sr-users February 2023

sr-users@lists.kamailio.org

36 participants
48 discussions

Releasing Kamailio v5.5.6
by Daniel-Constantin Mierla 02 Mar '23

02 Mar '23

Hello, I am considering to release Kamailio v5.5.6 soon, branch on branch 5.5, likely on Thursday or Wednesday next week (Mar 2/3, 2023). This is the usual heads up notification to see if anyone is aware of issues not yet reported to bug tracker and if yes, do it as soon as possible to give them a chance to be fixed. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com Kamailio Advanced Training - Online - March 27-30, 2023 - www.asipto.com

1 1

Websocket closing
by David Villasmil 01 Mar '23

01 Mar '23

Hello guys, We're seeing corner cases where the following happens: On proxy-ws - IP1:PORT1 connects via websocket from Client1 - Registration happens on an upstream kamailio - for any reason, the TCP socket closes or times out. - IP1:PORT1 (same IP:PORT combination) connects via websocket from Client2 - Registration happens on an upstream kamailio Now a call comes in to Client1. Because the first connection was never cleaned up, it is sent to the proxy-ws and the proxy will send it to the IP1:PORT1 where Client2 is connected. Short story, proxy-ws doesn't check the IP1:PORT1 where it is sending the INVITE is the actual client it is supposed to be sending... It seems that when a socket is closed, the mapping IP:PORT to Address (i.e.: sip:d4f27e34@994f31243be9.invalid;transport=ws) doesn't seem to be cleared... is this by design? Thanks! Regards, David Villasmil email: david.villasmil.work(a)gmail.com phone: +34669448337

3 6

Kamailio v5.6.4 Released
by Daniel-Constantin Mierla 27 Feb '23

27 Feb '23

Hello, Kamailio SIP Server v5.6.4 stable release is out. This is a maintenance release of the latest stable branch, 5.6, that includes fixes since the release of v5.6.3. There is no change to database schema or configuration language structure that you have to do on previous installations of v5.6.x. Deployments running previous v5.6.x versions are strongly recommended to be upgraded to v5.6.4. For more details about version 5.6.4 (including links and guidelines to download the tarball or from GIT repository), visit: * https://www.kamailio.org/w/2023/02/kamailio-v5-6-4-released/ RPM, Debian/Ubuntu packages will be available soon as well. An additional note to say that call for speakers and registration for Kamailio World Conference 2023 are now open, more details at: * https://www.kamailioworld.com Many thanks to all contributing and using Kamailio! Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com Kamailio Advanced Training - Online - March 27-30, 2023 - www.asipto.com

1 0

Kamailio MS Teams TLS Issue
by iliusha.md＠gmail.com 27 Feb '23

27 Feb '23

Hello, We have one Kamailio Instance connected with MS Teams (based on this instruction: https://skalatan.de/en/blog/kamailio-sbc-teams), which worked fine for a while until recently we noticed that calls from teams are not working anymore. When I looked through the logs I found that Microsoft cannot establish a TLS connection to our server because of the cipher: TLS accept:error:1408A0C1:SSL routines:ssl3_get_client_hello:no shared cipher (sni: sbc.example.com - domain is obfuscated). Certificate is valid, the configuration is below: [server:default] method = TLSv1.2+ verify_certificate = no require_certificate = no private_key = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.key certificate = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.crt server_name = sbc1-teams.example.net ca_list = /usr/local/etc/kamailio/certs/sectigo_ca.pem #ca_list=/etc/ssl/certs/ca-bundle.crt [client:default] method = TLSv1.2+ verify_certificate = no require_certificate = no private_key = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.key certificate = /usr/local/etc/kamailio/certs/example.net/sbc1-teams_example_net.crt ca_list = /usr/local/etc/kamailio/certs/sectigo_ca.pem #ca_list=/etc/ssl/certs/ca-bundle.crt We use a certificate from Sectigo, but I've tried with Let's Encrypt - and it's the same. Any idea what could be the reason?

5 7

Releasing v5.6.4
by Daniel-Constantin Mierla 27 Feb '23

27 Feb '23

Hello, I am considering to release Kamailio v5.6.4 (out of branch 5.6) next week (likely on Monday or Tuesday, Feb 27/28, 2023). If anyone is aware of issues not yet on the bug tracker, report them there asap in order to have a better chance to be fixed. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - June 5-7, 2023 - www.kamailioworld.com Kamailio Advanced Training - Online - March 27-30, 2023 - www.asipto.com

1 1

Kamailio RPC configuration
by sadik.oualla.mohamed＠gmail.com 24 Feb '23

24 Feb '23

Dear Kamailio community, I am a newbie in Kamailio and I am currently working on a project that involves communicating with Kamailio using Python. I have been exploring the Kamailio documentation and I have come across RPC, JSONRPCS..., which I believe can help me achieve my goal. However, I am not sure about the steps to follow in the Kamailio configuration file to create my own script to communicate with Kamailio using Python (the script is on an other machine on the same LAN). I would be grateful if someone could guide me through the process. I have already set up Kamailio (builed it from the source code 5.5.5) and Python on my machines and I have basic knowledge of Kamailio configuration. I just need some guidance on how to set up the RPC module in Kamailio and how to create a Python script to communicate with it. I found that I can use RPyC library of python. I would appreciate any help or suggestions from the Kamailio community. Thank you in advance for your time and assistance. Best regards, Wild Coder.

2 1

OT: MS Teams source IP address ranges
by Jon Bonilla (Manwe) 24 Feb '23

24 Feb '23

Hi Sorry for the OT but I think here's the place where I an find a lot of Ms teams integrations I've been working on MS teams direct routing integration for PekePBX. It works. I guess I've done it as everybody else, using Henning's guide as base and extending it for multitenant setup (thanks Henning!) What I've realized is that the source IP address of calls coming from MS are not always matching dispatcher hosts. Sometimes they come from another source IP and failover to the dispatcher hosts when they receive no response. That makes some of the calls to have an additional latency Searching in the MS doc I see that they document these nets as source of their signaling: 52.112.0.0/14 52.120.0.0/14 But I've seen IP addresses outside of this range as source. In this blog https://erwinbierens.com/microsoft-teams-direct-routing-ip-addresses/ The ranges are listed as 52.112.0.0/16 52.113.0.0/16 52.114.0.0/16 52.115.0.0/16 52.120.0.0/16 52.121.0.0/16 52.122.0.0/16 52.123.0.0/16 which looks better but scares me out. Having no auth is it secure to bind so many ranges to MS? Do you use anything else than certificate verification for these calls? cheers, Jon -- PekePBX, the multitenant PBX solution https://pekepbx.com

4 6

Dispatcher failover when SRV failover is on?
by Jon Bonilla (Manwe) 23 Feb '23

23 Feb '23

Hi Again, fighting with MS Teams but this time it's a kamailio question. I have MSteams hosts in the dispatcher for OPTIONS and for destination. Acording to MS you need to try sip.pstnhub.foo then sip2.pstnhub.foo and sip3.pstnhub.foo 2 | sip:sip.pstnhub.microsoft.com;transport=tls | 0 | 1 2 | sip:sip2.pstnhub.microsoft.com;transport=tls | 0 | 2 2 | sip:sip3.pstnhub.microsoft.com;transport=tls | 0 | 3 I was going to implement dispatcher failover as usual ds_select_domain (alg 8) with failure routes but checking the SRV of the first domain I see it already includes 4 hosts: host -t srv _sips._tcp.sip.pstnhub.microsoft.com _sips._tcp.sip.pstnhub.microsoft.com has SRV record 10 0 5061 sip.pstnhub.microsoft.com. _sips._tcp.sip.pstnhub.microsoft.com has SRV record 20 0 5061 sip2.pstnhub.microsoft.com. _sips._tcp.sip.pstnhub.microsoft.com has SRV record 30 0 5061 sip3.pstnhub.microsoft.com. _sips._tcp.sip.pstnhub.microsoft.com has SRV record 40 0 5061 sip4.pstnhub.microsoft.com. So... If I have dns srv failover enabled in kamailio... what would be the point of the dispatcher failover? In case I only want failover in case 408 or 5XX wouldn't the tm module do it for me? cheers, Jon -- PekePBX, the multitenant PBX solution https://pekepbx.com

3 2

What does l_username in UAC do?
by Дилян Палаузов 23 Feb '23

23 Feb '23

Hello, the uac module-registrations have the fields l_uuid - user for Contact: in REGISTER (before @). Described at https://kamailio.org/docs/db-tables/kamailio-db-5.6.x.html#idm9037 as “Local unique id used to build and match contact addresses.”. Described at https://www.kamailio.org/docs/modules/devel/modules/uac#idm700 as “local unique user id, e.g.,: 12345678” l_username - Described at https://kamailio.org/docs/db-tables/kamailio-db-5.6.x.html#idm9037 as “Local username”. Described at https://www.kamailio.org/docs/modules/devel/modules/uac#idm700 as “local user name, e.g.,: test ”. For me there is no difference between “local unique id” (as for l_uuid) and “local username“ (here). l_domain - used for Contact: in REGISTER (after @), described at https://kamailio.org/docs/db-tables/kamailio-db-5.6.x.html#idm9037 as “local domain” When is l_username used, what is it purpose? Does it solely serve as possible filter criterion for the RPC commands: uac.reg_info l_username abc uac.reg_enable l_username abc uac.reg_disable l_username abc, and uac.reg_unregister l_username abc Do I see correctly, that via UAC-RPC an unREGISTER can be triggered, but there is no way to trigger a REGISTER over UAC-RPC? Thanks for the clarifications Дилян

2 2

change default 477 response code per case
by Patrick Karton 22 Feb '23

22 Feb '23

Hello , i would like to know if there is a way to change the default 477 response code generated by kamailio in some cases. for example if kamalio generates 477 because its not able to reach a peer i would like to change it to another code before to forward it. Thanks.

2 1

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users February 2023