[SR-Users] dispatch REGISTER over TLS

David Villasmil david.villasmil.work at gmail.com
Sat Nov 9 13:59:31 CET 2019


Please post the config around the ds_select

What that’s saying is basically it could not find a destination for the set
you are asking for.

Either because the setid you provide with the function doesn’t exist, or
the destination is not responding to the pings.


On Sat, 9 Nov 2019 at 10:33, sthustfo <sthustfo at gmail.com> wrote:

> Thanks Karsten. The setup consists of client connecting to kamailio over
> WS (10.0.0.14). Kamailio needs to proxy the requests to SIP server
> (10.0.0.100) over TLS. As per your suggestion, I modified the dispatch list
> as below
>
> # setid(integer) destination(sip uri) flags (integer, optional),
> priority(int,opt), attrs (str,optional)
> 1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.14:5061
> ;ping_from=sip:10.0.0.14
>
> With above, kamailio replies to REGISTER with "SIP/2.0 404 No
> destination". And in the logs, I see following statement.
>
> 1(2281) DEBUG: dispatcher [dispatch.c:3125]: ds_check_timer(): no
> destination sets
>
> What does this mean? Is kamailio not able to talk to SIP server for
> some reason?
>
> Regards
>
> On Fri, Nov 8, 2019 at 11:55 PM Karsten Horsmann <khorsmann at gmail.com>
> wrote:
>
>> Hi,
>>
>>
>> Your config line for the dispatcher makes no sense for me.
>>
>> 1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.100:5061;
>> ping_from=sip:10.0.0.14
>>
>>
>> Means setid 1007 (like an group to arrange multiple targets) okay.
>> But sip:10.0.0.100:5061;transport=tls is the dispatcher target Uri.
>> Where your calls are placed when you call the dispatcher function with
>> setid 1007.
>>
>> In combination with socket=10.0.0.100:5061 (that indicates your Kamailio
>> socket, the proxy ip)
>> That you talking with yourself.
>>
>> You should read the module documentations for dispatcher and tls.
>>
>> Or describe your ip setup and your config a bit more.
>>
>> Cheers
>> Karsten
>>
>> sthustfo <sthustfo at gmail.com> schrieb am Fr., 8. Nov. 2019, 17:41:
>>
>>> Hi Karsten, David,
>>>
>>> Thanks for your pointers. Earlier I was using mysql backend where the
>>> dispatch list was stored. Now following your suggestions, I have switched
>>> to dispatcher list in a file (/etc/kamailio/dispatcher.list) and put in the
>>> following
>>>
>>> # setid(integer) destination(sip uri) flags (integer, optional),
>>> priority(int,opt), attrs (str,optional)
>>> 1007 sip:10.0.0.100:5061;transport=tls 0 3 socket=tls:10.0.0.100:5061
>>> ;ping_from=sip:10.0.0.14
>>>
>>> Even with this, when HTTP request in, the same is upgraded to WS
>>> connection. But this gets closed after couple of seconds. Does the below
>>> log indicate anything?
>>>
>>> 9(1784) exec: *** cfgtrace:request_route=[xhttp:request]
>>> c=[/etc/kamailio/kamailio.cfg] l=1112 a=2 n=exit
>>>  9(1784) DEBUG: <core> [core/usr_avp.c:636]: destroy_avp_list():
>>> destroying list (nil)
>>>
>>> Is there any way to understand what's happening? I do not see any other
>>> error lin logs.
>>>
>>> Thanks.
>>>
>>>
>>>
>>> On Thu, Nov 7, 2019 at 2:34 PM Daniel-Constantin Mierla <
>>> miconda at gmail.com> wrote:
>>>
>>>> Hello,
>>>> On 06.11.19 20:46, Karsten Horsmann wrote:
>>>>
>>>> Hi,
>>>>
>>>> the sips Uri schemata is not used for tls with dispatcher.
>>>>
>>>> jumping in to clarify a bit about sips protocol schema. It doesn't
>>>> imply TLS as one may think HTTPS does it for HTTP. The sips is mandating
>>>> that the traffic goes over secure links, which can be IPSec/VPN or even
>>>> just private network, so it is ok using UDP or TCP when sips is present.
>>>>
>>>> In SIP, if TLS is wanted, then transport=tls has to be added to the URI.
>>>>
>>>> As for dispatcher, one more clarification: trasport=tls in attrs has
>>>> nothing to do with the destination address, so that has to be in the value
>>>> of the destination field, as Karsten gave in his example.
>>>>
>>>> And, as general note: better do not use sips at all, it can mess up
>>>> some nodes in the path, if you are not sure about the need of sips -- just
>>>> do uri;trasport=tls.
>>>>
>>>> Cheers,
>>>> Daniel
>>>>
>>>>
>>>> Here an example for flatfile dispatcher.list (need corrected values).
>>>>
>>>> The socket line must match an listen directive in your Kamailio.cfg.
>>>>
>>>>
>>>> root at sbc1:~# cat /etc/kamailio/dispatcher.list
>>>> # setid(integer) destination(sip uri) flags (integer, optional),
>>>> priority(int,opt), attrs (str,optional)
>>>> 1007 sip:sip.pstnhub.microsoft.com;transport=tls 0 3
>>>> socket=tls:212.xx.xx.xx:5061;ping_from=sip:sbc-d01.yourdomain
>>>>
>>>> Cheers
>>>> Karsten
>>>>
>>>> sthustfo <sthustfo at gmail.com> schrieb am Mi., 6. Nov. 2019, 20:32:
>>>>
>>>>> I have a basic setup where kamailio receives SIP over websocket (no
>>>>> WSS) and forwards to SIP server over TLS. I have enabled TLS in
>>>>> kamailio.cfg and added dispatcher node as sips:SIP_SERVER:5061 and
>>>>> transport=tls.
>>>>>
>>>>>
>>>>> +----+-------+------------------------+-------+----------+---------------+----------------+
>>>>> | id | setid | destination            | flags | priority | attrs
>>>>>   | description    |
>>>>>
>>>>> +----+-------+------------------------+-------+----------+---------------+----------------+
>>>>> |  4 |     1 | sips:10.0.0.100:5061 |     0 |        0 |
>>>>> transport=tls | SIP SERVER |
>>>>>
>>>>> +----+-------+------------------------+-------+----------+---------------+----------------+
>>>>>
>>>>> Now when REGISTER is received over websocket, kamailio is responding
>>>>> with error code 500 and phrase "500 I'm terribly sorry, server error
>>>>> occurred (7/SL)". And on the console I see the following error messages.
>>>>>
>>>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core>
>>>>> [core/md5utils.c:67]: MD5StringArray(): MD5 calculated:
>>>>> f1ecf7bcb659b07fe81e332e100044e5
>>>>> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
>>>>> [ut.h:315]: uri2dst2(): no corresponding socket found for "10.0.0.100" af 2
>>>>> (tls:10.0.0.100:5061)
>>>>> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
>>>>> [t_fwd.c:467]: prepare_new_uac(): can't fwd to af 2, proto 3  (no
>>>>> corresponding listening socket)
>>>>> 12(33858) ERROR: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
>>>>> [t_fwd.c:1735]: t_forward_nonack(): failure to add branches
>>>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
>>>>> [t_funcs.c:334]: t_relay_to(): t_forward_nonack returned error -7 (-7)
>>>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} tm
>>>>> [t_funcs.c:352]: t_relay_to(): -7 error reply generation delayed
>>>>> 12(33858) exec: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} ***
>>>>> cfgtrace:request_route=[RELAY] c=[/etc/kamailio/kamailio.cfg] l=587 a=24
>>>>> n=sl_reply_error
>>>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} <core>
>>>>> [core/msg_translator.c:162]: check_via_address(): (10.0.0.14,
>>>>> hsvmphm3ps12.invalid, 0)
>>>>> 12(33858) DEBUG: {1 2521 REGISTER o9q7ujqgin33qgp00abijv} websocket
>>>>> [ws_conn.c:452]: wsconn_get(): wsconn_get for id [3]
>>>>>
>>>>> *tls.cfg contents*
>>>>> [client:default]
>>>>> method = TLSv1
>>>>> verify_certificate = yes
>>>>> require_certificate = yes
>>>>> private_key = /home/test/kamailio/internal.key
>>>>> certificate = /home/test/kamailio/internal.crt
>>>>> ca_list = /home/test/kamailio/ca_list.pem
>>>>>
>>>>> Any reason why this error is seen? Any inputs appreciated.
>>>>>
>>>>> Thanks.
>>>>> _______________________________________________
>>>>> Kamailio (SER) - Users Mailing List
>>>>> sr-users at lists.kamailio.org
>>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>>
>>>>
>>>> _______________________________________________
>>>> Kamailio (SER) - Users Mailing Listsr-users at lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>
>>>> --
>>>> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
>>>> Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
>>>>
>>>> _______________________________________________
>>>> Kamailio (SER) - Users Mailing List
>>>> sr-users at lists.kamailio.org
>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-- 
Regards,

David Villasmil
email: david.villasmil.work at gmail.com
phone: +34669448337
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20191109/9c9f79ff/attachment.html>


More information about the sr-users mailing list