<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
</head>
<body>
<p>Dear List</p>
<p>In the last week I try to figure out how I can put in place a
configuration that use an edge proxy and a register by using
kamailio 5.6, but i am facing some issues.<br>
</p>
<p>Scenario:</p>
<p>We are using on ubuntu 20.04, HAproxy and Kamailio 5.6.</p>
<p>We have configured a Kamailio register that, in the following
case, perfectly works.<br>
</p>
<p><font face="monospace"> ______ __
__________</font><br>
TLS | | TLS
| |<br>
<font face="monospace">Client ------------------ > | NAT
|-----------> | Kamalio | </font><br>
<font face="monospace"> in |_HAProxy | out
in | Register | </font><br>
<font face="monospace"> |_________|
| | </font><br>
<font face="monospace">
|________ _| <br>
</font></p>
<p>Now we want to put a kamailio edge proxy before the kamailio
Register, please take a look to the below picture<br>
</p>
<font face="monospace"> ______</font><br>
<br>
<font face="monospace"> ______ __
_________ ___________</font><br>
TLS | | TLS
| | TCP | |<br>
<font face="monospace">Client ------------------ > | NAT
|-----------> | Kamalio | -------------> | Kamailio |</font><br>
<font face="monospace"> in |_HAProxy | out
in | Edge | out in | Register |</font><br>
<font face="monospace"> |_________|
| Proxy | | |</font><br>
<font face="monospace">
|_________| |___________|<br>
</font>
<p>HAproxy -> sip-test.example.com</p>
<p>Kamailio edge proxy -> 192.168.58.1</p>
<p>Kamailio Register -> 192.168.58.15</p>
<p>The kamailio Edge has been configured as indicated in the
outbound module example.</p>
<p><br>
</p>
<p>When a transaction such as REGISTER or SUBSCRIBE reach the
"Kamailio Register" the Record-Route and Via headers are correct
and it works.<br>
</p>
<p><br>
</p>
<p>When the transaction such as MESSAGE or INVITE reach the
"Kamailio Register" it does not work and below you can see the
message and the error.<br>
</p>
<p>Note that the Record-Route and Via headers are the same as the
previous message REGISTER and SUBSCRIBE.<br>
</p>
<p><br>
</p>
<p>Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]:
INFO: {1 40742 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET}
<script>: SIPMessage-in-request =
<a class="moz-txt-link-abbreviated" href="mailto:192.168.58.1:53606-sip:s-user.02@sip-dev.example.com-MESSAGE">192.168.58.1:53606-sip:s-user.02@sip-dev.example.com-MESSAGE</a>
<a class="moz-txt-link-abbreviated" href="mailto:sip:s-user.02@sip-dev.example.com">sip:s-user.02@sip-dev.example.com</a> SIP/2.0</p>
Record-Route: <sip:192.168.58.1:15006;transport=tcp;r2=on;lr><br>
Record-Route:
<sip:sip-test.example.com:16005;transport=tls;r2=on;lr><br>
Via: SIP/2.0/TCP
192.168.58.1:15006;branch=z9hG4bKa257.add27f134dd83c78aef13ca7798f87ca.0;i=6<br>
Via: SIP/2.0/TLS
192.168.58.1:39592;received=192.168.58.1;rport=39592;branch=z9hG4bKPjajkY.0NlW2AFuz3.BRaKH4EdvdmQTs9L;alias<br>
Max-Forwards: 69<br>
From:
<a class="moz-txt-link-rfc2396E" href="mailto:sip:s-user.03@sip-dev.example.com"><sip:s-user.03@sip-dev.example.com></a>;tag=VnOekkKsq4tLhFAywXzbxLXxIesWscn3<br>
To: <a class="moz-txt-link-rfc2396E" href="mailto:sip:s-user.02@sip-dev.example.com"><sip:s-user.02@sip-dev.example.com></a><br>
Call-ID: YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET<br>
CSeq: 40742 MESSAGE<br>
Accept: text/plain, application/im-iscomposing+xml<br>
Content-Type: text/plain<br>
Content-Length: 59<br>
<br>
################## MESSAGE ###################<br>
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]: INFO:
{1 40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} <script>:
SIPMessage-in-request =
<a class="moz-txt-link-abbreviated" href="mailto:192.168.58.1:53606-sip:s-user.02@sip-dev.example.com-MESSAGE">192.168.58.1:53606-sip:s-user.02@sip-dev.example.com-MESSAGE</a>
<a class="moz-txt-link-abbreviated" href="mailto:sip:s-user.02@sip-dev.example.com">sip:s-user.02@sip-dev.example.com</a> SIP/2.0<br>
Record-Route: <sip:192.168.58.1:15006;transport=tcp;r2=on;lr><br>
Record-Route:
<sip:sip-test.example.com:16005;transport=tls;r2=on;lr><br>
Via: SIP/2.0/TCP
192.168.58.1:15006;branch=z9hG4bKb257.83b972054df1675806975159ae1f1e43.0;i=6<br>
Via: SIP/2.0/TLS
192.168.58.1:39592;received=192.168.58.1;rport=39592;branch=z9hG4bKPjfan-Tte.vtL8brkWb20wm.5b8iuVEtQV;alias<br>
Max-Forwards: 69<br>
From:
<a class="moz-txt-link-rfc2396E" href="mailto:sip:s-user.03@sip-dev.example.com"><sip:s-user.03@sip-dev.example.com></a>;tag=VnOekkKsq4tLhFAywXzbxLXxIesWscn3<br>
To: <a class="moz-txt-link-rfc2396E" href="mailto:sip:s-user.02@sip-dev.example.com"><sip:s-user.02@sip-dev.example.com></a><br>
Call-ID: YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET<br>
CSeq: 40743 MESSAGE<br>
Accept: text/plain, application/im-iscomposing+xml<br>
Proxy-Authorization: Digest username="s-user.03",
realm="sip-dev.example.com",
nonce="Y48hMWOPIAW7JeSQ7/a+cuJ1gKwT8hrC",
uri=<a class="moz-txt-link-rfc2396E" href="mailto:sip:s-user.02@sip-dev.example.com">"sip:s-user.02@sip-dev.example.com"</a>,
response="3b7c34476443e5f1125fa460a4981180",
cnonce="3AT-ZMwyfpgaMwlulh5cq5vJHi75-wnz", qop=auth, nc=00000001<br>
Content-Type: text/plain<br>
Content-Length: 59<br>
<br>
<br>
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]:
WARNING: {1 40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET}
<core> [core/forward.c:228]: get_send_socket2(): protocol/port
mismatch (forced tcp:192.168.58.15:15006, to tls:192.168.58.1:60982)<br>
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]:
ERROR: {1 40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} tm
[ut.h:315]: uri2dst2(): no corresponding socket found for
"192.168.58.1" af 2 (tls:192.168.58.1:60982)<br>
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]:
ERROR: {1 40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} tm
[t_fwd.c:471]: prepare_new_uac(): can't fwd to af 2, proto 3 (no
corresponding listening socket)<br>
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]:
ERROR: {1 40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} tm
[t_fwd.c:1754]: t_forward_nonack(): failure to add branches<br>
Dec 6 11:57:09 qcast-webserver-dev /usr/sbin/kamailio[15340]:
ERROR: {1 40743 MESSAGE YsfZ7Rq-WGw33NUn9AFMWEuurzryvzET} sl
[sl_funcs.c:372]: sl_reply_error(): stateless error reply used: I'm
terribly sorry, server error occurred (7/SL)
<p><br>
</p>
<p>based on what we have understood in the message headers "Via" and
Record-Route" there are the right information to reach back the
proxy Edge, but looking to the error message it seems that the
kamailio register try to reach back the proxy edge through the TLS
instead of using the TCP.</p>
<p><br>
</p>
<p>Could someone put me in the right direction.</p>
<p>Thanks</p>
<p>Regards<br>
</p>
<p></p>
<font face="monospace">-- </font><br>
<font color="#118311"> </font>
<div class="moz-signature"><font color="#118311">
<hr>
<p style="font-family:sans-serif;font-size:14px"> Ing. Giovanni
Iamonte<br>
Developments and technologies area<br>
Quintetto Srl<br>
Via Monte Navale, 1<br>
10015 - Ivrea (TO)<br>
mobile: +39 393 9196310<br>
tel: +39 0165 1845290<br>
e-mail: <a class="moz-txt-link-abbreviated
moz-txt-link-freetext"
href="mailto:giovanni.iamonte@quintetto.it">giovanni.iamonte@quintetto.it</a><br>
web: <a class="moz-txt-link-abbreviated"
href="http://www.quintetto.it">www.quintetto.it</a><br>
</p>
</font></div>
</body>
</html>