(changing list to sr-users)
Hello,
Do you see an iptables rule belonging to the rtpengine module? If you do a test call, are the packet counters increased on this iptables rule?
In the log message I see another error related to SRTP, not anything related to the kernel forwarding mode.
Cheers,
Henning
-- Henning Westerholt – https://skalatan.de/blog/ Kamailio services – https://gilawa.comhttps://gilawa.com/
From: sr-dev sr-dev-bounces@lists.kamailio.org On Behalf Of Suresh Talasaniya Sent: Monday, March 1, 2021 11:03 AM To: sr-dev@lists.kamailio.org Subject: [sr-dev] RTPEngine - No support for kernel packet forwarding available
Hello folks,
RTPEngine - No support for kernel packet forwarding available, please find the below information/logs.
Mar 1 01:46:45 sp201 rtpengine[14973]: INFO: [9ca2e714-95d0-9662-82e9-e89659024d66]: [control] Received command 'offer' from 127.0.0.1:52657http://127.0.0.1:52657 Mar 1 01:46:45 sp201 rtpengine[14973]: NOTICE: [9ca2e714-95d0-9662-82e9-e89659024d66]: [core] Creating new call Mar 1 01:46:45 sp201 rtpengine[14973]: ERR: [9ca2e714-95d0-9662-82e9-e89659024d66]: [crypto] Failed to init DTLS connection: srtp unknown protection profile Mar 1 01:46:45 sp201 rtpengine[14973]: ERR: [9ca2e714-95d0-9662-82e9-e89659024d66]: [crypto] Failed to init DTLS connection: srtp unknown protection profile Mar 1 01:46:45 sp201 rtpengine[14973]: ERR: [9ca2e714-95d0-9662-82e9-e89659024d66]: [crypto] Failed to init DTLS connection: srtp unknown protection profile Mar 1 01:46:45 sp201 rtpengine[14973]: ERR: [9ca2e714-95d0-9662-82e9-e89659024d66]: [crypto] Failed to init DTLS connection: srtp unknown protection profile Mar 1 01:46:45 sp201 rtpengine[14973]: INFO: [9ca2e714-95d0-9662-82e9-e89659024d66]: [control] Replying to 'offer' from 127.0.0.1:52657http://127.0.0.1:52657 (elapsed time 0.001429 sec) Mar 1 01:48:47 sp201 rtpengine[14973]: INFO: [9ca2e714-95d0-9662-82e9-e89659024d66]: [control] Received command 'delete' from 127.0.0.1:52865http://127.0.0.1:52865 Mar 1 01:48:47 sp201 rtpengine[14973]: INFO: [9ca2e714-95d0-9662-82e9-e89659024d66]: [core] Scheduling deletion of call branch 'tW4HuJe5Hmnkd9RLpKSG' (via-branch 'z9hG4bKgRZGOZSlWGzaiX8oM6vpqSqzpiG6Tqvf0') in 30 seconds Mar 1 01:48:47 sp201 rtpengine[14973]: INFO: [9ca2e714-95d0-9662-82e9-e89659024d66]: [control] Replying to 'delete' from 127.0.0.1:52865http://127.0.0.1:52865 (elapsed time 0.000124 sec) Mar 1 01:48:47 sp201 rtpengine[14973]: INFO: [9ca2e714-95d0-9662-82e9-e89659024d66]: [control] Received command 'delete' from 127.0.0.1:52865http://127.0.0.1:52865 Mar 1 01:48:47 sp201 rtpengine[14973]: INFO: [9ca2e714-95d0-9662-82e9-e89659024d66]: [core] Scheduling deletion of call branch 'tW4HuJe5Hmnkd9RLpKSG' (via-branch '') in 30 seconds
[root@sp201 src]# lsmod | grep xt_RTPENGINE xt_RTPENGINE 45829 5
[root@sp201 src]# lsmod Module Size Used by iptable_nat 12875 0 nf_nat_ipv4 14115 1 iptable_nat nf_nat 26583 1 nf_nat_ipv4 iptable_mangle 12695 0 camellia_aesni_avx_x86_64 27590 0 camellia_x86_64 52986 1 camellia_aesni_avx_x86_64 xts 12914 1 camellia_x86_64 nfnetlink_queue 18197 0 nfnetlink_log 17892 0 nfnetlink 14519 2 nfnetlink_log,nfnetlink_queue bluetooth 548730 0 rfkill 22391 1 bluetooth ipt_REJECT 12541 2 nf_reject_ipv4 13373 1 ipt_REJECT nf_conntrack_ipv4 15053 6 nf_defrag_ipv4 12729 1 nf_conntrack_ipv4 xt_RTPENGINE 45829 5 netconsole 14587 0 xt_conntrack 12760 5 nf_conntrack 139264 4 nf_nat,nf_nat_ipv4,xt_conntrack,nf_conntrack_ipv4 iptable_filter 12810 1 edac_mce_amd 31603 0 crc32_pclmul 13133 0 ghash_clmulni_intel 13273 0 aesni_intel 189456 0 lrw 13286 3 camellia_x86_64,aesni_intel,camellia_aesni_avx_x86_64 gf128mul 15139 2 lrw,xts glue_helper 13990 3 camellia_x86_64,aesni_intel,camellia_aesni_avx_x86_64 ppdev 17671 0 ablk_helper 13597 2 aesni_intel,camellia_aesni_avx_x86_64 cryptd 21190 3 ghash_clmulni_intel,aesni_intel,ablk_helper parport_pc 28205 0 virtio_rng 13029 0 joydev 17389 0 virtio_balloon 18015 0 parport 46395 2 ppdev,parport_pc i2c_piix4 22401 0 pcspkr 12718 0 ip_tables 27126 3 iptable_filter,iptable_mangle,iptable_nat xfs 997727 2 libcrc32c 12644 3 xfs,nf_nat,nf_conntrack ata_generic 12923 0 pata_acpi 13053 0 virtio_net 28085 0 virtio_blk 18472 4 virtio_console 28076 0 net_failover 18147 1 virtio_net failover 13374 1 net_failover ata_piix 35052 0 libata 243094 3 pata_acpi,ata_generic,ata_piix crct10dif_pclmul 14307 0 crct10dif_common 12595 1 crct10dif_pclmul crc32c_intel 22094 1 virtio_pci 22985 0 floppy 69432 0 virtio_ring 22991 6 virtio_blk,virtio_net,virtio_pci,virtio_rng,virtio_balloon,virtio_console serio_raw 13434 0 virtio 14959 6 virtio_blk,virtio_net,virtio_pci,virtio_rng,virtio_balloon,virtio_console
[root@sp201 src]# kamailio -V version: kamailio 5.5.0-dev4 (x86_64/linux) fd8d0f flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB poll method support: poll, epoll_lt, epoll_et, sigio_rt, select. id: fd8d0f compiled on 03:59:17 Feb 16 2021 with gcc 4.8.5
Install the packages required to compile RTPEngine
yum -y install epel-release
yum -y install glib glib-devel gcc zlib zlib-devel openssl openssl-devel pcre pcre-devel libcurl libcurl-devel xmlrpc-c xmlrpc-c-devel
yum -y install libevent-devel glib2-devel json-c-devel json-glib json-glib-devel gperf libpcap-devel git perl-IPC-Cmd libiptcdata-devel libiptcdata-devel hiredis hiredis-devel redis iptables-devel libwebsockets-devel
yum -y install spandsp spandsp-devel rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
yum -y install http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.n...
yum repolist
yum -y install ffmpeg ffmpeg-devel
yum -y install bcg729 bcg729-devel
wget https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm
rpm -i rpmfusion-free-release-7.noarch.rpm
Get RTPEngine source from GitHub repository:
cd /usr/src
git clone https://github.com/sipwise/rtpengine.git rtpengine
cd rtpengine
Compile and install the daemon
cd /usr/src/rtpengine/daemon/
make
cp -fr rtpengine /usr/sbin/rtpengine
cp -fr rtpengine /usr/local/bin/rtpengine
Compile and install iptables extension
cd /usr/src/rtpengine/iptables-extension
make all
cp -fr libxt_RTPENGINE.so /usr/lib64/xtables/.
Compile and install the kernel module xt_RTPENGINE
cd /usr/src/rtpengine/kernel-module make
cp -fr xt_RTPENGINE.ko /lib/modules/`uname -r`/extra/xt_RTPENGINE.ko
depmod -a modprobe -v xt_RTPENGINE
Check if the kernel module loaded properly:
lsmod | grep xt_RTPENGINE
Make to load the module at the boot time:
echo "# load xt_RTPENGINE module" >> /etc/modules-load.d/rtpengine.conf
echo "xt_RTPENGINE" >> /etc/modules-load.d/rtpengine.conf
Check if RTPEngine is accessible:
ls -l /proc/rtpengine/control | grep root
Should see:
–w–w—-. 1 root root 0 Oct 16 10:32 /proc/rtpengine/control
ls -l /proc/rtpengine/list
-r–r–r–. 1 root root 0 Oct 16 10:32 /proc/rtpengine/list
Install configuration file
Get your external IP (with ‘ip addr’ for example)
In the following command change 111.111.111.111 to your external IP
echo "OPTIONS="-i 111.111.111.111 -n 127.0.0.1:2223http://127.0.0.1:2223 -m 10000 -M 60000 -L 4 --log-facility=local1 --table=8 --delete-delay=0 --timeout=60 --silent-timeout=600 --final-timeout=7200 –offer-timeout=60 --num-threads=12 --tos=184 –no-fallback"" > /etc/sysconfig/rtpengine
Configure RTPEngine log
echo "local1.* -/var/log/rtpengine/rtpengine.log;clean_template" >> /etc/rsyslog.conf
mkdir -p /var/log/rtpengine
touch /var/log/rtpengine/rtpengine.log
Configure logrotate
echo "/var/log/rtpengine/rtpengine.log {
daily
rotate 4
missingok
dateext
copytruncate
compress
}" > /etc/logrotate.d/rtpengine
Disable logging to /var/log/messages
perl -pi.bak -e 's#(\s+)/var/log/messages#;local1.none$1/var/log/messages#' /etc/rsyslog.conf
systemctl restart rsyslog
Configure RTPEngine service
echo "[Unit]
Description=Kernel based rtp proxy
After=syslog.target
After=network-online.target
After=iptables.service
Requires=network-online.target
[Service]
Type=forking
PIDFile=/var/run/rtpengine.pid
EnvironmentFile=-/etc/sysconfig/rtpengine
ExecStart=/usr/local/bin/rtpengine -p /var/run/rtpengine.pid $OPTIONS
Restart=on-abort
[Install]
WantedBy=multi-user.target" > /etc/systemd/system/rtpengine.service
Enable and start RTPEengine
systemctl enable rtpengine.service
mkdir -p /var/spool/rtpengine
systemctl start rtpengine
Check status
systemctl status rtpengine.service
Check if g729 installed properly
rtpengine --codecs | grep "G729"
vim /etc/sysconfig/rtpengine
OPTIONS="-i publicIP -n 127.0.0.1:2223http://127.0.0.1:2223 -m 10000 -M 20000 -L 4 --log-facility=local0 --table=8 --delete-delay=0 --timeout=60 --silent-timeout=600 --final-timeout=7200 –offer-timeout=60 --num-threads=12 --tos=184 –no-fallback –log-level=7 --recording-dir=/var/spool/rtpengine/ "
sudo systemctl restart rtpengine
no output from below command: [root@sp201 iptables-extension]# tail -f /proc/rtpengine/0/list
Can someone guide me where I am doing wrong?
Thank you in advance.
-- Regards, Suresh Talasaniya. Contact : +91-9724264776 Skype : suresh.talsaniya