Hi all, I'm using kamailio 1.5 with TLS module. I need to make ENUM query and get NAPTR record.
From NAPTR lookup, I'd like to relay my SIP Invite with tls protocol.
How can I tell Kamailio to use TLS protocol ( instead of udp) after NAPTR lookup ?
I've try to set :
dns_tls_pref=1 dns_udp_pref=2 dns_tcp_pref=3
in the general section of kamailio.cfg, but I get a parse error.
Regards,
Daniel
Hello,
On 7/8/10 5:59 PM, Matteo Campana wrote:
Hi all, I'm using kamailio 1.5 with TLS module. I need to make ENUM query and get NAPTR record.
From NAPTR lookup, I'd like to relay my SIP Invite with tls protocol.
How can I tell Kamailio to use TLS protocol ( instead of udp) after NAPTR lookup ?
I've try to set :
dns_tls_pref=1 dns_udp_pref=2 dns_tcp_pref=3
in the general section of kamailio.cfg, but I get a parse error.
these parameters were introduced in kamailio with version 3.0.
If you need TLS then it is recommended to use 3.0 anyhow, it is a far better implementation. That will make the life easier to migrate to upcoming 3.1 that will bring asynchronous TLS.
No matter what you have in R-URI, you can force TLS via setting outbound proxy address to be a TLS uri:
$du = "sip:__ip_or_host__;transport=tls"; t_relay();
The IP or host you can take from R-URI without any problem via PV $rd. Other option is to use function from tm - t_relay_to_tls():
http://kamailio.org/docs/modules/stable/modules/tm.html#t_relay_to_udp
Cheers, Daniel
Am 08.07.2010 18:10, schrieb Daniel-Constantin Mierla:
Hello,
On 7/8/10 5:59 PM, Matteo Campana wrote:
Hi all, I'm using kamailio 1.5 with TLS module. I need to make ENUM query and get NAPTR record.
From NAPTR lookup, I'd like to relay my SIP Invite with tls protocol.
How can I tell Kamailio to use TLS protocol ( instead of udp) after NAPTR lookup ?
I've try to set :
dns_tls_pref=1 dns_udp_pref=2 dns_tcp_pref=3
in the general section of kamailio.cfg, but I get a parse error.
these parameters were introduced in kamailio with version 3.0.
If you need TLS then it is recommended to use 3.0 anyhow, it is a far better implementation. That will make the life easier to migrate to upcoming 3.1 that will bring asynchronous TLS.
No matter what you have in R-URI, you can force TLS via setting outbound proxy address to be a TLS uri:
$du = "sip:__ip_or_host__;transport=tls"; t_relay();
IIRC we do have NAPTR support in Kamailio 1.5 - don't we?
Then I think it should work when putting a domain into $du and makeing sure that there is no transport parameter, no port, and NAPTR TLS record has highest priority.
regards klaus
The IP or host you can take from R-URI without any problem via PV $rd. Other option is to use function from tm - t_relay_to_tls():
http://kamailio.org/docs/modules/stable/modules/tm.html#t_relay_to_udp
Cheers, Daniel
How can I tell Kamailio to use TLS protocol ( instead of udp) after NAPTR lookup ?
Hello,
you can see it by doing some traces, e.g. by ngrep, or increase the debugging level and then check the logs.
$du = "sip:__ip_or_host__;transport=tls"; t_relay();
IIRC we do have NAPTR support in Kamailio 1.5 - don't we?
Then I think it should work when putting a domain into $du and makeing sure that there is no transport parameter, no port, and NAPTR TLS record has highest priority.
Indeed kamailio 1.5 has NAPTR support i think (you should see it in the logs). But I did not really used it so far, we mostly specify the destination port in the routing target.
Regards,
Henning
On 7/8/10 6:44 PM, Klaus Darilion wrote:
Am 08.07.2010 18:10, schrieb Daniel-Constantin Mierla:
Hello,
On 7/8/10 5:59 PM, Matteo Campana wrote:
Hi all, I'm using kamailio 1.5 with TLS module. I need to make ENUM query and get NAPTR record.
From NAPTR lookup, I'd like to relay my SIP Invite with tls protocol.
How can I tell Kamailio to use TLS protocol ( instead of udp) after NAPTR lookup ?
I've try to set :
dns_tls_pref=1 dns_udp_pref=2 dns_tcp_pref=3
in the general section of kamailio.cfg, but I get a parse error.
these parameters were introduced in kamailio with version 3.0.
If you need TLS then it is recommended to use 3.0 anyhow, it is a far better implementation. That will make the life easier to migrate to upcoming 3.1 that will bring asynchronous TLS.
No matter what you have in R-URI, you can force TLS via setting outbound proxy address to be a TLS uri:
$du = "sip:__ip_or_host__;transport=tls"; t_relay();
IIRC we do have NAPTR support in Kamailio 1.5 - don't we?
yes, it is. My observation was about tls, which has a better architecture in 3.0 and is the version to be improved for 3.1.
The example I gave above is valid in both versions: 1.5 and 3.0
Cheers, Daniel
Then I think it should work when putting a domain into $du and makeing sure that there is no transport parameter, no port, and NAPTR TLS record has highest priority.
regards klaus
The IP or host you can take from R-URI without any problem via PV $rd. Other option is to use function from tm - t_relay_to_tls():
http://kamailio.org/docs/modules/stable/modules/tm.html#t_relay_to_udp
Cheers, Daniel
-
Daniel-Constantin Mierla -
Henning Westerholt -
Klaus Darilion -
Matteo Campana