<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/4.4.4">
</HEAD>
<BODY>
On Thu, 2012-12-06 at 16:06 +0100, Olle E. Johansson wrote:<BR>
<BR>
<BLOCKQUOTE TYPE=CITE>
<BLOCKQUOTE TYPE=CITE>
<BR>
</BLOCKQUOTE>
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
The flow token points to a flow saying that Kamailio should NOT parse the Contact URI and find a destination. It should find the proper connection.
</BLOCKQUOTE>
<BLOCKQUOTE TYPE=CITE>
<BR>
</BLOCKQUOTE>
In the specific case of a single server (no edge proxies) the flow token will indicate exactly what the source of the REGISTER was (assuming the example algorithm from section 5.2 of RFC 5626 is used) - which may have no connection because it could have arrived over UDP. Assuming that any binding within the NAT in-front of the client is still live this allows us to route back to client without any of the contact aliasing/received stuff. In actual fact, the information in the flow token should allow both $du to be correctly set and force_send_socket() to be called correctly.<BR>
<BR>
Example Algorithm: When the proxy boots, it selects a 20-octet<BR>
crypto random key called K that only the edge proxy knows. A byte<BR>
array, called S, is formed that contains the following information<BR>
about the flow the request was received on: an enumeration<BR>
indicating the protocol, the local IP address and port, the remote<BR>
IP address and port. The HMAC of S is computed using the key K<BR>
and the HMAC-SHA1-80 algorithm, as defined in [RFC2104]. The<BR>
concatenation of the HMAC and S are base64 encoded, as defined in<BR>
[RFC4648], and used as the flow identifier. When using IPv4<BR>
addresses, this will result in a 32-octet identifier.
<BR>
However, this strikes me as something that does need to be handled within C code when setting the destination because as sophisticated as Kamailio configuration can be, performing base64 decoding followed by HMAC-SHA1-80 followed by complex string parsing may be a bit too much <IMG SRC="cid:1354807413.10859.17.camel@pd-notebook-linux.croc.internal" ALIGN="middle" ALT=":-)" BORDER="0"><BR>
<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<PRE>
--
Peter Dunkley
Technical Director
Crocodile RCS Ltd
</PRE>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>