Hello,
I hope somebody could help me.
This is my scheme.
User-agent is behind NAT1. Kamailio and pbx are behind NAT2
[Client ip-phone 192.168.89.213 without stun] - LAN1 - NAT1(46.0.0.30) -
(internet) - (51.0.0.60)NAT2 - Local2 - (10.130.0.23:5060)kamailio(
10.130.0.23:5070) - pbx
*Questions*:
*1*. The VIA header (with 10.130.0.23 and 51.0.0.60) wasn't included in SIP
packets. Why? For example 200OK reply. It came from pbx through kamailio.
Which setting could break it?
Session Initiation Protocol (200)
Status-Line: SIP/2.0 200 OK
Message Header
Via: SIP/2.0/UDP 192.168.89.213:5060
;rport=9570;received=46.0.0.30;branch=z9hG4bK2480172053
Record-Route: <sip:c172.19.19.111.8348.call.cgatepro;lr>
Record-Route: <sip:172.19.19.111:5060;lr>
Record-Route: <sip:10.130.0.23:5070
;r2=on;lr;ftag=4268683942;nat=yes>,<sip:51.0.0.60;r2=on;lr;ftag=4268683942;nat=yes>
From: "Aleksey"
<sip:a.yakimkin@mail.domain.ru:5060>;tag=4268683942
To: <sip:2961@mail.domain.ru:5060
;tag=A03E2397-404246-FA7543E4_jizmelr-582D
Call-ID: 6_1903330087(a)192.168.89.213
[Generated Call-ID: 6_1903330087(a)192.168.89.213]
CSeq: 2 INVITE
Contact: <sip:signode-404246-FA7543E4_jizmelr-582D@172.19.19.111
;alias=51.0.0.60~5060~1>
Supported: 100rel,timer,replaces,histinfo,precondition
Allow: INVITE,BYE,CANCEL,ACK,OPTIONS,INFO,MESSAGE,PRACK,UPDATE,REFER
Session-Expires: 1800;refresher=uas
Content-Type: application/sdp
Content-Length: 1170
Message Body
*2*. About Registrar, Path and $du.
Phone set Register with headers:
Via: SIP/2.0/UDP 192.168.89.213:5060;branch=z9hG4bK2691182696
From: "Aleksey"
<sip:a.yakimkin@mail.domain.ru:5060>;tag=3926879477
To: "Aleksey" <sip:a.yakimkin@mail.domain.ru:5060>
Contact: <sip:a.yakimkin@192.168.89.213:5060>
Kamailio respond
Via: SIP/2.0/UDP 192.168.89.213:5060
;rport=9570;received=46.0.0.30;branch=z9hG4bK617463686
Path: <sip:10.130.0.23:5070
;lr;received=46.0.0.30~9570~1;r2=on>,<sip:51.0.0.60;lr;received=46.0.0.30~9570~1;r2=on>
From: "Aleksey"
<sip:a.yakimkin@mail.domain.ru:5060>;tag=3926879477
To: "Aleksey" <sip:a.yakimkin@mail.domain.ru:5060>;tag=194ED16D
Contact: <sip:a.yakimkin@192.168.89.213:5060>;expires=360
Contact: <sip:2447@192.168.89.221:5060>;expires=247
Contact: <sip:2447@192.168.9.16:5060>;expires=2116
I try to make a call from pbx to ip phone.
pbx inserts in Invite header Route: <sip:10.130.0.23:5070
;lr;received=46.0.0.30~9570~1;r2=on>
But kamailio relayed Invite direct to 192.168.89.213. (There is network
connectivity between ip-phone and kamailio through vpn). The code below
helps me to solve my issue. I saw mail-list with similar trouble. But no
setting could get kamailio to relay Invite to "Route-received" ip.
$var(the_route) = $hdr(Route);
$var(route0) = $(var(the_route){s.select,0,,});
$var(new_host) = $(var(route0){param.value,received}{s.select,0,~});
$var(new_port) = $(var(route0){param.value,received}{s.select,1,~});
if (!strempty($var(new_host)) && !strempty($var(new_port)) ) {
$du = "sip:" + $var(new_host) + ":" + $var(new_port);
}
*Kamailio settings:*
I have such listeners
listen=udp:10.130.0.23:5070 # to local network
listen=udp:10.130.0.23:5060 advertise 51.0.0.60:5060 # to internet
#MODULE SETTING
#---
# ----- jsonrpcs params -----
modparam("jsonrpcs", "pretty_format", 1)
/* set the path to RPC fifo control file */
# modparam("jsonrpcs", "fifo_name",
"/var/run/kamailio/kamailio_rpc.fifo")
/* set the path to RPC unix socket control file */
# modparam("jsonrpcs", "dgram_socket",
"/var/run/kamailio/kamailio_rpc.sock")
modparam("path", "use_received", 1)
modparam("path", "enable_r2", 1)
modparam("path", "received_format", 1)
# ----- ctl params -----
/* set the path to RPC unix socket control file */
# modparam("ctl", "binrpc",
"unix:/var/run/kamailio/kamailio_ctl")
# ----- tm params -----
# auto-discard branches from previous serial forking leg
modparam("tm", "failure_reply_mode", 3)
# default retransmission timeout: 30sec
modparam("tm", "fr_timer", 30000)
# default invite retransmission timeout after 1xx: 120sec
modparam("tm", "fr_inv_timer", 120000)
modparam("tm", "auto_inv_100_reason", "Trying")
# ----- rr params -----
# set next param to 1 to add value to ;lr param (helps with some UAs)
modparam("rr", "enable_full_lr", 0)
# do not append from tag to the RR (no need for this script)
modparam("rr", "append_fromtag", 1)
modparam("rr", "enable_double_rr", 2)
modparam("rr", "force_send_socket", 1)
# ----- registrar params -----
modparam("registrar", "method_filtering", 1)
/* uncomment the next line to disable parallel forking via location */
# modparam("registrar", "append_branches", 0)
/* uncomment the next line not to allow more than 10 contacts per AOR */
# modparam("registrar", "max_contacts", 10)
/* max value for expires of registrations */
modparam("registrar", "max_expires", 3600)
/* set it to 1 to enable GRUU */
modparam("registrar", "gruu_enabled", 0)
modparam("registrar", "use_path", 1)
modparam("registrar", "path_use_received", 1)
modparam("registrar", "path_mode", 0)
#---
For register I use this code
route[REGISTRAR] {
...
add_path_received();
set_send_socket("udp:10.130.0.23:5070");
route(DISPATCH);
...
}
route[RELAY] {
...
if ($Ru eq "sip:10.130.0.23:5070") {
$fs = "udp:10.130.0.23:5060";
} else {
$fs = "udp:10.130.0.23:5070";
}
...
}
route[NATMANAGE] {
#!ifdef WITH_NAT
if (is_request()) {
if(has_totag()) {
if(check_route_param("nat=yes")) {
setbflag(FLB_NATB);
}
}
}
if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return;
#send INVITE to IP:PROT from Route:...;received=
$var(the_route) = $hdr(Route);
$var(route0) = $(var(the_route){s.select,0,,});
$var(new_host) = $(var(route0){param.value,received}{s.select,0,~});
$var(new_port) = $(var(route0){param.value,received}{s.select,1,~});
if (!strempty($var(new_host)) && !strempty($var(new_port)) ) {
$du = "sip:" + $var(new_host) + ":" + $var(new_port);
}
if (client_nat_test("3")) {
if(nat_uac_test("18")) {
if ($Ru == "sip:10.130.0.23:5070") {
rtpproxy_manage("co", "51.0.0.60"); #
fix_nated_sdp
} else {
rtpproxy_manage("co");
}
if (is_method("REGISTER")) {
#if ($Ru == "sip:10.130.0.23:5070") {
# fix_nated_contact();
#} else {
# set_contact_alias();
#}
set_contact_alias();
} else {
if(is_first_hop()) {
set_contact_alias();
} else {
add_contact_alias("51.0.0.60",
"5060", "udp");
#fix_nated_contact();
}
}
} else {
if ($Ru == "sip:10.130.0.23:5070") {
rtpproxy_manage("cor", "51.0.0.60");
#
fix_nated_sdp
} else {
rtpproxy_manage("cor");
}
}
} else {
rtpproxy_manage("co");
}
if (is_request()) {
if (!has_totag()) {
if(t_is_branch_route()) {
add_rr_param(";nat=yes");
#fix_contact();
}
}
}
if (is_reply()) {
if(isbflagset(FLB_NATB)) {
if(is_first_hop())
set_contact_alias();
#} else {
#fix_contact();
#}
}
}
#!endif
return;
}
Thank you.
--
Best regards,
Alex