21 Dec
2010
21 Dec
'10
10:46 a.m.
Am 21.12.2010 08:30, schrieb Dominguez Jover, Ricardo:
Hi everybody,
Since I implemented Kamailio 3.1 with TLS I’ve found a strange behavior.
That is, with some clients (Bria and Blink) registered, if I restart
Kamailio, then when the clients re-register the strange behaivour
happens. This behavior consist on receiving calls, it took about 15
seconds to receive the first tone since the call was made.
This sounds like some timeout.
Just think about what may happen: you restart Kamailio - thus the TCP
connection is terminated and probably the client will create a new
registration using a new TCP connection.
As the old registration was not deREGISTERed, you will have 2 entries in
your location table: one for the new registration (if the client already
registered) and one for the old one (pointing to a non-existing TCP
connection).
No on incoming call, Kamailio will try to estblish a TCP connection to
the old contact - which for sure will fail of the client is behind NAT
or a firewall.
There are several TCP parameters to tweak, e.g:
make sure TCP is non-blocking:
http://www.kamailio.org/dokuwiki/doku.php/core-cookbook:3.1.x#tcp_async
do not try to open TCP connections to SIP clients when they are known to
be behind NAT/FW.
http://www.kamailio.org/dokuwiki/doku.php/core-cookbook:3.1.x#set_forward_n…
There are also some more TCP functions which can be used to change the
behavior, just look around set_forward_no_connect() function in core
cookbook.
regards
klaus
regards
Klaus
I made the following modification in the “route[Relay]” config. The
reason is I wanted my gateway and Kamailio to make signaling by TLS.
Without this modification the signaling was unencrypted (SIP):
route[RELAY] {
#!ifdef WITH_NAT
if (check_route_param("nat=yes")) {
setbflag(FLB_NATB);
}
if (isflagset(FLT_NATS) || isbflagset(FLB_NATB)) {
route(RTPPROXY);
}
#!endif
/* example how to enable some additional event routes */
if (is_method("INVITE")) {
#t_on_branch("BRANCH_ONE");
t_on_reply("REPLY_ONE");
t_on_failure("FAIL_ONE");
}
*# Se comunica con el GWa traves de TLS *
***if(!( ($od=~"mydomain.com") && ( ($rU=~"[a-z]{3,20}$") ||
($rU=~"^xx[0-9][0-9]$") ) ) ) { ### If I’m calling a PBX extension do
the signaling by TLS with the gateway (Cisco 2811)*
**
* if (!t_relay_to_tls()) {*
* sl_reply_error();*
* }*
} else if {
if (!t_relay()) {
sl_reply_error();
}
}
exit;
}
The rest of functionalities are working really fine. Any idea about what
is happening?
Cheers!
*Ricardo Domínguez*
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users