Hello,
the nature of tcp protocol makes local ports on connect (as well accepted connection ports) ephemeral. Kamailio has for that reason "connection aliases", so the matching is also done based on advertised attributes, not only on connection source ip/port. The interconnect provider should do it also for tcp/tls. I am not sure now, but I think there is also in the RFC specs something about.
Then, the alternative, with the latest kernels and kamailio, you can try to reuse the tcp port:
* https://www.kamailio.org/wiki/cookbooks/5.3.x/core#tcp_reuse_port
On the other hand, the firewall may associate a different extern port for connections originated from the same source ip/port, you will have to test and see what happens.
Cheers, Daniel
On 11.05.20 12:23, Michal Popovic wrote:
Hello,
so it looks like kamailio used random port for opening connections to our partners but did not updates record-route port properly. AWS has symmetric NAT and that works fine.
Is there any way how to identify port and rewrite record-route?
Thanks.
Bye, Michal
On 7 May 2020, at 17:25, Michal Popovic michal.popovic@cloudtalk.io wrote:
Hello,
our kamailio used for sip trunk interconnections is behind NAT and our cloud provider opens random outgoing ports for outbound connections. Our record-route is set to our external address and port 5060, that is probably incorrect, but we did not had any issues. One of our partners suddenly begin sending BYEs to the port advertised in record-route instead of port from where he received call.
What is a correct approach here if we are not able to determine open port behind NAT?
Bye, Michal _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users