, error 500.
Asterisk's transcation layer is quite buggy - so it may also be that the reINVITE with Cseq 103 is a retransmission of a previous transaction (which was not stopped correctly). regards Klaus On 04.02.2014 08:52, dotnetdub wrote: Hi Olle, Just a quick update.. I've gone through this in detail and the issue is actually that asterisk sends an UPDATE with CSeq: 104 UPDATE and when FS respond OK asterisk then sends its REINVITE with CSeq: 103 INVITE As far as I can tell Freeswitch at this point is perfectly within its rights to send a 500 as the CSEQ is out of order. Should I file a bug report on the asterisk tracker to get this fixed? Regards Brian On 31 January 2014 08:17, Olle E. Johansson o...@edvina.net wrote: On 30 Jan 2014, at 23:23, dotnetdub dotnet...@gmail.com wrote: Hi David, Sorry to drag up a very old thread - we are seeing this also with asterisk kamailio and FS and I have tried lots of different combinations on both asterisk and FS to make it go away without success.. Did you ever come up with something better than the usleep ? If freeswitch believes it already has an open INVITE transaction it should not respond with 500, it should respond with 491 request pending. In that case Asterisk will back off and retry. Please check with the FreeSwitch people and file a bug report so that they can fix this issue. That's the long term solution, all the rest is just quick and dirty fixes. Seems like if this problem is still around, no one filed a bug report. /O Many Thanks On 3 June 2013 20:23, David K kamailio@spam.lublink.net wrote: Hello all, So I have three machines, we don't care about audio for this problem, so everything I mention here is SIP related. Freeswitch -- Kamailio 3.3.2 -- Asterisk 1. Asterisk sends an INVITE to Freeswitch through the Kamailio proxy. 2. Kamailio replies 100 Trying and forwards to Freeswitch 3. Freeswitch replies 100 Trying 4. Freeswitch replies 180 Ringing to Kamailio 5. Kamailio routes the answer to Asterisk 6. Freeswitch replies 200 OK to Kamailio 7. Kamailio replies 200 OK to Asterisk 8. Asterisk replies ACK to Kamailio 9. Asterisk sends a re-INVITE to Freeswitch through Kamailio 10. Kamailio routes the re-INVITE to freeswitch 11. Kamailio routes the ACK to freeswitch. 12. Freeswitch replies 500 Server error because it got a re-INVITE before the ACK. So, my problem is that Kamailio seems to process my re-INVITE more quickly than the ACK. So Freeswitch replies an error because it got the re-INVITE before the ACK. So my solution is to add a usleep(20); for re-INVITEs on Kamailio, but I think this is a lousy solution. Has anyone here had to deal with problems where Kamailio routes a re-INVITE faster than an ACK causing endpoints to return error messages? Has anyone had to deal with a similar issue? Thanks, David ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio behind NAT
I would disable TLS for debugging, and use TCP. If TCP works, TLS should work too (in the context of NAT traversal) and it is much more easier to debug. good luck klaus On 30.01.2014 10:24, John Smith wrote: Hello Klaus, I have been making some tests just to be sure the network is not the problem. While using a simpler config file for Kamailio with just the TLS and NAT which does not involve Asterisk in the scenario, calls work properly between softphones. OTOH, using the template provided in the KB referenced in my first post disabling the Asterisk define, calls are connected properly but no audio flows between phones. Now I am in the process of trying to locate where is the problem by comparing how both files handle the NAT support. Thank you - Original Message - From: Klaus Darilion Sent: 01/23/14 08:12 AM To: Kamailio (SER) - Users Mailing List Subject: Re: [SR-Users] Kamailio behind NAT On 23.01.2014 10:29, John Smith wrote: Hello Klaus, I had already two sockets bound each to two independent physical interfaces. I have added the force_send_socket at each rtpproxy Just for clarity: force_send_socket is for near_end NAT traversal of the SIP signaling, whereas manage_rtpproxy() is for the NAT traversal (near end and far end) of the RTP stream. It is necessary to use the cwie / cwei flags in the rtpproxy_manage call? If rtpproxy uses only a single listen-IP, then these flags are not needed. Only if you operate rtpproxy in bridge mode, then you need these flags. Bridge mode is necessary if you do not have IP routing between the internal network and the virtual external network, or if you want to bridge between IPv4 and IPv6. Currently audio does not flow back to the softphones, it gets lost at Kamailio. Actually it should get lost at rtpproxy. Please post a SIP trace: ngrep -Wbyline -q -t -P port 5060 and post the setup (external + internal IP addresses) (you can send it privately to me or mangle the IP addresses if they are sensitive) regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] File transfering problem with RTPproxy
For file transfer you need an MSRP relay. AFAIK rtpproxy can not handle MSRP. See the MRSP module http://kamailio.org/docs/modules/4.1.x/modules/msrp.html regards Klaus On 29.01.2014 09:44, Wingsravi R wrote: Dear Daniel Kamailio'ns I am working on File transferring feature between two SIP clients (IMSDroid). I have configured Kamailio (4.0.4) sever with RTPproxy to get the through NAT traversal of audio/videov calls. so fro that i added a script in kamailio.cfg as like below (Forced all INVITES through RTPproxy) : if (is_method(INVITE)) { setflag(7); # Set the qos flag #if (has_sdp()) { if(has_body(application/sdp)) { if (rtpproxy_offer()) t_on_reply(1); } else { t_on_reply(2); } } #if (is_method(ACK) has_sdp()) if (is_method(ACK) has_body(application/sdp)) rtpproxy_answer(); .. .. onreply_route[1] { #if (has_sdp()) if(has_body(application/sdp)) rtpproxy_answer(); } onreply_route[2] { #if (has_sdp()) if(has_body(application/sdp)) rtpproxy_offer(); } But now when i am trying for File transferring (As per RFC 4975, Session mode IM) their INVITEs are also passing through RTPProxy service, which is dropping MSRP contents and with that Files are not getting transferring (But session is establishing between two clients). And when i tried file transferring without running RTPPproxy service. files are getting transferring. but that gives problems for audio/video calls. So anybody please help me in how to make it work for both MSRPRTP packets. I mean how can i modify the script so that INVITE messges contains MSRP-RTP contents can be descriminate in the script, and then they can execute their respective blocks of scripts. And please find the attachments of my Kamailio.cfg file and file transfer traffic capture (tcpdump based) with RTPproxy instance running and without running. Any help will greatly appreciate. Awaiting for somebody's help. Regards Ravi ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] kamailio with mediaproxy-ng, 488 Not Acceptable Here
Peter had a talk at Astricon 2013 presenting how it works. I think the magic lies on the parameters. See this slide (there are some more interesting slides) https://www.youtube.com/watch?list=PLighc-2vlRgQHZMBp-8CCFi5otCnw7Lwjv=rXsVSaRuv20feature=player_detailpage#t=659 regards Klaus On 29.01.2014 12:53, Mihai Marin wrote: Hello, Thank you for your answer. My server is a centos with public ip. I'm using chrome with jssip framework for sip client - tried sipml5 also. I have attached to this e-mail my kamailio configuration. Regarding the kamailio + mediaproxy-ng I took the latest versions from git - also tried with kamailio 4.1.1. The mediaproxy-ng I'm running using the command: /tmp/mediaproxy-ng/daemon/mediaproxy-ng --ip=PUBLIC_IP --listen-ng=127.0.0.1: http://127.0.0.1: I also tried the following configuration and I have the same error: route { .. ## # Use RTP-Proxy ### #if (!rtpproxy_offer(arf)) { #sl_send_reply(503, No RTP-Relay available); #exit; #} if (is_method(INVITE)) { if (sdp_content()) { if (rtpproxy_offer()) rtpproxy_manage(cowf,PUBLIC_IP); t_on_reply(1); } } else { if (sdp_content()) { if (rtpproxy_offer()) rtpproxy_manage(cowf,PUBLIC_IP); } } if (is_method(ACK) sdp_content()) { rtpproxy_answer(); rtpproxy_manage(cowf,PUBLIC_IP); } #t_on_reply(1); # Relay this statefully t_relay(); ... *** onreply_route[1] { if ((($Rp == MY_WS_PORT || $Rp == MY_WSS_PORT) !(proto == WS || proto == WSS)) || $Rp == MY_MSRP_PORT) { xlog(L_WARN, SIP response received on $Rp\n); drop; exit; } if (nat_uac_test(64)) { # Do NAT traversal stuff for replies to a WebSocket connection # - even if it is not behind a NAT! # This won't be needed in the future if Kamailio and the # WebSocket client support Outbound and Path. add_contact_alias(); } # A Transaction from a NATed Client to a NATed Client? Use the RTP-Proxy! if (status=~(180)|(183)|(2[0-9][0-9])) { fix_nated_contact(); if (sdp_content()) { rtpproxy_answer(); } } } If my problem could be caused by a kamalio miss-configuration could you please send me an example of configuration that should work with websockets, rtpproxy-ng-mediaproxy-ng in order to remove one possible cause? Thank you. Best regards, Mihai M On Wed, Jan 29, 2014 at 1:31 PM, Klaus Darilion klaus.mailingli...@pernau.at mailto:klaus.mailingli...@pernau.at wrote: Hi! The problem is different SDP formats between normal SIP clients/gateways, and WebRTC clients. You have to instruct mediaproxy-ng to rewrite the SDP and do the conversion (encryption, ...). So either the rtpproxy_ng calls lack the commands for the gatewaying, or the webrtc clients uses eg. an encryption which is not supported by mediaproxy-ng. Please also post the kamailio.cfg snippets when calling rtpproxy_ng and give details about your environment (browser, SIP client ...) regards Klaus On 27.01.2014 22:38, Mihai Marin wrote: Hello Sirs, I have a problem configuring kamailio with mediaproxy-ng and I'm asking for help. I managed to build everything, kamailio find support for mediaproxy-ng using rtpproxy-ng. When I'm trying to make a call from Web using my phone's internet provider to my computer's web I get 488 Not Acceptable Here. Swithing the caller I get no video. I have used the kamailio-advanced.cfg generated and added websocket support. The call in my network is working perfect. Can you help me with this? mediaproxy-ng log: mediaproxy-ng[14896]: Returning to SIP proxy: d7:createdi1390864117e7:__streamslld3:tag10:trhh9viigs6:__status34:known but unconfirmed peer address5:statsd3:rtpd8:__countersd7:packetsi0e5:__bytesi0e6:errorsi0ee12:peer addressd6:family4:IPv47:__address13:213.233.85.554:__porti48279ee23:advertised peer addressd6:family4:IPv47:__address13:213.233.85.554:__porti48279ee10:local porti30008ee4:rtcpd8:__countersd7:packetsi0e5:__bytesi0e6:errorsi0ee12:peer addressd6:family4:IPv47:__address13:213.233.85.554:__porti48280ee23:advertised peer addressd6:family4:IPv47:__address13:213.233.85.554:__porti48280ee10:local porti30009d3:tag0:6:__status20:unknown peer address5:statsd3:rtpd8:__countersd7:packetsi0e5:__bytesi0e6:errorsi0ee12:peer addressd6:family4:IPv67:__address2:::4:porti0ee23:__advertised peer addressd6:family4:IPv67:__address2:::4:porti0ee10:local
Re: [SR-Users] File transfering problem with RTPproxy
I have not used MSRP yet. But I guess you can detect MSRP by inspecting the SDP. USe the functions from textops module or sdpops module to check if the SDP is a normal call setup or an MSRP session. regards Klaus On 29.01.2014 13:13, Ravi wrote: Dear Klaus, Thank you for the reply, Ya i will accept your suggestion that RTPproxy cannot handle MSRP content. But in this context, how can i avoid/descriminate the INVITE's that contains MSRP frames to go through RTPproxy service, instead route that INVITE's (which contains MSRP frames) to MSRP event route block. Even i enabled the following parameter : modparam(msrp, sipmsg, 1) with the above parameter, the MSRP module will build a SIP message from MSRP frame headers, providing it to event_route[msrp:frame-in]. Please help me in resolving this issue. Awaiting your reply. Regards, Ravi. -- View this message in context: http://sip-router.1086192.n5.nabble.com/File-transfering-problem-with-RTPproxy-tp124620p124627.html Sent from the Users mailing list archive at Nabble.com. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio behind NAT
Am 21.01.2014 17:33, schrieb John Smith: The next test has been to comment out the rtpproxy_manage at NATMANAGE function and to put it both at route[RELAY] and onreply(route) following your post in this list from January 2013:http://lists.sip-router.org/pipermail/sr-users/2013-January/076254.html. Now the media flows from Phone1 to Kamailio, from Kamailio to Asterisk and back, but it gets stuck at Kamailio. I cannot see it flow towards the public IP of the Phone2. The force_send_socket you used could be of any use here? That's what I recommend: - use 2 sockets, one for communication with internal nodes, one for external clients - in your Kamailio config check the direction of every message: i-e or e-i (for requests and responses). Depending on the direction set the proper IP when calling manage_rtpproxy and force the send socket: regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio behind NAT
On 23.01.2014 10:29, John Smith wrote: Hello Klaus, I had already two sockets bound each to two independent physical interfaces. I have added the force_send_socket at each rtpproxy Just for clarity: force_send_socket is for near_end NAT traversal of the SIP signaling, whereas manage_rtpproxy() is for the NAT traversal (near end and far end) of the RTP stream. It is necessary to use the cwie / cwei flags in the rtpproxy_manage call? If rtpproxy uses only a single listen-IP, then these flags are not needed. Only if you operate rtpproxy in bridge mode, then you need these flags. Bridge mode is necessary if you do not have IP routing between the internal network and the virtual external network, or if you want to bridge between IPv4 and IPv6. Currently audio does not flow back to the softphones, it gets lost at Kamailio. Actually it should get lost at rtpproxy. Please post a SIP trace: ngrep -Wbyline -q -t -P port 5060 and post the setup (external + internal IP addresses) (you can send it privately to me or mangle the IP addresses if they are sensitive) regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] SIP Update multi-homed
On 20.01.2014 17:48, Keith wrote: Hi, I have a kamailio server which is responding to SIP updates but sending from the wrong IP. I have multiple IPs in the same subnet on the same NIC. Is there anyway to say send update back out of the interface it was received on? I think that should be done automatically, if you have specified all the IPs with dedicated listen=... commands. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio behind NAT
On 21.01.2014 12:27, Fred Posner wrote: With a patched version of rtpproxy you can advertise your private ip. http://www.fredposner.com/voip/1457/kamailio-behind-nat/ Aha, nice. Haven't known of this one. I always specified the adverstised IP address when calling manage_rtpproxy(). That should work too. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio behind NAT
On 21.01.2014 13:24, John Smith wrote: I might be making wrong assumptions regarding this traffic flow. Is that correct? That depends on your policy. It is up to you to define how RTP should be routed. There are basically 2 choices: a) RTP from clients is handled by rtpproxy: phone1 -nat- rtpproxy -- Asterisk -- rtpproxy -nat- phone2 In this case, only the private IP of Kamailio and rtpproxy (can be the same IP address) must be mapped to a public IP address. b) RTP directly to Asterisk: phone1 -nat- Asterisk -nat- phone2 In this case, the private IPs of Kamailio and Asterisk must be mapped to a public IP address. When using version a) you have to make sure to set the proper IP address in the SDP. For example, SDPs in messages from Kamailio to the phone must contains the PUBLIC IP of rtpproxy in the c=... line. SDPs in messages from Kamailio to Asterisk must contain the PRIVATE IP of rtpproxy in the c=... line. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio behind NAT
Actually, it should work without any NAT traversal done in Asterisk, if Asterisk communicates never direct with the phones, but only via Kamailio and rtpproxy. In this case, Asterisk can use private IP addresses. All the near-end NAT traversal can be done in Kamailio. regards Klaus On 21.01.2014 14:06, meres wrote: Hi John, rtpproxy is not enough if you are using asterisk in your environment. You have to check that asterisk is configured to work with NAT, otherwise you will experience audio problems. Are the asterisk RTP ports enabled/forwarded on your firewall? Regards, Kostas On Jan 21, 2014, at 2:24 PM, John Smith jsmith...@mail.com wrote: Hi Fred, I have followed your HOWTO and the scenario remains exactly the same. I see traffic from Phone1 IP to Kamailio private IP, from Kamailio private IP to Asterisk IP, and back directly to Phone2 public IP. I might be making wrong assumptions regarding this traffic flow. Is that correct? Thank you ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio behind NAT
Yes, when calling rtpproxy (whatever function you use, manage/offer/answer/force), every function accepts as second parameter the IP address which should be written into the SDP c=... line. So, detect the direction (eg based on source-ip) and put the respective internal or external IP address into the SDP. Of course the NAT must be a static 1:1 NAT without any PAT. Btw: you have the same problem with some SIP headers, like Record-Route or Via. Kamailio has to insert the respective public/private IP, depending on where to send the message. If Kamailio uses only a single socket, then you have to do this manually. The automatic approach is to configure 2 listen=... sockets. One for the internal side, and one for the external side. On the external socket you add the advertise option - then Kamailio will automatically put the correct IP addresses in RR and Via, eg: # public IP address of Kamailio/rtpproxy: 3.3.3.3 # internal socket listen=udp:10.10.0.2 # external socket listen=udp:10.10.0.3 advertise 3.3.3.3:5060 mhomed=0 You could use separate subnets for the 2 sockets, or you could also use only a single IP address with 2 different ports for the 2 sockets. regards Klaus On 21.01.2014 14:50, John Smith wrote: The intended setup is as you described in option a. And the behaviour of rewriting SDP using private/public ports is what I understood the rtpproxy_manage was tasked to do. As it is not working the way I expected, what is the best way to proceed? To check if the IP is from the outside and then rewrite via rtpproxy_offer in the NATMANAGE block? Thank you - Original Message - From: Klaus Darilion Sent: 01/21/14 05:25 AM To: Kamailio (SER) - Users Mailing List Subject: Re: [SR-Users] Kamailio behind NAT On 21.01.2014 13:24, John Smith wrote: I might be making wrong assumptions regarding this traffic flow. Is that correct? That depends on your policy. It is up to you to define how RTP should be routed. There are basically 2 choices: a) RTP from clients is handled by rtpproxy: phone1 -nat- rtpproxy -- Asterisk -- rtpproxy -nat- phone2 In this case, only the private IP of Kamailio and rtpproxy (can be the same IP address) must be mapped to a public IP address. b) RTP directly to Asterisk: phone1 -nat- Asterisk -nat- phone2 In this case, the private IPs of Kamailio and Asterisk must be mapped to a public IP address. When using version a) you have to make sure to set the proper IP address in the SDP. For example, SDPs in messages from Kamailio to the phone must contains the PUBLIC IP of rtpproxy in the c=... line. SDPs in messages from Kamailio to Asterisk must contain the PRIVATE IP of rtpproxy in the c=... line. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Replicate registration
On 19.01.2014 14:05, Volkan Oransoy wrote: I am trying to setup an active-active pair of sip proxies. I have connected two kamailio boxes to the same PostgreSQL database and my usrloc db_mode is 3. I can see the registration data in the database but ul show outputs of two device is not same. I think writing registration data to the same db is not enough. I suspect that the ul show command uses the in-memory cache, which is bypassed in db_mode 3. Thus, just because ul show does not show you the registrations, it will work. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] question about nat_uac_test
On 07.01.2014 16:54, Brian Davis wrote: The other interesting issue in this case is that the 192.xx.xxx.xxx address is not an RFC1918 address, but it is also not reachable from I should have known that if it is an RFC1918 address, you would not have to mask it. kamailio. That is why I hoped kamailio would trigger NAT traversal logic solely on the fact that the source and contact address are different. Here is my very pragmatic approach for NAT traversal: Forget about nat_uac_test(). Just always force NAT traversal [1], as it does not harm if the users are not behind NAT. It may increase traffic on your media relay but reduces support calls from customers. Probaly the elegant solutions would be to apply NAT traversal only for SIP and use SIP client with ICE support (and provide a turn relay). regards Klaus [1] use add_contact_alias(), handle_ruri_alias() and fix_nated_register(). Do not use fix_nated_contact(). Further, apply NAT traversal only if the clients are directly connected to your proxy (not if there are other devices inbetween). On Tue, Jan 7, 2014 at 5:01 AM, Klaus Darilion klaus.mailingli...@pernau.at mailto:klaus.mailingli...@pernau.at wrote: On 03.01.2014 16:59, Brian Davis wrote: REGISTER sip:test1.test.com:5060 http://test1.test.com:5060 SIP/2.0 Via: SIP/2.0/UDP 96.xxx.xxx.xxx:33745;rport;branch=z9hG4bKf5s1p`n3TRv5TZx5RXy.RVv+JPz8Nat*UX!8KRx4SRx Via: SIP/2.0/UDP 192.xx.xxx.xxx:33745;branch=z9hG4bKeb263246c44095f072d8167dd0c7987a343134;rport Contact: Joe sip:xxxyyyz...@192.xx.xxx.xxx:33745;transport=udp Dec 30 03:33:45 sip-01 kamailio[20489]: INFO: script: 3b0400ca43e28f78f3e6dc945a084...@192.xx.xxx.xxx mailto:3b0400ca43e28f78f3e6dc945a084...@192.xx.xxx.xxx|log|source 96.xxx.xxx.xxx:33745 Actually the source IP seem to be identical to the topmost Via address. But it should detect the private IP address in the contact header. Maybe you have an exception, that NAT traversal is not triggered, if there is more than 1 Via header. Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org mailto:sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] SIP Security Architectural Question to Use RTP/Media Proxy or Not?
On 02.01.2014 17:00, Jr Richardson wrote: Would it be prudent to open UDP media ports from Internet to PBX's on a case-by-case basis, basically white listing media streams or is there any attack vulnerability with UDP in the media port range or should I open up media port range to all PBX's and not worry about attacks. Are there any UDP Media exploits that I should be concerned with, or UDP flood attacks that could DOS my hosted PBX's? Media proxies are usually just simple UDP forwarder. Thus, they do not check the payload of the UDP packet. Therefore, from point of view of the application which processes the RTP packet, there is no additional security by using a media proxy, as for example a malicious RTP packet will just be forwarded the PBX. Nevertheless it can be useful to use them, e.g. to have a single entry point for FW configuration, debugging ... When using a media relay, I always configure a very wide port range to make it for attackers more difficult to guess the port. Of course you should avoid other processes on this server listening in the same port range, as you have to open the whole port range on the firewall. If you want to protect the RTP layer of your PBX, you need a B2BUA which fully checks the whole UDP payload to verify if it is a proper RTP packet. But on the other hand, you never know which RTP stack is more robust (the one from your PBX or the one from the B2BUA). I personally add media relays, but not for additional RTP layer security, but for operational issues (debugging, single entry point ...). regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] question about nat_uac_test
On 03.01.2014 16:59, Brian Davis wrote: REGISTER sip:test1.test.com:5060 http://test1.test.com:5060 SIP/2.0 Via: SIP/2.0/UDP 96.xxx.xxx.xxx:33745;rport;branch=z9hG4bKf5s1p`n3TRv5TZx5RXy.RVv+JPz8Nat*UX!8KRx4SRx Via: SIP/2.0/UDP 192.xx.xxx.xxx:33745;branch=z9hG4bKeb263246c44095f072d8167dd0c7987a343134;rport Contact: Joe sip:xxxyyyz...@192.xx.xxx.xxx:33745;transport=udp Dec 30 03:33:45 sip-01 kamailio[20489]: INFO: script: 3b0400ca43e28f78f3e6dc945a084...@192.xx.xxx.xxx|log|source 96.xxx.xxx.xxx:33745 Actually the source IP seem to be identical to the topmost Via address. But it should detect the private IP address in the contact header. Maybe you have an exception, that NAT traversal is not triggered, if there is more than 1 Via header. Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Caller not receiving RTP feed
If rtpproxy is behind NAT, you usually have to instruct Kamailio to write the public rtpproxy IP address into the SDP, instead of the local one (which is sent from rtpproxy to kamailio). e.g: rtpproxy_manage(co,your.public.ip.address); regards Klaus On 20.12.2013 17:07, Benjamin Trent wrote: Hey all, I have kamailio set up behind a nat(port restricted, with firewall rules to allow sip transactions and allowing rtpproxy packet handling if needed) on Amazon EC2. I can register and calls complete, however, the Caller(the one initiating the transaction) receives no rtp media feed. I am running with NAT enabled on kamailio and have rtpproxy installed listening on the public IP. Kamailio and the rtpproxy are communicating(I have verified via the kamailio debug logs). If I make a call between the exact same voip machines directly via local IP on the same Nat(skipping kamailio), the calls complete and they both receive feeds. Both the Caller(party making the call) and the Callee(party receiving the call) are behind a Port Restricted Nat. This is a folder containing the debug output for one of these calls and the kamailio.cfg settings https://drive.google.com/folderview?id=0B9Foq0jDF8gLRlVNc001bTUtbFEusp=sharing Quick FYI, the Caller Display Name and the Callee SIP UserName are the same string. However, in my understanding about sip, the display name means pretty much nothing and is just a human readable string that does not effect packet transport. If I am wrong and should test with a different display name, let me know. Thank you for the assistance, ben ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] kamailio presence server becomes unresponsive
FYI: In master there is a nice way to get all the BTs: utils/kamctl: new command 'trap' - useful to get a full bt dump of all kamailio processes - handy in dead-lock investigatigations regards Klaus On 20.12.2013 19:06, Daniel-Constantin Mierla wrote: Hello, the bt is from custom timer process, which doesn't handle sip requests from the network. Do a 'kamctl ps' and the select one of the sip workers to grab the back with gdb. Cheers, Daniel On 20/12/13 15:22, Juha Heinanen wrote: once in a while kamailio 4.0 presence server becomes unresponsive, i.e., does not process any requests. below is bt full of a process that at that time takes most of the cpu time. rls_notifier_processes is not set, i.e., it defaults to 1. does the bt give any clue why kamailio is unresponsive? -- juha (gdb) bt full #0 0xb7703424 in __kernel_vsyscall () No symbol table info available. #1 0xb765b32d in select () from /lib/i686/cmov/libc.so.6 No symbol table info available. #2 0x0812ad00 in sleep_us (child_id=-1, desc=0xbfab3310 RLS NOTIFIER 0, make_sock=1, f=0xb6b22dc0 timer_send_notify, param=0xb4db0720, uinterval=10) at ut.h:520 tval = {tv_sec = 0, tv_usec = 64460} #3 fork_basic_utimer (child_id=-1, desc=0xbfab3310 RLS NOTIFIER 0, make_sock=1, f=0xb6b22dc0 timer_send_notify, param=0xb4db0720, uinterval=10) at timer_proc.c:127 pid = value optimized out ts = 4294966782 #4 0xb6b23b90 in child_init (rank=0) at rls.c:704 tmp = RLS NOTIFIER 0\000\277 i = 0 #5 0x080f5197 in init_mod_child (m=0xb71a3330, rank=0) at sr_module.c:893 No locals. #6 0x080f5110 in init_mod_child (m=0xb71a3500, rank=0) at sr_module.c:890 No locals. #7 0x080f5110 in init_mod_child (m=0xb71a37b0, rank=0) at sr_module.c:890 No locals. #8 0x080f5110 in init_mod_child (m=0xb71a3c20, rank=0) at sr_module.c:890 No locals. #9 0x080f5110 in init_mod_child (m=0xb71a4258, rank=0) at sr_module.c:890 No locals. #10 0x080f5110 in init_mod_child (m=0xb71a4420, rank=0) at sr_module.c:890 No locals. #11 0x08094dcd in main_loop () at main.c:1710 i = 0 pid = -514 si = 0x0 si_desc = \001\000\000\000\220\065\253\277\000\000\000\000\220D\032\267\006\000\000\000\020\317\060\000\000\000\000\000\220D\032\267\001\000\000\000\330\067\005\b\320i\036\b\000\000\000\000\030\036Z\267\030\000\000\000\v\b\000\000\b\017۴\350\065\253\277\250\205\031\267\004\000\000\000\002\000\000\000\300\201\252\264\001\000\000\000\000\000\000\000\002\000\000\000|\353\b\b\000\000\000\330\065\253\277\002\000\000\000h\353\b\b\000\000\000\350\065\253\277\071\026\f\b nrprocs = 134560983 #12 0x08096f66 in main (argc=16, argv=0xbfab3724) at main.c:2546 cfg_stream = 0x8 c = value optimized out r = -514 tmp = 0xbfab3f7d tmp_len = 13583 port = value optimized out proto = value optimized out ret = value optimized out seed = 779380118 rfd = value optimized out debug_save = 0 debug_flag = value optimized out dont_fork_cnt = 8 n_lst = value optimized out p = value optimized out ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] force_send_socket
Try with a static assignment with force_send_socket(). If this works, try a static assignment with $fs. If this works, try the dynamic assignment with PVs. regards Klaus On 11.12.2013 11:32, Keith wrote: Thanks for the info guys, unfortunately it's not sending the from ip address properly now. I am using dispatcher to route these calls so not sure if the $fs is working properly? Any more ideas? Thanks Keith ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] IPv4, IPv6, RTPProxy and Kamailio
On 03.12.2013 14:23, Mark Zeman wrote: Hello all, The subject says most of it, I think. We set up our Kamailio and RTPProxy according to http://kb.asipto.com/kamailio:kamailio-mixed-ipv4-ipv6 with the addition of an alias (siplab.ch), and the DNS to go with it, as well as TLS and SRTP. However, we only get working calls IPv4-IPv4 and IPv6-IPv6! IPv4-IPv6 we get a proper connection, secured with SRTP, but no audio. Looking at the network, RTP packets go from the caller to the server, but nothing leaves the server and no RTP packets go from callee to server. Do you have any idea how to fix this? Before fixing you need to find the problem. Probably the SDP get rewritten incorrect. To debug this issue, you have to inspect the ip address and ports in the received and sent SDPs if they are correct (e.g. IPv4 and IPv6 address of the rtpproxy). You mentioned TLS - thus it is difficult to inspect the raw SIP packets. Is such cases you can either: - adding lots of xlog($mb, ...) to your config and watch syslog - use the sipcapture module to write every incoming and outgoing SIP message to the DB, and analyze the packets in the DB - Disable TLS. Use TCP. If it fails with TCP it will also fail with TLS. Once it works over TCP, it will also work over TLS. - If you really have a problem with TLS only, you could enable the NULL cipher to have a unencrypted TLS connection, or use Wireshark's TLS decoding capabilities - Configure rtpproxy to communicate via UDP socket instead TCP socket. Then you can also capture the communication between Kamailio and rtpproxy. It seems you just call the rtpproxy functions with some wrong flags. Make sure properly detect the direction (4to6 or 6to4) an set the i and e flags accordingly. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio for route traffic only
That's quite easy - that's a typical load-balancer setup. Just store the mapping for example in a DB and then use the sqlops module to query the DB and get the respective IP address of the user. But before you add this routing logic I would recommend to add Kamailio with a static forwarding - e.g. always route to a single Asterisk server and make sure the config works fine. You also have to deal with calls in direction Ast - Kamailio - client. Therefore you usually have to a) use the PATH module (only supported in latest Asterisk) or b) store the registrations also in Kamailio. Only if it works with this static routing, add the dynamic routing. Klaus On 28.11.2013 10:52, driver wrote: Hello, I have such infrastructure: Asterisk1 (provider 1) - IP1 Asterisk2 (provider 2) - IP2 Softphones on client computers with configured two IPs to two Asterisk servers. User has to manually switch between each server. I need to change this that user will have only one account configured (eg. Kamailio) and Kamailio will be used only to forward to Ast1 or Ast2 by previously defined rules. How is it possible? comp1 Kamailio --- Ast1 comp2 Kamailio --- Ast1 comp3 Kamailio --- Ast2 comp4 Kamailio --- Ast2 Thank you, Marcin ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] voice prompts / early media and kamailio
I think it is a conceptual question indeed. You abuse the 403 error in some table (actually missed_calls is for missed calls, not for rejected calls) to log/account a rejected call. Make it more explicit. If you want to track rejected calls, make a dedicated table and insert an record into this table at the moment the call is redirected to the announcement (not afterwards). You can do this by some manual SQL query, or use acc_db_request(comment, table) [1] and manually force the accounting in this dedicated table. regards klaus [1] http://kamailio.org/docs/modules/4.0.x/modules/acc.html#idp1687632 On 26.11.2013 13:36, Oliver Roth wrote: Hi all Based on my problem reported with subject „error handling http://sip-router.1086192.n5.nabble.com/error-handling-tp123240.html“ I have some other questions. I think it is a conceptual question – and I do not see any solution. I would like to handle Kamailio with carrierroute / carrierfailureroute module different errors. Like 404, 403, busy – or whatever sip error occurs. Some of them need to be sent to a freeswitch playing an announcement (like “this number is blocked”, “no more credit”, …). So if an error occur (lets say 403) then the call is routed by carrierfailurroute to fresswitch playing message for 403. If I am listening the whole message – I get back error 403 at the end and the call is logged in missed calls as error 403 sent from the freeswitch – everything ok. If I cancel the listening by hanging up – 487 is stored in missed_calls – cause I terminated the call before getting error 403 back from freeswitch. èso I loose this important information How can I get back error 403 – play an announcement and make sure, it is logged as 403 in database? Thanks for helping … Oli ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] append_hf to CANCEL
A hack would be to loop the CANCEL to Kamailio again and forward it then stateless. When forwarding the CANCEL stateless, you can add headers. regards Klaus Am 20.11.2013 15:19, schrieb Grant Bagdasarian: I see, so there is no way to append a header to the CANCEL created by Kamailio? I tried the onsend_route and branch_route, but none of them worked. -Original Message- From: sr-users-boun...@lists.sip-router.org [mailto:sr-users-boun...@lists.sip-router.org] On Behalf Of Alex Balashov Sent: Wednesday, November 20, 2013 3:09 PM To: sr-users@lists.sip-router.org Subject: Re: [SR-Users] append_hf to CANCEL On 11/20/2013 09:05 AM, Grant Bagdasarian wrote: Does append_hf not work for CANCEL requests? Correct: CANCEL is a hop-by-hop request where the proxy is a distinct hop, i.e. UAC sends a CANCEL to the proxy, and the proxy sends a separate CANCEL of its own on the branch that it initiated. This is in contrast to something like a BYE, and most requests, which are end-to-end request that the proxy simply relays upstream as received. -- Alex -- Alex Balashov - Principal Evariste Systems LLC 235 E Ponce de Leon Ave Suite 106 Decatur, GA 30030 United States Tel: +1-678-954-0670 Web: http://www.evaristesys.com/, http://www.alexbalashov.com/ ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamailio sending HTTP request to another app
On 18.11.2013 15:45, Alex Balashov wrote: http://kamailio.org/docs/modules/4.1.x/modules/tmx.html#idp15326008 Does it only suspend the transaction, but not the script processing? Is there somewhere a more complete example how to do some async stuff meanwhile and then resume the transaction again? Thanks Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] kamailio tls.reload core dump
Hi Ding! The TLS module is mostly BSD licensed. Thus, it would be great if you can BSD license your patch too. This eases integration of Kamailio-TLS in Debian. Thanks Klaus On 16.11.2013 06:26, Ding Ma wrote: Yes, give me a couple of days to get a clean patch based on 4.0.4. The original patch was done on 4.0.3. Thanks, On 11/15/2013 3:59 AM, Klaus Darilion wrote: Hi Ding Ma! It would be great if you can provide the patch at the tracker. https://sip-router.org/tracker/ regards Klaus On 25.10.2013 01:54, Ding Ma wrote: Is this the right way to build without optimization? make cfg-defs mode=debug We'll try this later. By the way, after looking at the core dump and the TLS code, found a memory leak and an error in tls_free_cfg() and collect_gabarge(). We have patched the code, also implemented the locks and changed the ref_count to volatile based on the recommendations from Jan Janak's email chain. These fixes seem to work. The core dump hasn't happened even if we reload tls every 5 mins when there are some active TLS connections. Can we make these fixes into kamailio code base? What's the process to submit changes for review? Thanks, Ding On 10/24/2013 03:18 AM, Klaus Darilion wrote: You should build Kamailio without optimizations. value optimized out does not bring much information. regards Klaus On 23.10.2013 21:48, Ding Ma wrote: Hi, all This is related to the previous tls.reload not safe email chain. Now we have a detailed gdb output that shows the stack trace of the core dump. Please take a look. This looks like a bug. Please let me know if you have any insights on how to fix this. Thanks, Ding ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] kamailio tls.reload core dump
Hi Ding Ma! It would be great if you can provide the patch at the tracker. https://sip-router.org/tracker/ regards Klaus On 25.10.2013 01:54, Ding Ma wrote: Is this the right way to build without optimization? make cfg-defs mode=debug We'll try this later. By the way, after looking at the core dump and the TLS code, found a memory leak and an error in tls_free_cfg() and collect_gabarge(). We have patched the code, also implemented the locks and changed the ref_count to volatile based on the recommendations from Jan Janak's email chain. These fixes seem to work. The core dump hasn't happened even if we reload tls every 5 mins when there are some active TLS connections. Can we make these fixes into kamailio code base? What's the process to submit changes for review? Thanks, Ding On 10/24/2013 03:18 AM, Klaus Darilion wrote: You should build Kamailio without optimizations. value optimized out does not bring much information. regards Klaus On 23.10.2013 21:48, Ding Ma wrote: Hi, all This is related to the previous tls.reload not safe email chain. Now we have a detailed gdb output that shows the stack trace of the core dump. Please take a look. This looks like a bug. Please let me know if you have any insights on how to fix this. Thanks, Ding ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] #TM: timing problem in serial forking (INVITE vs. CANCEL)
I think it would be nice if the CANCELs are sent before the INVITE. But this will never ensure the order how they are received at the client side. E.g. there can be packet loss which drops the CANCEL but not the INVITE, or with load balancing the INVITE can overtake the CANCEL. And if the client is not single-threaded, it may happen that the INVITE is processed before the CANCEL, although the CANCEL is received first. I suspect that the client is just buggy with transaction matching. Transactions are identified by the branch parameter in the topmost Via header. The CANCEL should have the branch parameter matching the first INVITE, and the second INVITE to the same client should have a new branch parameter. Thus, the client should be able to separate the transactions, and the INVITE can be accepted creating a second transcation. Then the CANCEL cancels the first transaction. regards Klaus On 06.11.2013 21:16, Klaus Feichtinger wrote: Hello list, I have troubles with serial forking in kamailio 3.2.4, which is mixed with parallel forking. In the scenario that an initial INVITE message, which is addressed to sip:A, is coming in to the server, it is doing a lookup in the DB and forking (parallel) the request to e.g. 3 SIP user agents. I have set the timer to 20 seconds transaction timeout and after that timeout, the server is handling the original request in the FAILURE_ROUTE[xy]. In this failure route, the request-URI username is overwritten to an alternative one – e.g. sip:B. Then the server is doing a DB lookup again and forking the request to the number of registered user agents. A specialiy of this scenario is that it can be possible, that user agents have registered for username “A” and username “B” – in other words: they are members of the parallel forking group in serial forking step 1 and step 2. When the CANCEL and INVITE message would be sent out (to the user agents) in the correct order, then it would be no problem. But in my case the server is sending the “new” INVITE message (2^nd step in the serial forking procedure) to user agents BEFORE the CANCEL request. Therefore, these user agents are rejecting the INVITE message with “500”. Signalisation scenario == INVITE - SRV SRV - INVITE (branch-1) UA1 SRV - INVITE (branch-2) UA2 SRV - INVITE (branch-3) UA3 SRV - 180 (branch-1) UA1 SRV - 180 (branch-2) UA2 SRV - 180 (branch-3) UA3 . [timeout] SRV - CANCEL (branch-1) UA1 SRV - CANCEL (branch-2) UA2 SRV - INVITE (branch-4) UA4 SRV - INVITE (branch-5) UA5 SRV - INVITE (branch-6) UA3(!!!) SRV - CANCEL (branch-3) UA3 SRV - 500 (branch-6)UA3 It was quasi reproduceable that only the last branch of the initial transaction had that timing problem (INVITE - vs - CANCEL). My question is: why does the server send the (last) CANCEL message only after the INVITE message for some branch(es)? Could this behaviour be prohibited in any way? Thanks in advance! Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] media between 2 clients behind separate NAT
On 25.10.2013 14:19, Vassilis Radis wrote: Hello, When I have 2 clients using a kamailio proxy, and both of the clients are behind their own NAT, then my only options for relaying media between them is using some kind of intermediate rtp proxy or STUN etc? STUN is just a method for a client to find out if it is behind NAT or not. Using this information also for NAT traversal is error prone and thus deprecated. Proxy is on a public IP and essentially I am asking if I can avoid setting up stuff to proxy the media or mess with STUN, by using some kind of request response mangling. i.e. have both clients's sdp address/port changed to their public facing ip/port and then each client can send an initial packet to the other end. Those initial packets will be blocked by the other receiver router, but they will open a nat hole so that next package from the peer will pass through. Is that feasible? Sometimes this may work, but there too many different NAT and firewall types so this will not work in general. There are 2 approaches: 1. ICE: If the clients do support ICE, they can do the NAT traversal them self and you will get around 90% (just a guess) done by using ICE. 2. Relaying. Either use something integrated into Kamilio (rtpproxy, mediaproxy-ng) or a dedicated stand-alone TURN server (must be supported by the clients). Thus, if you want to have 100% working media, with various types of NATs and SIP clients, you must use a media relay. Either use ICE and an optional media relay (to offload your relay) or just enforce a relay for every call. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] kamailio tls.reload core dump
Great! Please submit the patch on the bug tracker: https://sip-router.org/tracker/ It will then be reviewed before applying. thanks Klaus On 25.10.2013 01:54, Ding Ma wrote: Is this the right way to build without optimization? make cfg-defs mode=debug We'll try this later. By the way, after looking at the core dump and the TLS code, found a memory leak and an error in tls_free_cfg() and collect_gabarge(). We have patched the code, also implemented the locks and changed the ref_count to volatile based on the recommendations from Jan Janak's email chain. These fixes seem to work. The core dump hasn't happened even if we reload tls every 5 mins when there are some active TLS connections. Can we make these fixes into kamailio code base? What's the process to submit changes for review? Thanks, Ding On 10/24/2013 03:18 AM, Klaus Darilion wrote: You should build Kamailio without optimizations. value optimized out does not bring much information. regards Klaus On 23.10.2013 21:48, Ding Ma wrote: Hi, all This is related to the previous tls.reload not safe email chain. Now we have a detailed gdb output that shows the stack trace of the core dump. Please take a look. This looks like a bug. Please let me know if you have any insights on how to fix this. Thanks, Ding ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] kamailio tls.reload core dump
You should build Kamailio without optimizations. value optimized out does not bring much information. regards Klaus On 23.10.2013 21:48, Ding Ma wrote: Hi, all This is related to the previous tls.reload not safe email chain. Now we have a detailed gdb output that shows the stack trace of the core dump. Please take a look. This looks like a bug. Please let me know if you have any insights on how to fix this. Thanks, Ding ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Monitoring events (presence)
OF course you could just SUBSCRIBE to get NOTIFYs. But then you would need to subscribe to all users (e.g. subscribe a user whenever there is a new registration). I think a cool feature would be a 'wildcard' subscription, e.g.: SUBSCRIBE sip:*@mydomain.com to receive all events of mydomain.com, or SUBSCRIBE *@*. regards Klaus On 21.10.2013 21:56, Paul Belanger wrote: I'm looking for some information about how best to monitor presence events within kamailio? Ideally I'd be writing a python application that will monitor specific endpoints within kamailio and once there state changes I do my thing. I know tapping into the database is an option, but figure I see if there is another method. EG: Opening a websocket to stream events? ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] AWS LOOP detected
On 21.10.2013 22:47, julian arsanches wrote: for now i reply with 488 wich tell me something is bad but i thought that kamailio will know when a message is send from itself to itself. Sending a message to itself is a legal use case (it is called spiraling), thus there is no such automatic detection in Kamailio. Spiraling is OK, as long as the spiral stops somewhere. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Monitoring events (presence)
On 22.10.2013 08:59, Juha Heinanen wrote: Klaus Darilion writes: I think a cool feature would be a 'wildcard' subscription, e.g.: SUBSCRIBE sip:*@mydomain.com to receive all events of mydomain.com, or SUBSCRIBE *@*. yes, cool feature for nsa. :-) They don't need this, as still most people use SIP over UDP instead TLS. Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Record-route in dialog requests
Just as a note: If you need to record_route for in-dialog requests then the clients are buggy and you should report the issue. regards Klaus On 18.10.2013 19:46, Spencer Thomason wrote: Thanks Daniel, That did the trick! BR, Spencer On Oct 18, 2013, at 10:32 AM, Daniel-Constantin Mierla mico...@gmail.com wrote: Hello, On 10/18/13 7:25 PM, Spencer Thomason wrote: Hello, In our network topology we use Kamailio at the edge of our network proxying requests from a core set of FreeSWITCH servers. I have a new termination provider where a session timer ReINVITE fails because the ACK is sent to the contact address of the FreeSWITCH server, not the proxy. Can I Record-Route these in dialog requests? If so, where should I do it in the config? A quick google search returned this thread: https://lists.cs.columbia.edu/pipermail/sip-implementors/2003-June/005089.html which confused me a little. yes, you can re-enforce record route for requests within dialog, although not required by specs. See below the position. My in dialog config block looks like this: # Handle requests within SIP dialogs route[WITHINDLG] { if (has_totag()) { # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { Add it after the above line, like: record_route(); if (is_method(BYE)) { setflag(FLT_ACC); # do accounting ... setflag(FLT_ACCFAILED); # ... even if the transaction fails setflag(FLT_SIPTRACE); } if (is_method(ACK)) { # ACK is forwarded statelessy route(NATMANAGE); } route(RELAY); } else { if ( is_method(ACK) ) { if (t_check_trans()) { # no loose-route, but stateful ACK; # must be an ACK after a 487 # or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction ... ignore and discard exit; } } sl_send_reply(404,Not here); } exit; } } Cheers, Daniel -- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda Kamailio Advanced Trainings - Berlin, Nov 25-28; Miami, Nov 18-20, 2013 - more details about Kamailio trainings at http://www.asipto.com - ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] why kamcmd tls.reload is not safe
I remember that long time ago there was an email discussing the problem in details. MAybe it was on one of the old mailing lists (ser, openser). IIRC the feature and the detailed discussion way by Jan Janak. Maybe this helps you to refine your Google search. regards Klaus On 19.10.2013 21:33, Ding Ma wrote: In the current Kamailio TLS module document, there is a statement about tls.reload being unsafe. But the only way to periodically update CRL without restarting Kamailio is to use tls.reload. In our test with tls.reload for CRL, it seems Kamailio would crash after about 100 times of tls.reload in 5/6 hours. The core dump indicates memory access violation, signal 11. We compiled Kamailio with openssl 1.0.0-fips. Would appreciate some insights on tls.reload and ideas to fix the crash issue. Thanks, ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] syntax error and invalid arguments when trying to start Kamailio
1. you should tell us which line exactly is line 356. 2. Maybe DBURL or MULTIDOMAIN are not defined. regards Klaus On 19.10.2013 23:27, Cory Sanders wrote: Sorry if this is a duplicate email. First one bounced. I am having trouble starting Kamailio. Please see below for the error output and the content of /usr/local/etc/kamailio/kamailio.cfg at the lines noted in the error. Following instrucions at http://www.kamailio.org/wiki/install/4.0.x/git root@proxy:/etc/default# /etc/init.d/kamailio start Not starting Kamailio: invalid configuration file! -e 0(15561) : core [cfg.y:3567]: yyerror_at(): parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 356, column 30-34: syntax error 0(15561) : core [cfg.y:3567]: yyerror_at(): parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 356, column 30-34: Invalid arguments 0(15561) : core [cfg.y:3570]: yyerror_at(): parse error in config file /usr/local/etc/kamailio/kamailio.cfg, line 356, column 35: ERROR: bad config file (3 errors) # - usrloc params - /* enable DB persistency for location entries */ #!ifdef WITH_USRLOCDB modparam(usrloc, db_url, DBURL) modparam(usrloc, db_mode, 2) modparam(usrloc, use_domain, MULTIDOMAIN) #!endif Thanks. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] AWS LOOP detected
It's difficult and time consuming to debug issues without seeing the config file and without seeing the packet traces (ngrep -W byline -d any -t -q -p port 5060). Anyway, as an admin you should understand how Kamailio works. Thus it would be a good exercise to find the problem yourself. In severl places in your config you have routing decisions (if ... {}). Identify these places, and put meaningful logging (xlog(...) ) before and after the if statement. Then make a call and watch the logfile. This will give you an understanding how Kamailio works. regards Klaus On 21.10.2013 16:04, julian arsanches wrote: Daniel, Klaus thanks a lot for your responses i do appreciate them, just got me a bit confuse because on the documents as what Daniel suggest to advertise directive for listen parameter, I do if you see my config below that i advertise it and have an alias, kamailio still sends an invite to itself without recognizing that it came from the internal ip. Is there anything else wrong that i am not putting on my advertise line ? thanks i really apreciate your input. Julian. /listen=udp:1.1.1.1:5060 http://1.1.1.1:5060 advertise2.2.2.2:5060 http://2.2.2.2:5060 // // // alias=1.1.1.1:5060 http://1.1.1.1:5060 http://1.1.1.1:5060 http://1.1.1.1:5060/ // alias=1.1.1.1 // alias=2.2.2.2:5060 http://2.2.2.2:5060 http://2.2.2.2:5060 http://2.2.2.2:5060/ // alias=2.2.2.2/ Hello, for reference, in case kamailio is running behind nat, like on AWS, one should just use advertise directive for listen parameter, like: listen=proto:privateip:port advertise publicip:port See: http://www.kamailio.org/wiki/cookbooks/4.0.x/core#listen It simplifies the config by not needing to use alias parameter, advertised_address/set_addvertised_address() and record_route_preset(). Cheers, Daniel On 10/18/13 8:23 AM, Klaus Darilion wrote: / // // On 17.10.2013 17:31, julian arsanches wrote: // Hi all, before hand thanks for all the support received on this channel. // // I have an issue with an installed server on a aws instance which is // giving me routing loops, my setup is simple, i have alias set for both // ips internal and external and the loop still present when t_relay don't // find any routes to relay it just sent it to itself with the public ip // then the loop starts. // // can any one please advise how can i prevent that or just tell t_relay // that if there is no more routes just respond with a cancel or stop // searching. // // If you call t_relay, then the message will be forwarded to $ru (or to // $du if $du is set). t_relay itself does not have any logic inside. // // Thus, if you do not want a message to be forwarded, then you must not // call t_relay. // // If you do not want to send a message to a certain destination, then // set $ru (the domain part) to the respective destination. // // One issue may be the aliases. If Kamailio thinks that it is not // authoritative for a domain, then it forwards the message to the // domain. Kamailio by default feels authoritative for the IP addresses // on which it listens (the private IP addresses). Thus if a request is // received by Kamailio, but the RURI (request URI, $ru) indicated the // public IP address, KAmailio by default forwards the message to the // respective RURI (which my be forward again by AWS NAT to Kamailio). // // Thus, alias=public.ip.addr.ess must be added to the config. // // If there are still problems you have set debug=4 and track in the log // file how the message is processed, and where the routing decision // takes the wrong direction. // // regards // Klaus // // // same thing happens when a gw code is not found on the dispatcher list // file. // // as i had read by just specifying the alias=domain it should take care of // it but it is not happening perhaps because it is a AWS instance, or most // likely i am missing something after the T_relay to stop the call from // looping. // // I do have several headers fix because i have an asterisk sending calls // with lots of signalling calls added to the call that i need to remove // before the call is passed out to a carrier or another UA, Kamailio is // just proxing the calls between asterisk and the outside world no Media // handling, No registrations. // //Again thanks for any tips to find my answer or if anyone had a similar // issue thanks again. // // thanks for any help . // // Julian. // // on this setup i have // // public ip as 2.2.2.2 // // private IP as 1.1.1.1 // // // #!KAMAILIO // ### Global Parameters # // // #!ifdef WITH_DEBUG // debug=4 // log_stderror=yes // #!else // #debug=2 // #log_stderror=yes // #!endif // // memdbg=5 // memlog=5 // // log_facility=LOG_LOCAL7 // // fork=yes // children=6 // // auto_aliases=no // // // listen=udp:1.1.1.1:5060 http://1.1.1.1:5060 http://1.1.1.1:5060 http://1.1.1.1:5060/ advertise2.2.2.2:5060 http://2.2.2.2:5060 // http
Re: [SR-Users] Loop detected on aws setup
On 17.10.2013 17:31, julian arsanches wrote: Hi all, before hand thanks for all the support received on this channel. I have an issue with an installed server on a aws instance which is giving me routing loops, my setup is simple, i have alias set for both ips internal and external and the loop still present when t_relay don't find any routes to relay it just sent it to itself with the public ip then the loop starts. can any one please advise how can i prevent that or just tell t_relay that if there is no more routes just respond with a cancel or stop searching. If you call t_relay, then the message will be forwarded to $ru (or to $du if $du is set). t_relay itself does not have any logic inside. Thus, if you do not want a message to be forwarded, then you must not call t_relay. If you do not want to send a message to a certain destination, then set $ru (the domain part) to the respective destination. One issue may be the aliases. If Kamailio thinks that it is not authoritative for a domain, then it forwards the message to the domain. Kamailio by default feels authoritative for the IP addresses on which it listens (the private IP addresses). Thus if a request is received by Kamailio, but the RURI (request URI, $ru) indicated the public IP address, KAmailio by default forwards the message to the respective RURI (which my be forward again by AWS NAT to Kamailio). Thus, alias=public.ip.addr.ess must be added to the config. If there are still problems you have set debug=4 and track in the log file how the message is processed, and where the routing decision takes the wrong direction. regards Klaus same thing happens when a gw code is not found on the dispatcher list file. as i had read by just specifying the alias=domain it should take care of it but it is not happening perhaps because it is a AWS instance, or most likely i am missing something after the T_relay to stop the call from looping. I do have several headers fix because i have an asterisk sending calls with lots of signalling calls added to the call that i need to remove before the call is passed out to a carrier or another UA, Kamailio is just proxing the calls between asterisk and the outside world no Media handling, No registrations. Again thanks for any tips to find my answer or if anyone had a similar issue thanks again. thanks for any help . Julian. on this setup i have public ip as 2.2.2.2 private IP as 1.1.1.1 #!KAMAILIO ### Global Parameters # #!ifdef WITH_DEBUG debug=4 log_stderror=yes #!else #debug=2 #log_stderror=yes #!endif memdbg=5 memlog=5 log_facility=LOG_LOCAL7 fork=yes children=6 auto_aliases=no listen=udp:1.1.1.1:5060 http://1.1.1.1:5060 advertise 2.2.2.2:5060 http://2.2.2.2:5060 alias=1.1.1.1:5060 http://1.1.1.1:5060 alias=1.1.1.1 alias=2.2.2.2:5060 http://2.2.2.2:5060 alias=2.2.2.2 port=5060 enable_tls=no #tcp_connection_lifetime=3605 #!ifdef WITH_SRCPATH mpath=modules_k:modules #!else mpath=/usr/lib64/kamailio/modules_k/:/usr/lib64/kamailio/modules/ #!endif loadmodule db_mysql.so ##loadmodule mi_fifo.so loadmodule tm.so loadmodule sl.so loadmodule acc.so loadmodule rr.so loadmodule maxfwd.so loadmodule uac.so loadmodule textops.so loadmodule pv.so loadmodule dispatcher.so loadmodule usrloc.so loadmodule registrar.so loadmodule siputils.so loadmodule sanity.so loadmodule ctl.so loadmodule mi_rpc.so loadmodule avpops.so #!ifdef WITH_NAT loadmodule nathelper.so loadmodule rtpproxy.so #!endif loadmodule xlog.so ##mysqlcdr modparam(acc, db_flag, 2) modparam(acc, db_missed_flag, 3) modparam(acc, report_cancels, 1) modparam(acc, db_url, mysql://openser:password@1.1.1.2/openser http://openser:password@1.1.1.2/openser) modparam(acc, db_extra, from_uri=$fu; to_uri=$tu; intid=$fU; type_call=$si; dst_ip=$ru; carriercode=$tu;callmode=$var(out) ) #loadmodule carrierroute modparam(tm, cancel_b_method, 1) modparam(tm, failure_reply_mode, 3) modparam(tm, fr_timer, 3) modparam(tm, fr_inv_timer, 12) modparam(dispatcher, list_file, /etc/kamailio/dispatcher.lst) modparam(rr, enable_full_lr, 1) #!ifdef WITH_NAT # - rtpproxy params - modparam(rtpproxy, rtpproxy_sock, udp:127.0.0.1:7722 http://127.0.0.1:7722) # - nathelper params - modparam(nathelper, natping_interval, 30) modparam(nathelper, ping_nated_only, 1) modparam(nathelper, sipping_bflag, FLB_NATSIPPING) modparam(nathelper, sipping_from, sip:pin...@kamailio.org mailto:sip%3apin...@kamailio.org) # - mi_fifo params - ##modparam(mi_fifo, fifo_name, /tmp/kamailio_fifo) # params needed for NAT traversal in other modules modparam(nathelper|registrar, received_avp, $avp(RECEIVED)) modparam(usrloc, nat_bflag, FLB_NATB) #!endif modparam(xlog, buf_size, 8192) modparam(xlog, force_color, 1) #carrierroute #modparam(carrierroute, config_file, /etc/kamailio/carrierroute.conf) #end carrierroute modparam(pv, shvset, ruta=s:$ru) modparam(pv, varset,in=s:IN) modparam(pv, varset,out=s:OUT)
Re: [SR-Users] Kamilio and AWS Route 53 latency regions
On 15.10.2013 13:21, Coy Cardwell wrote: Thanks. I am using DB only mode. There will be a number of servers in the end, so i will have to look further into the issue I guess, since assumptions were made about how Kamailio works. From what I can tell, I think I will have to implement the outbound module and a central registrar. Yes, this is probably the better solution, for a scale able network. You can also have multiple central registrars (e.g. which share the DB) as long as IP connectivity between the outbound proxies and registrars is not filtered. klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamilio and AWS Route 53 latency regions
Hi Coy! On 16.10.2013 14:29, Coy Cardwell wrote: Thanks. By as long as IP connectivity between the outbound proxies and registrars is not filtered, what exactly must not be filtered? The proxies and their 'local' registrars will be in the same private IP cloud. Then it should be fine. Are you implying if a proxy tries to reach a nat-ed registrar in another, different, private IP cloud it won't work? Probably it depends on the NAT and how the cloud is connected to the Internet and other clouds. But also NATed servers should be fine, if the NAT does not mangle SIP packets and the proxies are configured to announce the public IP address. Thus, hmm, there may be problems depending on your setup. For example: Internet (public IP) Cloud 1 1.1.1.2outboundproxy 1: 10.0.1.2 1.1.1.3registrar 1: 10.0.1.3 Internet (public IP) Cloud 2 2.2.2.2outboundproxy 2: 10.0.2.2 2.2.2.3registrar 2: 10.0.2.3 If the outboundproxy (OBP) 1 talks to registrar 1, does it us the internal IP addresses or the public IP addresses? For later, Kamailio can be simply configured to announce the public IP addresses in all SIP messages. But if internal traffic uses internal IP addresses, then the OBP is virtual multihomed, and Kamailio must be correctly configured to announce the private IP address when talking to the registrar, but using the public IP address when talking to customer in the Internet. Further, if OBP1 talks to registrar2, then such virtual mutlihomed setups are also needed on the registrar server. Conclusion: I guess every private cloud has different network techniques how traffic is routed externally and internally. Thus, the Kamailio configuration heavily depends on the underlying network (as IP addresses are put into the SIP messages). But at least Kamailio is very flexible and up to now I always have solved strange network setups. regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Kamilio and AWS Route 53 latency regions
Hi! First, if 2 servers share the same DB, then userloc must be switched to DB-only mode: http://kamailio.org/docs/modules/4.0.x/modules/usrloc.html#idp16939424 But this leads you to another problem. As Fred already mentioned, SIP clients (or the NAT of the user) often refuse messages which are not received from the proxy to which the registration was sent. The best solution depends on what you exactly want to achieve and how many servers you want to add. But a simple workaround would be: - both proxies use their own DB - if lookup() fails, then - if requests comes from other proxy - send 404 - if request comes from user - forward to other proxy regards Klaus On 14.10.2013 23:12, Coy Cardwell wrote: Hi All. Fist time poster here, long time geek. I am trying to get Kamilio to work in the following configuration and after days of googling and configuration attempts, I have come here for help. Two servers, both sharing the same database. Server1, Server2. Both servers are behind a NAT (AWS). If I set the DNS to return both IP addresses for the domain on the A record, everything works, all is well. If I set the DNS to return values based on latency and the Calling Client gets Server1's IP Address but the Receiving Client is registered to Server2, the call fails from a timeout. I can see the attempt to go through at the packet level and a 'non-local' socket message as well. If the DNS returns Server2's IP Address and the Receiving Client is registered to Server2, the call completes. I have tried numerous variations of the various 'path' and 'registrar' options with any joy. I tried making one of the servers the central registrar as well. I am not entirely sure I ever set everything correctly, but I have tried numerous combinations. Any thoughts would be appreciated, I only ask this as I think I have exhausted my own list of things to try. Thanks. - Coy Cardwell ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] SIP Trunks
On 14.10.2013 14:57, Keith wrote: Hi, Klaus, thank you for pointing me in the right direction with SIP trunks, got it working so thanks! Basically I did exactly what you said: - Dialled number - Match that number to a registered user (had to create a new table for that) - Lookup user - Replace dialled s@ with original number dialled Works like a charm, however, I have a question over speed and performance. As this is a SQL query and not held in memory is this SQL lookup doing to cause me problems? It's not a big query at the moment, but it could get quite big as I will need to map each number to a registered trunk. It depends on your database. If the database is fast, this is usually not a problem. Many Kamailio users e.g. use the usrloc module without caching, thus every lookup() call requires a DB lookup. Also authentication is usually not cached, and requires a DB lookup for every SIP request (INVITE, REGISTER). Thus, if the DB is fast, you are fine. If the DB is slow or unreliable, then Kamailio is slow too. But usually you anyway need the DB for accounting and authentication - thus if the DB is not available quite often you do not want any calls to proceed (as you can not bill them). Anyway, if you are afraid of DB performance, or you have quite slow queries which usually return the same result, you can use caching using the htable module. See the readme. But a simple example (untested): e.g. you want to cache the DID-to-user mapping for 1 hour. modparam(htable, htable, dids=size=10;autoexpire=3600;) route { # incoming did is in $rU # use the DID as hash key $var(mapping) = $sht(a=$rU); if ( $var(mapping) ) { xlog(Using cached mapping: $rU - $var(mapping)); $rU = $var(mapping); } else { # your code to load the mapping from DB into $var(mapping) . xlog(Loaded mapping from DB: $rU - $var(mapping)); $rU = $var(mapping); # put the mapping into the hash table $sht(a=$rU) = $var(mapping); } lookup(...); regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Scripting - Adding custom code
To dynamically add routes you do not need to understand how the code works. Use one of the routing modules (lcr, drouting, prefix_route, carrierroute ). Ususally they are configured via a DB backend and perform a DB lookup for every call, or cache the routing table and the routing table can be reloaded via an external command. You can also implement the routing logic yourself in kamailio.cfg and e.g. the sqlops module. If you really want to understand the code of Kamailio, see: http://www.asipto.com/pub/kamailio-devel-guide/ regards Klaus Am 09.10.2013 10:20, schrieb Keith: Hi, Wonder if anyone can point me in the right direction, or explain a bit more about how the code in Kamailio works. I am looking to build a front end to Kamailio so I can easily add routes etc without direct access to the config. Thanks, Keith ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] SIP Trunks
Am 09.10.2013 17:56, schrieb Keith: Hi, Can anyone point me in the right direction for setting up SIP trunks? Whenever I send a call to a registered user on a trunk it just sends to destination s@x.x.x.x. Is there anyway to say these extensions are location at this destination IP and port. From Kamailio point of view you do not have a trunk yet. You are having an Asterisk server registering on you Kamailio. If sombeody calls this registered user, the call gets forwarded to Asterisk and the RURI will be identical to the contact registered by Asterisk s@.. So to make a trunk, you need some logic in your Kamailio which: 1. check the called number 2. matches the called to a user 3. lookup the registration of this user 4. somehow signal the called number to this user This 4th step can be done by adding a dedicated header and inspect the header on Asterisk, or use the usual (non standard conform way) to signal the original called number in the user part of the request URI, eg: # save the called number $var(did)=$rU; # look up the did and get the respective user, e.g. use sqlops and SELECT .. . # asume the associated user of the DID is in $var(user) $rU=$var(user); lookup(location); # overwrite the user part with the DID $rU=$var(did); t_relay(); klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Apply changes made to sip reply in onreply_route
Am 08.10.2013 12:14, schrieb Grant Bagdasarian: Hello, I've setup two Kamailio machines, one which does all the processing and the second one which always replies with a 500 Server Internal Error, to test my Dispatcher fail-over. When routing a call, the call is always routed to the second Kamailio first, to test the fail-over. What happens in this scenario is the 500 is received by the main Kamailio and the 500 message is duplicated to the capture server. After this the failure_route kicks in and the 500 is obviously never sent back to the initiator. The changes made to the 500 message (adding a new header), in onreply_route, aren't present when the message is duplicated to the capture server, because the original 500 message is duplicated instead of the modified one. Out of curiosity -why do you add a header to the response if it is likely to be dropped (depending of the response in the second branch)? Just to signal data to the capture server? klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] keep_hf() meaning
Hi! keep_hf() keeps all headers, as every header matches the regexp . IMO an empty regexp should remove all headers (except the mandatory ones). Otherwise I have to use something like keep_hf(hope-this-header-never-exists) regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] append_hf to reply generated by kamailio
Use append_to_reply(txt) before sl_send_reply(): http://kamailio.org/docs/modules/4.1.x/modules/textops.html#idp17040608 regards Klaus On 03.10.2013 11:38, Grant Bagdasarian wrote: Hello, Is it possible to append a new header to a reply generated by Kamailio and also have it present when duplicating the message to a capture server? At the moment the 603 Reply is duplicated to my capture server, but I don’t know how to append a new header, because the kamailio script stops executing after exit is called. From what I understood: onreply_route is only executed when receiving replies. Is there a reply_route which is executed for all replies, including the ones generated by kamailio itself? For instance inside this code block: request_route { . if($var(routing_query_result) =~ DESTINATION_NOT_ALLOWED) { xlog(L_INFO, [R-CORE-INCOMING-INVITE:$ci] ! Rejecting the call, because the destination is not allowed\r\n); sl_send_reply(603, Decline); exit; } . } ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Replace header value in failure_route
Do you need the regex? Does remove/append_hf work? eg: remove_hf(X-Dispatcher); append_hf(X-Dispatcher: $(avp(dsattrs){param.value,dispatcher})); regards klaus On 02.10.2013 15:55, Grant Bagdasarian wrote: Hello, I’m trying to replace the value of a custom header in the failure_route, using the subst function. subst('/^X-Dispatcher:(.+)$/X-Dispatcher: \$(avp(dsattrs){param.value,dispatcher})/i'); I also tried it with the subst_hf, but that didn’t work either. I’m getting the following message: 5(19536) DEBUG: core [re.c:454]: subst_run(): subst_run: running. r=1 5(19536) DEBUG: textops [textops.c:681]: subst_f(): lst was (nil) Does anyone have an idea what I’m doing wrong here? I’m not a regex expert, so I’m guessing there is an error in the pattern. Regards, Grant ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] Websockets Keep-Alive
Hi! Question to the experts: Is keep-alive for the Websockets TCP connection automatically done by the Websockets Layer (client or server), or do I have to do it manually (nathelper pinging). Thanks Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Websockets Keep-Alive
Thanks for the info. btw: Can you recommend a HTML/JS SIP client (open source) for testing purposes? I have written a very limited client based on JsSIP, but now I need some more features for testing and my research did not revealed a nice client. Thanks Klaus On 26.09.2013 14:07, Peter Dunkley wrote: The Kamailio websocket module sends WebSocket pongs in response to WebSocket pings from websocket clients. It can also be configured to send WebSocket pings on idle connections (and does so by default). There is no TCP level stuff here, this is all at the WebSocket layer. Take a look at the keepalive_.* modparams for the websocket module. The TCP connection timeout should be set to something a little greater than the WebSocket ping interval is set to. Regards, Peter On 26 September 2013 12:37, Juha Heinanen j...@tutpro.com mailto:j...@tutpro.com wrote: Klaus Darilion writes: Question to the experts: Is keep-alive for the Websockets TCP connection automatically done by the Websockets Layer (client or server), or do I have to do it manually (nathelper pinging). since websockets uses tcp, kamailio running on linux should automatically do tcp level keepalives. -- juha ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org mailto:sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users -- Peter Dunkley Technical Director Crocodile RCS Ltd ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] kamailio configuration for pass-thru proxy and username rewrite
If you want to hide your upstream providers from your customers, you should use a B2BUA (sems, Asterisk). Probably the most simple setup would be: customers -- Kamailio -- Asterisk -- PSTN Provider Kamailio is used for Registrations, NAT traversal, Authentication ... Calls to the PSTN are routed to your Asterisk. Your Asterisk server will forwards the calls to the PSTN provider. Then you can decide if you use only 1 SIP account between Asterisk and the PSTN provider (then you have to do the billing yourself and separate the customers), or you map every customer to a dedicated SIP accounts on the PSTN provider (then you can use the billing of the PSTN provider, but then for every new customer you have to interact with PSTN provider to get a new SIP account and configure Asterisk to map the internal account to the PSTN provider account). The mapping is easy, e.g. do it in Kamailio and signal the to be used upstream account to Asterisk. But I would do it in Asterisk, e.g. using a DB lookup or use a static mapping if you do not have plenty of customers. regards Klaus On 19.08.2013 11:56, ACW - Florian Schmid wrote: Hello, i am new to kamailio and have some problems creating the configuration. What we have now: A SIP-Provider who gives us sip accounts or sip-trunks with username and passwords. Our customers, where we have to enter the SIP-Provider's userdata. What we want to have: We want to create a sip proxy between the SIP-Provider and our customers. Our customers should not see the userdata from the SIP-Provider, but the customers should get our usernames and passwords. What the new kamailio server should do: Forward the registration and calls to the SIP-Provider's server and change our usernames and passwords to the correct usernames from the SIP-Provider. There should be a translation database table where the usernames and passwords from us and from the SIP-Provider were stored. Every time a phone or asterisk pbx will register or make a call, the kamailio server should change the username and password via the translation database table. The database could be a text file or a mysql database. Is that possible and can someone please help me to manage this? ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] TLS versions and ciphers questions.
Kamailio uses OpenSSL. Thus, it mainly supports what your OpenSSL version supports. This means, Kamailio can use all TLS versions and ciphers that your libssl supports. You can configure Kamailio to use certain ciphers, see: http://kamailio.org/docs/modules/4.0.x/modules/tls.html#cipher_list You can configure also SSL or TLS version, but I do not know if you can force also subversions like TLS1.1 or TLS1.2 (I think this only allows certain extensions, but does not change the protocol itself). I know that at least SNI (server name indication) is supported in Kamailio, which is a TLS extension. regards Klaus On 16.08.2013 13:02, johnc wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Is TLSv1.1 or TLSv1.2 supported by kamailio? Can you point me to a list of ciphersuites supported? Are RFC3268 ciphersuites supported? See: http://www.openssl.org/docs/apps/ciphers.html#AES_ciphersuites_from_RFC3268_e Thanks. Regards, John -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBAgAGBQJSDgajAAoJELy1jPQ1KER7oxsP/3i8HyvuZ3dAPoxKvpYzKhJr 33nTd6OiIAAuRx5DQ8PiWZ2Nhwk5/lDbNq1RxZ5an5EE0+c/wVlqV6vAt18TUlbH CMirkbGcbrtBYcdylDBg7L+4ZxHnoLotwV/u92x5yFCaV/uEmSGfcUqHHobZuD9u P/VKFTTkjnyjQmf2oxkD8ugU/8SiUGvI7zsxT3badbiNEqlqtX9m1Z5f4/j1O0Zn EB7XiinkA5U8QdI9HTa9fcDTXrdh9TwzBUdEGCPGmFb2UG0hZLnEJahOxlGlLmVP 6324C8Wkvtdeu93O7qn74frHkl/pkNbxt1FMRmKcVZv6FvXdLaPQNWk74A4zJX74 fGC2kXN9rNrbFs1gjhJRsCUFOyuVj2JeHkj4Bnkacs4I+u6fZqe2s3U+qDZjyuhN zOTX1nUmTurRe2K8gYMEIK8USc0Lgl3lHe08430vOIx4dmiWHDRrqYjg11PsPoVm 1XG9ha56aFf21ojCEBUGJ28YSTvbGeVWb23UIL0NLFJCQN3iuh1JBU5Culj47JWi UOj/n1zXAGikt3TPCYueJGJAZYyyIFhCC48PVrOWjpa5RFxDoF9ncaRTa8tGQKuC MEFxiRNw/UieVH/OOwntCGsGTdy//RKjYRty2UG9Ud4hUyYHwJdcln3s3oimTWE6 Fp332xBIlKDVv5ZxChm7 =daAm -END PGP SIGNATURE- ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Quick Question
I also saw this recently in Kamailio and can not remember having this seen before. In your case Kamailio is doing some loose-route/strict-route conversion which of course is buggy. I think the problem is related that Kamailio does not correctly identify that the Route header addresses himself. IIRC I solved it by changing the alias= section. I cant remember the details anymore, I played around with adding/removing the port from the alias command and suddenly it worked. You see the aliases when you start Kamailio. For debugging set debug=4 and inspect the log file for the INVITE. When entering loose_route() you see lots of myself === where Kamailio compares the Route header address with the local aliases (and listen sockets). I guess it matches (otherwise loose_route would fail). Then see if Kamailio maybe prints some log messages why it is doing loose/strict-routing conversion. regards Klaus On 15.08.2013 01:31, Geoffrey Mina wrote: Can anyone tell me why Kamailio 4.0 is sending the INVITE out with the Route Header intact? The call is running through this block which I thought should remove it before sending it out. The far end is having a hard time dealing with the fact that the Route header is in there and we aren't looking for strict routing. if(is_present_hf(P-Proxy-Route)){ xlog(L_ERR,We have a Proxy Route request, performing loose routing to end point [$(hdr(Route))]); remove_hf(P-Proxy-Route); remove_hf(Route); if(loose_route()){ route(RELAY); }else{ sl_send_reply(404,Unable to route request); } } Here is the inbound and outbound INVITE (I have removed hosts and IPs intentionally) IN: INVITEsip:1177000...@dialer201.blah.com:5060 http://sip:1177000...@dialer201.blah.com:5060 SIP/2.0 Via: SIP/2.0/UDP 0.0.0.0:5060;branch=z9hG4bK7495b309;rport From: +14109972688 sip:+14109972...@blah.com mailto:sip%3a%2b14109972...@blah.com;tag=as11488f8f To: sip:1177000...@dialer201.blah.com:5060 http://sip:1177000...@dialer201.blah.com:5060 Contact: sip:+14109972688@0.0.0.0 mailto:sip%3A%2B14109972688@0.0.0.0 Call-ID:629cb67912fd16af758e6e7e67e89...@blah.com mailto:629cb67912fd16af758e6e7e67e89...@blah.com CSeq: 102 INVITE User-Agent: Asterisk PBX Max-Forwards: 70 Date: Wed, 14 Aug 2013 23:27:17 GMT Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO Supported: replaces Route: sip:1177000...@sipgateway.blah.com mailto:sip%3a1177000...@sipgateway.blah.com P-Proxy-Route: Yes Content-Type: application/sdp Content-Length: 242 OUT: INVITEsip:1177000...@sipgateway.blah.com mailto:sip%3a1177000...@sipgateway.blah.com SIP/2.0 Record-Route: sip:0.0.0.0;lr;ftag=as11488f8f Via: SIP/2.0/UDP 0.0.0.0;branch=z9hG4bK2a77.07f36206.0 Via: SIP/2.0/UDP 0.0.0.0:5060;branch=z9hG4bK7495b309;rport=5060 From: +14109972688 sip:+14109972...@blah.com mailto:sip%3a%2b14109972...@blah.com;tag=as11488f8f To: sip:1177000...@dialer201.blah.com:5060 http://sip:1177000...@dialer201.blah.com:5060 Contact: sip:+14109972688@0.0.0.0 mailto:sip%3A%2B14109972688@0.0.0.0 Call-ID:629cb67912fd16af758e6e7e67e89...@cf-dialer.com mailto:629cb67912fd16af758e6e7e67e89...@cf-dialer.com CSeq: 102 INVITE User-Agent: Asterisk PBX Max-Forwards: 16 Date: Wed, 14 Aug 2013 23:27:17 GMT Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO Supported: replaces Content-Type: application/sdp Content-Length: 242 Route: sip:1177000...@dialer201.blah:5060 ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Content-Type Header missing from third part registration
Yes, it seems that you detected a bug. You can try to add it yourself and submit a patch to the tracker, or send another email with bug in S-CSCF module with the below REGISTER trace and the description to sr-dev. Maybe the IMS guys will then handle it. regards Klaus On 12.08.2013 16:06, Ziad Habchi wrote: Dear Dragos, Did you get my email ? any updates regarding the below? Regards, Ziad Habchi -Original Message- From: Ziad Habchi [mailto:ziad.hab...@jinnysoftware.com] Sent: Thursday, August 8, 2013 10:38 AM To: 'Dragos Vingarzan' Cc: 'Klaus Darilion'; 'Kamailio (SER) - Users Mailing List'; 'mona.ha...@jinnysoftware.com' Subject: RE: [SR-Users] Content-Type Header missing from third part registration Drogos, Below is a sample sip packet sent from the Kamailio S-CSCF to the AS RREGISTER sip:ip-sm-gw.ims-core:5070 SIP/2.0 Via: SIP/2.0/UDP 192.168.49.164:6060;branch=z9hG4bKf162.bf939204.0 To: sip:+1234567890@ims-core From: sip:scscf;tag=8c3594ac027a3ba0f0a908969aadf227-6014 CSeq: 10 REGISTER Call-ID: 7fefec00-10930@192.168.49.164 Content-Length: 72 User-Agent: Kamailio S-CSCF Event: registration Max-Forwards: 10 Expires: 600120 Contact: sip:scscf P-Visited-Network-ID: ims-core P-Access-Network-Info: ADSL;utran-cell-id-3gpp= ims-3gpp version=1service-info1234567890/service-info/ims-3gpp As you can see, the Content-Type Header is missing from the packet. Regards, Ziad Habchi -Original Message- From: Ziad Habchi [mailto:ziad.hab...@jinnysoftware.com] Sent: Thursday, August 8, 2013 10:08 AM To: 'Dragos Vingarzan' Cc: 'Klaus Darilion'; 'Kamailio (SER) - Users Mailing List'; 'mona.ha...@jinnysoftware.com' Subject: RE: [SR-Users] Content-Type Header missing from third part registration Hi Dragos, Thank you again for your quick reply. As per the current implementation of the ims_isc module, the S-CSCF is sending the 3-rd party REGISTER towards the ASs listed in the reply from the HSS. In the third_party_reg.c source file, line 113 to 130 lists the header and body of the register that is being generated and send to the AS. Those headers and body is done according to the specs, but the only header missing is the Content-Type header. I believe that this header should be included according to the 3GPP TS 24.229. Let me know if I am still not being clear, I appreciate your help, and I am waiting for your reply. Thank you, Ziad Habchi -Original Message- From: Dragos Vingarzan [mailto:dragos.vingar...@fokus.fraunhofer.de] Sent: Wednesday, August 7, 2013 6:19 PM To: Ziad Habchi Cc: 'Klaus Darilion'; 'Kamailio (SER) - Users Mailing List' Subject: Re: [SR-Users] Content-Type Header missing from third part registration Hello Ziad, maybe you should make a clarification, because, AFAIR, the REGISTER is not really forwarded! It is actually that the S-CSCF is creating additional B2B dummy REGISTER messages. And these might not be up to the spec... But anyway, what should this B2B REGISTER requests contain? Because I think now they don't include anything, hence why the header ?... Cheers, -Dragos On 08/07/2013 05:05 PM, Ziad Habchi wrote: Hi Klaus, According to 3GPP TS 24.229 Release 5 , section 5.4.1.7 - g (Notification of Application Servers about registration status) the S-CSCF shall set the value of the Content-Type header to include the MIME type specified The Register is being forwarded to the Application Server and not to a client , and according to the specs, the content-type header should be included in the forwarded SIP packet. Please let me know if I clarified my point well. Thank you for your support. Ziad Habchi -Original Message- From: Klaus Darilion [mailto:klaus.mailingli...@pernau.at] Sent: Wednesday, August 7, 2013 5:38 PM To: Kamailio (SER) - Users Mailing List Cc: Ziad Habchi; dragos.vingar...@fokus.fraunhofer.de Subject: Re: [SR-Users] Content-Type Header missing from third part registration On 07.08.2013 13:42, Ziad Habchi wrote: Hi , I managed to run Kamailio to replace OpenIMSCore. I am using boghe client to sign in, when I do so , my registration is forwarded as per the trigger point to my AS server. As I notice , the REGISTER request miss Content-Type header which is mandatory in the 3gpp TS . Is this configurable ? Am I doing something wrong or is it a bug? So, what is the problem? If the header is missing in the request, the the client has to add it to the request. In what way do you want to change the behavior of Kamailio? What is it currently doing with the malformed REGISTER request and what do you expect Kamailio to do with the malformed REGISTER request? regards Klaus . -- - Dipl. Eng. Dragos Vingarzan Fraunhofer FOKUS/NGNI Kaiserin-Augusta-Allee 31 10589 Berlin,Germany Phone +49 (0)30 - 3463 - 7385 Mobile +49 (0)176 - 48 32 16 00 Web www.fokus.fraunhofer.de www.openepc.net www.openimscore.org
Re: [SR-Users] Trouble when bridging call between UDP and TCP clients behind NAT
It seems that there is a NAT-ALG between the client and the proxy which rewrites the VIa header and Contact header. These ALGs are quite often buggy and should be avoided. Further, as the ALG rewrites the IP addresses, it may be that your configuration does not detect the client as NATed and thus does not NAT traversal. You can try: a) comment all nat_uac_test() functions in your config and force NAT traversal always. This may help against the broken ALG b) move to a different port, e.g. port 4567. Many ALGs trigger the rewrite if they see messages to/from port 5060. c) use TLS, then the ALG can not rewrite the message regards Klaus On 09.08.2013 13:22, Roberto Fichera wrote: Hi All, I'm try to setup kamilio v4.0.2 under a Fedora18 64bits having a public address in order to bridge calls between UDP and TCP clients. Everything works pretty fine between UDP clients even if behind NAT. But as soon as one TCP client is being called I'm getting this below on kamailio side. Note that the port is wrong and the TCP client doesn't get aliased nor tcp port remappend or received field is set: Call-ID: 23306738-94b3-49b5-b7e8-dc1b8a8061db CSeq: 50696 REGISTER User-Agent: PJSUA v2.1-svn Linux-3.10.5.44/x86_64/glibc-2.17 Supported: outbound, path Contact: sip:528@94.94.X.X:1117;transport=TCP;ob;reg-id=1;+sip.instance=urn:uuid:----be3c954f Expires: 300 Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, INFO, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS Content-Length: 0 SIP/2.0 401 Unauthorized Via: SIP/2.0/TCP 94.94.X.X:56120;rport=56120;branch=z9hG4bKPj75004c2a-7ba3-4807-805c-a3ac8016e5b7;alias From: sip:528@test.domain;hide;tag=93cc1d8e-9ccc-4d36-8587-923ff44daf89 To: sip:528@test.domain;hide;tag=333a0370df4a40d5d5a0c21bb156e2a6.aab2 Call-ID: 23306738-94b3-49b5-b7e8-dc1b8a8061db CSeq: 50696 REGISTER WWW-Authenticate: Digest realm=test.domain, nonce=UgOcJlIDmvotaQR8dxYacL2fFlyotlC2 Server: kamailio (4.0.2 (x86_64/linux)) Content-Length: 0 REGISTER sip:test.domain;transport=tcp;hide SIP/2.0 Via: SIP/2.0/TCP 94.94.X.X:56120;rport;branch=z9hG4bKPja2e404d0-9812-4b7b-b86b-3f3b1a27d204;alias Max-Forwards: 70 From: sip:528@test.domain;hide;tag=93cc1d8e-9ccc-4d36-8587-923ff44daf89 To: sip:528@test.domain;hide Call-ID: 23306738-94b3-49b5-b7e8-dc1b8a8061db CSeq: 50697 REGISTER User-Agent: PJSUA v2.1-svn Linux-3.10.5.44/x86_64/glibc-2.17 Supported: outbound, path Contact: sip:528@94.94.X.X:1117;transport=TCP;ob;reg-id=1;+sip.instance=urn:uuid:----be3c954f Expires: 300 Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, INFO, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS Authorization: Digest username=528@test.domain, realm=test.domain, nonce=UgOcJlIDmvotaQR8dxYacL2fFlyotlC2, uri=sip:test.domain;transport=tcp;hide, response=d6e93d582744a3cf12cc48989f66872e Content-Length: 0 SIP/2.0 200 OK Via: SIP/2.0/TCP 94.94.X.X:56120;rport=56120;branch=z9hG4bKPja2e404d0-9812-4b7b-b86b-3f3b1a27d204;alias From: sip:528@test.domain;hide;tag=93cc1d8e-9ccc-4d36-8587-923ff44daf89 To: sip:528@test.domain;hide;tag=333a0370df4a40d5d5a0c21bb156e2a6.d863 Call-ID: 23306738-94b3-49b5-b7e8-dc1b8a8061db CSeq: 50697 REGISTER Contact: sip:528@94.94.X.X:1117;transport=TCP;ob;expires=300;+sip.instance=urn:uuid:----be3c954f;reg-id=1 Server: kamailio (4.0.2 (x86_64/linux)) Content-Length: 0 Thus, kamailio trigger this error: Aug 9 09:20:47 proxy /usr/sbin/kamailio[3553]: ERROR: core [tcp_main.c:4247]: handle_tcpconn_ev(): connect 94.94.X.X:1117 failed From the client side (pjsua client) the log looks: REGISTER sip:test.domain;transport=tcp;hide SIP/2.0 Via: SIP/2.0/TCP 192.168.2.90:56120;rport;branch=z9hG4bKPj75004c2a-7ba3-4807-805c-a3ac8016e5b7;alias Max-Forwards: 70 From: sip:528@test.domain;hide;tag=93cc1d8e-9ccc-4d36-8587-923ff44daf89 To: sip:528@test.domain;hide Call-ID: 23306738-94b3-49b5-b7e8-dc1b8a8061db CSeq: 50696 REGISTER User-Agent: PJSUA v2.1-svn Linux-3.10.5.44/x86_64/glibc-2.17 Supported: outbound, path Contact: sip:528@192.168.2.90:5060;transport=TCP;ob;reg-id=1;+sip.instance=urn:uuid:----be3c954f Expires: 300 Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, INFO, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS Content-Length: 0 --end msg-- SIP/2.0 401 Unauthorized Via: SIP/2.0/TCP 192.168.2.90:56120;rport=56120;branch=z9hG4bKPj75004c2a-7ba3-4807-805c-a3ac8016e5b7;alias From: sip:528@test.domain;hide;tag=93cc1d8e-9ccc-4d36-8587-923ff44daf89 To: sip:528@test.domain;hide;tag=333a0370df4a40d5d5a0c21bb156e2a6.aab2 Call-ID: 23306738-94b3-49b5-b7e8-dc1b8a8061db CSeq: 50696 REGISTER WWW-Authenticate: Digest realm=test.domain, nonce=UgOcJlIDmvotaQR8dxYacL2fFlyotlC2 Server: kamailio (4.0.2 (x86_64/linux)) Content-Length: 0 --end msg-- REGISTER sip:test.domain;transport=tcp;hide SIP/2.0 Via: SIP/2.0/TCP 192.168.2.90:56120;rport;branch=z9hG4bKPja2e404d0-9812-4b7b-b86b-3f3b1a27d204;alias Max-Forwards: 70 From:
Re: [SR-Users] Content-Type Header missing from third part registration
On 07.08.2013 13:42, Ziad Habchi wrote: Hi , I managed to run Kamailio to replace OpenIMSCore. I am using boghe client to sign in, when I do so , my registration is forwarded as per the trigger point to my AS server. As I notice , the REGISTER request miss Content-Type header which is mandatory in the 3gpp TS . Is this configurable ? Am I doing something wrong or is it a bug? So, what is the problem? If the header is missing in the request, the the client has to add it to the request. In what way do you want to change the behavior of Kamailio? What is it currently doing with the malformed REGISTER request and what do you expect Kamailio to do with the malformed REGISTER request? regards Klaus ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] tls client to udp proxy
Inspect the received ACK (log $mb) and check the RURI, and Route headers. Maybe the show some bugs. Also, if you manually apply routing to in-dialog requests (e.g. forcing the send socket) make sure to not make mistakes. regards Klaus On 12.07.2013 17:52, hiro wrote: hi I have set up tls on kamailio successfully, but when I relay a TLS client to an other proxy ($ru = sip: + $rU + @ + 127.0.0.1:5070;transport=udp;) via udp I get error messages. From the timing it seems like this warning always appears after I get 200OK from proxy, the Invite gets sent correctly, but kamailio seems to fail while sending back the ACK. 18(11231) WARNING: core [forward.c:270]: WARNING: get_send_socket: protocol/port mismatch (forced udp:77.180.86.63:5060, to tls:127.0.0.1:5070) TCP-UDP works. TCP-TCP works. UDP-UDP works. UDP-TCP works. TLS-TCP works. TLS-UDP doesn't work. ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users ___ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users