[OpenSIPS-Users] Opensips.cfg on Amazon EC2 - no audio issues

Wed Dec 23 04:16:15 EST 2020

Dear all.

We have a fairly basic setup on Opensips 3.0 on Amazon EC2. We allow users
to make and receive voice calls only. We are not using any proxy or STUN as
all our calls route completely fine within our country. However, following
are some issues:

1. When we make calls outside our country, there is no audio (both ways).
2. When our users try and make calls between themselves (outside our
country, the calls don't go through at all).

We have tried multiple configurations that we found on github and personal
blogs, however, can't seem to solve this issue - and unable to find someone
who can.

Following is our opensips.cfg file, appreciate if someone can clarify what
is wrong:

#
# OpenSIPS residential configuration script
#     by OpenSIPS Solutions <team at opensips-solutions.com>
#
# This script was generated via "make menuconfig", from
#   the "Residential" scenario.
# You can enable / disable more features / functionalities by
#   re-generating the scenario with different options.#
#
# Please refer to the Core CookBook at:
#      https://opensips.org/Resources/DocsCookbooks
# for a explanation of possible statements, functions and parameters.
#

####### Global Parameters #########

log_level=3
log_stderror=no
#log_facility=LOG_LOCAL0
log_facility=LOG_LOCAL7

udp_workers=8

/* uncomment the following lines to enable debugging */
#debug_mode=yes

/* uncomment the next line to enable the auto temporary blacklisting of
   not available destinations (default disabled) */
#disable_dns_blacklist=no

/* uncomment the next line to enable IPv6 lookup after IPv4 dns
   lookup failures (default disabled) */
#dns_try_ipv6=yes

/* comment the next line to enable the auto discovery of local aliases
   based on reverse DNS on IPs */
auto_aliases=no

advertised_address=XX.XXX.XXX.XX

listen=udp:XXX.XX.XX.XXX:5060  # CUSTOMIZE ME
listen=tcp:XXX.XX.XX.XXX:5060  # CUSTOMIZE ME

####### Modules Section ########

#set module path
mpath="/usr/lib/x86_64-linux-gnu/opensips/modules/"

#### SIGNALING module
loadmodule "signaling.so"

#### StateLess module
loadmodule "sl.so"

#### Transaction Module
loadmodule "tm.so"
modparam("tm", "fr_timeout", 5)
modparam("tm", "fr_inv_timeout", 30)
modparam("tm", "restart_fr_on_each_reply", 0)
modparam("tm", "onreply_avp_mode", 1)

#### Record Route Module
loadmodule "rr.so"
/* do not append from tag to the RR (no need for this script) */
modparam("rr", "append_fromtag", 0)

#### MAX ForWarD module
loadmodule "maxfwd.so"

#### SIP MSG OPerationS module
loadmodule "sipmsgops.so"

#### FIFO Management Interface
loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")
modparam("mi_fifo", "fifo_mode", 0666)

#### MYSQL module
loadmodule "db_mysql.so"

#### HTTPD module
loadmodule "httpd.so"
modparam("httpd", "port", 8888)

#### USeR LOCation module
loadmodule "usrloc.so"
modparam("usrloc", "nat_bflag", "NAT")
modparam("usrloc", "db_mode",   2)
modparam("usrloc", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME

#### REGISTRAR module
loadmodule "registrar.so"
modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")
modparam("registrar", "received_avp", "$avp(received_nh)")/* uncomment the
next line not to allow more than 10 contacts per AOR */
#modparam("registrar", "max_contacts", 10)

#### ACCounting module
loadmodule "acc.so"
/* what special events should be accounted ? */
modparam("acc", "early_media", 0)
modparam("acc", "report_cancels", 0)
/* by default we do not adjust the direct of the sequential requests.
   if you enable this parameter, be sure the enable "append_fromtag"
   in "rr" module */
modparam("acc", "detect_direction", 0)
modparam("acc", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME

#### AUTHentication modules
loadmodule "auth.so"
loadmodule "auth_db.so"
modparam("auth_db", "calculate_ha1", 0)
modparam("auth_db", "password_column", "ha1")
modparam("auth_db", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME
modparam("auth_db", "load_credentials", "")

#### ALIAS module
loadmodule "alias_db.so"
modparam("alias_db", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME

#### DOMAIN module
loadmodule "domain.so"
modparam("domain", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME
modparam("domain", "db_mode", 0)   # Use caching
modparam("auth_db|usrloc", "use_domain", 1)

#### PRESENCE modules
loadmodule "xcap.so"
loadmodule "presence.so"
loadmodule "presence_xml.so"
modparam("xcap|presence", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME
modparam("presence_xml", "force_active", 1)
modparam("presence", "fallback2db", 0)

#### DIALOG module
loadmodule "dialog.so"
modparam("dialog", "dlg_match_mode", 1)
modparam("dialog", "default_timeout", 21600)  # 6 hours timeout
modparam("dialog", "db_mode", 2)
modparam("dialog", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME

####  NAT modules
loadmodule "nathelper.so"
modparam("registrar|nathelper", "received_avp", "$avp(rcv)")
modparam("nathelper", "natping_interval", 10)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "sipping_bflag", "SIP_PING_FLAG")
modparam("nathelper", "sipping_from", "sip:pinger at ourdomain.com")
#CUSTOMIZE ME
modparam("nathelper", "received_avp", "$avp(received_nh)")

loadmodule "rtpproxy.so"
modparam("rtpproxy", "rtpproxy_sock", "udp:localhost:9000") # CUSTOMIZE ME

####  DIALPLAN module
loadmodule "dialplan.so"
modparam("dialplan", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME

####  DYNAMMIC ROUTING module
loadmodule "drouting.so"
modparam("drouting", "db_url",
"mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME

####  MI_HTTP module
loadmodule "mi_http.so"

loadmodule "proto_udp.so"
loadmodule "proto_tcp.so"

####### Routing Logic ########

# main request routing logic

route{

# initial NAT handling; detect if the request comes from behind a NAT
# and apply contact fixing
force_rport();
if (nat_uac_test(23)) {
if (is_method("REGISTER")) {
fix_nated_register();
setbflag(NAT);
} else {
fix_nated_contact();
setflag(NAT);
}
}

if (!mf_process_maxfwd_header(10)) {
send_reply(483,"Too Many Hops");
exit;
}

if (has_totag()) {

# handle hop-by-hop ACK (no routing required)
if ( is_method("ACK") && t_check_trans() ) {
t_relay();
exit;
}

# sequential request within a dialog should
# take the path determined by record-routing
if ( !loose_route() ) {
if (is_method("SUBSCRIBE") && is_myself("$rd")) {
# in-dialog subscribe requests
route(handle_presence);
exit;
}
# we do record-routing for all our traffic, so we should not
# receive any sequential requests without Route hdr.
send_reply(404,"Not here");
exit;
}

# validate the sequential request against dialog
if ( $DLG_status!=NULL && !validate_dialog() ) {
xlog("In-Dialog $rm from $si (callid=$ci) is not valid according to
dialog\n");
## exit;
}

if (is_method("BYE")) {
# do accounting even if the transaction fails
do_accounting("db","failed");

}

if (check_route_param("nat=yes"))
setflag(NAT);
# route it out to whatever destination was set by loose_route()
# in $du (destination URI).
route(relay);
exit;
}

# CANCEL processing
if (is_method("CANCEL")) {
if (t_check_trans())
t_relay();
exit;
}

# absorb retransmissions, but do not create transaction
t_check_trans();

if ( !(is_method("REGISTER")  || is_from_gw() ) ) {

if (is_from_local()) {
# authenticate if from local subscriber
# authenticate all initial non-REGISTER request that pretend to be
# generated by local subscriber (domain from FROM URI is local)
if (!proxy_authorize("", "subscriber")) {
proxy_challenge("", 0);
exit;
}
if ($au!=$fU) {
send_reply(403,"Forbidden auth ID");
exit;
}

consume_credentials();
# caller authenticated

} else {
# if caller is not local, then called number must be local

if (!is_uri_host_local()) {
send_reply(403,"Relay Forbidden");
exit;
}
}

}

# preloaded route checking
if (loose_route()) {
xlog("L_ERR",
"Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");
if (!is_method("ACK"))
send_reply(403,"Preload Route denied");
exit;
}

# record routing
if (!is_method("REGISTER|MESSAGE"))
record_route();

# account only INVITEs
if (is_method("INVITE")) {

# create dialog with timeout
if ( !create_dialog("B") ) {
send_reply(500,"Internal Server Error");
exit;
}

do_accounting("db");

}

if (!is_uri_host_local()) {
append_hf("P-hint: outbound\r\n");

route(relay);
}

# requests for my domain

if( is_method("PUBLISH|SUBSCRIBE"))
route(handle_presence);

if (is_method("REGISTER")) {
# authenticate the REGISTER requests
# if (!www_authorize("", "subscriber")) {
# www_challenge("", 0);
# exit;
# }
$var(auth_code) = www_authorize("", "subscriber");
if ( $var(auth_code) == -1 || $var(auth_code) == -2 ) {
xlog("L_NOTICE","Auth error for $fU@$fd from $si cause $var(auth_code)");
}
if ( $var(auth_code) < 0 ) {
www_challenge("", 0);
exit;
}

if ($au!=$tU) {
send_reply(403,"Forbidden auth ID");
exit;
}
if ($proto == "tcp")
setflag(TCP_PERSISTENT);
if (isflagset(NAT)) {
setbflag(SIP_PING_FLAG);
}
if (!save("location"))
 sl_reply_error();
exit;
}

if ($rU==NULL) {
# request with no Username in RURI
send_reply(484,"Address Incomplete");
exit;
}

# apply DB based aliases
alias_db_lookup("dbaliases");

# apply transformations from dialplan table
dp_translate( 0, "$rU", $rU);

if ($rU=~"^\+[1-9][0-9]+$") {

if (!do_routing(0)) {
send_reply(500,"No PSTN Route found");
exit;
}

route(relay);
exit;
}

# do lookup with method filtering
if (!lookup("location","m")) {
if (!db_does_uri_exist("$ru","subscriber")) {
send_reply(420,"Bad Extension");
exit;
}

# redirect to a different VM system
$du = "sip:127.0.0.2:5060"; # CUSTOMIZE ME
route(relay);

}

if (isbflagset(NAT)) setflag(NAT);

# when routing via usrloc, log the missed calls also
do_accounting("db","missed");

route(relay);
}

route[relay] {
# for INVITEs enable some additional helper routes
if (is_method("INVITE")) {

if (isflagset(NAT)) {
rtpproxy_offer("ro");
}

t_on_branch("per_branch_ops");
t_on_reply("handle_nat");
t_on_failure("missed_call");
}

if (isflagset(NAT)) {
add_rr_param(";nat=yes");
}

if (!t_relay()) {
send_reply(500,"Internal Error");
}
exit;
}

# Presence route
route[handle_presence]
{
if (!t_newtran()) {
sl_reply_error();
exit;
}

if(is_method("PUBLISH")) {
handle_publish();
} else
if( is_method("SUBSCRIBE")) {
handle_subscribe();
}

exit;
}

branch_route[per_branch_ops] {
xlog("new branch at $ru\n");
}

onreply_route[handle_nat] {
        if (nat_uac_test(1))
                fix_nated_contact();
        if ( isflagset(NAT) )
                rtpproxy_answer("ro");
        xlog("incoming reply\n");
}

failure_route[missed_call] {
if (t_was_cancelled()) {
exit;
}

# uncomment the following lines if you want to block client
# redirect based on 3xx replies.
##if (t_check_status("3[0-9][0-9]")) {
##t_reply(404,"Not found");
## exit;
##}

# redirect the failed to a different VM system
if (t_check_status("486|408")) {
$du = "sip:127.0.0.2:5060"; # CUSTOMIZE ME
# do not set the missed call flag again
route(relay);
}
}

local_route {
if (is_method("BYE") && $DLG_dir=="UPSTREAM") {

acc_db_request("200 Dialog Timeout", "acc");

}
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20201223/b145023b/attachment-0001.html>