[Serusers] Multiple SER Problems

Chris St Denis chris at aebc.com
Sat Sep 10 00:49:59 CEST 2005


In regards to the eating of your OKs take a look at this asterisk bug if
your inbound PSTN gateway is asterisk. 

http://bugs.digium.com/view.php?id=2687

-----Original Message-----
From: serusers-bounces at iptel.org [mailto:serusers-bounces at lists.iptel.org] On
Behalf Of Corey S. McFadden
Sent: Monday, September 05, 2005 3:58 PM
To: serusers at lists.iptel.org
Subject: Re: [Serusers] Multiple SER Problems


Greger,

Thanks for the response.  I believe the original configuration was based 
on the ONsip.org rtpproxy example config but I will take it back there and 
try re-implementing features one at a time.  Hopefully that will 
provide a little more clarity as to where the biggest problem lies.  

It's actually a fairly straightforward setup minus the external NPANXX 
route lookup...

Thanks again,
-Corey


On Mon, 5 Sep 2005, Greger V. Teigre wrote:

> Corey,
> I comment on this email instead of the previous post. Your post below +
the 
> error messages you showed in your previous post show that there are some 
> serious problems with your config.  However, your setup is not 
> straight-forward (with inbound and outbound PSTN GWs etc).  Some of the 
> errors should be fairly easy to fix, others may be harder.  My suggestion
is 
> that you take the time to rewrite your config from scratch using an 
> ONsip.org config file as a starting point.  The Getting Started document 
> discussion on nathelper and mediaproxy should make you capable of adapting

> it to your setup below.
>     This exercise should at least remove some of your errors. In addition,

> it will make it easier to trace your problems.  Something is eating your
OKs 
> and it seems to be outside ser, so I would also set up a trace at various 
> places in your network.
> g-)
> 
> Corey S. McFadden wrote:
> > Hi everyone,
> >
> > We're working through various SER problems and my thinking is that
> > we've
> > got something generally wrong with our SER config.  I posted
> > previously
> > about one of these problems but wanted to clarify the situation and
> > see
> > if anyone could offer some advice.
> >
> > Network:                         +-------------+
> >                              +--| Asterisk VM |
> >                              |  +-------------+
> >  +---------------+    +---+  |  +----------------+
> >  |Inbound PSTN GW|----|SER|--+--| Outbound LD GW |
> >  +---------------+    +---+  |  +----------------+
> >                        |     |  +------------------+
> >          +-------+     |     +--| Outbound PSTN GW |
> >          |  UAs  |-----+        +------------------+
> >          +-------+     |
> >                        |
> >   +-----------+  +--+  |
> >   | NATed UAs |--|FW|--+
> >   +-----------+  +--+
> >
> >
> >
> > Problems:
> > - All UAs can make outbound calls without a problem.
> > - UAs outside NAT can call each other.
> > - NATed UAs can call each other.  Depending on the UA it will either
> >  get one way audio or no audio.  (Cisco 7960 seems to have more
> >  problems than the Sipura 841)
> > - PSTN GW calls to NATed UAs ring but can't answer the call.
> >  SER logs: Warning: sl_send_reply: I won't send a reply for ACK!!
> > - When PSTN calls a UA and it doesn't answer, failure route fails to
> >  connect the call to Asterisk.  The call is set up (Asterisk logs
> >  attempts to send OKs back and will launch the voicemail app) but the
> >  PSTN gateway never gets the OK.  Call is lost.
> > - When NATed UAs call each other without answering fr_invite_timer
> >  hits and failure route fails to send the call to Asterisk.
> >
> >
> > I've read a LOT of back postings on the list and have read a bunch of
> > threads that describe the one-way audio problem but never could find
> > any
> > acutal answers or resolution.  The threads just seem to end.
> > (i.e.
> > http://lists.iptel.org/pipermail/serusers/2004-October/012305.html )
> >
> > I'm going to attach the ser.cfg but will hold off on the ngrep and
> > related documentation as I think someone might be able to tell me what
> > we're doing wrong by just looking at this.
> >
> > Anyhow, if anyone can offer some insight it would be greatly
> > appreciated.  (If anyone who is reading this is interested in
> > consulting
> > on this problem, contact me off-list and we can make payment
> > arrangements.)
> >
> > Thanks in advance,
> > -Corey
> >
> >
> > SER Config:
> > ############################################################
> > #
> > #  whatever.net - SER Configuration File
> > #  ser.conf
> > #  Revised 7/31/2005
> > #
> > ############################################################
> >
> >
> > debug=3
> > fork=yes
> > log_stderror=yes
> >
> > listen=xxx.ser.ip.addr
> > port=5060
> > children=4
> > alias=whatever.net
> > alias=hostname.whatever.net
> >
> > dns=no
> > rev_dns=no
> >
> > # Added 9/3
> > reply_to_via=no
> > check_via=no
> >
> >
> >
> > fifo="/tmp/ser_fifo"
> > fifo_db_url="mysql://ser:passwd@localhost/ser"
> >
> >
> > ###
> > # Modules
> > ###
> >
> > loadmodule "/usr/local/lib/ser/modules/mysql.so"
> > loadmodule "/usr/local/lib/ser/modules/sl.so"
> > loadmodule "/usr/local/lib/ser/modules/tm.so"
> > loadmodule "/usr/local/lib/ser/modules/acc.so"
> > loadmodule "/usr/local/lib/ser/modules/rr.so"
> > loadmodule "/usr/local/lib/ser/modules/exec.so"
> > loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
> > loadmodule "/usr/local/lib/ser/modules/usrloc.so"
> > loadmodule "/usr/local/lib/ser/modules/registrar.so"
> > loadmodule "/usr/local/lib/ser/modules/auth.so"
> > loadmodule "/usr/local/lib/ser/modules/auth_db.so"
> > loadmodule "/usr/local/lib/ser/modules/nathelper.so"
> > loadmodule "/usr/local/lib/ser/modules/textops.so"
> > loadmodule "/usr/local/lib/ser/modules/uri_db.so"
> > loadmodule "/usr/local/lib/ser/modules/uri.so"
> > loadmodule "/usr/local/lib/ser/modules/permissions.so"
> > loadmodule "/usr/local/lib/ser/modules/xlog.so"
> >
> > ###
> > # Module Paramaters
> > ###
> >
> > modparam("auth_db|uri_db|usrloc|permissions", "db_url",
> > "mysql://ser:passwd@localhost/ser") modparam("auth_db",
> > "calculate_ha1", 1)
> > modparam("auth_db", "password_column", "password")
> >
> > modparam("nathelper", "natping_interval", 5)
> > modparam("nathelper", "ping_nated_only", 1)
> > modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock")
> >
> > # VM Timeout
> > #modparam("tm", "fr_inv_timer", 20)
> > modparam("tm", "fr_inv_timer", 10)
> > modparam("tm", "fr_timer", 10)
> >
> > modparam("usrloc", "db_mode", 2)
> > modparam("permissions", "db_mode", 0)
> > modparam("permissions", "trusted_table", "trusted")
> > modparam("registrar", "nat_flag", 6)
> > modparam("rr", "enable_full_lr", 1)
> > modparam("exec", "setvars", 1)
> >
> >
> > modparam("acc", "log_level", 1)
> > modparam("acc", "log_flag", 1)
> > modparam("acc", "db_url", "mysql://ser:passwd@localhost/ser")
> > modparam("acc", "db_flag", 1)
> >
> >
> >
> > ###
> > # Routing Section
> > ###
> >
> > route {
> >
> >        # Basic Checks
> >        if (!mf_process_maxfwd_header("10")) {
> >                sl_send_reply("483", "Too Many Hops");
> >                break;
> >        };
> >        if (msg:len > max_len) {
> >                sl_send_reply("513", "Message Overflow");
> >                break;
> >        };
> >
> > if (method=="INVITE" && nat_uac_test("19")) {
> > xlog("L_ERR", "INVITE detected with nat_uac_test 19.  Adding record
> >                route preset.\n");
> >        record_route_preset("xxx.ser.ip.addr:5060;nat=yes"); } else if
> >                (method!="REGISTER") { record_route();
> >        };
> >
> >        if (method=="BYE" || method=="CANCEL") {
> >                unforce_rtp_proxy();
> >        };
> >
> >        # Loose Routing
> >        if (loose_route()) {
> >                route(1);
> >                break;
> > };
> >
> >
> >        # Call Processing
> >        if (uri!=myself) {
> > log (1, "*** Message URI is not myself.  Probably should not
> >                happen.\n"); route(1);
> >                break;
> >        };
> >        if (uri==myself) {
> >                if (method=="ACK") {
> > xlog("L_ERR", "ACK received from %is for %tu.\n");
> > route(1);
> >                        break;
> >                } else if (method=="CANCEL") {
> > xlog("L_ERR", "CANCEL received from %is for %tu.\n");
> > log(1, " Cancel\n");
> >                        route(3);
> >                        break;
> >                } else if (method=="INVITE") {
> > xlog("L_ERR", "INVITE received from %is for %tu.\n");
> >                        route(3);
> >                        break;
> >                } else if (method=="REGISTER") {
> > xlog("L_ERR", "REGISTER received from %is.\n");
> >                        route(2);
> >                        break;
> >                } else if (method=="NOTIFY") {
> > sl_send_reply("200", "Shut up.");
> > break;
> >                } else if (method=="OPTIONS") {
> > sl_send_reply("200", "Shut up.");
> > break;
> >                };
> >        };
> >
> >        route(1);
> > }
> >
> >
> > route[1] {
> >
> > ###
> >        # Default Call Handling
> > ###
> >
> > # NAT Fix
> >        if (method=="INVITE" && nat_uac_test("19") && !isflagset(9)) {
> > xlog("L_ERR", " - INVITE NAT detected (route 1).\n");
> > xlog("L_ERR", " -- Contact Header: %ct\n");
> >                fix_nated_sdp("1");
> > force_rport();
> > fix_nated_contact();
> > force_rtp_proxy();
> > setflag(9);
> > xlog("L_ERR", " ++ Contact Header: %ct\n");
> >        };
> >
> >        # On call timeout to voicemail
> > # t_on_failure("1");
> > # t_on_reply("1");
> >
> >        # Log
> >        setflag(1);
> >
> >        if (!t_relay()) {
> >                if (method=="INVITE" && isflagset(6)) {
> >                  unforce_rtp_proxy();
> >                };
> >                sl_reply_error();
> >        };
> > }
> >
> > route[2] {
> >
> > ###
> > # REGISTER method
> > ###
> >
> > log(1," Route 2 hit.\n");
> >
> >        if (!search("^Contact:\ +\*") && nat_uac_test("19")) {
> >                setflag(6);
> >                fix_nated_register();
> >                force_rport();
> >        };
> >
> >        sl_send_reply("100", "Trying");
> >
> >        if (!www_authorize("whatever.net","subscriber")) {
> >                www_challenge("whatever.net","0");
> >                break;
> >        };
> >
> >        if (!check_to()) {
> >                sl_send_reply("401", "Unauthorized");
> >                break;
> >        };
> >
> >        consume_credentials();
> >
> >        if (!save("location")) {
> >                sl_reply_error();
> >        };
> > }
> >
> > route[3] {
> >
> > ###
> > # INVITE & CANCEL
> > # URI matching is here.
> > ###
> >
> > xlog("L_ERR", " Route 3 starting.\n");
> >
> > t_on_failure("1");
> >        t_on_reply("1");
> >
> >        if (nat_uac_test("19")) {
> >                setflag(6);
> >        };
> >
> >        if (method=="INVITE" && !allow_trusted()) {
> > # Proxy auth code goes here
> > consume_credentials();
> > log(1,"INVITE and not trusted.");
> >        };
> >
> >
> >        lookup("aliases");
> >
> >        if (!lookup("location")) {
> > if (uri=~"^sip:911@") { # Pass 911 calls first
> > route(5);
> > break;
> > };
> >
> >                if (uri=~"^sip:[0-9]{7}@") { # EXPAND 7-DIGIT CALL
> >                        exec_dset("/root/7digit.pl");
> >                };
> >
> > # Try location lookup again
> >
> > if (!lookup("location")) {
> >
> > if (uri=~"^sip:[0-9]{10}@") {
> > # DB Lookup of NPANXX route
> >                         exec_dset("/root/npa_nxx.pl");
> > route(1);
> > break;
> >                 };
> >
> > if (uri=~"^sip:1[0-9]{10}@") {
> > # DB Lookup of NPANXX route
> >                         exec_dset("/root/npa_nxx.pl");
> > route(1);
> > break;
> >                 };
> >
> >                if (uri=~"^sip:555@") {   # Voicemail Access
> >                        route(6);
> >                        break;
> >                };
> >
> >                if (uri=~"^sip:556@") {   # Voicemail Access
> >                        route(6);
> >                        break;
> >                };
> >
> > # Call error message
> > route(7);
> >                break;
> > };
> >        };
> >
> >
> > # NAT Fix
> >        if (nat_uac_test("19") && !isflagset(9)) {
> >                fix_nated_sdp("1");
> > force_rport();
> > fix_nated_contact();
> > force_rtp_proxy();
> > setflag(9);
> >        };
> >
> >        if (!t_relay()) {
> >                if(nat_uac_test("19") && isflagset(9)) {
> >                        unforce_rtp_proxy();
> >                }
> >                sl_reply_error();
> >        };
> > }
> >
> >
> >
> > route[4] {
> >
> >        ###
> > # Primary LD Gateway
> > ###
> >
> >        rewritehost("xxx.sip.gw.ip");
> >        route(1);
> > }
> >
> > route[5] {
> >
> >        ###
> > # Local PSTN Gateway
> > ###
> >        rewritehost("xxx.pstn.gw.ip");
> >        route(1);
> > }
> >
> >
> > route[6] {
> >
> >        ###
> >        # Calls to VM
> >        ###
> > rewritehost("xxx.ast.srv.ip");
> >        route(1);
> > }
> >
> > route[7] {
> >
> >        ###
> >        # Call Failure
> >        ###
> >        rewriteuri("sip:7110000001 at xxx.ast.srv.ip");
> >        route(1);
> > }
> >
> >
> >
> > failure_route[1] {
> >
> >        ###
> >        # Voicemail
> >        ###
> > xlog("L_ERR", " * Failure Route 1 ");
> >        rewritehost("xxx.ast.srv.ip");
> > append_hf("P-hint: OFFLINE VOICEMAIL\r\n");
> >        append_branch();
> >        route(1);
> > }
> >
> >
> > onreply_route[1] {
> >
> > if (nat_uac_test("19") && status=~"(180)|(183)|2[0-9][0-9]") {
> > if (!search("^Content-Length:\ +0")) {
> > force_rtp_proxy();
> > };
> > };
> >
> > if (nat_uac_test("1") && !isflagset(9)) {
> > fix_nated_contact();
> > };
> > }
> >
> >
> >
> >
> > END
> >
> >
> >
> >
> > *********************************************
> > This message has been scanned for viruses and
> > dangerous content, and is believed to be clean.
> >
> > _______________________________________________
> > Serusers mailing list
> > serusers at lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers 
> 
> 
> *********************************************
> This message has been scanned for viruses and
> dangerous content, and is believed to be clean.
> 


*********************************************
This message has been scanned for viruses and
dangerous content, and is believed to be clean.

_______________________________________________
Serusers mailing list
serusers at lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers




More information about the sr-users mailing list