Thank you for that information Daniel, I think I need to do more reading to understand the sips scheme better.
On 28/07/2015 11:01, Daniel-Constantin Mierla wrote:
Hello,
sips uri scheme should not be used for TLS connectivity -- that should be just an URI with transport=tls
The sips means that the communication must be done via a secure channel, which can be UDP over IPSec, for example.
IIRC, the scheme is taken from request URI, based on SIP RFC.
You should instruct the UA to use sip with transport=tls or you can change the r-uri not to use sips anymore on your server, before doing record_route().
Cheers, Daniel
On 27/07/15 17:04, Asgaroth wrote:
Hi All,
I have kamailio setup and listening on logical interfaces (for failover purposes) and therefore need to force the sending socket on initial messages. We are testing sips+tls at the moment and what we are trying to achive is that the TLS connection occurs from the UAC to the edge proxy (also responsible for the domain) and then force UDP for internal communications to services.
What I am comming up against is that when I force the sending socket on the internal interface to UDP, the record route header still shows up as a "sips" request. Then, at the presense server, when generating the NOTIFY it attempts to send it to the proxy using TLS.
My understanding was that the record route would set the uri something like "sip:internal_ip" when forcing the sending socket to be "udp:internal_ip". Is my understanding correct, or am I doing something wrong here?
An example subscribe message follows, the top most record-route header, from my understanding, should read sip:internal_ip, not sips:internal_ip. Is this the expected behaviour of double rr with these types of messages? How could I ensure that the top most record-route would always be a sip uri (never sips).
SUBSCRIBE sips:subscriber@domain.com:5061 SIP/2.0. Record-Route: sips:proxy_internal_ip;r2=on;lr;ftag=594055226. Record-Route: sips:proxy_external_ip:5061;transport=tls;r2=on;lr;ftag=594055226. Max-Breadth: 60. Via: SIP/2.0/UDP proxy_internal_ip;branch=z9hG4bK6c9.d7dc4801e872ce9fb5730f9e09f1889e.0;i=1. Via: SIP/2.0/TLS 172.16.0.121:5060;rport=33273;received=78.143.152.30;branch=z9hG4bK708ea7ba. Max-Forwards: 69. Call-ID: 17212ff4-4421321c8feafd63bf800080f0808080@KX-HDV230X. From: sips:subscriber@domain.com;tag=594055226. To: sips:subscriber@domain.com. CSeq: 2 SUBSCRIBE. Allow: INVITE,ACK,CANCEL,BYE,PRACK,INFO,UPDATE,OPTIONS,MESSAGE,NOTIFY,REFER. Accept: application/dialog-info+xml,application/rlmi+xml,multipart/related. Contact: sips:subscriber@172.16.0.121:5060;alias=78.143.152.30~33273~3. Expires: 3600. Event: dialog.
Any thoughts, tips, tricks would be greatly appreciated.
Cheers
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users