[OpenSIPS-Users] OpenSIPS mhomed
Yuri Kirsanov
y.kirsanov at gmail.com
Wed Dec 8 11:36:50 CET 2010
Hi Bogdan,
You're right, after stopping iptables packets are sent from private IP!
Thank you very much, I must have missed one of my own iptables rules! Thanks
again!
2010/12/8 Bogdan-Andrei Iancu <bogdan at voice-system.ro>
> Hi Yuri,
>
> as I see, opensips really thinks and uses the 10.22.10.254 IP as outbound
> IP - you see the RR with 10.22.10.254 IP and the VIA with this IP.
>
> The message looks correctly formatted: the only issue in your case is the
> outbound IP of the request - are you sure you do not have some iptables
> rules to change the src IP of some packages??
>
> Regards,
> Bogdan
>
> Yuri Kirsanov wrote:
>
>> Hi Bogdan,
>> Thank you for reply, I tried to do as you recommended, I moved
>> rewritehostport & force_send_socket into main routing block just before
>> route(1); I do understand that I'm doing two RRs, but here's TCPdump of the
>> softphone trying to Invite, notice that these are packets from OpenSIPS to
>> Asterisk, and they use Public IP to send SIP packets to internal Private IP:
>>
>> 00:10:05.942128 IP *<PUBLIC IP>*.5068 > 10.22.10.1.6000: UDP, length 961
>> .PV.k..PV.s...E..... at .@...w...
>> .
>> INVITE sip:555 at 10.22.10.1:6000 <http://sip:555@10.22.10.1:6000> SIP/2.0
>>
>> Record-Route: <sip:10.22.10.254:5068;r2=on;lr=on;ftag=79557f47>
>> Record-Route: <sip:*<PUBLIC IP>*:5066;r2=on;lr=on;ftag=79557f47>
>> Via: SIP/2.0/UDP 10.22.10.254:5068;branch=z9hG4bK8b37.90541a01.0
>> Via: SIP/2.0/UDP <PHONE IP>:6036;received=<PHONE
>> IP>;branch=z9hG4bK-d87543-fe60ef3b8e5cdd4d-1--d87543-;rport=6036
>> Max-Forwards: 69
>> Contact: <sip:6000@<PHONE IP>:6036>
>> To: <sip:555@*<PUBLIC IP>*:5066>
>> From: "User"<sip:6000@*<PUBLIC IP>*:5066>;tag=79557f47
>> Call-ID: 927d4958c229b528 at Zmxhc2g.
>> CSeq: 1 INVITE
>> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE,
>> SUBSCRIBE, INFO
>> Content-Type: application/sdp
>> Supported: eventlist
>> User-Agent: eyeBeam release 3015c stamp 27107
>> Content-Length: 190
>>
>> v=0
>> o=- 3069147771 3069148115 IN IP4 <PHONE IP>
>> s=eyeBeam
>> c=IN IP4 <PHONE IP>
>> t=0 0
>> m=audio 8306 RTP/AVP 8 18 101
>> a=fmtp:101 0-15
>> a=rtpmap:101 telephone-event/8000
>> a=sendrecv
>>
>>
>> Then, Asterisk replies using private IPs:
>>
>> 00:10:05.942717 IP 10.22.10.1.6000 > 10.22.10.254.5068: UDP, length 637
>> .PV.s..PV.k...E...E... at .
>> .
>> .
>> .
>> .
>> ..p....k7SIP/2.0 407 Proxy Authentication Required
>> Via: SIP/2.0/UDP 10.22.10.254:5068;branch=z9hG4bK8b37.90541a01.0;received=*<PUBLIC
>> IP>*
>> Via: SIP/2.0/UDP <PHONE IP>:6036;received=<PHONE
>> IP>;branch=z9hG4bK-d87543-fe60ef3b8e5cdd4d-1--d87543-;rport=6036
>> From: "User"<sip:6000@*<PUBLIC IP>*:5066>;tag=79557f47
>> To: <sip:555@*<PUBLIC IP>*:5066>;tag=as0b8e2c25
>> Call-ID: 927d4958c229b528 at Zmxhc2g.
>> CSeq: 1 INVITE
>> User-Agent: Asterisk PBX
>> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO
>> Supported: replaces
>> Proxy-Authenticate: Digest algorithm=MD5, realm="asterisk",
>> nonce="1e41babb"
>> Content-Length: 0
>>
>>
>> And then OpenSIPS responds from Public IP again:
>>
>> 00:10:05.944903 IP *<PUBLIC IP>*.5068 > 10.22.10.1.6000: UDP, length 353
>>
>>
>> 2010/12/7 Bogdan-Andrei Iancu <bogdan at voice-system.ro <mailto:
>> bogdan at voice-system.ro>>
>>
>>
>> Hi Yuri,
>>
>>
>> Yuri Kirsanov wrote:
>>
>> Hi community,
>>
>> I have following setup:
>>
>> Public IP (eth0) < OpenSIPS > Private IP (eth1) <------>
>> Private IP (eth0) Asterisk.
>>
>> I'm trying to relay all the initial packets received by
>> OpenSIPS to Asterisk, so I record-route initial packets and
>> process all responses using loose routing. OpenSIPS is
>> restricted to use only two UDP IP addresses - private & public
>> ones. It all works fine on SIP layer, I do understand that I
>> also need RTP proxy, but at this stage I've got strange
>> problem - with mhomed=1 in configuration file OpenSIPS still
>> sends packets using public IP address, while Contact, To and
>> Via fields are set correctly, to private IP address of OpenSIPS.
>>
>> OpenSIPS does not changes Contact and To IPs when forwarding a
>> request.....are you sure you see such changes???
>>
>> The only IPs that reflects the used interface are the VIA and
>> Record-Route...Actually in your case (if interface changing is
>> done), you should have 2 RR headers...
>>
>> Also, using mhomed and force_send_socket() in the same time is a
>> bit redundant - they do the same : setting the outgoing interface
>> for the request:
>> - mhomed is doing autodetection based on destination IP
>> - force_send_socket() is setting the inteface from script.
>>
>> BTW, it is bogus to do:
>> rewritehostport("10.22.10.1:6000 <http://10.22.10.1:6000>
>> <http://10.22.10.1:6000/>");
>>
>> force_send_socket(10.22.10.254);
>>
>> in route[1] as this route is a generic relay route used also for
>> sending sequential requests.....put that lines in main route just
>> where you do record_route().
>>
>> Regards,
>> Bogdan
>>
>> I have tried to use force_send_socket but without any luck.
>> Could you please help me with this configuration? At least -
>> why does OpenSIPS uses public IP? Thanks!
>>
>> Here's my configuration:
>>
>> ####### Global Parameters #########
>> log_facility=LOG_LOCAL4
>> fork=yes
>> children=4
>> debug=9
>> disable_tcp=yes
>> auto_aliases=no
>> mhomed=1
>> port=5066
>> listen=udp:XXX.XXX.XXX.XXX:5066
>> listen=udp:10.22.10.254:5068 <http://10.22.10.254:5068>
>> <http://10.22.10.254:5068/>
>>
>>
>> ####### Modules Section ########
>>
>> #set module path
>> mpath="/opt/opensips/lib64/opensips/modules/"
>>
>> loadmodule "signaling.so"
>> loadmodule "sl.so"
>> loadmodule "tm.so"
>> loadmodule "rr.so"
>> loadmodule "maxfwd.so"
>> loadmodule "textops.so"
>> loadmodule "mi_fifo.so"
>> loadmodule "uri.so"
>>
>> # ----------------- setting module-specific parameters
>> ---------------
>>
>> # ----- mi_fifo params -----
>> modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
>>
>> # ----- rr params -----
>> # add value to ;lr param to cope with most of the UAs
>> modparam("rr", "enable_full_lr", 1)
>> modparam("rr", "append_fromtag", 1)
>>
>> # ----- uri params -----
>> modparam("uri", "use_uri_table", 0)
>>
>> ####### Routing Logic ########
>>
>> # main request routing logic
>>
>> route{
>>
>> if (!mf_process_maxfwd_header("10")) {
>> sl_send_reply("483","Too Many Hops");
>> exit;
>> }
>>
>> if (has_totag()) {
>> # sequential request withing a dialog should
>> # take the path determined by record-routing
>> if (loose_route()) {
>> if (is_method("BYE")) {
>> setflag(1); # do accounting ...
>> setflag(3); # ... even if the
>> transaction fails
>> } else if (is_method("INVITE")) {
>> # even if in most of the cases
>> is useless, do RR for
>> # re-INVITEs alos, as some
>> buggy clients do change route set
>> # during the dialog.
>> record_route();
>> }
>> # route it out to whatever destination
>> was set by loose_route()
>> # in $du (destination URI).
>> route(1);
>> } else {
>> if ( is_method("ACK") ) {
>> if ( t_check_trans() ) {
>> # non loose-route, but
>> stateful ACK; must be an ACK after
>> # a 487 or e.g. 404
>> from upstream server
>> t_relay();
>> exit;
>> } else {
>> # ACK without matching
>> transaction ->
>> # ignore and discard
>> exit;
>> }
>> }
>> sl_send_reply("404","Not here");
>> }
>> exit;
>> }
>>
>> #initial requests
>>
>> # CANCEL processing
>> if (is_method("CANCEL"))
>> {
>> if (t_check_trans())
>> t_relay();
>> exit;
>> }
>>
>> t_check_trans();
>>
>> # preloaded route checking
>> if (loose_route()) {
>> xlog("L_ERR",
>> "Attempt to route with preloaded Route's
>> [$fu/$tu/$ru/$ci]");
>> if (!is_method("ACK"))
>> sl_send_reply("403","Preload Route
>> denied");
>> exit;
>> }
>>
>> record_route();
>> route(1);
>> }
>>
>>
>> route[1] {
>> rewritehostport("10.22.10.1:6000
>> <http://10.22.10.1:6000> <http://10.22.10.1:6000/>");
>>
>>
>> force_send_socket(10.22.10.254);
>> if (!t_relay()) {
>> sl_reply_error();
>> };
>> exit;
>> }
>>
>> ------------------------------------------------------------------------
>>
>>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20101208/20e0f806/attachment-0001.htm>
More information about the Users
mailing list