1 Apr
2019
1 Apr
'19
3:14 p.m.
Dear all,
This is my first post after reading a lot in this mailing-list.
I'm trying to use Kamailio 5.1 with the dispatcher module and rtpengine
acting as SIP + RTP proxy.
I have 6 asterisk servers in a private subnet that should talk with the
peer via a single IP like this:
Asterisk 1..n|---> | GW.PRIVATE.IP -o- GW.PUBLIC.IP |----> PEER.SIP.TRUNK
I'm on Centos 7, with firewalld configured, iptables module is loaded
and the rule is well defined.
Packet forwarding is also enabled.
Chain rtpengine (1 references)
target prot opt source destination
RTPENGINE udp -- anywhere anywhere RTPENGINE
id:40
My call flow seems to be fine, Kamailio/rtpengine private IP is the
outboundproxy parameter of Asterisk instances.
My problem is that RTP packets are not present on the public interface,
the rtpengine final log showing
the 2 sessions, but I'm not sure this is what I want or simply the
firewall does not let it out ?
(To be more precise PEER.SIP.TRUNK is the trunk for SIP traffic, I have
multiple IP addresses
for media to connect to, reinvites are allowed)
Closing call due to timeout
Final packet stats:
--- Tag 'as6d12caea', created 1:00 ago for branch '', in dialogue with
'as541b1e61'
------ Media #1 (audio over RTP/AVP) using unknown codec
--------- Port GW.PRIVATE.IP:10000 <> 192.168.30.13:11152, SSRC 0, 0
p, 0 b, 0 e, 60 ts
--------- Port GW.PRIVATE.IP:10001 <> 192.168.30.13:11153 (RTCP),
SSRC 0, 0 p, 0 b, 0 e, 60 ts
--- Tag 'as541b1e61', created 1:00 ago for branch '', in dialogue with
'as6d12caea'
------ Media #1 (audio over RTP/AVP) using unknown codec
--------- Port GW.PUBLIC.IP:10000 <> PEER.SIP.TRUNK:28216, SSRC 0,
0 p, 0 b, 0 e, 60 ts
--------- Port GW.PUBLIC.IP:10001 <> PEER.SIP.TRUNK:28217 (RTCP),
SSRC 0, 0 p, 0 b, 0 e, 60 ts
Best regards,
Istvan
1 Apr
1 Apr
8:02 p.m.
On 01/04/2019 09.14, Istvan Mogyorosi wrote:
Dear all,
This is my first post after reading a lot in this mailing-list.
I'm trying to use Kamailio 5.1 with the dispatcher module and
rtpengine acting as SIP + RTP proxy.
I have 6 asterisk servers in a private subnet that should talk with
the peer via a single IP like this:
Asterisk 1..n|---> | GW.PRIVATE.IP -o- GW.PUBLIC.IP |----> PEER.SIP.TRUNK
I'm on Centos 7, with firewalld configured, iptables module is loaded
and the rule is well defined.
Packet forwarding is also enabled.
Chain rtpengine (1 references)
target prot opt source destination
RTPENGINE udp -- anywhere anywhere RTPENGINE id:40
My call flow seems to be fine, Kamailio/rtpengine private IP is the
outboundproxy parameter of Asterisk instances.
My problem is that RTP packets are not present on the public
interface, the rtpengine final log showing
the 2 sessions, but I'm not sure this is what I want or simply the
firewall does not let it out ?
(To be more precise PEER.SIP.TRUNK is the trunk for SIP traffic, I
have multiple IP addresses
for media to connect to, reinvites are allowed)
Closing call due to timeout
Final packet stats:
--- Tag 'as6d12caea', created 1:00 ago for branch '', in dialogue with
'as541b1e61'
------ Media #1 (audio over RTP/AVP) using unknown codec
--------- Port GW.PRIVATE.IP:10000 <> 192.168.30.13:11152, SSRC 0, 0
p, 0 b, 0 e, 60 ts
--------- Port GW.PRIVATE.IP:10001 <> 192.168.30.13:11153 (RTCP),
SSRC 0, 0 p, 0 b, 0 e, 60 ts
--- Tag 'as541b1e61', created 1:00 ago for branch '', in dialogue with
'as6d12caea'
------ Media #1 (audio over RTP/AVP) using unknown codec
--------- Port GW.PUBLIC.IP:10000 <> PEER.SIP.TRUNK:28216, SSRC 0,
0 p, 0 b, 0 e, 60 ts
--------- Port GW.PUBLIC.IP:10001 <> PEER.SIP.TRUNK:28217 (RTCP),
SSRC 0, 0 p, 0 b, 0 e, 60 ts
These are all reception counters, so this is a problem of packets not
being received. Having the iptables RTPENGINE rule installed does not
automatically allow the packets to pass through your firewall. You have
to do that separately.
Cheers
10 Apr
10 Apr
11:56 a.m.
Hello
Thanks Richard, You were right.
Now the codec is recognized, and statistics show real data.
Just a quick recap what needs to be done:
- enable packet forwarding
- firewalld add service SIP and UDP port range to enable incoming traffic
- enable packet flow between external / internal interfaces using
FORWARD and POSTROUTING direct rules
- setup masquerading for the internal network
Cheers,
Istvan
Richard Fuchs a écrit le 01/04/2019 à 20:02 :
On 01/04/2019 09.14, Istvan Mogyorosi wrote:
--
Sent from Postbox
<https://www.postbox-inc.com/?utm_source=email&utm_medium=siglink&utm_campaign=reach>
Dear all,
This is my first post after reading a lot in this mailing-list.
I'm trying to use Kamailio 5.1 with the dispatcher module and
rtpengine acting as SIP + RTP proxy.
I have 6 asterisk servers in a private subnet that should talk with
the peer via a single IP like this:
Asterisk 1..n|---> | GW.PRIVATE.IP -o- GW.PUBLIC.IP |---->
PEER.SIP.TRUNK
I'm on Centos 7, with firewalld configured, iptables module is loaded
and the rule is well defined.
Packet forwarding is also enabled.
Chain rtpengine (1 references)
target prot opt source destination
RTPENGINE udp -- anywhere anywhere RTPENGINE id:40
My call flow seems to be fine, Kamailio/rtpengine private IP is the
outboundproxy parameter of Asterisk instances.
My problem is that RTP packets are not present on the public
interface, the rtpengine final log showing
the 2 sessions, but I'm not sure this is what I want or simply the
firewall does not let it out ?
(To be more precise PEER.SIP.TRUNK is the trunk for SIP traffic, I
have multiple IP addresses
for media to connect to, reinvites are allowed)
Closing call due to timeout
Final packet stats:
--- Tag 'as6d12caea', created 1:00 ago for branch '', in dialogue
with 'as541b1e61'
------ Media #1 (audio over RTP/AVP) using unknown codec
--------- Port GW.PRIVATE.IP:10000 <> 192.168.30.13:11152, SSRC 0, 0
p, 0 b, 0 e, 60 ts
--------- Port GW.PRIVATE.IP:10001 <> 192.168.30.13:11153 (RTCP),
SSRC 0, 0 p, 0 b, 0 e, 60 ts
--- Tag 'as541b1e61', created 1:00 ago for branch '', in dialogue
with 'as6d12caea'
------ Media #1 (audio over RTP/AVP) using unknown codec
--------- Port GW.PUBLIC.IP:10000 <> PEER.SIP.TRUNK:28216, SSRC
0, 0 p, 0 b, 0 e, 60 ts
--------- Port GW.PUBLIC.IP:10001 <> PEER.SIP.TRUNK:28217 (RTCP),
SSRC 0, 0 p, 0 b, 0 e, 60 ts
These are all reception counters, so this is a problem of packets not
being received. Having the iptables RTPENGINE rule installed does not
automatically allow the packets to pass through your firewall. You
have to do that separately.
Cheers
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
2060
days inactive
2069
days old
2 comments
2 participants
participants (2)
-
Istvan Mogyorosi -
Richard Fuchs