8 Nov
2019
8 Nov
'19
9:22 p.m.
Hi,
Your config line for the dispatcher makes no sense for me.
1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.100:5061;
ping_from=sip:10.0.0.14
Means setid 1007 (like an group to arrange multiple targets) okay.
But sip:10.0.0.100:5061;transport=tls is the dispatcher target Uri. Where
your calls are placed when you call the dispatcher function with setid 1007.
In combination with socket=10.0.0.100:5061 (that indicates your Kamailio
socket, the proxy ip)
That you talking with yourself.
You should read the module documentations for dispatcher and tls.
Or describe your ip setup and your config a bit more.
Cheers
Karsten
sthustfo <sthustfo(a)gmail.com> schrieb am Fr., 8. Nov. 2019, 17:41:
Hi Karsten, David,
Thanks for your pointers. Earlier I was using mysql backend where the
dispatch list was stored. Now following your suggestions, I have switched
to dispatcher list in a file (/etc/kamailio/dispatcher.list) and put in the
following
# setid(integer) destination(sip uri) flags (integer, optional),
priority(int,opt), attrs (str,optional)
1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.100:5061
;ping_from=sip:10.0.0.14
Even with this, when HTTP request in, the same is upgraded to WS
connection. But this gets closed after couple of seconds. Does the below
log indicate anything?
9(1784) exec: *** cfgtrace:request_route=[xhttp:request]
c=[/etc/kamailio/kamailio.cfg] l=1112 a=2 n=exit
9(1784) DEBUG: <core> [core/usr_avp.c:636]: destroy_avp_list():
destroying list (nil)
Is there any way to understand what's happening? I do not see any other
error lin logs.
Thanks.
On Thu, Nov 7, 2019 at 2:34 PM Daniel-Constantin Mierla <miconda(a)gmail.com>
wrote:
Hello,
On 06.11.19 20:46, Karsten Horsmann wrote:
Hi,
the sips Uri schemata is not used for tls with dispatcher.
jumping in to clarify a bit about sips protocol schema. It doesn't imply
TLS as one may think HTTPS does it for HTTP. The sips is mandating that the
traffic goes over secure links, which can be IPSec/VPN or even just private
network, so it is ok using UDP or TCP when sips is present.
In SIP, if TLS is wanted, then transport=tls has to be added to the URI.
As for dispatcher, one more clarification: trasport=tls in attrs has
nothing to do with the destination address, so that has to be in the value
of the destination field, as Karsten gave in his example.
And, as general note: better do not use sips at all, it can mess up some
nodes in the path, if you are not sure about the need of sips -- just do
uri;trasport=tls.
Cheers,
Daniel
Here an example for flatfile dispatcher.list (need corrected values).
The socket line must match an listen directive in your Kamailio.cfg.
root@sbc1:~# cat /etc/kamailio/dispatcher.list
# setid(integer) destination(sip uri) flags (integer, optional),
priority(int,opt), attrs (str,optional)
1007 sip:sip.pstnhub.microsoft.com;transport=tls 0 3
socket=tls:212.xx.xx.xx:5061;ping_from=sip:sbc-d01.yourdomain
Cheers
Karsten
sthustfo <sthustfo(a)gmail.com> schrieb am Mi., 6. Nov. 2019, 20:32:
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
I have a basic setup where kamailio receives SIP
over websocket (no WSS)
and forwards to SIP server over TLS. I have enabled TLS in kamailio.cfg and
added dispatcher node as sips:SIP_SERVER:5061 and transport=tls.
+----+-------+------------------------+-------+----------+---------------+----------------+
| id | setid | destination | flags | priority | attrs
| description |
+----+-------+------------------------+-------+----------+---------------+----------------+
| 4 | 1 | sips:10.0.0.100:5061 | 0 | 0 | transport=tls
| SIP SERVER |
+----+-------+------------------------+-------+----------+---------------+----------------+
Now when REGISTER is received over websocket, kamailio is responding
with error code 500 and phrase "500 I'm terribly sorry, server error
occurred (7/SL)". And on the console I see the following error messages.
12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core>
[core/md5utils.c:67]: MD5StringArray(): MD5 calculated:
f1ecf7bcb659b07fe81e332e100044e5
12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm [ut.h:315]:
uri2dst2(): no corresponding socket found for "10.0.0.100" af 2 (tls:
10.0.0.100:5061)
12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
[t_fwd.c:467]: prepare_new_uac(): can't fwd to af 2, proto 3 (no
corresponding listening socket)
12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
[t_fwd.c:1735]: t_forward_nonack(): failure to add branches
12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
[t_funcs.c:334]: t_relay_to(): t_forward_nonack returned error -7 (-7)
12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
[t_funcs.c:352]: t_relay_to(): -7 error reply generation delayed
12(33858) exec: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} ***
cfgtrace:request_route=[RELAY] c=[/etc/kamailio/kamailio.cfg] l=587 a=24
n=sl_reply_error
12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core>
[core/msg_translator.c:162]: check_via_address(): (10.0.0.14,
hsvmphm3ps12.invalid, 0)
12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} websocket
[ws_conn.c:452]: wsconn_get(): wsconn_get for id [3]
*tls.cfg contents*
[client:default]
method = TLSv1
verify_certificate = yes
require_certificate = yes
private_key = /home/test/kamailio/internal.key
certificate = /home/test/kamailio/internal.crt
ca_list = /home/test/kamailio/ca_list.pem
Any reason why this error is seen? Any inputs appreciated.
Thanks.
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
Kamailio (SER) - Users Mailing
Listsr-users@lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda --
www.linkedin.com/in/miconda
Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users