<div dir="ltr">Thanks Karsten. The setup consists of client connecting to kamailio over WS (10.0.0.14). Kamailio needs to proxy the requests to SIP server (10.0.0.100) over TLS. As per your suggestion, I modified the dispatch list as below<div><br></div><div># setid(integer) destination(sip uri) flags (integer, optional), priority(int,opt), attrs (str,optional)<br>1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.14:5061;ping_from=sip:10.0.0.14<br></div><div><br></div><div>With above, kamailio replies to REGISTER with "SIP/2.0 404 No destination". And in the logs, I see following statement.</div><div><br></div><div>1(2281) DEBUG: dispatcher [dispatch.c:3125]: ds_check_timer(): no destination sets<br></div><div><br></div><div>What does this mean? Is kamailio not able to talk to SIP server for some reason?</div><div><br></div><div>Regards</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Nov 8, 2019 at 11:55 PM Karsten Horsmann <<a href="mailto:khorsmann@gmail.com">khorsmann@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto"><div>Hi,<div dir="auto"><br></div><div dir="auto"><br></div><div dir="auto">Your config line for the dispatcher makes no sense for me. </div><div dir="auto"><br></div><div dir="auto"><span style="font-family:sans-serif">1007 sip:10.0.0.100:5061;transport=</span><span style="font-family:sans-serif">tls 0 3 socket=tls:<a href="http://10.0.0.100:5061" target="_blank">10.0.0.100:5061</a>;</span><span style="font-family:sans-serif">ping_from=sip:10.0.0.14</span><br></div><div dir="auto"><br></div><div dir="auto"><br></div>Means setid 1007 (like an group to arrange multiple targets) okay. </div><div dir="auto">But sip:10.0.0.100:5061;transport=tls is the dispatcher target Uri. Where your calls are placed when you call the dispatcher function with setid 1007.</div><div dir="auto"><br></div><div dir="auto">In combination with socket=<a href="http://10.0.0.100:5061" target="_blank">10.0.0.100:5061</a> (that indicates your Kamailio socket, the proxy ip) </div><div dir="auto">That you talking with yourself. </div><div dir="auto"><br></div><div dir="auto">You should read the module documentations for dispatcher and tls. </div><div dir="auto"><br></div><div dir="auto">Or describe your ip setup and your config a bit more. </div><div dir="auto"><br></div><div dir="auto">Cheers </div><div dir="auto">Karsten </div><div dir="auto"><br><div class="gmail_quote" dir="auto"><div dir="ltr" class="gmail_attr">sthustfo <<a href="mailto:sthustfo@gmail.com" target="_blank">sthustfo@gmail.com</a>> schrieb am Fr., 8. Nov. 2019, 17:41:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi Karsten, David,<div><br></div><div>Thanks for your pointers. Earlier I was using mysql backend where the dispatch list was stored. Now following your suggestions, I have switched to dispatcher list in a file (/etc/kamailio/dispatcher.list) and put in the following</div><div><br></div><div># setid(integer) destination(sip uri) flags (integer, optional), priority(int,opt), attrs (str,optional)<br>1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.100:5061;ping_from=sip:10.0.0.14<br></div><div><br></div><div>Even with this, when HTTP request in, the same is upgraded to WS connection. But this gets closed after couple of seconds. Does the below log indicate anything?</div><div><br></div><div>9(1784) exec: *** cfgtrace:request_route=[xhttp:request] c=[/etc/kamailio/kamailio.cfg] l=1112 a=2 n=exit<br> 9(1784) DEBUG: <core> [core/usr_avp.c:636]: destroy_avp_list(): destroying list (nil)<br><br></div><div>Is there any way to understand what's happening? I do not see any other error lin logs.</div><div><br></div><div>Thanks.</div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Thu, Nov 7, 2019 at 2:34 PM Daniel-Constantin Mierla <<a href="mailto:miconda@gmail.com" rel="noreferrer" target="_blank">miconda@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<p>Hello,<br>
</p>
<div>On 06.11.19 20:46, Karsten Horsmann
wrote:<br>
</div>
<blockquote type="cite">
<div dir="auto">
<div dir="auto">Hi, </div>
<div dir="auto"><br>
</div>
<div dir="auto">the sips Uri schemata is not used for tls with
dispatcher. <br>
</div>
</div>
</blockquote>
<p>jumping in to clarify a bit about sips protocol schema. It
doesn't imply TLS as one may think HTTPS does it for HTTP. The
sips is mandating that the traffic goes over secure links, which
can be IPSec/VPN or even just private network, so it is ok using
UDP or TCP when sips is present.</p>
<p>In SIP, if TLS is wanted, then transport=tls has to be added to
the URI.</p>
<p>As for dispatcher, one more clarification: trasport=tls in attrs
has nothing to do with the destination address, so that has to be
in the value of the destination field, as Karsten gave in his
example.</p>
<p>And, as general note: better do not use sips at all, it can mess
up some nodes in the path, if you are not sure about the need of
sips -- just do uri;trasport=tls.</p>
<p>Cheers,<br>
Daniel<br>
</p>
<blockquote type="cite">
<div dir="auto">
<div dir="auto"><br>
</div>
<div dir="auto">Here an example for flatfile dispatcher.list
(need corrected values). </div>
<div dir="auto"><br>
</div>
<div dir="auto">The socket line must match an listen directive
in your Kamailio.cfg. </div>
<div dir="auto"><br>
</div>
<div dir="auto"><br>
</div>
<div>root@sbc1:~# cat /etc/kamailio/dispatcher.list</div>
<div dir="auto"># setid(integer) destination(sip uri) flags
(integer, optional), priority(int,opt), attrs (str,optional)</div>
<div dir="auto">1007 sip:<a href="http://sip.pstnhub.microsoft.com" rel="noreferrer" target="_blank">sip.pstnhub.microsoft.com</a>;transport=tls
0 3
socket=tls:212.xx.xx.xx:5061;ping_from=<a rel="noreferrer">sip:sbc-d01.yourdomain</a><br>
<br>
Cheers </div>
<div dir="auto">Karsten <br>
<br>
<div class="gmail_quote" dir="auto">
<div dir="ltr" class="gmail_attr">sthustfo <<a href="mailto:sthustfo@gmail.com" rel="noreferrer" target="_blank">sthustfo@gmail.com</a>>
schrieb am Mi., 6. Nov. 2019, 20:32:<br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div dir="ltr">I have a basic setup where kamailio
receives SIP over websocket (no WSS) and forwards to SIP
server over TLS. I have enabled TLS in kamailio.cfg and
added dispatcher node as sips:SIP_SERVER:5061 and
transport=tls.
<div><br>
</div>
<div>+----+-------+------------------------+-------+----------+---------------+----------------+<br>
| id | setid | destination | flags |
priority | attrs | description |<br>
+----+-------+------------------------+-------+----------+---------------+----------------+<br>
| 4 | 1 | sips:<a href="http://10.0.0.100:5061" rel="noreferrer noreferrer" target="_blank">10.0.0.100:5061</a> | 0 |
0 | transport=tls | SIP SERVER |<br>
+----+-------+------------------------+-------+----------+---------------+----------------+<br>
</div>
<div><br>
</div>
<div>Now when REGISTER is received over websocket,
kamailio is responding with error code 500 and phrase
"500 I'm terribly sorry, server error occurred
(7/SL)". And on the console I see the following error
messages.</div>
<div><br>
</div>
<div>12(33858) DEBUG: {1 2521 REGISTER
o9q7ujqgin33qgp00abijv} <core>
[core/md5utils.c:67]: MD5StringArray(): MD5
calculated: f1ecf7bcb659b07fe81e332e100044e5<br>
<span style="background-color:rgb(182,215,168)">12(33858)
ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
[ut.h:315]: uri2dst2(): no corresponding socket
found for "10.0.0.100" af 2 (tls:<a href="http://10.0.0.100:5061" rel="noreferrer noreferrer" target="_blank">10.0.0.100:5061</a>)<br>
12(33858) ERROR: {1 2521 REGISTER
o9q7ujqgin33qgp00abijv} tm [t_fwd.c:467]:
prepare_new_uac(): can't fwd to af 2, proto 3 (no
corresponding listening socket)<br>
12(33858) ERROR: {1 2521 REGISTER
o9q7ujqgin33qgp00abijv} tm [t_fwd.c:1735]:
t_forward_nonack(): failure to add branches</span><br>
12(33858) DEBUG: {1 2521 REGISTER
o9q7ujqgin33qgp00abijv} tm [t_funcs.c:334]:
t_relay_to(): t_forward_nonack returned error -7 (-7)<br>
12(33858) DEBUG: {1 2521 REGISTER
o9q7ujqgin33qgp00abijv} tm [t_funcs.c:352]:
t_relay_to(): -7 error reply generation delayed<br>
12(33858) exec: {1 2521 REGISTER
o9q7ujqgin33qgp00abijv} ***
cfgtrace:request_route=[RELAY]
c=[/etc/kamailio/kamailio.cfg] l=587 a=24
n=sl_reply_error<br>
12(33858) DEBUG: {1 2521 REGISTER
o9q7ujqgin33qgp00abijv} <core>
[core/msg_translator.c:162]: check_via_address():
(10.0.0.14, hsvmphm3ps12.invalid, 0)<br>
12(33858) DEBUG: {1 2521 REGISTER
o9q7ujqgin33qgp00abijv} websocket [ws_conn.c:452]:
wsconn_get(): wsconn_get for id [3]<br>
</div>
<div><br>
</div>
<div><b>tls.cfg contents</b></div>
<div>[client:default]<br>
method = TLSv1<br>
verify_certificate = yes<br>
require_certificate = yes<br>
private_key = /home/test/kamailio/internal.key<br>
certificate = /home/test/kamailio/internal.crt<br>
ca_list = /home/test/kamailio/ca_list.pem<br>
</div>
<div><br>
</div>
<div>Any reason why this error is seen? Any inputs
appreciated.</div>
<div><br>
</div>
<div>Thanks.</div>
</div>
_______________________________________________<br>
Kamailio (SER) - Users Mailing List<br>
<a href="mailto:sr-users@lists.kamailio.org" rel="noreferrer noreferrer" target="_blank">sr-users@lists.kamailio.org</a><br>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer noreferrer noreferrer" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br>
</blockquote>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<pre>_______________________________________________
Kamailio (SER) - Users Mailing List
<a href="mailto:sr-users@lists.kamailio.org" rel="noreferrer" target="_blank">sr-users@lists.kamailio.org</a>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<pre cols="72">--
Daniel-Constantin Mierla -- <a href="http://www.asipto.com" rel="noreferrer" target="_blank">www.asipto.com</a>
<a href="http://www.twitter.com/miconda" rel="noreferrer" target="_blank">www.twitter.com/miconda</a> -- <a href="http://www.linkedin.com/in/miconda" rel="noreferrer" target="_blank">www.linkedin.com/in/miconda</a>
Kamailio World Conference - April 27-29, 2020, in Berlin -- <a href="http://www.kamailioworld.com" rel="noreferrer" target="_blank">www.kamailioworld.com</a></pre>
</div>
_______________________________________________<br>
Kamailio (SER) - Users Mailing List<br>
<a href="mailto:sr-users@lists.kamailio.org" rel="noreferrer" target="_blank">sr-users@lists.kamailio.org</a><br>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer noreferrer" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br>
</blockquote></div>
_______________________________________________<br>
Kamailio (SER) - Users Mailing List<br>
<a href="mailto:sr-users@lists.kamailio.org" rel="noreferrer" target="_blank">sr-users@lists.kamailio.org</a><br>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer noreferrer" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br>
</blockquote></div></div></div>
_______________________________________________<br>
Kamailio (SER) - Users Mailing List<br>
<a href="mailto:sr-users@lists.kamailio.org" target="_blank">sr-users@lists.kamailio.org</a><br>
<a href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a><br>
</blockquote></div>