Description

Migrating from Kamailio 5.6.4 IMS to Kamailio 5.7.1 IMS; using Open5GS CN, Amarisoft CallBox eNB, and Huawei UE to implement VoLTE infrastructure for lab testing. VoLTE works in Kamailio 5.6.4 IMS with IPSEC and non-IPSEC UE's; but Kamailio 5.7.1 IMS not working yet with IPSEC UE.

Client and server port settings in P-CSCF kamailio.cfg:
...
modparam("ims_ipsec_pcscf", "ipsec_client_port", 5100)
modparam("ims_ipsec_pcscf", "ipsec_server_port", 6100)
...

Debug log shows ports are exchanged (server port used as client port and vice-versa):
...
Jul 18 12:15:30 corsa03 p-cscf[58287]: DEBUG: ims_ipsec_pcscf [cmd.c:460]: create_ipsec_tunnel(): Creating security associations: Local IP: 10.169.138.17 port_pc: 6100 port_ps: 5100; UE IP: 10.46.0.6; port_uc 31409 port_us 31894; spi_pc 4096, spi_ps 4097, spi_uc 48734730, spi_us 96335982, alg hmac-md5-96, ealg null
...

Troubleshooting

spi_add function definition and declaration differ:

From src/modules/ims_ipsec_pcscf/spi_list.h:
int spi_add(spi_list_t *list, uint32_t spi_cid, uint32_t spi_sid,
uint16_t cport, uint16_t sport);

But in spi_list.c:
int spi_add(spi_list_t *list, uint32_t spi_cid, uint32_t spi_sid,
uint16_t sport, uint16_t cport)

Reproduction

Debugging Data

(paste your debugging data here)

Log Messages

(paste your log messages here)

SIP Traffic

(paste your sip traffic here)

Possible Solutions

Applied following patch:

--- a/src/modules/ims_ipsec_pcscf/spi_list.c 2023-06-28 09:40:45.000000000 +0200
+++ b/src/modules/ims_ipsec_pcscf/spi_list.c 2023-07-18 16:12:11.166476076 +0200
@@ -51,7 +51,7 @@
}

int spi_add(spi_list_t *list, uint32_t spi_cid, uint32_t spi_sid,

•           uint16_t sport, uint16_t cport)
  

•           uint16_t cport, uint16_t sport)
  

{
if(!list) {
return 1;

Log now shows expected client and server port:
...
Jul 18 17:45:22 corsa03 p-cscf[82076]: DEBUG: ims_ipsec_pcscf [cmd.c:460]: create_ipsec_tunnel(): Creating security associations: Local IP: 10.169.138.17 port_pc: 5100 port_ps: 6100; UE IP: 10.46.0.6; port_uc 31411 port_us 31896; spi_pc 4096, spi_ps 4097, spi_uc 48734732, spi_us 96335984, alg hmac-md5-96, ealg null
...

Additional Information

• Kamailio Version - output of kamailio -v

version: kamailio 5.7.1 (x86_64/linux)
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP,    PKG_MALLOC, MEM_JOIN_FREE, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT,    USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: unknown
compiled on 16:22:26 Jul 18 2023 with x86_64-pc-linux-gnu-gcc 13.1.1

• Operating System:

Linux corsa03 6.4.2-gentoo-x86_64 #2 SMP PREEMPT_DYNAMIC Tue Jul 11 14:35:45 CEST 2023 x86_64 AMD EPYC 7513 32-Core Processor AuthenticAMD GNU/Linux

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <kamailio/kamailio/issues/3513@github.com>