Thanks Karsten. The setup consists of client connecting to kamailio over WS (10.0.0.14). Kamailio needs to proxy the requests to SIP server (10.0.0.100) over TLS. As per your suggestion, I modified the dispatch list as below
# setid(integer) destination(sip uri) flags (integer, optional), priority(int,opt), attrs (str,optional) 1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.14:5061 ;ping_from=sip:10.0.0.14 With above, kamailio replies to REGISTER with "SIP/2.0 404 No destination". And in the logs, I see following statement. 1(2281) DEBUG: dispatcher [dispatch.c:3125]: ds_check_timer(): no destination sets What does this mean? Is kamailio not able to talk to SIP server for some reason? Regards On Fri, Nov 8, 2019 at 11:55 PM Karsten Horsmann <[email protected]> wrote: > Hi, > > > Your config line for the dispatcher makes no sense for me. > > 1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.100:5061; > ping_from=sip:10.0.0.14 > > > Means setid 1007 (like an group to arrange multiple targets) okay. > But sip:10.0.0.100:5061;transport=tls is the dispatcher target Uri. Where > your calls are placed when you call the dispatcher function with setid 1007. > > In combination with socket=10.0.0.100:5061 (that indicates your Kamailio > socket, the proxy ip) > That you talking with yourself. > > You should read the module documentations for dispatcher and tls. > > Or describe your ip setup and your config a bit more. > > Cheers > Karsten > > sthustfo <[email protected]> schrieb am Fr., 8. Nov. 2019, 17:41: > >> Hi Karsten, David, >> >> Thanks for your pointers. Earlier I was using mysql backend where the >> dispatch list was stored. Now following your suggestions, I have switched >> to dispatcher list in a file (/etc/kamailio/dispatcher.list) and put in the >> following >> >> # setid(integer) destination(sip uri) flags (integer, optional), >> priority(int,opt), attrs (str,optional) >> 1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.100:5061 >> ;ping_from=sip:10.0.0.14 >> >> Even with this, when HTTP request in, the same is upgraded to WS >> connection. But this gets closed after couple of seconds. Does the below >> log indicate anything? >> >> 9(1784) exec: *** cfgtrace:request_route=[xhttp:request] >> c=[/etc/kamailio/kamailio.cfg] l=1112 a=2 n=exit >> 9(1784) DEBUG: <core> [core/usr_avp.c:636]: destroy_avp_list(): >> destroying list (nil) >> >> Is there any way to understand what's happening? I do not see any other >> error lin logs. >> >> Thanks. >> >> >> >> On Thu, Nov 7, 2019 at 2:34 PM Daniel-Constantin Mierla < >> [email protected]> wrote: >> >>> Hello, >>> On 06.11.19 20:46, Karsten Horsmann wrote: >>> >>> Hi, >>> >>> the sips Uri schemata is not used for tls with dispatcher. >>> >>> jumping in to clarify a bit about sips protocol schema. It doesn't imply >>> TLS as one may think HTTPS does it for HTTP. The sips is mandating that the >>> traffic goes over secure links, which can be IPSec/VPN or even just private >>> network, so it is ok using UDP or TCP when sips is present. >>> >>> In SIP, if TLS is wanted, then transport=tls has to be added to the URI. >>> >>> As for dispatcher, one more clarification: trasport=tls in attrs has >>> nothing to do with the destination address, so that has to be in the value >>> of the destination field, as Karsten gave in his example. >>> >>> And, as general note: better do not use sips at all, it can mess up some >>> nodes in the path, if you are not sure about the need of sips -- just do >>> uri;trasport=tls. >>> >>> Cheers, >>> Daniel >>> >>> >>> Here an example for flatfile dispatcher.list (need corrected values). >>> >>> The socket line must match an listen directive in your Kamailio.cfg. >>> >>> >>> root@sbc1:~# cat /etc/kamailio/dispatcher.list >>> # setid(integer) destination(sip uri) flags (integer, optional), >>> priority(int,opt), attrs (str,optional) >>> 1007 sip:sip.pstnhub.microsoft.com;transport=tls 0 3 >>> socket=tls:212.xx.xx.xx:5061;ping_from=sip:sbc-d01.yourdomain >>> >>> Cheers >>> Karsten >>> >>> sthustfo <[email protected]> schrieb am Mi., 6. Nov. 2019, 20:32: >>> >>>> I have a basic setup where kamailio receives SIP over websocket (no >>>> WSS) and forwards to SIP server over TLS. I have enabled TLS in >>>> kamailio.cfg and added dispatcher node as sips:SIP_SERVER:5061 and >>>> transport=tls. >>>> >>>> >>>> +----+-------+------------------------+-------+----------+---------------+----------------+ >>>> | id | setid | destination | flags | priority | attrs >>>> | description | >>>> >>>> +----+-------+------------------------+-------+----------+---------------+----------------+ >>>> | 4 | 1 | sips:10.0.0.100:5061 | 0 | 0 | transport=tls >>>> | SIP SERVER | >>>> >>>> +----+-------+------------------------+-------+----------+---------------+----------------+ >>>> >>>> Now when REGISTER is received over websocket, kamailio is responding >>>> with error code 500 and phrase "500 I'm terribly sorry, server error >>>> occurred (7/SL)". And on the console I see the following error messages. >>>> >>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core> >>>> [core/md5utils.c:67]: MD5StringArray(): MD5 calculated: >>>> f1ecf7bcb659b07fe81e332e100044e5 >>>> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm >>>> [ut.h:315]: uri2dst2(): no corresponding socket found for "10.0.0.100" af 2 >>>> (tls:10.0.0.100:5061) >>>> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm >>>> [t_fwd.c:467]: prepare_new_uac(): can't fwd to af 2, proto 3 (no >>>> corresponding listening socket) >>>> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm >>>> [t_fwd.c:1735]: t_forward_nonack(): failure to add branches >>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm >>>> [t_funcs.c:334]: t_relay_to(): t_forward_nonack returned error -7 (-7) >>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm >>>> [t_funcs.c:352]: t_relay_to(): -7 error reply generation delayed >>>> 12(33858) exec: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} *** >>>> cfgtrace:request_route=[RELAY] c=[/etc/kamailio/kamailio.cfg] l=587 a=24 >>>> n=sl_reply_error >>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core> >>>> [core/msg_translator.c:162]: check_via_address(): (10.0.0.14, >>>> hsvmphm3ps12.invalid, 0) >>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} websocket >>>> [ws_conn.c:452]: wsconn_get(): wsconn_get for id [3] >>>> >>>> *tls.cfg contents* >>>> [client:default] >>>> method = TLSv1 >>>> verify_certificate = yes >>>> require_certificate = yes >>>> private_key = /home/test/kamailio/internal.key >>>> certificate = /home/test/kamailio/internal.crt >>>> ca_list = /home/test/kamailio/ca_list.pem >>>> >>>> Any reason why this error is seen? Any inputs appreciated. >>>> >>>> Thanks. >>>> _______________________________________________ >>>> Kamailio (SER) - Users Mailing List >>>> [email protected] >>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>>> >>> >>> _______________________________________________ >>> Kamailio (SER) - Users Mailing >>> [email protected]https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>> >>> -- >>> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- >>> www.linkedin.com/in/miconda >>> Kamailio World Conference - April 27-29, 2020, in Berlin -- >>> www.kamailioworld.com >>> >>> _______________________________________________ >>> Kamailio (SER) - Users Mailing List >>> [email protected] >>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >>> >> _______________________________________________ >> Kamailio (SER) - Users Mailing List >> [email protected] >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >> > _______________________________________________ > Kamailio (SER) - Users Mailing List > [email protected] > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >
_______________________________________________ Kamailio (SER) - Users Mailing List [email protected] https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
