[SR-Users] outbound Edge Proxy
Giovanni Iamonte
iamonte at quintetto.it
Tue Dec 6 14:31:37 CET 2022
Dear List
In the last week I try to figure out how I can put in place a
configuration that use an edge proxy and a register by using kamailio
5.6, but i am facing some issues.
Scenario:
We are using on ubuntu 20.04, HAproxy and Kamailio 5.6.
We have configured a Kamailio register that, in the following case,
perfectly works.
______ __ __________
TLS | | TLS
| |
Client ------------------ > | NAT |-----------> | Kamalio |
in |_HAProxy | out in | Register |
|_________| | |
|________ _|
Now we want to put a kamailio edge proxy before the kamailio Register,
please take a look to the below picture
______
______ __ _________
___________
TLS | | TLS |
| TCP | |
Client ------------------ > | NAT |-----------> | Kamalio |
-------------> | Kamailio |
in |_HAProxy | out in | Edge | out
in | Register |
|_________| | Proxy
| | |
|_________| |___________|
HAproxy -> sip-test.example.com
Kamailio edge proxy -> 192.168.58.1
Kamailio Register -> 192.168.58.15
The kamailio Edge has been configured as indicated in the outbound
module example.
When a transaction such as REGISTER or SUBSCRIBE reach the "Kamailio
Register" the Record-Route and Via headers are correct and it works.
When the transaction such as MESSAGE or INVITE reach the "Kamailio
Register" it does not work and below you can see the message and the error.
Note that the Record-Route and Via headers are the same as the previous
message REGISTER and SUBSCRIBE.
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]: INFO: {1
40742 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} <script>:
SIPMessage-in-request =
192.168.58.1:53606-sip:s-user.02 at sip-dev.example.com-MESSAGE
sip:s-user.02 at sip-dev.example.com SIP/2.0
Record-Route: <sip:192.168.58.1:15006;transport=tcp;r2=on;lr>
Record-Route: <sip:sip-test.example.com:16005;transport=tls;r2=on;lr>
Via: SIP/2.0/TCP
192.168.58.1:15006;branch=z9hG4bKa257.add27f134dd83c78aef13ca7798f87ca.0;i=6
Via: SIP/2.0/TLS
192.168.58.1:39592;received=192.168.58.1;rport=39592;branch=z9hG4bKPjajkY.0NlW2AFuz3.BRaKH4EdvdmQTs9L;alias
Max-Forwards: 69
From:
<sip:s-user.03 at sip-dev.example.com>;tag=VnOekkKsq4tLhFAywXzbxLXxIesWscn3
To: <sip:s-user.02 at sip-dev.example.com>
Call-ID: YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET
CSeq: 40742 MESSAGE
Accept: text/plain, application/im-iscomposing+xml
Content-Type: text/plain
Content-Length: 59
################## MESSAGE ###################
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]: INFO: {1
40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} <script>:
SIPMessage-in-request =
192.168.58.1:53606-sip:s-user.02 at sip-dev.example.com-MESSAGE
sip:s-user.02 at sip-dev.example.com SIP/2.0
Record-Route: <sip:192.168.58.1:15006;transport=tcp;r2=on;lr>
Record-Route: <sip:sip-test.example.com:16005;transport=tls;r2=on;lr>
Via: SIP/2.0/TCP
192.168.58.1:15006;branch=z9hG4bKb257.83b972054df1675806975159ae1f1e43.0;i=6
Via: SIP/2.0/TLS
192.168.58.1:39592;received=192.168.58.1;rport=39592;branch=z9hG4bKPjfan-Tte.vtL8brkWb20wm.5b8iuVEtQV;alias
Max-Forwards: 69
From:
<sip:s-user.03 at sip-dev.example.com>;tag=VnOekkKsq4tLhFAywXzbxLXxIesWscn3
To: <sip:s-user.02 at sip-dev.example.com>
Call-ID: YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET
CSeq: 40743 MESSAGE
Accept: text/plain, application/im-iscomposing+xml
Proxy-Authorization: Digest username="s-user.03",
realm="sip-dev.example.com", nonce="Y48hMWOPIAW7JeSQ7/a+cuJ1gKwT8hrC",
uri="sip:s-user.02 at sip-dev.example.com",
response="3b7c34476443e5f1125fa460a4981180",
cnonce="3AT-ZMwyfpgaMwlulh5cq5vJHi75-wnz", qop=auth, nc=00000001
Content-Type: text/plain
Content-Length: 59
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]: WARNING:
{1 40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} <core>
[core/forward.c:228]: get_send_socket2(): protocol/port mismatch (forced
tcp:192.168.58.15:15006, to tls:192.168.58.1:60982)
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]: ERROR: {1
40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} tm [ut.h:315]:
uri2dst2(): no corresponding socket found for "192.168.58.1" af 2
(tls:192.168.58.1:60982)
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]: ERROR: {1
40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} tm [t_fwd.c:471]:
prepare_new_uac(): can't fwd to af 2, proto 3 (no corresponding
listening socket)
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]: ERROR: {1
40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} tm [t_fwd.c:1754]:
t_forward_nonack(): failure to add branches
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]: ERROR: {1
40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} sl [sl_funcs.c:372]:
sl_reply_error(): stateless error reply used: I'm terribly sorry, server
error occurred (7/SL)
based on what we have understood in the message headers "Via" and
Record-Route" there are the right information to reach back the proxy
Edge, but looking to the error message it seems that the kamailio
register try to reach back the proxy edge through the TLS instead of
using the TCP.
Could someone put me in the right direction.
Thanks
Regards
--
------------------------------------------------------------------------
Ing. Giovanni Iamonte
Developments and technologies area
Quintetto Srl
Via Monte Navale, 1
10015 - Ivrea (TO)
mobile: +39 393 9196310
tel: +39 0165 1845290
e-mail: giovanni.iamonte at quintetto.it
web: www.quintetto.it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20221206/9248a823/attachment.htm>
More information about the sr-users
mailing list