[SR-Users] Re: kamailio sending from udp non-listening port

The capture was done on the EC2 host itself. This is not observed only as when the packet arrives at the remote host. regards, Kaufman ------------------------------ *From:* Michal Popovič &lt;michal.popovic(a)cloudtalk.io&gt; *Sent:* Thursday, October 3, 2024 9:06 AM *To:* Kamailio (SER) - Users Mailing List &lt;sr-users(a)lists.kamailio.org&gt; *Cc:* David Villasmil &lt;david.villasmil.work(a)gmail.com&gt;om>; Ben Kaufman < bkaufman(a)bcmone.com&gt; *Subject:* Re: [SR-Users] kamailio sending from udp non-listening port *CAUTION:* This email originated from outside the organization. *Do not click links or open attachments* unless you recognize the sender and know the content is safe. Check if you are not using NAT gateway IP address for outgoing packets. On 3 Oct 2024, at 15:39, Ben Kaufman via sr-users < sr-users(a)lists.kamailio.org&gt; wrote: Following up here. On the host where I had the problem I changed from using docker's bridged network to using host mode networking, and the problem persisted, then matching your description. I rebooted the host. My only guess is that there was some type of state being inaccurately tracked by the host firewall as the underlying issue, because it happened with only one target, and the translated port was persistent across Kamailio restarts. Did you find out anything more about your problem? Regards, Kaufman ------------------------------ *From:* David Villasmil &lt;david.villasmil.work(a)gmail.com&gt; *Sent:* Tuesday, September 10, 2024 9:26 AM *To:* Ben Kaufman &lt;bkaufman(a)bcmone.com&gt; *Cc:* Kamailio (SER) - Users Mailing List &lt;sr-users(a)lists.kamailio.org&gt; *Subject:* Re: [SR-Users] kamailio sending from udp non-listening port *CAUTION:* This email originated from outside the organization. *Do not click links or open attachments* unless you recognize the sender and know the content is safe. Hello ben, Yes it’s running on kubernetes, but I’m using host networking, so it shouldn’t do that.. I don’t think it’s on Kamailio’s side, but maybe someone has gone through this and can help us! Regards, David Villasmil email: david.villasmil.work(a)gmail.com On Tue, 10 Sep 2024 at 15:30, Ben Kaufman &lt;bkaufman(a)bcmone.com&gt; wrote: I have a similar issue, but my case is even more simple in that I have only a single UDP socket. Are you running Kamailio in docker? In my case, I was able to observe that Kamailio was using the correct socket address and port, but docker's outbound NAT, was changing not only the source address of the packet, but also the source port as well. Host is running Amazon Linux 2023, docker from their packages. *Kaufman* *Senior Voice Engineer * E: bkaufman(a)bcmone.com SIP.US <https://www.google.com/url?q=http://sip.us/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw37L0ij8aOQb8-wBFWCUa-_> Client Support: 800.566.9810 *|* SIPTRUNK Client Support: 800.250.6510 *|* Flowroute Client Support: 855.356.9768 [image: img] <https://www.google.com/url?q=https://www.sip.us/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw02JU_oSfqgH9BK9v5k8Qto> [image: img] <https://www.google.com/url?q=https://www.siptrunk.com/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw3SJ9Vi5uKUE9l0Sy_wO1dN> *[image: img] <https://www.google.com/url?q=https://www.flowroute.com/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw3bIiB1z2lr8wz-kfgCGtaa>* ------------------------------ *From:* David Villasmil via sr-users &lt;sr-users(a)lists.kamailio.org&gt; *Sent:* Tuesday, September 10, 2024 5:31 AM *To:* Kamailio (SER) - Users Mailing List &lt;sr-users(a)lists.kamailio.org&gt; *Cc:* David Villasmil &lt;david.villasmil.work(a)gmail.com&gt; *Subject:* [SR-Users] kamailio sending from udp non-listening port *CAUTION:* This email originated from outside the organization. *Do not click links or open attachments* unless you recognize the sender and know the content is safe. Hello guys, i'm seeing something weird, and i'm working if you can let me know. I have a kamailio in AWS with a private IP listening on several sockets: Listening on udp: 10.1.2.36:5070 <https://www.google.com/url?q=http://10.1.2.36:5070/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw0DPm8YcAkmGRRF2AjIrB-p> udp: 10.1.2.36:5080 <https://www.google.com/url?q=http://10.1.2.36:5080/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw1_GxG1eIBK02zzEZXOmWZ5> udp: 10.1.2.36:5160 <https://www.google.com/url?q=http://10.1.2.36:5160/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw0YqWXjLvXCDs7TvofLr51b> advertise 4.3.2.1:5160 <https://www.google.com/url?q=http://4.3.2.1:5160/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw039p3o3LLRHohjyv74Ik53> udp: 0.0.0.0:5066 <https://www.google.com/url?q=http://0.0.0.0:5066/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw2pn-ls2XoqNhMCB9o9xGce> tls: 10.1.2.36:443 <https://www.google.com/url?q=http://10.1.2.36:443/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw2vTT6rqqni7NdTei3R3rFB> advertise sip.something.com:443 <https://www.google.com/url?q=http://sip.something.com:443/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw09ml85A5cPLWH7Iots0ENy> tls: 10.1.2.36:444 <https://www.google.com/url?q=http://10.1.2.36:444/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw2iitiO3VCfeOPqA2vWDV1j> advertise sip.something.com:444 <https://www.google.com/url?q=http://sip.something.com:444/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw3phHn-MBN7P8TxYXOcgrJO> tls: 10.1.2.36:5061 <https://www.google.com/url?q=http://10.1.2.36:5061/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw0HjRKnDFlHM6dT3o4ODrU8> When forwarding a udp invite received on 10.1.2.36:5080 <https://www.google.com/url?q=http://10.1.2.36:5080/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw1_GxG1eIBK02zzEZXOmWZ5> to a public ip provider say on 8.8.8.8:5060 <https://www.google.com/url?q=http://8.8.8.8:5060/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw22D_m1M8rAFfjghqMFvrak>, i'm forcing the outgoing socket with force_socket via 10.1.2.36:5160 <https://www.google.com/url?q=http://10.1.2.36:5160/&source=gmail-imap&ust=1728568955000000&usg=AOvVaw0YqWXjLvXCDs7TvofLr51b>. But the outgoing invite does NOT use 5160, it uses some random port... Anybody knows why this might be? my problem is, that call goes to freeswitch... call is setup properly and connects fine. But 15 minutes later the end provider sends back a reINVITE, which freeswitch then sends TO THE RANDOM PORT kamailio used to send the INVITE... but by this time kamailio doesn't seem to even see the packet... help is greatly appreciated! David Regards, David Villasmil email: david.villasmil.work(a)gmail.com __________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-leave(a)lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe: