I am experimenting with using openser as the basis for a home telephone system. Openser resides on the same node as my NAT. I have also employed the rtp proxy feature. I have had some success with my setup but recently I encountered a problem registering with a particular service provider.
My phones are set up to use openser as an outgoing proxy. They can register with various service providers except one. From tracing the messages I believe I know what is going wrong. The REGISTER is sent to openser which does a DNS lookup. This results in two registrars. Openser picks one and forwards the messages. The registrar issues a challenge as expected which is sent back to the phone. The phone sends its credentials to openser. Openser does another DNS lookup and sends the message to the other registrar. This registrar also issues a challenge. Thus it continues forever with the credentials being sent to the wrong registrar.
My question is, how do I get openser to send the credentials to the registrar that is requesting them?
Thanks in advance for any advice.
Robert,
Robert Dyck wrote:
I am experimenting with using openser as the basis for a home telephone system. Openser resides on the same node as my NAT. I have also employed the rtp proxy feature. I have had some success with my setup but recently I encountered a problem registering with a particular service provider.
My phones are set up to use openser as an outgoing proxy. They can register with various service providers except one. From tracing the messages I believe I know what is going wrong. The REGISTER is sent to openser which does a DNS lookup. This results in two registrars. Openser picks one and forwards the messages. The registrar issues a challenge as expected which is sent back to the phone. The phone sends its credentials to openser. Openser does another DNS lookup and sends the message to the other registrar. This registrar also issues a challenge. Thus it continues forever with the credentials being sent to the wrong registrar.
A registrar that receives a REGISTER message containing an Authorization header only sends back a challenge if the credentials included in the Authorization header are not valid. In other words, the authentication state is stored in the SIP messages and not at the server. So either one of the two redundant registrars should be able to perform the digest authentication.
What is the error code (40x) you get back from the second registrar?
My question is, how do I get openser to send the credentials to the registrar that is requesting them?
As a default, openser always forwards messages to the same target if the target's DNS entry doesn't change. Have you made a network trace that shows the behavior you explained above?
/Christian
Thanks in advance for any advice.
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
The second registrar does not send an error code, it simply issues its own challenge. Openser is definitely alternating between registrars. It does not send the credentials to the same registrar that requested them.
I could send a trace if it would be helpful.
On Saturday 06 October 2007, Christian Schlatter wrote:
Robert,
Robert Dyck wrote:
I am experimenting with using openser as the basis for a home telephone system. Openser resides on the same node as my NAT. I have also employed the rtp proxy feature. I have had some success with my setup but recently I encountered a problem registering with a particular service provider.
My phones are set up to use openser as an outgoing proxy. They can register with various service providers except one. From tracing the messages I believe I know what is going wrong. The REGISTER is sent to openser which does a DNS lookup. This results in two registrars. Openser picks one and forwards the messages. The registrar issues a challenge as expected which is sent back to the phone. The phone sends its credentials to openser. Openser does another DNS lookup and sends the message to the other registrar. This registrar also issues a challenge. Thus it continues forever with the credentials being sent to the wrong registrar.
A registrar that receives a REGISTER message containing an Authorization header only sends back a challenge if the credentials included in the Authorization header are not valid. In other words, the authentication state is stored in the SIP messages and not at the server. So either one of the two redundant registrars should be able to perform the digest authentication.
What is the error code (40x) you get back from the second registrar?
My question is, how do I get openser to send the credentials to the registrar that is requesting them?
As a default, openser always forwards messages to the same target if the target's DNS entry doesn't change. Have you made a network trace that shows the behavior you explained above?
/Christian
Thanks in advance for any advice.
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users
-
Christian Schlatter -
Robert Dyck