sr-users September 2011

sr-users@lists.kamailio.org

69 participants
109 discussions

by Daniel-Constantin Mierla

Hello, the presentations from 10 Years SER Conference I received so far were uploaded at: * http://www.kamailio.org/events/2011-10yearsSER/ Expect the rest during the next days. The recording of the talk about Gemeinschaft 4 by Stefan Wintermeyer is available on youtube: * http://www.youtube.com/watch?v=mbGn5N_y4rw Cheers, Daniel -- Daniel-Constantin Mierla -- http://www.asipto.com Kamailio Advanced Training, Oct 10-13, Berlin: http://asipto.com/u/kat http://linkedin.com/in/miconda -- http://twitter.com/miconda

13 years, 2 months

Re: [SR-Users] Kamailio + rtpproxy talking to multiple carrier gateways - Solution

by Sarat C. Vemuri

I think I have this working. For anyone else trying to do similar thing (or placing Kamailio behind FW/NAT), here is my cookbook. We are trying to setup the following: [UAS] <------> (PubIP)[FireWall/One-to-OneNAT]<-------->(PrivIP)[Kamailio/RTPProxy](PrivIP)<---------->(PrivIP2)[UAC] UAC/UAS cannot reach each other directly. For simplicity I am running RTPProxy on same machines as Kamailio. But this can be changed. Versions/Patches/fixes you need if you are running 3.1.2 : (Trunk/3.2 has these): a. Fixed forward.c for mhome to work properly (included in 3.1.4). b. rr module from trunk to be able to use 2 strings for record_route_preset c. Patched rtpproxy module to actually use the forced ip supplied to force_rtp_proxy. Patch at the end of this message d. rtpproxy version 1.2.1 What to do: 1. Setup FW/NAT rules to map public IP to PrivateIP and allow communications to/from UAS 2. Setup RTPProxy in "bridged" mode (e.g -F -l 10.10.5.90/10.10.5.90 -s udp:10.10.5.90:9005) listening on PrivateIP. 3. Setup the config file to: a. Setup modparams to make the above rtpproxy available. Use set_rtp_proxy_set if you have more than one instance. b. Do the following where you are processing Outbound *initial* invite (i.e. check totag) (Call from UAC to UAS) set_advertised_address("YourPublicIP "); if(!has_totag()) { record_route_preset("YourPublicIP:5060;r2=on;nat=yes","YourPrivateIp:5060;r2=on;nat=yes"); } force_rtp_proxy("ocfaei"," YourPublicIP "); c. Do the following where you are processing Inbound invite (Call from UAS to UAC) if(!has_totag()) { record_route_preset("YourPrivateIP:5060;r2=on;nat=yes", "YourPublicIp:5060;r2=on;nat=yes"); } force_rtp_proxy("ocfaei"); d. Do the following where you are processing replies (180/183/2XX) For Inbound Calls force_rtp_proxy("ocfa","YourPublicIP"); For Outbound Calls force_rtp_proxy("ocfa"); e. Unforce RTPProxy on BYE or Failures. Do not use record_route in the above scenario. If you have it now, remove it or make sure it doesn't get called for this specific case. Explanation: In #b, you are fixing the Via headers to use public IP, setting Record-Route headers so that ACK/RE-INVITE can find way back and are force fixing SDP with public IP for outbound calls. In #c, You are doing same thing except no need to fix Via and the route set is reversed. No need to force fix SDP either since it is figured out automatically. In #d, You are force fixing the SDP to use the public IP for inbound or usual for outbound so that the audio stream from UAS can be relayed. The r2=on parameter is required (as well as enabling double rr, which is default) so that the proxy can deal with the route sets properly Hope the above helps others. SV. Rtpproxy Path 2226,2233c2226 < LM_DBG("Str2 is %s\n", str2); < if(str2) { < newip.s = str2; < LM_DBG("NewIp is %s\n", newip.s); < } < else { < newip.s = (argc < 2) ? str2 : argv[1]; < } --- > newip.s = (argc < 2) ? str2 : argv[1];

13 years, 2 months

Re: [SR-Users] Kamailio + rtpproxy talking to multiple carrier gateways

by Sarat C. Vemuri

Ovidiu, Thanks for your time. The "fixes" I pulled in is the latest rr module only. I didn't see anything in that diff to make this work. Could you elaborate a little? However, I was able to get "Outbound" working properly by adding ";r2=on" to the record_route_preset IPs. In going through the source code, I noticed that this is what regular record_route uses to enable double rr and it would automatically take both headers out if it sees that. That seems to have worked. Any pitfals with this? I am still working on "Inbound". For some reason my carrier GW keeps resending invites even after receiving ACK. I need to see if it is an issue with the carrier. Thanks SV. -----Original Message----- From: Ovidiu Sas [mailto:osas@voipembedded.com] Sent: Tuesday, September 06, 2011 9:50 AM To: SIP Router - Kamailio (OpenSER) and SIP Express Router (SER) - Users Mailing List Subject: Re: [SR-Users] Kamailio + rtpproxy talking to multiple carrier gateways It seems that something is miss configured on your server. The fixes that I made in the trunk (and you pulled in your local 3.1 repo) were designed to handle the scenario that you are trying to implement. The ACK should be handled properly and routed to the upstream carrier (following the same path as the initial INVITE). Regards, Ovidiu Sas On Mon, Sep 5, 2011 at 5:07 PM, Sarat C. Vemuri <sarat.vemuri(a)fthco.com> wrote: > Again, I apologize for this clumsy way of replying. > > Ovidiu, > > Thanks for the pointer on set_advertised_address. I had to patch rtpproxy module (and rr module for the two parameters to request_route_preset) since I am running 3.1. > > However, I still have a problem with ACKs after following what you suggested. > > INVITE from Internal to Carrier routes properly (two Request-Route headers, one internal IP and other public IP). On 200 OK, the carrier GW properly copies the route set in to Route header. Now the route contains two entries, the public IP and the private IP of Kamailio. The Internal UAC then sends the ACK back to Kamailio. Everything is fine till this point. Now, Kamailio removes the top entry, which is the private IP and then promptly sends the ACK to the public IP of itself!. Of course, that doesn't go anywhere. > > How do I remove the "public IP" entry from the route set before forwarding the reply to Internal UAC? Is there another way to deal with this? I've tried to set an alias= core parameter with the public IP, but doesn't seem to have any effect. The public IP is not reachable from internal network. > > Thanks for your help > > SV. > ------------------------------ > > Message: 3 > Date: Sat, 3 Sep 2011 16:44:22 -0700 > From: Ovidiu Sas <osas(a)voipembedded.com> > Subject: Re: [SR-Users] Kamailio + rtpproxy talking to multiple > carrier gateways - some via Firewall/NAT > To: "SIP Router - Kamailio (OpenSER) and SIP Express Router (SER) - > Users Mailing List" <sr-users(a)lists.sip-router.org> > Message-ID: > > <CAND0Lkt_dpcTm2WKMywMhX6rdsX1ia0r=LYrzB1WfX3oN32Wrg(a)mail.gmail.com> > Content-Type: text/plain; charset=windows-1252 > > It is feasable to what you want: kamailio behind NAT proxying traffic > from/to public internet to/from private network. > You will need to properly craft the INVITE and use proper record route headers. > Use set_advertised_address when needed: > http://kamailio.org/dokuwiki/doku.php/core-cookbook:3.1.x#set_advertis > ed_address Also, use record_route_preset (note that there are two > parameters): > http://kamailio.org/docs/modules/devel/modules_k/rr.html#id2547566 > > That should do it. You don't need any patches for rtpproxy. > Just use force_rtpp_proxy (and force the IP address): > http://kamailio.org/docs/modules/devel/modules/rtpproxy.html#id2546034 > > > Note: Make sure that you understand how in-dialog requests are routed > by a proxy in order to know how to properly handle the initial INVITE. > > > Regards, > Ovidiu Sas > > On Sat, Sep 3, 2011 at 2:53 PM, Sarat C. Vemuri <sarat.vemuri(a)fthco.com> wrote: >> We are trying to configure Kamailio ?(3.1.x) as a ?boarder proxy? >> where it acts as the front for various carrier gateways so that >> internal UACs and UASs are unaware of the carrier gateways. >> >> >> >> Let me try to present a clear picture of our setup. >> >> 1.?????? Kamailio has several NICs (physical or vlan).? Each on a >> different subnet. One subnet is internal/has routes for internal.? >> Other subnets are private connections to carriers or a ?route to public Internet. >> >> 2.?????? All of these subnets are non-routable from Internet. In >> addition , the carrier private connections are not routable internally. >> >> 3.?????? Connection to public internet is via a FW/NAT (one-to-one >> NAT), which maps to one of the interfaces. >> >> 4.?????? All internal? UAC/UAS connect on the internal subnet. >> >> 5.?????? We are using RTPProxy? (at least one instance per carrier) >> to relay media between internal and carrier subnets >> >> >> >> We are able to make this setup up work great except for one >> scenario.? One of the carriers is only reachable via public >> Internet.? Due to security requirements, our Kamailio cannot have a >> public IP address and must use FW/NAT. I guess this scenario is >> ??Proxy behind NAT? and not really encouraged. But I would like to >> see if there is a way to make this work.? We cannot use the >> ?advertised_address? since it changes the IP for every ?route?. >> >> >> >> We were able to get this mostly ?working by doing the following >> >> 1.?????? mhomed=1 >> >> 2.?????? Small patch in the rtpproxy module so that ?force_rtp_proxy >> actually uses the IP address passed (public IP). >> >> 3.?????? Using request_route_preset(?publicIP?) >> >> >> >> The above ?mostly? works.? By that I mean, the INVITE transaction is >> properly passed between internal UAS and carrier SBC and the call is setup. >> However, further transactions (BYE/re-INVITE) etc do not work >> properly. So, far-end hangups are not ?working etc. >> >> >> >> I?ve searched various archives of this and other SER lists looking to >> see if anyone was able to get this scenario working, but couldn?t >> find a definitive answer.? Most of them point to using ?advertised_address?. >> >> >> >> So, and ideas on how to make ?Proxy behind NAT? work without using >> advertised_address?? Am I wasting my time? >> >> >> >> Thanks in advance for any help you can offer. >> >> >> >> SV. >> >> >> >> _______________________________________________ >> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing >> list sr-users(a)lists.sip-router.org >> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users >> >> > > > > _______________________________________________ > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing > list sr-users(a)lists.sip-router.org > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users >

13 years, 2 months

permanent usrloc entries in Kamailio

by Klaus Darilion

Hi! Recently I had a problem with permanent usrloc entries when upgrading a server from SER 0.9 to Kamailio 3.1. Obviously the problem was that the permanent entries had "flag=128" and now expires=0 is used, see old thread: http://old.nabble.com/usrloc-permanent-records-and-strptime-td17668417.html The strange thing is, that even setting the expiry to 2099-0...... did not worked and Kamailio deleted the "expired" entries. Only setting it to "1970-01-01 01:00:00" worked. Any ideas what could been wrong? Further I wonder why Kamailio uses 01:00:00 for the permanent entry? The server is currently running in timezon CEST (UTC+2), thus IMO 02:00:00 would be more logical. Above thread also mentions problems with day-light-saving changes. Are there really problems? How do you solve those problems? I think the best workaround is to set system time always to UTC. Thanks Klaus

13 years, 2 months

Siremis User Role permissions

by Camila Troncoso

Hi, I have a question about the assignment of Role permissions to limit some Users privileges in Siremis. I defined a user , and then a Role denying some actions, but I couldn’t deny the action from de SER menu . The Role permissions only show the modules on Application Menu from Administration Tab . What if I want to deny access to some items inside SER Menu , like modifying the ACL services or /and Rounting services? Regards, *Camila Troncoso **|* Ingeniero de Desarrollo VoissNet S.A. *|*ctroncoso(a)redvoiss.net Santiago - Chile *|* +56 2 2408535 www.redvoiss.net

13 years, 2 months

Check disconnected users

by Anto

Hello I want to store in a file access and disconnections to the system. To access (registrar), I thought scheduling a perl script and executed with the perl module, the problem I find with disconnections. Since the user can be disconnected for various reasons, had planned to do a script that runs an SQL table location and according to the expires field, see if disconnection has occurred or not. Would have to run this script in cron every X minutes. Is there a simpler way to check this or have Kamailio some function for it?. Thank you. Best regards

13 years, 2 months

Re: [SR-Users] Kamailio + rtpproxy talking to multiple carrier gateways

by Sarat C. Vemuri

Again, I apologize for this clumsy way of replying. Ovidiu, Thanks for the pointer on set_advertised_address. I had to patch rtpproxy module (and rr module for the two parameters to request_route_preset) since I am running 3.1. However, I still have a problem with ACKs after following what you suggested. INVITE from Internal to Carrier routes properly (two Request-Route headers, one internal IP and other public IP). On 200 OK, the carrier GW properly copies the route set in to Route header. Now the route contains two entries, the public IP and the private IP of Kamailio. The Internal UAC then sends the ACK back to Kamailio. Everything is fine till this point. Now, Kamailio removes the top entry, which is the private IP and then promptly sends the ACK to the public IP of itself!. Of course, that doesn't go anywhere. How do I remove the "public IP" entry from the route set before forwarding the reply to Internal UAC? Is there another way to deal with this? I've tried to set an alias= core parameter with the public IP, but doesn't seem to have any effect. The public IP is not reachable from internal network. Thanks for your help SV. ------------------------------ Message: 3 Date: Sat, 3 Sep 2011 16:44:22 -0700 From: Ovidiu Sas <osas(a)voipembedded.com> Subject: Re: [SR-Users] Kamailio + rtpproxy talking to multiple carrier gateways - some via Firewall/NAT To: "SIP Router - Kamailio (OpenSER) and SIP Express Router (SER) - Users Mailing List" <sr-users(a)lists.sip-router.org> Message-ID: <CAND0Lkt_dpcTm2WKMywMhX6rdsX1ia0r=LYrzB1WfX3oN32Wrg(a)mail.gmail.com> Content-Type: text/plain; charset=windows-1252 It is feasable to what you want: kamailio behind NAT proxying traffic from/to public internet to/from private network. You will need to properly craft the INVITE and use proper record route headers. Use set_advertised_address when needed: http://kamailio.org/dokuwiki/doku.php/core-cookbook:3.1.x#set_advertised_ad… Also, use record_route_preset (note that there are two parameters): http://kamailio.org/docs/modules/devel/modules_k/rr.html#id2547566 That should do it. You don't need any patches for rtpproxy. Just use force_rtpp_proxy (and force the IP address): http://kamailio.org/docs/modules/devel/modules/rtpproxy.html#id2546034 Note: Make sure that you understand how in-dialog requests are routed by a proxy in order to know how to properly handle the initial INVITE. Regards, Ovidiu Sas On Sat, Sep 3, 2011 at 2:53 PM, Sarat C. Vemuri <sarat.vemuri(a)fthco.com> wrote: > We are trying to configure Kamailio ?(3.1.x) as a ?boarder proxy? where it > acts as the front for various carrier gateways so that internal UACs and > UASs are unaware of the carrier gateways. > > > > Let me try to present a clear picture of our setup. > > 1.?????? Kamailio has several NICs (physical or vlan).? Each on a different > subnet. One subnet is internal/has routes for internal.? Other subnets are > private connections to carriers or a ?route to public Internet. > > 2.?????? All of these subnets are non-routable from Internet. In addition , > the carrier private connections are not routable internally. > > 3.?????? Connection to public internet is via a FW/NAT (one-to-one NAT), > which maps to one of the interfaces. > > 4.?????? All internal? UAC/UAS connect on the internal subnet. > > 5.?????? We are using RTPProxy? (at least one instance per carrier) to relay > media between internal and carrier subnets > > > > We are able to make this setup up work great except for one scenario.? One > of the carriers is only reachable via public Internet.? Due to security > requirements, our Kamailio cannot have a public IP address and must use > FW/NAT. I guess this scenario is ??Proxy behind NAT? and not really > encouraged. But I would like to see if there is a way to make this work.? We > cannot use the ?advertised_address? since it changes the IP for every > ?route?. > > > > We were able to get this mostly ?working by doing the following > > 1.?????? mhomed=1 > > 2.?????? Small patch in the rtpproxy module so that ?force_rtp_proxy > actually uses the IP address passed (public IP). > > 3.?????? Using request_route_preset(?publicIP?) > > > > The above ?mostly? works.? By that I mean, the INVITE transaction is > properly passed between internal UAS and carrier SBC and the call is setup. > However, further transactions (BYE/re-INVITE) etc do not work properly. So, > far-end hangups are not ?working etc. > > > > I?ve searched various archives of this and other SER lists looking to see if > anyone was able to get this scenario working, but couldn?t find a definitive > answer.? Most of them point to using ?advertised_address?. > > > > So, and ideas on how to make ?Proxy behind NAT? work without using > advertised_address?? Am I wasting my time? > > > > Thanks in advance for any help you can offer. > > > > SV. > > > > _______________________________________________ > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list > sr-users(a)lists.sip-router.org > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users > >

13 years, 2 months

KAMAILIO RTP PROXY

by Phillman25 Kyriacou

Hi I want to use Kamailio to handle both signalling and media always. My scenario is the following PSTN==>KAMAILIO==>ASTERISK. I have a dialplan that points to ASTERISK when a call comes into Kamailio. Signalling is fine, however i cant seem to get the Media to work, i have installed the RTPPROXY as suggested by RTPPROXY module and have implemented it into the routing logic, however i have one way audio. The PSTN side cannot hear anything. I dont use the Kamailio for sip registrations or for users behind NAT. I just use a simple dialplan for forwarding SIP messages to our certain VOIP carriers, however some of our carriers request that we use both signalling and media from the same IP thats why i need to implement this scenario. Is this possible? Thanking you in advance for your help! Phillip

13 years, 2 months

db_mysql "Commands out of sync; you can't run this command now "

by MÉSZÁROS Mihály

Hi, I am using the git version of kamailio, and i am experiencing problem This message is repeated in log with all kind of mysql query (insert/delete/select) Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: db_mysql [km_dbase.c:124]: driver error on query: Commands out of sync; you can't run this command now Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: <core> [db_query.c:103]: error while submitting query Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: usrloc [udomain.c:570]: db_query failed Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: db_mysql [km_dbase.c:124]: driver error on query: Commands out of sync; you can't run this command now Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: <core> [db_query.c:186]: error while submitting query Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: usrloc [ucontact.c:513]: inserting contact in db failed Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: usrloc [urecord.c:474]: failed to insert in database Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: registrar [save.c:430]: failed to insert contact Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: db_mysql [km_dbase.c:124]: driver error on query: Commands out of sync; you can't run this command now Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: <core> [db_query.c:242]: error while submitting query Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: usrloc [urecord.c:426]: failed to delete from database Aug 27 22:04:05 hal /usr/sbin/kamailio[25681]: ERROR: usrloc [udomain.c:896]: DB delete failed I am using stable debian so db_mysql.so linked with libmysqlclient.so.16 I read mysql doc and it is saying about this error the following: "Commands out of sync; you can't run this command now" http://dev.mysql.com/doc/refman/5.0/en/commands-out-of-sync.html So this problem cause it that not freed the last result. Only one assumption: Could it related to this change: http://git.sip-router.org/cgi-bin/gitweb.cgi?p=sip-router;a=commitdiff;h=df… Any help appreciated. Regards, Misi

13 years, 2 months

Re: [SR-Users] Kamailio + rtpproxy talking to multiple carrier gateways

by Sarat C. Vemuri

Alex, Sorry about this clumsy way of replying, but I am stuck with Outlook 2010 and Exchange. You stated the problem correctly. Carrier GWs (UAS) and internal clients (UAC) cannot reach each other directly (TCP/UDP). They have to go through Kamailio and rtpproxy. I am goint to reply to Ovidiu as well with some more details. Thanks SV. ------------------------------ Message: 2 Date: Sat, 03 Sep 2011 19:12:38 -0400 From: Alex Balashov <abalashov(a)evaristesys.com> Subject: Re: [SR-Users] Kamailio + rtpproxy talking to multiple carrier gateways - some via Firewall/NAT To: sr-users(a)lists.sip-router.org Message-ID: <4E62B466.20808(a)evaristesys.com> Content-Type: text/plain; charset=windows-1252; format=flowed On 09/03/2011 05:53 PM, Sarat C. Vemuri wrote: > 3.Using request_route_preset(?publicIP?) > > The above ?mostly? works. By that I mean, the INVITE transaction is > properly passed between internal UAS and carrier SBC and the call is > setup. However, further transactions (BYE/re-INVITE) etc do not work > properly. So, far-end hangups are not working etc. So in other words, there is no interface to which Kamailio could be bound on a network that both the UAC and the UAS have direct network and transport-layer reachability to? If I understand correctly, it sounds like the fundamental problem here is that the Record-Route URI introduced by the proxy in handling the initial INVITE request has to be conserved in all subsequent requests and replies. It is a requirement to use the same route set in sequential (in-dialog) requests such as reinvites or BYEs. It is also mandatory for the UAS to copy the received Record-Route into the final reply (i.e. 200 OK). The problem is that you then have to choose the network address in the Record-Route. If either the UAC or the UAS cannot directly reach it, your problem arises. Is this an accurate statement of the problem? I wanted to verify before continuing. -- Alex Balashov - Principal Evariste Systems LLC 260 Peachtree Street NW Suite 2200 Atlanta, GA 30303 Tel: +1-678-954-0670 Fax: +1-404-961-1892 Web: http://www.evaristesys.com/

13 years, 2 months

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users September 2011