When relaying an INVITE
from a Kamailio proxy to an interconnect we are using DNS SRV records for load-balancing and failover. The proxy is listening on both a private interface and a public interface with an rfc1918 (ie. 10.0.0.14
) and a public IP address (ie. 185.0.0.34
) respectively.
The first branch (before DNS SRV failover) is working as expected. The message will be relayed from the received socket (185.0.0.34
) to the interconnect. When this branch results in a timeout, the proxy will try to do DNS SRV failover. This new branch and any subsequent branches will no longer use the initial received socket as source. In our case we see that the private address (10.0.0.14
) is now being used as source address.
DNS SRV:
_sip._udp.transit.net. SRV 10 10 5060 transit1.net.
_sip._udp.transit.net. SRV 20 10 5060 transit2.net.
transit1.net. A 185.10.20.30
transit2.net. A 185.10.20.31
Kamailio:
$du = "sip:transit.net;transport=udp";
xinfo("Relaying [$rm] request: [$ru] with Call-ID [$ci]");
t_set_fr(0, 1000);
if (not t_relay()) {
sl_reply_error();
}
Network flow:
12:30:00 INVITE udp:10.0.0.18:5060 => udp:185.0.0.34:5060 (internal request to proxy)
12:30:00 INVITE udp:185.0.0.34:5060 => udp:185.10.20.30:5060 (relaying from proxy to interconnect)
^^^^^^^^^^
(request times out after 1 second, proxy will do a failover to the next endpoint)
12:30:01 INVITE udp:10.0.0.14:5060 => udp:185.10.20.31:5060 (relaying to next interconnect address)
^^^^^^^^^
Attempt to see where it goes wrong:
onsend_route {
xinfo("[$RAut] [$Rut] [$sas]\n");
xinfo("$snd(buf)\n");
}
INFO: [sip:185.0.0.34:5060;transport=udp] [sip:185.0.0.34:5060;transport=udp] [udp:10.0.0.18:5060]
INFO: INVITE sip:+1234567890@transit.net;user=phone SIP/2.0#015#012Record-Route: <sip:185.0.0.34;lr;ftag=tDr7m6erX1N3D>#015#012Via: SIP/2.0/UDP 10.0.0.14;branch=z9hG4bKafe7.7fb590e263fa44677514193a6a1156ce.1#015#012Via: SIP/2.0/UDP 10.0.0.18;received=10.0.0.18;rport=5060;branch=z9hG4bK6t59a17N60FcB ...
So the Record-Route
seems to be correct, but the top most Via
header shows the private IP address. The message is being sent from the private IP address as well and never reaches the second address from the interconnect.
A workaround to add $fs = "udp:185.0.0.34:5060"
in the onsend_route
seems to be effective.
kamailio -v
version: kamailio 5.2.3 (x86_64/linux)
flags: STATS: Off, USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144 MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: unknown
compiled with gcc 7.4.0
Ubuntu 18.04 LTS
Linux proxy4 4.15.0-64-generic #73-Ubuntu SMP Thu Sep 12 13:16:13 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.