sr-users December 2019

sr-users@lists.kamailio.org

63 participants
82 discussions

Problem with max tcp connections
by Jose Fco. Irles Durá 06 Apr '20

06 Apr '20

Hi I have a kamailio 5.1.2 as load balancer and registration offloading, but I have a problem with the max tcp connections that it can handle. I suspect that is a linux limit, but I don't find the reason or config. When that limit arrives, I can't connect to kamailio and I receive "Connection reset by peer", but I can't view any error message in the logs. If I check the connections in kamailio, I view that it have "free" connections: # kamctl kamcmd core.tcp_info { readers: 8 max_connections: 4096 max_tls_connections: 2048 opened_connections: 2655 opened_tls_connections: 0 write_queued_bytes: 0 } I have this configs in kamailio.conf (related to tcp) disable_tcp=no tcp_connection_lifetime=3610 tcp_connect_timeout=5 tcp_crlf_ping=yes tcp_accept_aliases=no tcp_keepalive=yes tcp_keepidle=5 tcp_rd_buf_size=65536 tcp_conn_wq_max=131072 mlock_pages=yes shm_force_alloc=yes tcp_max_connections=4096 The shm memory to 256 and the pkg memory to 32. And, following this doc: https://github.com/kamailio/kamailio/blob/master/doc/tutorials/tcp_tunning.… I have setted this values: net.ipv4.ip_local_port_range = 1024 65535 net.core.somaxconn = 65535 net.core.netdev_max_backlog = 182757 Also, I had checked the limits for the main process pid: Limit Soft Limit Hard Limit Units Max cpu time unlimited unlimited seconds Max file size unlimited unlimited bytes Max data size unlimited unlimited bytes Max stack size 8388608 unlimited bytes Max core file size unlimited unlimited bytes Max resident set unlimited unlimited bytes Max processes unlimited unlimited processes Max open files 1048576 1048576 files Max locked memory 16777216 16777216 bytes Max address space unlimited unlimited bytes Max file locks unlimited unlimited locks Max pending signals 386297 386297 signals Max msgqueue size 819200 819200 bytes Max nice priority 0 0 Max realtime priority 0 0 Max realtime timeout unlimited unlimited us The service is running inside a lxc container, without any resource limit, connected to the outside word throught macvlan interface. Where can I find problem source? Best regards

4 13

need help with RTPProxy in bridged mode
by Grant Bagdasarian 04 Apr '20

04 Apr '20

Hello, I'm using RTPproxy for the first time in bridged mode and I can't get kamailio/rtpproxy to rewrite the c parameter to the correct public ip address of kamailio. The setup is as following: Carrier ------[fiber]------ Kamailio ---------[lan]--------- Freeswitch Kamailio is listening on two interfaces: 1) Private: 172.0.0.1 2) Public: 192.168.0.1 (since we have a dedicated fiber with our carrier, this is its public address) Freeswitch is listening on: 1) 172.0.0.2 Carrier is on: 1) 10.0.0.1 I've started an rtpproxy instance on the Kamailio box using: rtpproxy -s udp:127.0.0.1:7721 -u rtpproxy rtpproxy -p /var/run/rtpproxy/rtpproxy.pid -l 192.168.0.1 172.0.0.1 I've played around with rtpproxy_manage() and the various flags (ie, ei), but I can't get kamailio to set the correct public IP when the 200 OK has to be sent back to the carrier. It always sets it to its private address, instead of its public address. I'm using Kamailio 4.2 with sippy/rtpproxy 2.0. Could someone please point me into the right direction? Thanks! Grant

4 8

Kamailio OPTIONS Round-Trip
by Soltanici Ilie 27 Mar '20

27 Mar '20

Hi, With Asterisk, we are able to get some peer round-trip connection statistic by setting qualify=yes for the specified peer. It sends periodic OPTIONS to the peer and calculates the time round trip time. It's something like - "Status: OK (30 ms)". Is there any way to achieve this in Kamailio by using nathelper module, or any other? Thank you.

9 13

Re: [SR-Users] dlg.end_dlg on RTP timeout
by Miteshkumar Thakkar 28 Feb '20

28 Feb '20

This is really helpful development. I am facing one issue, when I use this. RTPEngine is sending two "dlg.terminate_dlg" events for single call to kamailio with same call-id but reversed to-tag and from-tag in second event. I believe this is due to two separate RTP streams. Problem here is that - in first event kamailio terminates the call, hence when second event comes, kamailio says - call-id not found and send response back to RTPEngine. But still RTPEngine keeps sending that event message for three more times. Kamailio has to respond to it with call-id not found. Which is overhead. Not recommended for production environment. How can I avoid this? Any help is appreciated. Thank you Mitesh That's great, thank you! Cheers, Daniel On 06.09.18 11:15, Richard Fuchs wrote: >* This is now supported as per * >* https://github.com/sipwise/rtpengine/commit/89084da8d820919b44a0244e16e6701… <https://github.com/sipwise/rtpengine/commit/89084da8d820919b44a0244e16e6701…> * > >* Cheers * > >* On 2018-09-05 05:39, Daniel-Constantin Mierla wrote: * >> >>* There is the dlg.terminate_dlg rpc command that requires callid, * >>* from-tag and to-tag as parameters: * >> >>* * * >>* https://kamailio.org/docs/modules/5.1.x/modules/dialog.html#dlg.r.terminate… <https://kamailio.org/docs/modules/5.1.x/modules/dialog.html#dlg.r.terminate…> * >> >>* So it expects something like: * >> >>* <?xml version="1.0" encoding="UTF-8"?> * >>* <methodCall> * >>* <methodName>dlg.terminate_dlg</methodName> * >>* <params> * >>* <param><value><string>_CALLID_VALUE__</string></value></param> * >>* <param><value><string>_FROM_TAG_VALUE__</string></value></param> * >>* <param><value><string>_TO_TAG_VALUE__</string></value></param> * >>* </params> * >>* </methodCall> * >> >>* I planned to make the from-tag and to-tag optional for quite some * >>* time, but didn't get the time for it yet. * >> >>* Cheers, * >>* Daniel * >> >>* On 05.09.18 08:52, Richard Fuchs wrote: * >>>* Yup that's exactly right. * >>> >>>* It would be fairly simple to implement an additional XMLRPC format * >>>* if there's a particular one that's more friendly towards Kamailio. * >>> >>>* Cheers * >>> >>>* On 2018-09-05 02:42, Daniel-Constantin Mierla wrote: * >>>> >>>>* Looking quickly at the readme of rtpengine application and digging * >>>>* a bit with google, it is something like rtpengine has to be started * >>>>* with * >>>> >>>>* -b http(s)://myrpcserver.ip/path -x 1 * >>>> >>>>* and then the xmlrpc request is going to be sent to that url, having * >>>>* a format like: * >>>> >>>>* <?xml version="1.0" encoding="UTF-8"?> * >>>>* <methodCall> * >>>>* <methodName>teardown</methodName> * >>>>* <params> * >>>>* <param><value><string>_CALLID_VALUE__</string></value></param> * >>>>* </params> * >>>>* </methodCall> * >>>> >>>>* Is it right? If yes, then I can try to make a sample config that * >>>>* could handle it using xmlops, xhttp and jsonrpcs modules. * >>>> >>>>* Cheers, * >>>>* Daniel * >>>> >>>> >>>>* On 05.09.18 08:24, Richard Fuchs wrote: * >>>>>* It does an XMLRPC callback. Currently there's two formats for it, * >>>>>* one is a sems sbc teardown request (using the from-tag), the other * >>>>>* is a generic "teardown" command using the call ID. * >>>>> >>>>>* Cheers * >>>>> >>>>>* On 2018-09-04 07:52, Daniel-Constantin Mierla wrote: * >>>>>> >>>>>>* Hello, * >>>>>> >>>>>>* what do you get from rtpengine on rtp timeout? An RPC call back * >>>>>>* or an http request? * >>>>>> >>>>>>* Cheers, * >>>>>>* Daniel * >>>>>> >>>>>> >>>>>>* On 04.09.18 12:48, Igor Olhovskiy wrote: * >>>>>>>* Hi all! * >>>>>>> >>>>>>>* Is there any way to end dialog in Kamailio on RTP Timeout event * >>>>>>>* on RTPEngine? * >>>>>>> >>>>>>>* Or only look at logs/redis database with external tool? * >>>>>>> >>>>>>>* Regards, Igor * >>>>>>> >>>>>>> >>>>>>>* _______________________________________________ * >>>>>>>* Kamailio (SER) - Users Mailing List * >>>>>>>* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>>>>* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>>> >>>>>>* -- * >>>>>>* Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> * >>>>>>* www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> * >>>>>>* Kamailio World Conference -- www.kamailioworld.com <http://www.kamailioworld.com> * >>>>>>* Kamailio Advanced Training, Nov 12-14, 2018, in Berlin -- www.asipto.com <http://www.asipto.com> * >>>>>> >>>>>> >>>>>>* _______________________________________________ * >>>>>>* Kamailio (SER) - Users Mailing List * >>>>>>* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>>>* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>> >>>>> >>>>>* _______________________________________________ * >>>>>* Kamailio (SER) - Users Mailing List * >>>>>* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>>>* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>> >>>>* -- * >>>>* Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> * >>>>* www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> * >>>>* Kamailio World Conference -- www.kamailioworld.com <http://www.kamailioworld.com> * >>>>* Kamailio Advanced Training, Nov 12-14, 2018, in Berlin -- www.asipto.com <http://www.asipto.com> * >>> >>> >>>* _______________________________________________ * >>>* Kamailio (SER) - Users Mailing List * >>>* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >>>* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >> >>* -- * >>* Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> * >>* www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> * >>* Kamailio World Conference -- www.kamailioworld.com <http://www.kamailioworld.com> * >>* Kamailio Advanced Training, Nov 12-14, 2018, in Berlin -- www.asipto.com <http://www.asipto.com> * > > >* _______________________________________________ * >* Kamailio (SER) - Users Mailing List * >* sr-users at lists.kamailio.org <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * >* https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users> * -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference -- www.kamailioworld.com Kamailio Advanced Training, Nov 12-14, 2018, in Berlin -- www.asipto.com

2 11

CSeq values in dialog OPTIONS keepalives
by Alex Balashov 24 Jan '20

24 Jan '20

Hi, I'd like to reopen an old thread of discussion: Using Kamailio 4.4.x latest, when I enable dialog OPTIONS keepalives on both sides of a call - ka-dst and ka-src dialog params, that is - I get OPTIONS pings sent to one side with a CSeq value like this: CSeq: 0 OPTIONS and the other side: CSeq: (CSeq of e2e ACK - 1) OPTIONS The 0 CSeq is acceptable to most UAs--at least, among the small number I've tested--and they answer 200 OK, but the second one results in a '500 Server Internal Error'. I have read the prior literature on this: https://lists.kamailio.org/pipermail/sr-users/2012-May/073069.html https://lists.kamailio.org/pipermail/sr-users/2018-April/101096.html and I (mostly) understand the rationale of keeping this mechanism stateless. I tried turning on `track_cseq_updates` to see if it might change the behaviour, but it does not. Anyway, a mechanism that deliberately elicits 500 responses from the endpoint is going to raise some eyebrows and just looks a bit unprofessional. I'm wondering if there is a better way to go. My questions are: 1. While I understand the reasoning here: "it would results de-synchronization of the CSeq values hold in phones themselves (e.g., a BYE created by caller/callee after a keep alive will be with lower cseq than the other side would expect and accept)." Would it be such a problem to use a CSeq value that is (last highest known CSeq observed) + ($RANDOM % LARGE_VALUE)? 2. In the case that `ka-dst` and `ka-src` are both enabled, why is there an inconsistency in the behaviour with respect to the upstream and downstream side (CSeq value of 0 vs. CSeq value of <= CSeq(ACK))? 3. At the risk of inviting some baroque state-keeping that is runtime-dependent, could there be an implementation where the CSeq of genuine in-dialog requests from the UA is modified in-flight by Kamailio, taking advantage of its being in the middle of in-dialog requests, to the appropriate next highest value? I ask this because, if I understood the limited documentation for `track_cseq_updates` correctly, https://kamailio.org/docs/modules/5.3.x/modules/dialog.html#dialog.p.track_… "Enable the callbacks for tracking if CSeq number needs to be updated. It is the case when the INVITE has to be authenticated to downstream provider using uac_auth() from uac module. This is done only for requests in downstream direction. The CSeq difference is stored in $dlg_var(cseq_diff), be sure this variable is not overwritten via config operation." it seems like the door to this method might already be open? Thanks, -- Alex -- Alex Balashov | Principal | Evariste Systems LLC Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/

2 6

Kamailio stop to process incoming SIP traffic via TCP.
by Kristijan Vrban 16 Jan '20

16 Jan '20

Hi kamailios, i have a creepy situation with v5.2.1 stable Kamilio. After a day or so, Kamailio stop to process incoming SIP traffic via TCP. The incoming TCP network packages get TCP-ACK from the OS (Debian 9, 4.18.0-15-generic-Linux) but Kamailio does not show any processing for the SIP-Traffic incoming via TCP. No logs, nothing. While traffic via UDP is working just totally fine. When i look via command "netstat -ntp" is see, that the Recv-Q get bigger and bigger. e.g.: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 4566 0 172.17.217.12:5060 xxx.xxx.xxx.xxx:57252 ESTABLISHED 31347/kamailio After Kamailio restart, all is working fine again for a day. We have maybe 10-20 devices online via TCP and low call volume (1-2 call per minute). The only settings for tcp we have is "tcp_delayed_ack=no" How to could we debug this situation? Again, no error, no warings in the log. Just nothing. Kristijan

11 46

possible TCP deadlock (tls again?) // pike module not releasing IPs
by Aymeric Moizard 08 Jan '20

08 Jan '20

Hi List, History: * In the past, I had deadlock which was, most probably, related to ssl1.1. We have discussed this issue, and a fix is supposed to workaround the issue that was detected. * With latest 5.2.X, I have experienced ONCE a similar behavior with TCP and TLS being mostly stuck. I have not been using this version much, but the fix was supposed to be in the core of kamailio. The status of the server this night: * I'm today running version: kamailio 5.3.1 (x86_64/linux), * Installed on stretch using http://deb.kamailio.org/kamailio53 repository. * This versions use libssl1.1 * A user reported that he can't connect with TCP * An average of 5000 IPs per 10 minutes are being banned by the pike module (could be twice the same) Yesterday/Today: * at the end of the outage, I had 2479 IP in my ipban htable. (which is equivalent to my statistics showing 2 bans/IP every 10 minutes = 5000) * looking at my logs, it appears that most (ALL?) ip being banned... are my regular users. * looking at my logs, I can't understand why pike would block them. This is a graph for statistics on my service for the last 24 hours: https://www.antisip.com/sip-antisip-com-register/status2.html Yesterday, at 22:18:39, kamailio started to BAN some IPs. 52 IPs were banned in a period of 10 minutes. I can confirm this from my logs. My pike configuration is this one: modparam("pike", "sampling_time_unit", 2) modparam("pike", "reqs_density_per_unit", 64) modparam("pike", "remove_latency", 4) When detecting the issue, this morning, I typed: $> sudo kamctl stats $> sudo kamcmd htable.dump ipban //FAILURE (answer too large...) $> sudo kamctl trap Then, I started an agent with TCP and it worked...??? Then, a few seconds, may be a minute after: $> sudo kamcmd htable.dump ipban //SUCCESS and shows 2479 banned ip. and... everything is back to normal in a few minutes. I haven't restarted kamailio, and all statistics are as expected, as usual. Thus, it looks that " sudo kamctl trap" has triggered something. I already experienced a similar behavior -when testing my ssl1.1 deadlock last year-. 2 questions: 1/ I beleive my "pike" configuration should not ban users. Is my pike configuration wrong? As an example, pike has banned an IP sending one message/second. I believe my configuration should accept that? 2/ Could there still be a TLS issue with libssl1.1? This is the result of the "kamctl trap": https://sip.antisip.com/kamailio-pike-or-tls-issue-13-12-2019.kamctl-trap Sorry for the long story & hoping to find a long term solution or at least a workaround! Regards Aymeric -- Antisip - http://www.antisip.com

3 11

WebRTC ACK Protocol
by Ilie Soltanici 08 Jan '20

08 Jan '20

Hello, I am trying to set up a WebRTC2SIP Gateway by using Kamailio and rtpengine. So far, everything is working fine, I'm able to register an extension and make a call, but for some reason, when i'm trying to call a WebRTC extension from any SIP Extension Kamailio is sending INVITE, WebRTC extension is sending back 200 OK, and then Kamailio is trying to send an ACK through UDP protocol, and not through wss, as it's supposed to do. This is how invite is looking: INVITE sip:nl7oe4ss@vjbh7r4im6j7.invalid;transport=wss SIP/2.0 Record-Route: <sip:my-company.net ;transport=udp;ftag=as1789445c;lr=on;nat=yes> Via: SIP/2.0/WSS 123.123.123.123:10443 ;branch=z9hG4bKe655.29d7c135a302f3eb803902d4f5a8da7e.0 Via: SIP/2.0/UDP 192.168.50.237:5060 ;received=192.168.50.237;branch=z9hG4bK7d2e534e;rport=5060 Max-Forwards: 70 From: "WebRTC" <sip:11@my-company.net>;tag=as1789445c To: <sip:15@192.168.50.210:5060> Contact: <sip:11@192.168.50.237:5060> Call-ID: 7fc800de060197fa2315c93763873092(a)my-company.net CSeq: 102 INVITE User-Agent: Proxy Date: Wed, 03 Apr 2019 17:11:41 GMT Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE Supported: replaces, timer Alert-Info: Content-Type: application/sdp Content-Length: 596 Server: SIP Proxy and then WebRTC app is replying with 200 OK: SIP/2.0 200 OK Record-Route: <sip:my-company.net ;transport=udp;ftag=as1789445c;lr=on;nat=yes> Via: SIP/2.0/WSS 123.123.123.123:10443 ;branch=z9hG4bKe655.29d7c135a302f3eb803902d4f5a8da7e.0 Via: SIP/2.0/UDP 192.168.50.237:5060 ;received=192.168.50.237;branch=z9hG4bK7d2e534e;rport=5060 To: <sip:15@192.168.50.210:5060>;tag=dk4fa8ftt6 From: "WebRTC" <sip:11@my-company.net>;tag=as1789445c Call-ID: 7fc800de060197fa2315c93763873092(a)my-company.net CSeq: 102 INVITE Contact: <sip:nl7oe4ss@vjbh7r4im6j7.invalid;transport=wss> Allow: ACK,CANCEL,INVITE,MESSAGE,BYE,OPTIONS,INFO,NOTIFY,REFER Supported: outbound User-Agent: Proxy-WEBRTC Content-Type: application/sdp Content-Length: 901 and finally, Kamailio is trying to send this ack through UDP protocol: ACK sip:nl7oe4ss@22.22.22.22:57421;transport=wss SIP/2.0 Via: SIP/2.0/UDP 192.168.50.237:5060;branch=z9hG4bK56363ddf;rport Route: <sip:my-company.net;transport=udp;ftag=as1789445c;lr=on;nat=yes> Max-Forwards: 70 From: "WebRTC" <sip:11@my-company.net>;tag=as1789445c To: <sip:15@192.168.50.210:5060>;tag=dk4fa8ftt6 Contact: <sip:11@192.168.50.237:5060> Call-ID: 7fc800de060197fa2315c93763873092(a)my-company.net CSeq: 102 ACK User-Agent: Proxy Content-Length: 0 If i'm trying to force it through TLS, i'm receiving error: get_send_socket2(): protocol/port mismatch (forced tls:123.123.123.123:10443, to udp:22.22.22.22:23317) Can someone point me in the right direction, please? Thank you.

3 4

Kamailio when acting as client doesnt send SNI in client hello handshake message
by mahesh b 07 Jan '20

07 Jan '20

Hi, Am using Kamailio 5.1.9 version My Setup : client1 -> kamailio server 1 ( IP : 10.211.160.172) ----> kamailio server 2( IP : 10.211.160.176) -> client2 I have a scenario where kamailio server 1 has to initiate an outgoing tls connection to kamailio server 2, i have set the server_name and server_id in the client profile in tls.cfg like below on kamailio server 1 [client:default] verify_certificate = no require_certificate = no server_name = mahesh.client.com [client:10.211.160.172:5061] method = TLSv1+ verify_certificate = yes require_certificate = yes private_key = /root/mahesh_openssl/profile2/btip_172_server_private.key certificate = /root/mahesh_openssl/profile2/btip_172_server_public.crt ca_list = /root/mahesh_openssl/profile2/btip_ca_public.crt cipher_list = RSA verify_depth = 9 server_name = btip.176.com server_id = btip.176.com And in sar.cfg $xavp(tls=>server_name)="btip.176.com"; $xavp(tls=>server_id)="btip.176.com"; $du = "sip:10.211.160.176:5061;transport=tls"; .... t_relay(); What i observe is that , when client hello is sent by 10.211.160.172 to 10.211.160.176, i dont see Extension server_name being sent. Am i missing anything. Please help !

4 7

Siremis & freeswitch
by John Tuxies 07 Jan '20

07 Jan '20

I have a Debian server running Kamailio and i have all my users regiatering and talking to each other. I do create/remove users from Siremis. I have followed the guide from here: https://www.powerpbx.org/content/kamailio-v5-siremis-v5-debian-v9-mariadb-a… I would like to add freeswitch to the same server and add conference, voicemail, supplementary services for my users. I have given it a try to install freeswitch and tried to configure it accordingly to https://kb.asipto.com/freeswitch:kamailio-3.1.x-freeswitch-1.0.6d-sbc But.now the Siremis gui shows a lot of errors and i cannot login any more. Since it is a Virtual machine i reverted it back and it works without freeswitch. How could i integrate freeswitch to my system please?

4 11

← Newer
1
2
3
4
5
6
7
8
9
Older →

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users December 2019