On 11/05/2023 16.00, [EXT] Calvin E. wrote:
We added a listen on localhost and forced the outside application server to return 127.0.0.1 instead of the IP of Kamailio. This worked as expected, but wasn't the solution we were looking for.
It turns out that enabling sysctl net.ipv4.ip_forward=1 resolves the original issue. Is IP Forwarding a normal requirement for Kamailio in general?
For reference, running "ip route get _interface_ip_" on other Linux servers confirms that the "lo" interface is used when sending packets to an assigned Ethernet IP address.
That is quite surprising as IP forwarding is something very much different, and definitely shouldn't be required for normal communication with a locally bound address (and with that communication going over the `lo` interface being completely expected).
You mentioned the address being a floating address. Was this address perhaps not bound when Kamailio was started? (Doing this requires the `ip_nonlocal_bind` sysctl to be enabled, although in that case I guess the :5060 port also wouldn't be open.)
"Port unreachable" could also indicate a REJECT firewall rule, perhaps something restricting `lo` to be used only with localhost addresses, and/or something restricting the external IP address only to its respective eth interface? (Although enabling IP forwarding wouldn't change anything in that case.)
Cheers