Hi Mehai, Bind rtpengine with local ip as well.
use direction flags in rtpengine_offer function . https://kamailio.org/docs/modules/5.2.x/modules/rtpengine.html#rtpengine.f.rtpengine_offer >From Rtpenigne Doc: direction Contains a list of two strings and corresponds to the *rtpproxy* e and i flags. Each element must correspond to one of the named logical interfaces configured on the command line (through --interface). For example, if there is one logical interface named pub and another one named priv, then if side A (originator of the message) is considered to be on the private network and side B (destination of the message) on the public network, then that would be rendered within the dictionary as: { ..., "direction": [ "priv", "pub" ], ... } Cheers, Arqum On Fri, May 21, 2021 at 10:39 PM Mihai Cezar <[email protected]> wrote: > Hi All, > > I've been using Kamailio as a proxy for asterisk (with public ips), > everything was fine until i've changed the setup to private ips for > asterisk. > > What I did so far: > - Kamailio and rtpengine are on a box with 1 public IP. > - Asterisk containers on private ips each asterisk has 2 trunks ( > 1trunk voip provider 1trunk the Proxy). > > What works: > - Proxy registrations and sip signaling works. > > What it does not work: > - On the asterisk I got only on rtp connexion, my guess is that has > something to do with the SDP, asterisk put the private ip in the SDP > header. > > RTPengine is configured using this guide > https://github.com/sipwise/rtpengine > > Can you have a look at the kamailio config, i think i am missing > something or do something wrong. > > Thank you! > > command to start was: > rtpengine --table=42 --listen-ng=127.0.0.1:2223 > --interface=public/110.20.20.1 --tos=184 --pidfile=/run/rtpengine.pid > --no-fallback > > and the Kamailio cfg is this: > > #!KAMAILIO > > #!define FLT_ACC 1 > #!define FLT_ACCMISSED 2 > #!define FLT_ACCFAILED 3 > #!define FLT_FS 10 > > #!define FLT_NATS 5 > #!define FLB_NATB 6 > #!define FLB_NATSIPPING 7 > > #!define WITH_DEBUG > #!define WITH_NAT > > > ## This is the main configuration file for our proxy! > > ####### Global Parameters ######### > > #!ifdef WITH_DEBUG > debug=4 > memdbg=5 > memlog=5 > log_stderror=yes > disable_core_dump=no > sip_warning=yes > #!else > debug=-0 > log_stderror=no > sip_warning=no > disable_core_dump=yes > #!endif > > log_facility=LOG_LOCAL0 > > fork=yes > children=8 > auto_aliases=no > port=5060 > disable_tcp=yes > > server_id = 1 > server_signature=yes > server_header="Server: proxy" > > dns_try_ipv6=no > dns_try_naptr=no > dns_retr_time=1 > dns_retr_no=1 > rev_dns=no > > ####### Modules Section ######## > > #loadmodule "db_mysql.so" > loadmodule "jsonrpcs.so" > loadmodule "kex.so" > loadmodule "corex.so" > loadmodule "tm.so" > loadmodule "tmx.so" > loadmodule "sl.so" > loadmodule "rr.so" > loadmodule "pv.so" > loadmodule "maxfwd.so" > loadmodule "usrloc.so" > loadmodule "registrar.so" > loadmodule "textops.so" > loadmodule "siputils.so" > loadmodule "xlog.so" > loadmodule "sanity.so" > loadmodule "ctl.so" > loadmodule "acc.so" > loadmodule "dispatcher.so" > loadmodule "path.so" > loadmodule "nathelper.so" > loadmodule "rtpengine.so" > > > ####### Modules Settings > # ----------------- setting module-specific parameters --------------- > > modparam("xlog", "buf_size", 4096) > modparam("xlog", "prefix", "xlog: ") > modparam("xlog", "log_facility", "LOG_DAEMON") > modparam("xlog", "log_colors", "L_ERR=cr") > modparam("xlog", "log_colors", "L_ERR=cr;L_WARN=px") > > # ----- jsonrpcs params ----- > modparam("jsonrpcs", "pretty_format", 1) > > # ----- tm params ----- > modparam("tm", "failure_reply_mode", 3) > modparam("tm", "fr_timer", 30000) > modparam("tm", "fr_inv_timer", 120000) > > # ----- rr params ----- > modparam("rr", "enable_full_lr", 1) > modparam("rr", "append_fromtag", 0) > > #!ifdef WITH_NAT > modparam("nathelper", "received_avp", "$avp(RECEIVED)") > modparam("nathelper", "nortpproxy_str", "a=sdpmangled:yes\r\n") > modparam("nathelper", "natping_interval", 30) > modparam("nathelper", "ping_nated_only", 1) > modparam("nathelper", "sipping_bflag", FLB_NATSIPPING) > modparam("nathelper", "sipping_from", "sip:pinger@proxy") > > # params needed for NAT traversal in other modules > modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)") > modparam("usrloc", "nat_bflag", FLB_NATB) > > modparam("rtpengine", "rtpengine_sock", "udp:127.0.0.1:2223") > modparam("rtpengine", "rtpengine_retr", 2) > modparam("rtpengine", "hash_table_size", 256) > modparam("rtpengine", "hash_table_tout", 600) > #!endif > > # ----- registrar params ----- > modparam("registrar", "method_filtering", 1) > modparam("registrar", "append_branches", 0) > modparam("registrar", "max_expires", 3600) > modparam("registrar", "gruu_enabled", 1) > > # ----- acc params ----- > modparam("acc", "early_media", 0) > modparam("acc", "report_ack", 0) > modparam("acc", "report_cancels", 0) > modparam("acc", "detect_direction", 0) > modparam("acc", "log_flag", FLT_ACC) > modparam("acc", "log_missed_flag", FLT_ACCMISSED) > modparam("acc", "log_extra", > > "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd;src_ip=$si") > modparam("acc", "failed_transaction_flag", FLT_ACCFAILED) > > # ----- dispatcher params ----- > modparam("dispatcher", "list_file", > "/etc/kamailio/plugins/dispatcher.list") > modparam("dispatcher", "xavp_dst", "_dsdst_") > modparam("dispatcher", "xavp_ctx", "_dsctx_") > modparam("dispatcher", "ds_ping_from", "sip:ping@proxy") > modparam("dispatcher", "ds_probing_mode", 1) > > modparam("path", "use_received", 1) > > > ####### Routing Logic ########### > # main request routing logic > > request_route { > > # per request initial checks > route(REQINIT); > > # NAT detection > route(NATDETECT); > > if(ds_is_from_list()) { > setflag(FLT_FS); > } > > # CANCEL processing > if (is_method("CANCEL")) { > rtpengine_delete(); > if (t_check_trans()) { > route(RELAY); > } > exit; > } > > # handle retransmissions > if (!is_method("ACK")) { > if(t_precheck_trans()) { > t_check_trans(); > exit; > } > t_check_trans(); > } > > # handle requests within SIP dialogs > route(WITHINDLG); > > if (isflagset(FLT_FS)) { > route(FROM_WORLD); > exit; > } > > ### only initial requests (no To tag) > > # record routing for dialog forming requests (in case they are routed) > # - remove preloaded route headers > remove_hf("Route"); > if (is_method("INVITE|SUBSCRIBE")) { > record_route(); > } > > # account only INVITEs > if (is_method("INVITE")) { > setflag(FLT_ACC); # do accounting > sl_send_reply("100","Trying"); > } > > # handle presence related requests > route(PRESENCE); > > # handle registrations > route(REGISTRAR); > > if ($rU==$null) { > # request with no Username in RURI > sl_send_reply("484","Address Incomplete"); > exit; > } > > # dispatch destinations > route(DISPATCH); > } > > route[FROM_WORLD] > { > record_route(); > route(RELAY); > exit; > } > > route[RELAY] { > if (!t_relay()) { > sl_reply_error(); > } > > if (!add_path()) { > sl_send_reply("503", "Internal Path Error"); > } > > if (is_method("INVITE|BYE|SUBSCRIBE|UPDATE")) { > if(!t_is_set("branch_route")) t_on_branch("MANAGE_BRANCH"); > } > if (is_method("INVITE|SUBSCRIBE|UPDATE")) { > if(!t_is_set("onreply_route")) t_on_reply("MANAGE_REPLY"); > } > if (is_method("INVITE")) { > if(!t_is_set("failure_route")) t_on_failure("MANAGE_FAILURE"); > } > > if (has_body("application/sdp")) { > rtpengine_manage(); > } > > append_hf("Supported: path\r\n"); > exit; > } > > # Per SIP request initial checks > route[REQINIT] { > > if (!mf_process_maxfwd_header("10")) { > sl_send_reply("483","Too Many Hops"); > exit; > } > > if(is_method("OPTIONS") && uri==myself && $rU==$null) { > sl_send_reply("200","Keepalive"); > exit; > } > > if(!sanity_check("1511", "7")) { > xlog("L_WARN","Malformed SIP message from $si:$sp\n"); > exit; > } > } > > # Handle requests within SIP dialogs > route[WITHINDLG] { > if (has_totag()) { > # sequential request withing a dialog should > # take the path determined by record-routing > if (loose_route()) { > if (is_method("BYE")) { > rtpengine_delete(); > setflag(FLT_ACC); # do accounting ... > setflag(FLT_ACCFAILED); # ... even if the transaction fails > } else if ( is_method("ACK") ) { > # ACK is forwarded statelessly > route(NATMANAGE); > } else if ( is_method("NOTIFY") ) { > # Add Record-Route for in-dialog NOTIFY as per RFC 6665. > record_route(); > } > route(RELAY); > # exit; > > } else { > > if (is_method("SUBSCRIBE") && uri == myself) { > # in-dialog subscribe requests > route(PRESENCE); > exit; > } > if ( is_method("ACK") ) { > if ( t_check_trans() ) { > # non loose-route, but stateful ACK; must be ACK > after a 487 or e.g. 404 from upstream server > t_relay(); > exit; > } else { > # ACK without matching transaction ... ignore and > discard. > exit; > } > } > sl_send_reply("404","Not here"); > } > exit; > } > } > > # Handle SIP registrations > route[REGISTRAR] { > > if(!is_method("REGISTER")) > return; > > if(isflagset(FLT_NATS)) { > setbflag(FLB_NATB); > } > > if (!add_path_received()) { > sl_send_reply("503", "Internal Path Error"); > }; > > route(DISPATCH); > } > > # Presence server route > route[PRESENCE] { > if(!is_method("PUBLISH|SUBSCRIBE")) > return; > > sl_send_reply("404", "Not found"); > exit; > } > > > # Dispatch requests > route[DISPATCH] { > # to add more servers in k8s > if (!ds_select_dst("1", "4")) { > send_reply(503, "Service Unavailable $fd"); > exit; > } > > t_on_failure("RTF_DISPATCH"); > route(RELAY); > exit; > } > > # Caller NAT detection > route[NATDETECT] { > #!ifdef WITH_NAT > if (nat_uac_test("3")) { > if (is_method("REGISTER")) { > xlog("L_WARN", "natdetect > fix_nated_register ip: $si\n"); > fix_nated_register(); > } else { > xlog("L_WARN", "natdetect set_contact_alias > ip: $si\n"); > fix_nated_contact(); > } > force_rport(); > } > if (has_body("application/sdp") && nat_uac_test("8")) { > xlog("L_WARN", "sdp fix ip: $si\n"); > fix_nated_sdp("10"); > } > #!endif > return; > } > > # RTPProxy control and signaling updates for NAT traversal > route[NATMANAGE] { > #!ifdef WITH_NAT > if (is_request()) { > if(has_totag()) { > if(check_route_param("nat=yes")) { > setbflag(FLB_NATB); > } > } > } > if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return; > > if(nat_uac_test("8")) { > xlog("L_WARN", "nat_uac_test 1..."); > rtpengine_manage("replace-origin > replace-session-connection direction=public ICE=force"); > } else { > xlog("L_WARN", "nat_uac_test addrtp..."); > rtpengine_manage("codec-strip-all codec-transcode-PCMA > codec-transcode-PCMU codec-transcode-G729 replace-origin > replace-session-connection direction=public ICE=force "); > } > > if (is_request()) { > if (!has_totag()) { > if(t_is_branch_route()) { > add_rr_param(";nat=yes"); > } > } > } > if (is_reply()) { > if(isbflagset(FLB_NATB)) { > if(is_first_hop()) > set_contact_alias(); > } > } > #!endif > return; > } > > # Manage outgoing branches > branch_route[MANAGE_BRANCH] { > xlog("L_WARN", "new branch [$T_branch_idx] to $ru\n"); > route(NATMANAGE); > } > > # Manage incoming replies > onreply_route[MANAGE_REPLY] { > xlog("L_WARN", "incoming reply\n"); > > if(status=~"[12][0-9][0-9]") { > route(NATMANAGE); > } > if (has_body("application/sdp")) { > rtpengine_manage(); > } > > } > > onreply_route[REPLY_ROUTE] { > if(status=~"2[0-9][0-9]") { > rtpengine_answer("replace-session-connection replace-origin"); > } > if (has_body("application/sdp")) { > rtpengine_offer(); > } > } > > # Manage failure routing cases > failure_route[MANAGE_FAILURE] { > xlog("L_WARN", "failure route\n"); > route(NATMANAGE); > if (t_is_canceled()) exit; > } > > # Try next destionations in failure route > failure_route[RTF_DISPATCH] { > if (t_is_canceled()) { > exit; > } > # next DST - only for 500 or local timeout > if (t_check_status("500") > or (t_branch_timeout() and !t_branch_replied())) { > if(ds_next_dst()) { > xlog("Retrying to <$ru> via <$du> (attrs: > $xavp(_dsdst_=>attrs))\n"); > t_on_failure("RTF_DISPATCH"); > route(RELAY); > exit; > } > } > } > > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > * [email protected] > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: > * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > -- Regards M Arqum
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions * [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
