[SR-Users] Determine correct port in record-route if kamailio is behind NAT

Daniel-Constantin Mierla miconda at gmail.com
Mon May 11 13:39:44 CEST 2020 

Hello,

the nature of tcp protocol makes local ports on connect (as well
accepted connection ports) ephemeral. Kamailio has for that reason
"connection aliases", so the matching is also done based on advertised
attributes, not only on connection source ip/port. The interconnect
provider should do it also for tcp/tls. I am not sure now, but I think
there is also in the RFC specs something about.

Then, the alternative, with the latest kernels and kamailio, you can try
to reuse the tcp port:

  * https://www.kamailio.org/wiki/cookbooks/5.3.x/core#tcp_reuse_port

On the other hand, the firewall may associate a different extern port
for connections originated from the same source ip/port, you will have
to test and see what happens.

Cheers,
Daniel

On 11.05.20 12:23, Michal Popovic wrote:
> Hello,
>
> so it looks like kamailio used random port for opening connections to our partners but did not updates record-route port properly. AWS has symmetric NAT and that works fine.
>
> Is there any way how to identify port and rewrite record-route?
>
> Thanks.
>
> Bye,
> Michal
>
>> On 7 May 2020, at 17:25, Michal Popovic <michal.popovic at cloudtalk.io> wrote:
>>
>> Hello,
>>
>> our kamailio used for sip trunk interconnections is behind NAT and our cloud provider opens random outgoing ports for outbound connections.
>> Our record-route is set to our external address and port 5060, that is probably incorrect, but we did not had any issues.
>> One of our partners suddenly begin sending BYEs to the port advertised in record-route instead of port from where he received call.
>>
>> What is a correct approach here if we are not able to determine open port behind NAT?
>>
>> Bye,
>> Michal
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Funding: https://www.paypal.me/dcmierla

More information about the sr-users mailing list