2013-06-27 16:08, Andrew Mortensen skrev:
On Jun 27, 2013, at 9:50 AM, Johan Wilfer <li...@jttech.se> wrote:
Hi!
I've the following setup: Teleco <-> Kamailio <-> Asterisk(s)
The proxy has one public IP (say 1.2.3.4) and one private (10.0.0.1).
The asterisk-pbx:es has private adresses (10.0.0.2 in this example)
I noticed that if I bind like this in kamilio.cfg
listen=tcp:1.2.3.4:5060
listen=udp:1.2.3.4:5060
listen=tcp:10.0.0.1:5060
listen=udp:10.0.0.1:5060
Then if a call comes in from the Telco to Kamailio (1.2.3.4), kamailio should
forward the SIP-packet from it's private address (10.0.0.1) to asterisk
(10.0.0.2)
However, the source address of the packets sent from Kamilio to Asterisk is
wrong - it uses the public ip. Like this (tcpdump output):
15:02:08.999642 IP 1.2.3.4.sip > 10.0.0.1.5060: SIP, length: 1346
15:02:09.474525 IP 1.2.3.4.sip > 10.0.0.1.5060: SIP, length: 1346
15:02:10.474524 IP 1.2.3.4.sip > 10.0.0.1.5060: SIP, length: 1346
15:02:12.474525 IP 1.2.3.4.sip > 10.0.0.1.5060: SIP, length: 1346
Obviously kamailio doesn't get any answers here. The packet goes out of the
right interface, but with the wrong src-address.
However, if I remove the lines with "listen=" in kamailio.cfg to allow kamilio
to bind to all interfaces the src-address is correct and everything works!
(I've also done some tests with icmp and telnet and the src-addr seems right in
all these cases.)
Is this a bug or am I missing something here?
It sounds like what you want is force_send_socket:
<http://www.kamailio.org/wiki/cookbooks/4.0.x/core#force_send_socket>
andrew
Hi Andrew,
Thanks for the tip!
My kamailio get the routing from a database, and then rewrites the R-URI
with $ru = "sip: ...";. And then Kamailio resolve this domain and does
all the magic. :-)
If I need to script a code-path for all these different cases I think
the best way for me is to remove the listen=...-directives. Because I
just want the src-address to be the "right" address (the same as the
interface). Right now kamailio uses the right interface for the
destination, but uses the source-ip of another interface.
Is there a reason Kamailio just pick one address (of random? the first?)
of all addresses when using "listen=", but can determine the right
src-address when no "listen="-lines are present?
If this is a limitation with the listen-directive, I guess it's better
to bind to all (no listen=) and use iptables to block access to some of
the addresses, correct?
--
Johan Wilfer
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
