Issue documented here https://github.com/moby/libnetwork/issues/2423
you can use /usr/bin/docker run --net=host --privileged --rm claesjonsson/conntrack -D --proto udp On Mon, Jul 27, 2020 at 10:28 AM Edward Romanenco <[email protected]> wrote: > Hi, > > I am working on a project involving Kamailio dockerezation, which is meant > to run alongside Freeswitch and RTPEngine containers, on the basis of a > Docker-Compose file which is launched on top of a CentOS 7.7 host system. > I was able to create and run the containers successfully, they are > starting and listening to the correct ports, but for some unexplained > reason - the incoming SIP traffic is not getting picked up by Kamailio. I > can easily trace the traffic from the host, but when SSHing the container > and running a test from within, no traffic goes by. > I've used netcat to generate plain UDP traffic to the container, and it > was logged into the Kamailio log files, but real-life traffic doesn't seem > to work. > I've tried moving to host mode (from bridge), but it didn't make any > difference. All required firewall rules were opened obviously, I've also > tried shutting the firewall off completely but it didn't help. > > Does anyone experienced anything similar while running Kamailio in > Dockers, and could provide me a go-through on what steps did he take to fix > it? > > EXCERPT FROM MY DOCKERFILE > > # Getting Kamailio source code from GIT > RUN mkdir -p /usr/local/src/kamailio-5.3 > WORKDIR /usr/local/src/kamailio-5.3 > RUN git clone --depth 1 --no-single-branch > https://github.com/kamailio/kamailio > WORKDIR /usr/local/src/kamailio-5.3/kamailio > RUN git checkout -b 5.3.2 > > # Compile the source code and install Kamailio > RUN make include_modules="phonenum db_mysql xmlrpc http_async_client jansson > auth_db nathelper websocket tls outbound topoh http_client" cfg && \ > make all && make install > > # Default setting is to run Kamailio as user “kamailio” and group “kamailio” > RUN adduser --quiet --system --group --disabled-password \ > --shell /bin/false --gecos "Kamailio" \ > --home /var/run/kamailio kamailio > > # To use init.d script for starting/stopping the Kamailio server > COPY Init/kamailio /etc/init.d/ > RUN chmod 755 /etc/init.d/kamailio > COPY Default/kamailio /etc/default/ > COPY kamailio.service /etc/systemd/system/ > RUN mkdir -p /var/run/kamailio > RUN chown kamailio:kamailio /var/run/kamailio > > COMPOSE (BRIDGE NETWORK VERSION) > > kamailioegress: > build: kamailio_egress > image: kamailioegress:latest > container_name: kamailioegress > restart: always > environment: > - DATABASE=kamailioe > - SIP_DOMAIN=XXX > - DBHOST=kamailiodb > - DBROOTUSER=root > - DBROOTPASS=XXX > - PUBLIC_IPV4=XXX > depends_on: > - Kamailio-Base > - kmdb > - freeswitch > - rtpengine > expose: > - "5060/udp" > - "5060/tcp" > ports: > - "XXX:5060:5060/udp" > networks: > private-net: > ipv4_address: "172.18.0.30" > deploy: > mode: replicated > replicas: 1 > restart_policy: > condition: always > delay: 5s > max_attempts: 3 > window: 120s > > networks: > private-net: > driver: bridge > ipam: > config: > - subnet: 172.18.0.0/16 > driver_opts: > com.docker.network.bridge.name: wrtcpriv > public-net: > external: > name: host > > COMPOSE (HOST MODE VERSION) > > kamailioegress: > build: kamailio_egress > image: kamailioegress:latest > container_name: kamailioegress > network_mode: host > restart: always > environment: > - DATABASE=kamailioe > - SIP_DOMAIN=XXX > - DBHOST=172.18.0.10 > - DBROOTUSER=root > - DBROOTPASS=XXX > - PUBLIC_IPV4=XXX > - EGPORT=5060 > - LINTE=ens224 > - LINTI=ens192 > - RTPENGINE=localhost > depends_on: > - Kamailio-Base > - kmdb > - freeswitch > - rtpengine > expose: > - "5060/udp" > ports: > - "213.8.76.13:5060:5060/udp" > deploy: > mode: replicated > replicas: 1 > restart_policy: > condition: always > delay: 5s > max_attempts: 3 > window: 120s > > CONFIG FILE > > /* uncomment and configure the following line if you want Kamailio to > * bind on a specific interface/port/proto (default bind on all available) */ > listen=udp:0.0.0.0:LPORT advertise PUBLIC_IP:LPORT > > KAMAILIO-LOCALE > > #!define DBURL "mysql://root:XXX@DBHOST/kamailioe" > #!substdef "!MY_DBURL!mysql://root:XXX@DBHOST/kamailioe!g" > #!substdef "!RTPENGINE!MY_RTPENGINE!g" > #!substdef "!SIP_DOMAIN!MY_SIP_DOMAIN!g" > #!substdef "!PUBLIC_IP!MY_PUBLIC_IP!g" > #!substdef "!PRIVATE_IP!MY_PRIVATE_IP!g" > #!substdef "!LPORT!MY_LPORT!g" > #!substdef "!LINT!MY_LINT!g" > #!substdef "!HOMER_IP!10.1.0.100!g" > #!substdef "!API_URL!http://localhost:3000/v1/mock!g"; > #!substdef "/CCODES/972|380/" > #!substdef "/NUM_TRANSLATE_OUT_RE/\\\\+?(CCODES)([0-9]+)/" > #!substdef "/NUM_TRANSLATE_IN_RE/0([0-9]+)/" > > FIREWALL RULES > > -bash-4.2# firewall-cmd --list-all > public (active) > target: default > icmp-block-inversion: no > interfaces: ens192 ens224 > sources: 192.168.1.39 > services: dhcpv6-client http https sip ssh > ports: 9323/tcp 9323/udp > protocols: > masquerade: no > forward-ports: > source-ports: > icmp-blocks: > rich rules: > rule family="ipv4" destination address="XXX" port port="5060" > protocol="udp" accept > rule family="ipv4" destination address="XXX" port port="5060" > protocol="tcp" accept > > NETSTAT OUTPUT > Active Internet connections (only servers) > Proto Recv-Q Send-Q Local Address Foreign Address State > PID/Program name > udp 0 0 XXX:5060 0.0.0.0:* > 22479/kamailio > > Edward > > _______________________________________________ > Kamailio (SER) - Users Mailing List > [email protected] > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >
_______________________________________________ Kamailio (SER) - Users Mailing List [email protected] https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
