Hi all
(Using Kamailio + RTPEngine, both current stable versions)
Just wondering what current best practice is for dealing with “optional SRTP” such as those generated by Yealink devices. (I know this breaks the RFC but lots of things seem to use this method.) Where the device SDP message looks like;
m=audio 50004 RTP/AVP 8 97 101
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:uhJOWOXPuzMeBmrbx2wAKohuveAvZeMEJTzfE7GT
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:yF+EhR3RtxSDCGtLCnEAl3Zrdut4b8cfFQP+hFqf
An unencrypted RTP/AVP media line but with crypto lines showing that the device will support SRTP encryption but it is not mandatory.
The system of offer SRTP and try and catch on not supported/acceptable here fail feels a little clumsy and relies on how gracefully the device sends “not acceptable here”.
I’m wondering if I just short cut it and say that if a device offers a acceptable crypto line then Kamailio sends back a SAVP response.
Naturally this question is then closely followed by how to do optional SRTP invites originating from Kamailio without just directly manipulating lines?
Feels like there should be an RTPEngine setting for Optional? RTP/AVP+SAVP ?
Thoughts?
Mark
Hello Kamailio experts,
We have a Kamailio as outbound proxy in front of Asterisks PjSIP. There is
a strange behavior after 200 OK:
- ACK comes from Asterisk Public IP instead of coming from the internal IP
address.
- BYE can not be processed (404 not here)
SNGREP print attached.
Has anyone ever experienced this?
I can provide more information if needed, just let me know what info.
Thanks!
Diogo Hartmann
Hi all,
I am totally new with Kamailio but i have needs to build small cluster of
Asterisk. Right now I could succesfully register to asterisk via kamailio
and even make a call to hear tt-weasels but Asterisk cant close call
My infrastructure diagram is here
http://www.asciidraw.com/#Draw6816041626716434245/903175935
This is what probably I need is to know how to tell to Asterisk that send
BYE to private IP of Kamailio instead public IP of Kamailio, am I right ?
Hi,
I have a device here, which does some sort of strange things:
I have SIP Message, e.g. with a length of 1100 Bytes and the devices adds
"0" to the end to meet the MTU of the network (for a single TCP frame),
some sort of TCP padding. The following TCP Frame contains only the next
message. Looking at the trace in Wireshark, sngrep or similar, all of them
try to re-assemble the next message in the TCP stream, but however don't
decode them as SIP due to to first couple of zero's in the message.
Looking at Kamailio, it seems not to have any issues with this and
decodes/parses the message properly (they show up on Homer properly);
however it also forwards the message INCLUDING the first couple of zero's
even on UDP.
To make it complitely irritating, the phone itself would ignore such
packets, if we would forward them to the phone with starting zeros.
Has anyone seen anything like this and is it standards-compliant? Any
proper and easy way to get rid of the starting "zero's" from a message
before forwarding these messages? I could always "hack" something into
src/core/tcp_read.c, but I wonder if there is already a proper way?
Any ideas anyone?
Thanks,
Carsten
--
Carsten Bock I Managing Director
ng-voice GmbH
Millerntorplatz 1 I 20359 Hamburg I Germany
www.ng-voice.com
Mobile +49 (0)179-20 21 244 I Direct +49 (0)40-52 47 593-40 I Fax +49
(0)40-52 47 593-99
Sitz der Gesellschaft: Hamburg
Registergericht: Amtsgericht Hamburg, HRB 120189
Geschäftsführer: Carsten Bock, Dr. David Bachmann
Ust-ID: DE279344284
Hier finden Sie unsere handelsrechtlichen Pflichtangaben:
http://www.ng-voice.com/imprint/
Hello,
at couple of events I participated during the past few months, I was
asked about support of STIR/SHAKEN (caller identity
authentication/verification), which is a hot topic these days at least
in USA, aiming to combat "fraudulent" robo-calling. Therefore I thought
of share some details with everyone in the community about the state in
Kamailio, writing to both devs and users, the information being relevant
for everyone.
We already have the (related) module named auth_identity, available
since 2008 (iirc):
- https://www.kamailio.org/docs/modules/stable/modules/auth_identity.html
But it implements the previous iteration of the specs for caller
identity, respectively RFC 4474:
- https://tools.ietf.org/html/rfc4474
However, that RFC is obsoleted by 8224 (the latest core specs for
STIR/SHAKEN):
- https://tools.ietf.org/html/rfc8224
Then, there are also RFCs 8225 and 8226 to add to the core specs.
Should anyone be interested to implement STIR/SHAKEN specs in a modules,
I would suggest to start from auth_identity -- might not be much work to
update it to become conform with latest specs (a new module can be
created, of course, even when starting from auth_identity).
However, these specs are about signing the SIP request (the INVITE) with
special PKI certificate. It can be done easily with embedded scripts
such as Lua or Python (inline execution in native kamailio.cfg or using
kemi scripts). At Kamailio World 2019, one of the participants I
discussed with told me they already implemented using Lua.
That's it for a starting point, if anyone wants to discuss more, just
reply to sr-users and add your comments or ask the questions.
If someone wants to go ahead and work on a C module, announce yourself
to avoid duplicate work of others, and use sr-dev if you need assistance
on module development.
Cheers,
Daniel
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
1. Followed steps from Step # 3 to Step # 16 :
https://github.com/open5gs/nextepc/blob/master/docs/_docs/guide/04-setting-…
2. When I run last command >systemctl start kamailio_icscf kamailio_pcscf
kamailio_scscfthe
root@ubuntu18-04:/etc/init.d# *systemctl start kamailio_icscf
kamailio_pcscf kamailio_scscf*
Job for kamailio_pcscf.service failed because the control process exited
with error code.
See "systemctl status kamailio_pcscf.service" and "journalctl -xe" for
details.
3. All services start but not kamailio_pcscf:
root@ubuntu18-04:/etc/init.d# *systemctl status kamailio_pcscf.service*
● kamailio_pcscf.service - LSB: Start the Kamailio SIP proxy server
Loaded: loaded (/etc/init.d/kamailio_pcscf; generated)
Active: failed (Result: exit-code) since Mon 2019-08-19 09:05:30 UTC;
45min ago
Docs: man:systemd-sysv-generator(8)
Process: 52271 ExecStart=/etc/init.d/kamailio_pcscf start (code=exited,
status=1/FAILURE)
Aug 19 09:05:30 ubuntu18-04 kamailio_pcscf[52271]: 0(52294) INFO: pv
[pv_shv.c:60]: shvar_init_locks(): locks array size 16
Aug 19 09:05:30 ubuntu18-04 kamailio_pcscf[52271]: ERROR: bad config file
(1 errors)
Aug 19 09:05:30 ubuntu18-04 kamailio_pcscf[52271]: 0(52294) WARNING:
<core> [core/mem/q_malloc.c:480]: qm_free(): WARNING: free(0) called from
cdp_avp: cdp_avp_mod.c: cdp
Aug 19 09:05:30 ubuntu18-04 kamailio_pcscf[52271]: 0(52294) INFO: cdp
[cdp_mod.c:255]: cdp_exit(): CDiameterPeer child stopping ...
Aug 19 09:05:30 ubuntu18-04 kamailio_pcscf[52271]: 0(52294) INFO: cdp
[cdp_mod.c:257]: cdp_exit(): ... CDiameterPeer child stopped
Aug 19 09:05:30 ubuntu18-04 kamailio_pcscf[52271]: 0(52294) INFO: <core>
[core/sctp_core.c:53]: sctp_core_destroy(): SCTP API not initialized
Aug 19 09:05:30 ubuntu18-04 kamailio_pcscf[52271]: *
Aug 19 09:05:30 ubuntu18-04 systemd[1]: kamailio_pcscf.service: Control
process exited, code=exited status=1
Aug 19 09:05:30 ubuntu18-04 systemd[1]: kamailio_pcscf.service: Failed with
result 'exit-code'.
Aug 19 09:05:30 ubuntu18-04 systemd[1]: Failed to start LSB: Start the
Kamailio SIP proxy server.
lines 1-16/16 (END)
Please advise.
Thanks and Regards.
All,
I would like to use Kamailio as a frontend/proxy for an asterisk
machine/cluster. I'm very well versed in Asterisk, but VERY noob to
Kamailio.
I've watched so many Kamailio presentations and feel like I've scoured
the web for any article that could help me. There is alot out there, but
I'm not finding my exact situation.
I believe I understand the dispatcher stuff that I'll need down the
road, but I'm having issues understanding the setup of my SIP trunk and
Kamailio.
I used UAC to setup the trunk connection in Kamailio and it sort of
worked. I'm not sure what I do for Asterisk. I'd suspect that in this
situation Kamailio would handle the registration and trunk connection
for me.
What role is Kamailio to my Asterisk? Just an Outbound proxy? Do I need
to still register the trunk from each Asterisk box "thru" the Kamailio
proxy, etc?
Also, I'm merely accepting outside calls and then validating the caller
and bridging them back out to the PSTN, so I don't have any local SIP
clients, etc., so no need to register the sip devices, etc.
Thanks!
Travis
Hi all,
I had a Kamailio crash the other day, and some debugging showed I ran out of PKG memory.
Since then I’ve run a simple bash script to compile the amount of memory used by all child processes, effective /usr/local/sbin/kamcmd pkg.stats | grep real_used summed together. I’ve graphed out the data, and there’s a clear growth of PKG memory going on, mostly increasing during our busier daytime hours.
https://i.imgur.com/UTzx2k1.png
Based on this, I suspect either a module loaded or something within my app_ruby conf is leaking memory.
I’ve been reading through https://www.kamailio.org/wiki/tutorials/troubleshooting/memory <https://www.kamailio.org/wiki/tutorials/troubleshooting/memory>, but I’m a bit nervous, as I’m not really a C/deep memory type of guy. I can see a GDB script I can attach to Kamailio, but is that going to use significant resources to run or impact the running process? Is there a newer/better/alternative way to do this, and to help me break this down?
Thanks!
Andrew
