Hello,
I am proxying all RTP through RTPEngine. Everything works fine until about
5 seconds into the call, when rtpengine enters kernelization, after which
all RTP forwarding ceases. I've checked the required iptables entries, and
all looks good.
Here is a description of my environment:
# cat os-release
PRETTY_NAME="Debian GNU/Linux 11 (bullseye)"
NAME="Debian GNU/Linux"
VERSION_ID="11"
VERSION="11 (bullseye)"
VERSION_CODENAME=bullseye
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
# kamailio -v
version: kamailio 5.6.2 (x86_64/linux) 54a9c1
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE,
USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC,
TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT,
USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST,
HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024,
BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: 54a9c1
compiled on 16:02:49 Dec 1 2022 with gcc 10.2.1
# rtpengine -v
Version: 11.1.1.3-1~bpo11+1
Michel Pelletier
Hi All
I have setup kamailio using dispatcher to proxy registrations from the UAC to asterisk
but when asterisk sends an incoming call it does not seem to keep the path header and therefore kamailio sends 404
is there anyway around this?
Thanks
Sent with [Proton Mail](https://proton.me/) secure email.
Hello,
Kamailio SIP Server v5.6.3 stable release is out.
This is a maintenance release of the latest stable branch, 5.6, that
includes fixes since the release of v5.6.2. There is no change to
database schema or configuration language structure that you have to do
on previous installations of v5.6.x. Deployments running previous v5.6.x
versions are strongly recommended to be upgraded to v5.6.3.
For more details about version 5.6.3 (including links and guidelines to
download the tarball or from GIT repository), visit:
* https://www.kamailio.org/w/2023/01/kamailio-v5-6-3-released/
RPM, Debian/Ubuntu packages will be available soon as well.
Many thanks to all contributing and using Kamailio!
Cheers,
Daniel
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com
Hello,
I am considering to release Kamailio v5.5.6 soon, branch on branch 5.5,
likely on Thursday or Wednesday next week (Mar 2/3, 2023). This is the
usual heads up notification to see if anyone is aware of issues not yet
reported to bug tracker and if yes, do it as soon as possible to give
them a chance to be fixed.
Cheers,
Daniel
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com
Kamailio Advanced Training - Online - March 27-30, 2023 - www.asipto.com
Hello guys,
We're seeing corner cases where the following happens:
On proxy-ws
- IP1:PORT1 connects via websocket from Client1
- Registration happens on an upstream kamailio
- for any reason, the TCP socket closes or times out.
- IP1:PORT1 (same IP:PORT combination) connects via websocket from Client2
- Registration happens on an upstream kamailio
Now a call comes in to Client1. Because the first connection was never
cleaned up, it is sent to the proxy-ws and the proxy will send it to the
IP1:PORT1 where Client2 is connected.
Short story, proxy-ws doesn't check the IP1:PORT1 where it is sending the
INVITE is the actual client it is supposed to be sending...
It seems that when a socket is closed, the mapping IP:PORT to Address
(i.e.: sip:d4f27e34@994f31243be9.invalid;transport=ws) doesn't seem to be
cleared... is this by design?
Thanks!
Regards,
David Villasmil
email: david.villasmil.work(a)gmail.com
phone: +34669448337
Hello,
Kamailio SIP Server v5.6.4 stable release is out.
This is a maintenance release of the latest stable branch, 5.6, that
includes fixes since the release of v5.6.3. There is no change to
database schema or configuration language structure that you have to do
on previous installations of v5.6.x. Deployments running previous v5.6.x
versions are strongly recommended to be upgraded to v5.6.4.
For more details about version 5.6.4 (including links and guidelines to
download the tarball or from GIT repository), visit:
* https://www.kamailio.org/w/2023/02/kamailio-v5-6-4-released/
RPM, Debian/Ubuntu packages will be available soon as well.
An additional note to say that call for speakers and registration for
Kamailio World Conference 2023 are now open, more details at:
* https://www.kamailioworld.com
Many thanks to all contributing and using Kamailio!
Cheers,
Daniel
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com
Kamailio Advanced Training - Online - March 27-30, 2023 - www.asipto.com
Hello,
We have one Kamailio Instance connected with MS Teams (based on this instruction: https://skalatan.de/en/blog/kamailio-sbc-teams), which worked fine for a while until recently we noticed that calls from teams are not working anymore. When I looked through the logs I found that Microsoft cannot establish a TLS connection to our server because of the cipher:
TLS accept:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher (sni: sbc.example.com - domain is obfuscated).
Certificate is valid, the configuration is below:
[server:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = no
private_key = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.key
certificate = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.crt
server_name = sbc1-teams.example.net
ca_list = /usr/local/etc/kamailio/certs/sectigo_ca.pem
#ca_list=/etc/ssl/certs/ca-bundle.crt
[client:default]
method = TLSv1.2+
verify_certificate = no
require_certificate = no
private_key = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.key
certificate = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.crt
ca_list = /usr/local/etc/kamailio/certs/sectigo_ca.pem
#ca_list=/etc/ssl/certs/ca-bundle.crt
We use a certificate from Sectigo, but I've tried with Let's Encrypt - and it's the same. Any idea what could be the reason?
Hello,
I am considering to release Kamailio v5.6.4 (out of branch 5.6) next
week (likely on Monday or Tuesday, Feb 27/28, 2023). If anyone is aware of
issues not yet on the bug tracker, report them there asap in order to
have a better chance to be fixed.
Cheers,
Daniel
--
Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com
Kamailio Advanced Training - Online - March 27-30, 2023 - www.asipto.com
Dear Kamailio community,
I am a newbie in Kamailio and I am currently working on a project that involves communicating with Kamailio using Python. I have been exploring the Kamailio documentation and I have come across RPC, JSONRPCS..., which I believe can help me achieve my goal.
However, I am not sure about the steps to follow in the Kamailio configuration file to create my own script to communicate with Kamailio using Python (the script is on an other machine on the same LAN). I would be grateful if someone could guide me through the process.
I have already set up Kamailio (builed it from the source code 5.5.5) and Python on my machines and I have basic knowledge of Kamailio configuration. I just need some guidance on how to set up the RPC module in Kamailio and how to create a Python script to communicate with it. I found that I can use RPyC library of python.
I would appreciate any help or suggestions from the Kamailio community. Thank you in advance for your time and assistance.
Best regards,
Wild Coder.
Hi
Sorry for the OT but I think here's the place where I an find a lot of Ms teams
integrations
I've been working on MS teams direct routing integration for PekePBX. It works.
I guess I've done it as everybody else, using Henning's guide as base and
extending it for multitenant setup (thanks Henning!)
What I've realized is that the source IP address of calls coming from MS are
not always matching dispatcher hosts. Sometimes they come from another source
IP and failover to the dispatcher hosts when they receive no response. That
makes some of the calls to have an additional latency
Searching in the MS doc I see that they document these nets as source of their
signaling:
52.112.0.0/14
52.120.0.0/14
But I've seen IP addresses outside of this range as source.
In this blog
https://erwinbierens.com/microsoft-teams-direct-routing-ip-addresses/
The ranges are listed as
52.112.0.0/16
52.113.0.0/16
52.114.0.0/16
52.115.0.0/16
52.120.0.0/16
52.121.0.0/16
52.122.0.0/16
52.123.0.0/16
which looks better but scares me out. Having no auth is it secure to bind so
many ranges to MS?
Do you use anything else than certificate verification for these calls?
cheers,
Jon
--
PekePBX, the multitenant PBX solution
https://pekepbx.com
