<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>SIP transactions are decoupled from the transport layer, by
specs, the connections have to be reused for the same target
ip/port.</p>
<p>Cheers,<br>
Daniel<br>
</p>
<div class="moz-cite-prefix">On 12.01.21 16:51, Charles Phillips
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:47E2249D-9F72-4C99-B748-E21B7CFC2273@rustybike.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<div class="">It is my understanding that for outbound
connections, subsequent transactions to the same destination
IP:port reuse an existing TLS socket (if one exists) by design.
By the logs, it appears that this matching takes place early in
the processing so there is no regard for a new outbound
transaction that has different SNI. Is this correct? Is there a
way to force a new outbound TLS connection for a new transaction
based on some other identifier? </div>
<div class="">
<div class=""><br class="">
<div class="">
<div class="">
<div style="color: rgb(0, 0, 0); font-family: Helvetica;
font-size: 12px; font-style: normal; font-variant:
normal; font-weight: normal; letter-spacing: normal;
orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
word-wrap: break-word; -webkit-nbsp-mode: space;
-webkit-line-break: after-white-space;" class="">
<div class=""><br class="Apple-interchange-newline">
- Charles Phillips</div>
<div class=""><br class="">
</div>
</div>
<br class="Apple-interchange-newline" style="color: rgb(0,
0, 0); font-family: Helvetica; font-size: 12px;
font-style: normal; font-variant: normal; font-weight:
normal; letter-spacing: normal; orphans: auto;
text-align: start; text-indent: 0px; text-transform:
none; white-space: normal; widows: auto; word-spacing:
0px; -webkit-text-stroke-width: 0px;">
<br class="Apple-interchange-newline">
</div>
<div><br class="">
<blockquote type="cite" class="">
<div class="">On Jan 11, 2021, at 9:00 AM, Charles
Phillips <<a href="mailto:charles@rustybike.com"
class="" moz-do-not-send="true">charles@rustybike.com</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8" class="">
<div style="word-wrap: break-word; -webkit-nbsp-mode:
space; line-break: after-white-space;" class="">That
is what I figured was happening. I have tried
sending it back to a standard routing block, but
perhaps I am doing it incorrectly.
<div class=""><br class="">
</div>
<div class="">When I try to send it back to a
regular routing block I get the following error:</div>
<div class=""><br class="">
</div>
<div class="">CRITICAL: tm [tm.c:1754]:
_w_t_relay_to(): unsupported route type: 64</div>
<div class=""><br class="">
</div>
<div class="">Config:</div>
<div class=""><br class="">
</div>
<div class="">event_route[tm:local-request] {<br
class="">
sip_trace();<br class="">
if(is_method("OPTIONS") && $ru =~ "<a
href="http://pstnhub.microsoft.com/" class=""
moz-do-not-send="true">pstnhub.microsoft.com</a>")
{<br class="">
$var(domain) = $fd;<br class="">
append_hf("Contact: <<a
href="sip:$var(domain):5061;transport=tls"
class="" moz-do-not-send="true">sip:$var(domain):5061;transport=tls</a>>\r\n");<br
class="">
xlog("L_INFO", “TEAMS Contact:
$var(domain)\r\n");<br class="">
route(TEAMS_SEND);<br class="">
}<br class="">
xlog("L_INFO", "Sent out tm request: $mb\n");<br
class="">
}</div>
<div class=""><br class="">
</div>
<div class="">route[TEAMS_SEND] {<br class="">
$var(domain) = $fd;<br class="">
$xavp(tls=>server_name) = $var(domain);<br
class="">
$xavp(tls[0]=>server_id) = $var(domain);<br
class="">
$du = "<a
href="sip:$var(domain):5061;transport=tls"
class="" moz-do-not-send="true">sip:$var(domain):5061;transport=tls</a>"; <br
class="">
t_relay();<br class="">
}</div>
<div class=""><br class="">
<div class=""><br class="">
</div>
<div class="">For testing, I also tried generating
the packets in a normal route using t_uac_send
and controlling it with rtimer. As ugly a hack
that this approach is, it did manage to create
the packets and set the xavp as required
(although, it certainly wouldn’t help dispatcher
know if a gateway is offline…). Additional
trouble is that if a second domain attempts to
send OPTIONS packets in the while loop (see
below) it goes out the same TLS connection, so
it is rejected.</div>
<div class=""><br class="">
</div>
<div class="">Config:</div>
<div class=""><br class="">
</div>
<div class="">route["PING-TEAMS"] {<br class="">
sql_query("db", "select domain from
domain;", "domain_list");<br class="">
$var(i) = 0;<br class="">
while ($dbr(domain_list=>[$var(i),0])
!= $null) {<br class="">
$var(domain) = $dbr(domain_list=>[$var(i),0]);<br
class="">
xlog(“OPTIONS from domain name
$var(domain)");<br class="">
$xavp(tls=>server_name)
= $var(domain);<br class="">
$xavp(tls[0]=>server_id)
= $var(domain);<br class="">
$du = "<a
href="sip:$var(domain):5061;transport=tls"
class="" moz-do-not-send="true">sip:$var(domain):5061;transport=tls</a>"; <br
class="">
t_uac_send ("OPTIONS", "<a
href="sip:$var(domain):5061;transport=tls"
class="" moz-do-not-send="true">sip:$var(domain):5061;transport=tls</a>", "<a
href="sip:sip3.pstnhub.microsoft.com;transport=tls" class=""
moz-do-not-send="true">sip:sip3.pstnhub.microsoft.com;transport=tls</a>", "", "From:
<a href="sip:$var(domain)" class=""
moz-do-not-send="true">sip:$var(domain)</a>\r\nTo:
<a
href="sip:sip3.pstnhub.microsoft.com;transport=tls"
class="" moz-do-not-send="true">sip:sip3.pstnhub.microsoft.com;transport=tls</a>\r\nContact:
<<a
href="sip:$var(domain):5061;transport=tls"
class="" moz-do-not-send="true">sip:$var(domain):5061;transport=tls</a>>\r\n", "");<br
class="">
sleep(2);<br class="">
t_uac_send ("OPTIONS", "<a
href="sip:$var(domain):5061;transport=tls"
class="" moz-do-not-send="true">sip:$var(domain):5061;transport=tls</a>", "<a
href="sip:sip2.pstnhub.microsoft.com;transport=tls" class=""
moz-do-not-send="true">sip:sip2.pstnhub.microsoft.com;transport=tls</a>", "", "From:
<a href="sip:$var(domain)" class=""
moz-do-not-send="true">sip:$var(domain)</a>\r\nTo:
<a
href="sip:sip2.pstnhub.microsoft.com;transport=tls"
class="" moz-do-not-send="true">sip:sip2.pstnhub.microsoft.com;transport=tls</a>\r\nContact:
<<a
href="sip:$var(domain):5061;transport=tls"
class="" moz-do-not-send="true">sip:$var(domain):5061;transport=tls</a>>\r\n", "");<br
class="">
sleep(2);<br class="">
t_uac_send ("OPTIONS", "<a
href="sip:$var(domain):5061;transport=tls"
class="" moz-do-not-send="true">sip:$var(domain):5061;transport=tls</a>", "<a
href="sip:sip.pstnhub.microsoft.com;transport=tls" class=""
moz-do-not-send="true">sip:sip.pstnhub.microsoft.com;transport=tls</a>", "", "From:
<a href="sip:$var(domain)" class=""
moz-do-not-send="true">sip:$var(domain)</a>\r\nTo:
<a
href="sip:sip.pstnhub.microsoft.com;transport=tls"
class="" moz-do-not-send="true">sip:sip.pstnhub.microsoft.com;transport=tls</a>\r\nContact:
<<a
href="sip:$var(domain):5061;transport=tls"
class="" moz-do-not-send="true">sip:$var(domain):5061;transport=tls</a>>\r\n", "");<br
class="">
sleep(5);<br class="">
$var(i) = $var(i) + 1; <br class="">
<br class="">
}<br class="">
}</div>
<div class=""><br class="">
</div>
<div class="">200 from MS on domain 0:</div>
<div class=""><br class="">
</div>
<div class="">2021/01/11 08:48:31.291048
52.114.7.24:5061 -> *myip*:52606<br class="">
SIP/2.0 200 OK<br class="">
FROM: <<a href="sip:100.sbc.*mydomain*.net"
class="" moz-do-not-send="true">sip:100.sbc.*mydomain*.net</a>>;tag=3393f0703fb0ccaca74109ff37de39f5-5a503a0a<br
class="">
TO: <<a href="sip:sip3.pstnhub.microsoft.com"
class="" moz-do-not-send="true">sip:sip3.pstnhub.microsoft.com</a>><br
class="">
CSEQ: 10 OPTIONS<br class="">
CALL-ID: <a
href="mailto:0f37a09f409a4e41-24410@127.0.0.1"
class="" moz-do-not-send="true">0f37a09f409a4e41-24410@127.0.0.1</a><br
class="">
VIA: SIP/2.0/TLS
*myip*:5061;branch=z9hG4bK9306.42d92227000000000000000000000000.0<br
class="">
CONTENT-LENGTH: 0<br class="">
ALLOW: INVITE,ACK,OPTIONS,CANCEL,BYE,NOTIFY<br
class="">
SERVER: Microsoft.PSTNHub.SIPProxy
v.2020.12.28.1 i.ASEA.0</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
</div>
<div class="">403 from MS on domain 1:</div>
<div class=""><br class="">
</div>
<div class="">2021/01/11 08:49:39.755005
52.114.7.24:5061 -> *myip*:52606</div>
<div class="">SIP/2.0 403 Forbidden<br class="">
FROM: <<a href="sip:101.sbc.*mydomain*.net"
class="" moz-do-not-send="true">sip:101.sbc.*mydomain*.net</a>>;tag=3393f0703fb0ccaca74109ff37de39f5-69555a28<br
class="">
TO: <<a href="sip:sip3.pstnhub.microsoft.com"
class="" moz-do-not-send="true">sip:sip3.pstnhub.microsoft.com</a>><br
class="">
CSEQ: 10 OPTIONS<br class="">
CALL-ID: <a
href="mailto:0f37a09f409a4e44-24410@127.0.0.1"
class="" moz-do-not-send="true">0f37a09f409a4e44-24410@127.0.0.1</a><br
class="">
VIA: SIP/2.0/TLS
*myip*:5061;branch=z9hG4bK4306.973e1562000000000000000000000000.0<br
class="">
REASON:
Q.850;cause=63;text="00cce062-66c6-45a4-8b5c-ccd48b71a9f6;Provided
Trunk FQDN '101.sbc.*mydomain*.net' is not
allowed. Connection allows<br class="">
ollowing fqdns: 100.sbc.*mydomain*.net,
100.sbc.*mydomain*.net."<br class="">
CONTENT-LENGTH: 0<br class="">
ALLOW: INVITE,ACK,OPTIONS,CANCEL,BYE,NOTIFY<br
class="">
SERVER: Microsoft.PSTNHub.SIPProxy
v.2020.12.28.1 i.ASEA.0</div>
<div class=""><br class="">
</div>
<div class=""><br class="">
<div class="">
<div style="font-family: Helvetica; font-size:
12px; font-style: normal;
font-variant-ligatures: normal;
font-variant-caps: normal;
font-variant-east-asian: normal;
font-variant-position: normal; font-weight:
normal; letter-spacing: normal; text-align:
start; text-indent: 0px; text-transform:
none; white-space: normal; word-spacing:
0px; -webkit-text-stroke-width: 0px;
word-wrap: break-word; -webkit-nbsp-mode:
space; line-break: after-white-space;"
class="">
<div class=""><br
class="Apple-interchange-newline">
- Charles Phillips</div>
<div class=""><br class="">
</div>
</div>
<br class="Apple-interchange-newline"
style="font-family: Helvetica; font-size:
12px; font-style: normal;
font-variant-ligatures: normal;
font-variant-caps: normal;
font-variant-east-asian: normal;
font-variant-position: normal; font-weight:
normal; letter-spacing: normal; text-align:
start; text-indent: 0px; text-transform:
none; white-space: normal; word-spacing:
0px; -webkit-text-stroke-width: 0px;">
<br class="Apple-interchange-newline">
</div>
<div class=""><br class="">
<blockquote type="cite" class="">
<div class="">On Jan 11, 2021, at 4:13 AM,
Daniel-Constantin Mierla <<a
href="mailto:miconda@gmail.com" class=""
moz-do-not-send="true">miconda@gmail.com</a>>
wrote:</div>
<br class="Apple-interchange-newline">
<div class="">
<meta http-equiv="Content-Type"
content="text/html; charset=UTF-8"
class="">
<div class="">
<p class="">Hello,</p>
<p class="">the xavp_cfg set in the
event_route is not propagated (kept)
to the moment when the message is sent
out to tls. The
event_route[tm:local-request] is
executed when the local request is
constructed, terminated before sending
out, so whatever avp/xavp is set in
the event route are deleted when the
block execution is terminated.</p>
<p class="">It requires another solution
here, I am thinking about what can be
done and will be added soon in the
master branch.</p>
<p class="">Meanwhile, a workaround is
to look traffic back to kamailio so
the routing happens over request_route
block, where you can set the xavp.</p>
<p class="">Cheers,<br class="">
Daniel<br class="">
</p>
<div class="moz-cite-prefix">On 08.01.21
22:23, Charles Phillips wrote:<br
class="">
</div>
<blockquote type="cite"
cite="mid:7AC50347-8E97-4BEE-BF5E-9C8BDC6F764D@rustybike.com"
class="">
<meta http-equiv="Content-Type"
content="text/html; charset=UTF-8"
class="">
Thanks Daniel, I needed some certainty
to get unstuck. It appears that the
problem is actually related to the TLS
config. I am using multiple TLS
configs, so it looks like the problem
may be that the server_name server_id
are not being set, so the reply is
returning to the default TLS config.
Not to mention that when I set the
testing domains certs under the
default config, it works...
<div class=""><br class="">
</div>
<div class="">This is observed in the
logs:</div>
<div class=""><br class="">
<div class="">tls_get_connect_server_name():
xavp with outbound server name not
found</div>
<div class="">tls_get_connect_server_id():
xavp with outbound server id not
found</div>
<div class="">tls_complete_init():
Using initial TLS domain
TLSc<default> </div>
<div class=""><br class="">
</div>
<div class="">Is there a way to set
this with xavp_cfg in the
event_route? I have read that
section and tried may
combinations, but since the
OPTIONs packets from the
dispatcher module do not seem to
traverse the standard routes, I am
not sure how to handle this.</div>
<div class=""><br class="">
</div>
<div class="">Any advice would be
greatly appreciated!</div>
<div class=""><br class="">
<div class="">
<div class="">
<div style="font-family:
Helvetica; font-size: 12px;
font-style: normal;
font-variant-ligatures:
normal; font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal; font-weight: normal;
letter-spacing: normal;
text-align: start;
text-indent: 0px;
text-transform: none;
white-space: normal;
word-spacing: 0px;
-webkit-text-stroke-width:
0px; word-wrap: break-word;
-webkit-nbsp-mode: space;
line-break:
after-white-space;" class="">
<div class=""><br
class="Apple-interchange-newline">
- Charles Phillips</div>
<div class=""><br class="">
</div>
</div>
<br
class="Apple-interchange-newline"
style="font-family:
Helvetica; font-size: 12px;
font-style: normal;
font-variant-ligatures:
normal; font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal; font-weight: normal;
letter-spacing: normal;
text-align: start;
text-indent: 0px;
text-transform: none;
white-space: normal;
word-spacing: 0px;
-webkit-text-stroke-width:
0px;">
<br
class="Apple-interchange-newline">
</div>
<div class=""><br class="">
<blockquote type="cite"
class="">
<div class="">On Jan 8,
2021, at 12:56 PM,
Daniel-Constantin Mierla
<<a
href="mailto:miconda@gmail.com"
class=""
moz-do-not-send="true">miconda@gmail.com</a>>
wrote:</div>
<br
class="Apple-interchange-newline">
<div class="">
<meta
http-equiv="Content-Type"
content="text/html;
charset=UTF-8" class="">
<div class="">
<p class="">Hello,</p>
<p class="">there is an
option that you can
set to reuse the port
for tcp/tls
connections, but even
so it is a best effort
and it is not going to
ensured -- all these
are practically flags
set to the sockets and
the kernel (tcp stack)
decides after all.</p>
<p class="">Anyhow, the
rport is mainly useful
for connectionless
communication, like
UDP. For tcp/tls, the
SIP specs demand to
reuse the existing
connections. As I did
several
Kamailio-MSTeams
interconnectivity
deployments, I can
tell that the source
port was never a
problem. The TLS
connection is kept
open and MSTeams sends
back traffic on it.<br
class="">
</p>
<p class="">Cheers,<br
class="">
Daniel<br class="">
</p>
<div
class="moz-cite-prefix">On
08.01.21 14:32,
Charles Phillips
wrote:<br class="">
</div>
<blockquote type="cite"
cite="mid:FCF97D62-9C6E-4B01-9240-93A665EB5D41@rustybike.com" class="">
<meta
http-equiv="Content-Type"
content="text/html;
charset=UTF-8"
class="">
Thanks for the quick
response Joel. Yes, I
have read the article
and I have tested and
confirmed that I am
correctly appending
the contact header (I
probably should have
left that in the
snippet for clarity).
Below is an example
of Kamailio setting up
the connection. It is
going out port 46245
this time, but it is
random.
<div class="">
<div class="">
<div class=""><br
class="">
</div>
<div class="">
<div class="">07:59:23.572319
IP
*my.kamailio.server*.46245
>
*ms.teams.server*.sip-tls:
Flags [P.],
seq 1:518, ack
1, win 502,
length 517</div>
<div class="">07:59:23.802458
IP
*ms.teams.server*.sip-tls
>
*my.kamailio.server*.46245:
Flags [P.],
seq 1:3767,
ack 518, win
2051, length
3766</div>
<div class=""><br
class="">
</div>
<div class="">The
TLS connection
shows as
successful in
the logs.</div>
<div class=""><br
class="">
</div>
<div class="">
<div
style="font-family:
Helvetica;
font-size:
12px;
font-style:
normal;
font-variant-ligatures:
normal;
font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align:
start;
text-indent:
0px;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class="">
<div class=""><br
class="Apple-interchange-newline">
- Charles </div>
<div class=""><br
class="">
</div>
<div class=""><br
class="">
</div>
</div>
Date: Thu, 7
Jan 2021
19:12:10 -0800<br
class="">
From: Joel
Serrano <<a
href="mailto:joel@textplus.com" class="" moz-do-not-send="true">joel@textplus.com</a>><br
class="">
To: "Kamailio
(SER) - Users
Mailing List"<br
class="">
<span class="Apple-tab-span" style="white-space: pre;"> </span><<a
href="mailto:sr-users@lists.kamailio.org" class=""
moz-do-not-send="true">sr-users@lists.kamailio.org</a>><br
class="">
Subject: Re:
[SR-Users]
Source Port on
TLS OPTIONS
from
Dispatcher<br
class="">
Message-ID:<br
class="">
<span class="Apple-tab-span" style="white-space: pre;"> </span><<a
href="mailto:CAMtXxQnLtEyD=40cwKembxiyj3D778eK=+5JD7sL4CvYbYXF1g@mail.gmail.com"
class=""
moz-do-not-send="true">CAMtXxQnLtEyD=40cwKembxiyj3D778eK=+5JD7sL4CvYbYXF1g@mail.gmail.com</a>><br
class="">
Content-Type:
text/plain;
charset="utf-8"<br
class="">
<br class="">
Hi Charles,<br
class="">
<br class="">
I don't think
your issue is
rport, make
sure you are
setting the
Contact<br
class="">
header
correctly.<br
class="">
<br class="">
Have you
checked this
blog post:<br
class="">
<a
href="https://skalatan.de/en/blog/kamailio-sbc-teams"
class=""
moz-do-not-send="true">https://skalatan.de/en/blog/kamailio-sbc-teams</a> ?<br
class="">
<br class="">
There is a
specific
section that
talks about
how to tell
Kamailio to
send<br
class="">
the OPTIONS
like MS Teams
wants them.<br
class="">
<br class="">
Good luck,<br
class="">
Joel.<br
class="">
<br
class="Apple-interchange-newline">
</div>
<div class=""><br
class="">
<blockquote
type="cite"
class="">
<div class="">On
Jan 7, 2021,
at 7:31 PM,
Charles
Phillips <<a
href="mailto:charles@rustybike.com" class="" moz-do-not-send="true">charles@rustybike.com</a>>
wrote:</div>
<br
class="Apple-interchange-newline">
<div class="">
<meta
http-equiv="Content-Type"
content="text/html; charset=UTF-8" class="">
<div
style="word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class="">
<div class="">
<div
style="font-family:
Helvetica;
font-size:
12px;
font-style:
normal;
font-variant-ligatures:
normal;
font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align:
start;
text-indent:
0px;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class="">Hello
all. As they
say in radio,
“long time
listener,
first time
caller”</div>
<div
style="font-family:
Helvetica;
font-size:
12px;
font-style:
normal;
font-variant-ligatures:
normal;
font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align:
start;
text-indent:
0px;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class=""><br
class="">
</div>
<div
style="font-family:
Helvetica;
font-size:
12px;
font-style:
normal;
font-variant-ligatures:
normal;
font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align:
start;
text-indent:
0px;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class="">Anyway,
I am having
trouble
getting past
the following
road block and
any help would
be greatly
appreciated.</div>
<div
style="font-family:
Helvetica;
font-size:
12px;
font-style:
normal;
font-variant-ligatures:
normal;
font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align:
start;
text-indent:
0px;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class=""><br
class="">
</div>
<div
style="font-family:
Helvetica;
font-size:
12px;
font-style:
normal;
font-variant-ligatures:
normal;
font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align:
start;
text-indent:
0px;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class="">Kamailio
version is
5.4.3 </div>
<div
style="font-family:
Helvetica;
font-size:
12px;
font-style:
normal;
font-variant-ligatures:
normal;
font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align:
start;
text-indent:
0px;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class=""><br
class="">
</div>
<div
style="font-variant-ligatures:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
text-align:
start;
text-indent:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class="">When
attempting to
use dispatcher
to send
OPTIONS
packets to
several TLS
destinations,
the packets
are leaving
the Kamailio
server on
random ports.
This is a
problem
because the
servers I am
sending the
OPTIONS to (MS
Teams) are
enforcing
rport so the
responses are
returned to a
port that
Kamailio is
not listening
on. I have
tried to force
the socket in
the event
route
(relevant
parts of
snippet below)
but it does
not appear to
help. I
should also
mention that I
am not behind
NAT and the
TLS socket is
specified in
the dispatcher
attrs. </div>
<div
style="font-variant-ligatures:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
text-align:
start;
text-indent:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class="">
<div
style="font-family:
Helvetica;
font-size:
12px;
font-style:
normal;
font-variant-caps:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;" class=""><br
class="">
</div>
<div class="">event_route[tm:local-request] {<br
class="">
sip_trace();</div>
<div class=""><br
class="">
</div>
<div class=""><br
class="">
$fs = “tls:**ip-address**:5061”;</div>
<div class=""><br
class="">
</div>
<div class=""><br
class="">
}</div>
</div>
</div>
<div class=""><br
class="">
</div>
<div class="">I
have used
Kamailio as a
TLS server for
many projects,
but this is my
first time as
a client. I
am sure I am
missing
something.</div>
<div class="">
<div
style="font-family:
Helvetica;
font-size:
12px;
font-style:
normal;
font-variant-ligatures:
normal;
font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align:
start;
text-indent:
0px;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;
word-wrap:
break-word;
-webkit-nbsp-mode:
space;
line-break:
after-white-space;"
class="">
<div class=""><br
class="Apple-interchange-newline">
- Charles</div>
<div class=""><br
class="">
</div>
</div>
<br
class="Apple-interchange-newline"
style="font-family: Helvetica; font-size: 12px; font-style: normal;
font-variant-ligatures:
normal;
font-variant-caps:
normal;
font-variant-east-asian:
normal;
font-variant-position:
normal;
font-weight:
normal;
letter-spacing:
normal;
text-align:
start;
text-indent:
0px;
text-transform:
none;
white-space:
normal;
word-spacing:
0px;
-webkit-text-stroke-width:
0px;">
<br
class="Apple-interchange-newline">
</div>
<br class="">
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
</div>
</div>
<br class="">
<fieldset
class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Kamailio (SER) - Users Mailing List
<a class="moz-txt-link-abbreviated" href="mailto:sr-users@lists.kamailio.org" moz-do-not-send="true">sr-users@lists.kamailio.org</a>
<a class="moz-txt-link-freetext" href="https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users" moz-do-not-send="true">https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users</a>
</pre>
</blockquote>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla -- <a class="moz-txt-link-abbreviated" href="http://www.asipto.com/" moz-do-not-send="true">www.asipto.com</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/miconda" moz-do-not-send="true">www.twitter.com/miconda</a> -- <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/miconda" moz-do-not-send="true">www.linkedin.com/in/miconda</a>
Funding: <a class="moz-txt-link-freetext" href="https://www.paypal.me/dcmierla" moz-do-not-send="true">https://www.paypal.me/dcmierla</a></pre>
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
</div>
</div>
</blockquote>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla -- <a class="moz-txt-link-abbreviated" href="http://www.asipto.com/" moz-do-not-send="true">www.asipto.com</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/miconda" moz-do-not-send="true">www.twitter.com/miconda</a> -- <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/miconda" moz-do-not-send="true">www.linkedin.com/in/miconda</a>
Funding: <a class="moz-txt-link-freetext" href="https://www.paypal.me/dcmierla" moz-do-not-send="true">https://www.paypal.me/dcmierla</a></pre>
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
</div>
</div>
</div>
</blockquote>
</div>
<br class="">
</div>
</div>
</div>
</blockquote>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla -- <a class="moz-txt-link-abbreviated" href="http://www.asipto.com">www.asipto.com</a>
<a class="moz-txt-link-abbreviated" href="http://www.twitter.com/miconda">www.twitter.com/miconda</a> -- <a class="moz-txt-link-abbreviated" href="http://www.linkedin.com/in/miconda">www.linkedin.com/in/miconda</a>
Funding: <a class="moz-txt-link-freetext" href="https://www.paypal.me/dcmierla">https://www.paypal.me/dcmierla</a></pre>
</body>
</html>