RE: [Serusers] Routing loop - sr-users

21 Jun 2004


      Please email the cisco configuration and don't forget to take the
password info out of your cisco.
Thanks
&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*&*
C.M. Rahman Jr.
CTO
CCNP, MCSE Security    "Secure your self by securing your System"
CompTI Security Plus Certified
CCS Internet
http://www.ccsi.com
13704 Research Blvd. Building O-Suite 4
Austin, TX 78750
Tel: 512-257-2274 Ex: 115
-----Original Message-----
From: serusers-bounces@iptel.org [mailto:serusers-bounces@lists.iptel.org] On
Behalf Of Klaus Darilion
Sent: Monday, June 21, 2004 6:46 AM
To: AJ Grinnell
Cc: serusers@lists.iptel.org
Subject: Re: [Serusers] Routing loop
If the calls are routed back by the PRI provider then the problem is in 
the PRI side: A misconfiguration of your GW or the switch of your
provider.
klaus
AJ Grinnell wrote:
...
Can someone please help before I lose my mind here. I have all calls
pointing to a cisco as5350. When the calls come in from the cisco,
they are
...
routed through ser and back out the cisco, which in turn gets routed
back to
...
the cisco by our PRI provider. This keeps going in a loop untill all
channels are busied out. I have tried every way I can think of to
block
...
calls incoming from the IP of the cisco, but nothing works. What am I
doing
...
wrong here?
simple quick-start config script
#
# ----------- global configuration parameters ------------------------
debug=3         # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=yes        # (cmd line: -E)
listen=x
listen=127.0.0.1
alias=x
alias=x
alias=x
check_via=no   # (cmd. line: -v)
dns=no           # (cmd. line: -r)
rev_dns=no      # (cmd. line: -R)
port=5060
children=4
fifo="/tmp/ser_fifo"
sip_warning=yes
syn_branch=no
server_signature=yes
reply_to_via=no
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/etc/lib/ser/modules/sl.so"
loadmodule "/etc/lib/ser/modules/tm.so"
loadmodule "/etc/lib/ser/modules/rr.so"
loadmodule "/etc/lib/ser/modules/maxfwd.so"
loadmodule "/etc/lib/ser/modules/usrloc.so"
loadmodule "/etc/lib/ser/modules/registrar.so"
loadmodule "/etc/lib/ser/modules/auth.so"
loadmodule "/etc/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
#modparam("usrloc", "db_mode",   0)
modparam("usrloc", "db_mode", 2)
modparam("auth_db", "db_url", "sql://ser:heslo@localhost/ser")
# -- auth params --
modparam("auth_db", "db_url", "sql://ser:heslo@localhost/ser")
modparam("auth_db", "calculate_ha1", yes)
modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
# -------------------------  request routing logic -------------------
# main routing logic
route{
    # initial sanity checks -- messages with
    # max_forwards==0, or excessively long requests
    if (!mf_process_maxfwd_header("10")) {
            sl_send_reply("483","Too Many Hops");
            break;
    };
    if ( msg:len > max_len ) {
            sl_send_reply("513", "Message too big");
            break;
    };

    record_route();
    # loose-route processing
    if (loose_route()) {
            t_relay();
            break;
    };

    # if the request is for other domain use UsrLoc
    # (in case, it does not work, use the following command
    # with proper names and addresses in it)
    if (uri==myself) {

            if (method=="REGISTER") {

    # Uncomment this if you want to use digest authentication
                   if (!www_authorize("x.x.x.x", "subscriber")) {
                           www_challenge("x.x.x.x", "0");
                           break;
                   };

                    save("location");
                    break;
            };

            if (method=="INVITE") {
               if (!(uri=="sip:.*@10\.200\.20\.10")){     #Have

also
...
tried if (!uri=~"sip:.*@10.200.20.10")
                         if (uri=~"^sip:[2-9]......@.*") {    # and if
(!ip_addr==10.200.20.10")
                        # attempt handoff to PSTN.
                        log( "Forwarding to PSTN\n" );
                       sethost("10.200.20.10");
                        };
                 };
            };
        };
        # forward to current uri now; use stateful forwarding; that
        # works reliably even if we forward from TCP to UDP
        if (!t_relay()) {
                sl_reply_error();
        };
}
AJ Grinnell
Network Operations Technician
CRT/ Arialink Broadband
1223 Turner Street, Suite A
Lansing, MI 48906
517.346.5041
517.492.1321 direct

Serusers mailing list
serusers@lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
_______________________________________________
Serusers mailing list
serusers@lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers