<div dir="ltr">Dear all.<br><br>We have a fairly basic setup on Opensips 3.0 on Amazon EC2. We allow users to make and receive voice calls only. We are not using any proxy or STUN as all our calls route completely fine within our country. However, following are some issues:<br><br>1. When we make calls outside our country, there is no audio (both ways).<br>2. When our users try and make calls between themselves (outside our country, the calls don't go through at all).<br><br>We have tried multiple configurations that we found on github and personal blogs, however, can't seem to solve this issue - and unable to find someone who can. <br><br>Following is our opensips.cfg file, appreciate if someone can clarify what is wrong:<br><br><div>#<br># OpenSIPS residential configuration script<br>#     by OpenSIPS Solutions <<a href="mailto:team@opensips-solutions.com">team@opensips-solutions.com</a>><br>#<br># This script was generated via "make menuconfig", from<br>#   the "Residential" scenario.<br># You can enable / disable more features / functionalities by<br>#   re-generating the scenario with different options.#<br>#<br># Please refer to the Core CookBook at:<br>#      <a href="https://opensips.org/Resources/DocsCookbooks">https://opensips.org/Resources/DocsCookbooks</a><br># for a explanation of possible statements, functions and parameters.<br>#<br><br><br>####### Global Parameters #########<br><br>log_level=3<br>log_stderror=no<br>#log_facility=LOG_LOCAL0<br>log_facility=LOG_LOCAL7<br><br>udp_workers=8<br><br>/* uncomment the following lines to enable debugging */<br>#debug_mode=yes<br><br>/* uncomment the next line to enable the auto temporary blacklisting of <br>   not available destinations (default disabled) */<br>#disable_dns_blacklist=no<br><br>/* uncomment the next line to enable IPv6 lookup after IPv4 dns <br>   lookup failures (default disabled) */<br>#dns_try_ipv6=yes<br><br>/* comment the next line to enable the auto discovery of local aliases<br>   based on reverse DNS on IPs */<br>auto_aliases=no<br><br>advertised_address=XX.XXX.XXX.XX<br><br><br>listen=udp:XXX.XX.XX.XXX:5060  # CUSTOMIZE ME<br>listen=tcp:XXX.XX.XX.XXX:5060  # CUSTOMIZE ME<br><br>####### Modules Section ########<br><br>#set module path<br>mpath="/usr/lib/x86_64-linux-gnu/opensips/modules/"<br><br>#### SIGNALING module<br>loadmodule "signaling.so"<br><br>#### StateLess module<br>loadmodule "sl.so"<br><br>#### Transaction Module<br>loadmodule "tm.so"<br>modparam("tm", "fr_timeout", 5)<br>modparam("tm", "fr_inv_timeout", 30)<br>modparam("tm", "restart_fr_on_each_reply", 0)<br>modparam("tm", "onreply_avp_mode", 1)<br><br>#### Record Route Module<br>loadmodule "rr.so"<br>/* do not append from tag to the RR (no need for this script) */<br>modparam("rr", "append_fromtag", 0)<br><br>#### MAX ForWarD module<br>loadmodule "maxfwd.so"<br><br>#### SIP MSG OPerationS module<br>loadmodule "sipmsgops.so"<br><br>#### FIFO Management Interface<br>loadmodule "mi_fifo.so"<br>modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo")<br>modparam("mi_fifo", "fifo_mode", 0666)<br><br>#### MYSQL module<br>loadmodule "db_mysql.so"<br><br>#### HTTPD module<br>loadmodule "httpd.so"<br>modparam("httpd", "port", 8888)<br><br>#### USeR LOCation module<br>loadmodule "usrloc.so"<br>modparam("usrloc", "nat_bflag", "NAT")<br>modparam("usrloc", "db_mode",   2)<br>modparam("usrloc", "db_url",<br>  "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME<br><br><br>#### REGISTRAR module<br>loadmodule "registrar.so"<br>modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT")<br>modparam("registrar", "received_avp", "$avp(received_nh)")/* uncomment the next line not to allow more than 10 contacts per AOR */<br>#modparam("registrar", "max_contacts", 10)<br><br>#### ACCounting module<br>loadmodule "acc.so"<br>/* what special events should be accounted ? */<br>modparam("acc", "early_media", 0)<br>modparam("acc", "report_cancels", 0)<br>/* by default we do not adjust the direct of the sequential requests.<br>   if you enable this parameter, be sure the enable "append_fromtag"<br>   in "rr" module */<br>modparam("acc", "detect_direction", 0)<br>modparam("acc", "db_url",<br>   "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME<br><br>#### AUTHentication modules<br>loadmodule "auth.so"<br>loadmodule "auth_db.so"<br>modparam("auth_db", "calculate_ha1", 0)<br>modparam("auth_db", "password_column", "ha1")<br>modparam("auth_db", "db_url",<br>     "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME<br>modparam("auth_db", "load_credentials", "")<br><br>#### ALIAS module<br>loadmodule "alias_db.so"<br>modparam("alias_db", "db_url",<br>    "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME<br><br>#### DOMAIN module<br>loadmodule "domain.so"<br>modparam("domain", "db_url",<br>  "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME<br>modparam("domain", "db_mode", 0)   # Use caching<br>modparam("auth_db|usrloc", "use_domain", 1)<br><br>#### PRESENCE modules<br>loadmodule "xcap.so"<br>loadmodule "presence.so"<br>loadmodule "presence_xml.so"<br>modparam("xcap|presence", "db_url",<br>      "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME<br>modparam("presence_xml", "force_active", 1)<br>modparam("presence", "fallback2db", 0)<br><br>#### DIALOG module<br>loadmodule "dialog.so"<br>modparam("dialog", "dlg_match_mode", 1)<br>modparam("dialog", "default_timeout", 21600)  # 6 hours timeout<br>modparam("dialog", "db_mode", 2)<br>modparam("dialog", "db_url",<br>    "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME<br><br>####  NAT modules<br>loadmodule "nathelper.so"<br>modparam("registrar|nathelper", "received_avp", "$avp(rcv)")<br>modparam("nathelper", "natping_interval", 10)<br>modparam("nathelper", "ping_nated_only", 1)<br>modparam("nathelper", "sipping_bflag", "SIP_PING_FLAG")<br>modparam("nathelper", "sipping_from", "<a href="mailto:sip%3Apinger@ourdomain.com">sip:pinger@ourdomain.com</a>") #CUSTOMIZE ME<br>modparam("nathelper", "received_avp", "$avp(received_nh)")<br><br>loadmodule "rtpproxy.so"<br>modparam("rtpproxy", "rtpproxy_sock", "udp:localhost:9000") # CUSTOMIZE ME<br><br>####  DIALPLAN module<br>loadmodule "dialplan.so"<br>modparam("dialplan", "db_url",<br> "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME<br><br>####  DYNAMMIC ROUTING module<br>loadmodule "drouting.so"<br>modparam("drouting", "db_url",<br>  "mysql://opensips:opensipsrw@localhost/opensips") # CUSTOMIZE ME<br><br>####  MI_HTTP module<br>loadmodule "mi_http.so"<br><br>loadmodule "proto_udp.so"<br>loadmodule "proto_tcp.so" <br><br>####### Routing Logic ########<br><br># main request routing logic<br><br>route{<br><br>     # initial NAT handling; detect if the request comes from behind a NAT<br> # and apply contact fixing<br>    force_rport();<br>        if (nat_uac_test(23)) {<br>               if (is_method("REGISTER")) {<br>                        fix_nated_register();<br>                 setbflag(NAT);<br>                } else {<br>                      fix_nated_contact();<br>                  setflag(NAT);<br>         }<br>     }<br><br>   if (!mf_process_maxfwd_header(10)) {<br>          send_reply(483,"Too Many Hops");<br>            exit;<br> }<br><br>   if (has_totag()) {<br><br>          # handle hop-by-hop ACK (no routing required)<br>         if ( is_method("ACK") && t_check_trans() ) {<br>                        t_relay();<br>                    exit;<br>         }<br><br>           # sequential request within a dialog should<br>           # take the path determined by record-routing<br>          if ( !loose_route() ) {<br>                       if (is_method("SUBSCRIBE") && is_myself("$rd")) {<br>                         # in-dialog subscribe requests<br>                                route(handle_presence);<br>                               exit;<br>                 }<br>                     # we do record-routing for all our traffic, so we should not<br>                  # receive any sequential requests without Route hdr.<br>                  send_reply(404,"Not here");<br>                 exit;<br>         }<br><br>           # validate the sequential request against dialog<br>              if ( $DLG_status!=NULL && !validate_dialog() ) {<br>                      xlog("In-Dialog $rm from $si (callid=$ci) is not valid according to dialog\n");<br>                     ## exit;<br>              }<br><br>           if (is_method("BYE")) {<br>                     # do accounting even if the transaction fails<br>                 do_accounting("db","failed");<br>                     <br>              }<br><br><br>         if (check_route_param("nat=yes")) <br>                  setflag(NAT);<br>         # route it out to whatever destination was set by loose_route()<br>               # in $du (destination URI).<br>           route(relay);<br>         exit;<br> }<br><br>   # CANCEL processing<br>   if (is_method("CANCEL")) {<br>          if (t_check_trans())<br>                  t_relay();<br>            exit;<br> }<br><br>   # absorb retransmissions, but do not create transaction<br>       t_check_trans();<br><br>    if ( !(is_method("REGISTER")  || is_from_gw() ) ) {<br>                <br>              if (is_from_local()) {                  <br>                      # authenticate if from local subscriber<br>                       # authenticate all initial non-REGISTER request that pretend to be<br>                    # generated by local subscriber (domain from FROM URI is local)<br>                       if (!proxy_authorize("", "subscriber")) {<br>                         proxy_challenge("", 0);<br>                             exit;<br>                 }<br>                     if ($au!=$fU) {<br>                               send_reply(403,"Forbidden auth ID");<br>                                exit;<br>                 }<br><br>                   consume_credentials();<br>                        # caller authenticated<br>                        <br>              } else {<br>                      # if caller is not local, then called number must be local<br>                    <br>                      if (!is_uri_host_local()) {<br>                           send_reply(403,"Relay Forbidden");<br>                          exit;<br>                 }<br>             }<br><br>   }<br><br>   # preloaded route checking<br>    if (loose_route()) {<br>          xlog("L_ERR",<br>                       "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]");<br>           if (!is_method("ACK"))<br>                      send_reply(403,"Preload Route denied");<br>             exit;<br> }<br><br>   # record routing<br>      if (!is_method("REGISTER|MESSAGE"))<br>         record_route();<br><br>     # account only INVITEs<br>        if (is_method("INVITE")) {<br>          <br>              # create dialog with timeout<br>          if ( !create_dialog("B") ) {<br>                        send_reply(500,"Internal Server Error");<br>                    exit;<br>         }<br>             <br>              do_accounting("db");<br>                <br>      }<br><br>   <br>      if (!is_uri_host_local()) {<br>           append_hf("P-hint: outbound\r\n"); <br>         <br>              route(relay);<br> }<br><br>   # requests for my domain<br>      <br>      if( is_method("PUBLISH|SUBSCRIBE"))<br>                 route(handle_presence);<br><br><br>   if (is_method("REGISTER")) {<br>                # authenticate the REGISTER requests<br>#         if (!www_authorize("", "subscriber")) {<br>#                  www_challenge("", 0);<br>#                      exit;<br>#                }<br>             $var(auth_code) = www_authorize("", "subscriber");<br>                if ( $var(auth_code) == -1 || $var(auth_code) == -2 ) {<br>                       xlog("L_NOTICE","Auth error for $fU@$fd from $si cause $var(auth_code)");<br>         }<br>             if ( $var(auth_code) < 0 ) {<br>                       www_challenge("", 0);<br>               exit;<br>}<br>              <br>              if ($au!=$tU) {<br>                       send_reply(403,"Forbidden auth ID");<br>                        exit;<br>         }<br>             if ($proto == "tcp")<br>                        setflag(TCP_PERSISTENT);<br>              if (isflagset(NAT)) {<br>                 setbflag(SIP_PING_FLAG);<br>              }<br>             if (!save("location"))<br>                        sl_reply_error();<br>                   exit;<br>                }<br><br><br><br>       if ($rU==NULL) {<br>              # request with no Username in RURI<br>            send_reply(484,"Address Incomplete");<br>               exit;<br> }<br><br><br> <br>      # apply DB based aliases<br>      alias_db_lookup("dbaliases");<br><br>     <br>      # apply transformations from dialplan table<br>   dp_translate( 0, "$rU", $rU);<br><br>     <br>      if ($rU=~"^\+[1-9][0-9]+$") {<br>               <br>              if (!do_routing(0)) {<br>                 send_reply(500,"No PSTN Route found");<br>                      exit;<br>         }<br>             <br>              route(relay);<br>         exit;<br> }<br>      <br><br>   # do lookup with method filtering<br>     if (!lookup("location","m")) {<br>            if (!db_does_uri_exist("$ru","subscriber")) {<br>                     send_reply(420,"Bad Extension");<br>                    exit;<br>         }<br>             <br>              # redirect to a different VM system<br>           $du = "sip:<a href="http://127.0.0.2:5060">127.0.0.2:5060</a>"; # CUSTOMIZE ME<br>                route(relay);<br>         <br>      } <br><br>  if (isbflagset(NAT)) setflag(NAT);<br><br>  # when routing via usrloc, log the missed calls also<br>  do_accounting("db","missed");<br>     <br>      route(relay);<br>}<br><br><br>route[relay] {<br>  # for INVITEs enable some additional helper routes<br>    if (is_method("INVITE")) {<br>          <br>              if (isflagset(NAT)) { <br>                        rtpproxy_offer("ro");<br>               }<br><br>           t_on_branch("per_branch_ops");<br>              t_on_reply("handle_nat");<br>           t_on_failure("missed_call");<br>        }<br>     <br>      if (isflagset(NAT)) {<br>         add_rr_param(";nat=yes");<br>   }<br><br>   if (!t_relay()) {<br>             send_reply(500,"Internal Error");<br>   }<br>     exit;<br>}<br><br># Presence route<br>route[handle_presence]<br>{<br>       if (!t_newtran()) {<br>           sl_reply_error();<br>             exit;<br> }<br><br>   if(is_method("PUBLISH")) {<br>          handle_publish();<br>     } else<br>        if( is_method("SUBSCRIBE")) {<br>       handle_subscribe();<br>   }<br><br>   exit;<br>}<br><br><br>branch_route[per_branch_ops] {<br>  xlog("new branch at $ru\n");<br>}<br><br>onreply_route[handle_nat] {<br>        if (nat_uac_test(1))<br>                fix_nated_contact();<br>        if ( isflagset(NAT) )<br>                rtpproxy_answer("ro");<br>        xlog("incoming reply\n");<br>}<br><br><br>failure_route[missed_call] {<br>   if (t_was_cancelled()) {<br>              exit;<br> }<br><br>   # uncomment the following lines if you want to block client <br>  # redirect based on 3xx replies.<br>      ##if (t_check_status("3[0-9][0-9]")) {<br>      ##t_reply(404,"Not found");<br> ##      exit;<br> ##}<br><br> <br>      # redirect the failed to a different VM system<br>        if (t_check_status("486|408")) {<br>            $du = "sip:<a href="http://127.0.0.2:5060">127.0.0.2:5060</a>"; # CUSTOMIZE ME<br>                # do not set the missed call flag again<br>               route(relay);<br> }<br>}<br><br>local_route {<br> if (is_method("BYE") && $DLG_dir=="UPSTREAM") {<br>           <br>              acc_db_request("200 Dialog Timeout", "acc");<br>              <br>      }<br>}<br></div></div>