Hello sr-users,
We have Kamailio (behind NAT) configured acting as a proxy in front of some FreeSWITCH servers.
There appears to be something amiss with my inbound (dispatcher) configuration which leads to misaddressing / misdelivery of the ACK after 200 OK (outbound calls appear to be proxied correctly [1]).
Calls from the sip provider incoming to Kamailio are distributed by the dispatcher module to the FS server (For testing in this simplified scenario FS and Kamailio are on the same machine):
SIP provider (5060) sends an invite to Kamailio(5061), Kamailio uses the dispatcher module to select a backend server and forwards the INVITE to FS(5070) (see inbound-callflow.png; kamailio.ext and kamailio.int are the same machine, just public/private addresses).
I notice that at no point is a Via/record-route header for the FS server inserted into the forwarded session. I'm not actually certain this is a requirement, but I can't think of another obvious way that Kamailio could proxy the same session to the same FS server.
The 100 Trying seems unremarkable [2], I suspect the 200 OK [3] is problematic. It has been proxied from the FS server, however contains no reference to the FS server address either in the via headers nor record-route (kamailio.int:5070). The incoming ACK [4] then appears to be misdelivered / lost - Kamailio receives it on the private address and forwards it to the public address rather than the FS server.
My configuration [5] is built based on the default configuration + examples from the dispatcher module. There are some provisions for FreeSWITCH internal/external profiles made so the configuration listens on 2 different ports. This particular scenario should only use the 5061 port as it involves calls to an external sip provider (briefly 5060 should be proxied to FS:5080 and 5061 should be proxied to FS:5070 and vice-versa).
If someone can see an issue with the configuration and/or point to an error in the call flow (i.e. should FS be inserting the Via header?) that would be greatly appreciated.
Thanks,
-nick
[1] Outbound call flow (see also outbound-callflow.png) FS(port 5070) sends an invite to Kamailio(5061) (Kamailio is configured in FS as an outbound proxy), INVITE contains Via header for the FS server, Kamailio forwards to sip provider, and routes all messages back and forth correctly.
[2] 100 Trying SIP/2.0 100 trying -- your call is important to us Via: SIP/2.0/UDP sip.provider.com:5060;branch=z9hG4bKfffb.7c81ee53.0;rport=5060 Via: SIP/2.0/UDP far.external.ip;received=far.external.ip;rport=5060;branch=z9hG4bK4Qg7Ng27BvHrK From: "Nicholas Gill" sip:0384171966@far.external.ip;tag=j3KQmpvmg6mvr To: sip:0390156842@sip.provider.com Call-ID: aa7174e7-d028-1232-4b95-001cc0dd11e9 CSeq: 66413636 INVITE Server: kamailio (4.1.6 (x86_64/linux)) Content-Length: 0
[3] Proxied 200 OK (Kamailio -> Sip Provider) SIP/2.0 200 OK Via: SIP/2.0/UDP sip.provider.com:5060;rport=5060;branch=z9hG4bKfffb.7c81ee53.0 Via: SIP/2.0/UDP far.external.ip;received=far.external.ip;rport=5060;branch=z9hG4bK4Qg7Ng27BvHrK Record-Route: sip:kamailio.ext:5061;lr=on Record-Route: sip:sip.provider.com;lr;ftag=j3KQmpvmg6mvr;did=0ec.84ff82b1 From: "Nicholas Gill" sip:0384171966@far.external.ip;tag=j3KQmpvmg6mvr To: sip:0390156842@sip.provider.com;tag=BFvQmggHrg74m Call-ID: aa7174e7-d028-1232-4b95-001cc0dd11e9 CSeq: 66413636 INVITE Contact: sip:0390156842@kamailio.int:5070;transport=udp User-Agent: IMX Accept: application/sdp Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER, REFER, NOTIFY Supported: timer, path, replaces Allow-Events: talk, hold, conference, refer Content-Type: application/sdp Content-Disposition: session Content-Length: 270 X-FS-Support: update_display,send_info
[4] Incoming ACK (Sip Provider -> Kamailio) ACK sip:0390156842@kamailio.ext:5061;transport=udp SIP/2.0 Record-Route: sip:sip.provider.com;lr;ftag=j3KQmpvmg6mvr Via: SIP/2.0/UDP sip.provider.com:5060;branch=z9hG4bKfffb.7c81ee53.2 Via: SIP/2.0/UDP far.external.ip;received=far.external.ip;rport=5060;branch=z9hG4bK509ZQBKB947aF
Route: sip:kamailio.ext:5061;lr=on Max-Forwards: 69 From: "Nicholas Gill" sip:0384171966@far.external.ip;tag=j3KQmpvmg6mvr To: sip:0390156842@sip.provider.com;tag=BFvQmggHrg74m Call-ID: aa7174e7-d028-1232-4b95-001cc0dd11e9 CSeq: 66413636 ACK Contact: sip:gw+Exetel@far.external.ip:5060;transport=udp;gw=Exetel Proxy-Authorization: Digest username="0384171900", realm="far.external.ip", nonce="xxxx", algorithm=MD5, uri="sip:0390156842@sip.provider.com", response="xxxx" Content-Length: 0 P-hint: rr-enforced
[5] Kamailio configuration (based on default configuration). Dispatcher set 1 is FS internal profile (5080) and set 2 is external profile (5070) ... #!define WITH_NAT ... alias="kamailio.int:5060" alias="kamailio.int:5061" alias="kamailio.ext:5060" alias="kamailio.ext:5061"
listen=udp:kamailio.int:5060 advertise kamailio.ext:5060 listen=udp:kamailio.int:5061 advertise kamailio.ext:5061 port=5060 port=5061 ... loadmodule "dispatcher.so" modparam("dispatcher", "flags", 2) modparam("dispatcher", "list_file", "/etc/kamailio/dispatcher.list") modparam("dispatcher", "dst_avp", "$avp(AVP_DST)") modparam("dispatcher", "grp_avp", "$avp(AVP_GRP)") modparam("dispatcher", "cnt_avp", "$avp(AVP_CNT)") #modparam("dispatcher", "ds_ping_interval", 60) ... modparam("nathelper", "sipping_from", "sip:pinger@etellicom.com") ... request_route { ... # Not from FS servers gets dispatched to FS servers. if(!ds_is_from_list("1") and !ds_is_from_list("2")) { route(DISPATCH); }
# Requests from FS External profile routed out via specific port. if(ds_is_from_list("2")) $fs="udp:kamailio.int:5061"; ... }
route[DISPATCH] { if(dst_port==5061) { $fs="udp:kamailio.int:5061"; # Hash over to uri for test purposes if(!ds_select_dst("2", "2")) { send_reply("404", "No destination"); exit; } } else { # Hash over to uri for test purposes if(!ds_select_dst("1", "2")) { send_reply("404", "No destination"); exit; } }
xlog("L_DBG", "--- SCRIPT: going to <$ru> via <$du>\n"); t_on_failure("RTF_DISPATCH"); route(RELAY); exit; } failure_route[RTF_DISPATCH] { if (t_is_canceled()) { exit; } # next DST - only for 500 or local timeout if (t_check_status("500") or (t_branch_timeout() and !t_branch_replied())) { if(ds_next_dst()) { t_on_failure("RTF_DISPATCH"); route(RELAY); exit; } } } ...
