Am 21.12.2010 08:30, schrieb Dominguez Jover, Ricardo:
Hi everybody,
Since I implemented Kamailio 3.1 with TLS I’ve found a strange behavior. That is, with some clients (Bria and Blink) registered, if I restart Kamailio, then when the clients re-register the strange behaivour happens. This behavior consist on receiving calls, it took about 15 seconds to receive the first tone since the call was made.
This sounds like some timeout.
Just think about what may happen: you restart Kamailio - thus the TCP connection is terminated and probably the client will create a new registration using a new TCP connection.
As the old registration was not deREGISTERed, you will have 2 entries in your location table: one for the new registration (if the client already registered) and one for the old one (pointing to a non-existing TCP connection).
No on incoming call, Kamailio will try to estblish a TCP connection to the old contact - which for sure will fail of the client is behind NAT or a firewall.
There are several TCP parameters to tweak, e.g:
make sure TCP is non-blocking: http://www.kamailio.org/dokuwiki/doku.php/core-cookbook:3.1.x#tcp_async
do not try to open TCP connections to SIP clients when they are known to be behind NAT/FW. http://www.kamailio.org/dokuwiki/doku.php/core-cookbook:3.1.x#set_forward_no...
There are also some more TCP functions which can be used to change the behavior, just look around set_forward_no_connect() function in core cookbook.
regards klaus
regards Klaus
I made the following modification in the “route[Relay]” config. The reason is I wanted my gateway and Kamailio to make signaling by TLS. Without this modification the signaling was unencrypted (SIP):
route[RELAY] {
#!ifdef WITH_NAT
if (check_route_param("nat=yes")) { setbflag(FLB_NATB); } if (isflagset(FLT_NATS) || isbflagset(FLB_NATB)) { route(RTPPROXY); }#!endif
/* example how to enable some additional event routes */ if (is_method("INVITE")) { #t_on_branch("BRANCH_ONE"); t_on_reply("REPLY_ONE"); t_on_failure("FAIL_ONE");}
*# Se comunica con el GWa traves de TLS *
***if(!( ($od=~"mydomain.com") && ( ($rU=~"[a-z]{3,20}$") || ($rU=~"^xx[0-9][0-9]$") ) ) ) { ### If I’m calling a PBX extension do the signaling by TLS with the gateway (Cisco 2811)*
**
if (!t_relay_to_tls()) {*sl_reply_error();*}* } else if { if (!t_relay()) { sl_reply_error(); } } exit;}
The rest of functionalities are working really fine. Any idea about what is happening?
Cheers!
*Ricardo Domínguez*
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users