[SR-Users] Using Kamalio as a proxy for internal servers

Moshe Katz kohenkatz at gmail.com
Mon Sep 7 14:44:42 CEST 2020 

Olle,

If I define another listen line, how do I tell Kamailio to use one listen
line for inside traffic and the other for outside traffic?


Sergey,

Using IPv6 internally is a great idea. I'll have to see if I can try it.


Thank you both!



On Mon, Sep 7, 2020 at 7:39 AM Olle E. Johansson <oej at edvina.net> wrote:

>
>
> On 7 Sep 2020, at 12:24, Sergey Safarov <s.safarov at gmail.com> wrote:
>
> To resolve such an issue I switched to use IPv6 on internal SIP servers
> for signaling and IPv4 for RTPmedia.
>
> For me works like a charm.
>
> Very elegant solution!
>
> /O
>
>
> On Mon, Sep 7, 2020 at 9:58 AM Olle E. Johansson <oej at edvina.net> wrote:
>
>> You need to define another listen= without the advertise for
>> communication with internal servers. Either another IP or another port.
>>
>> /O
>>
>> On 6 Sep 2020, at 17:34, Moshe Katz <kohenkatz at gmail.com> wrote:
>>
>> Hello all,
>>
>> (Note: I previously posted a more detailed version of this question on
>> StackOverflow at https://stackoverflow.com/q/63760506/829970 . This
>> version is simplified to fit better in an email.)
>>
>> I have Kamailio 5.4.1 (and RTPEngine) running on an internal server with
>> a private IP address 172.31.7.96 and One-to-one NAT to an external IP
>> address. The external IP is 192.0.2.100. (Note: The internal IP addresses
>> are all unedited, but the public IPs have been replaced with TEST-NET-1 and
>> TEST-NET-2 example addresses.) I will eventually be doing transcoding with
>> RTPEngine, but for now this is a simple SIP Proxy.
>>
>> Kamailio is installed on Ubuntu 18.04 using the DEB packages from
>> dev.kamailio.org/kamailio54 and is using the stock configuration that
>> comes with those packages, except for the following changes:
>>
>> #!define WITH_NAT
>> #!define WITH_RTPENGINE
>> #!define WITH_MYSQL
>> #!define WITH_AUTH
>> #!define WITH_IPAUTH
>>
>> listen=udp:0.0.0.0:5060 advertise 192.0.2.100:5060
>>
>> #!define DBURL "mysql://kamailio:REAL_PASSWORD_HERE@127.0.0.1/kamailio"
>>
>>
>> I have internal SIP servers with private IP addresses in the
>> 172.31.7.0/24 range that I want to have send all SIP traffic through the
>> Kamailio server. The internal servers are running a Java SIP client with
>> the `OUTBOUND_PROXY` setting set to 172.31.7.96.
>>
>> The problem I have is that the SIP `200 OK` message sent by Kamailio to
>> my SIP server has its `Record-Route` header set to the public IP address
>> `192.0.2.100` instead of the private address `172.31.7.96`. The SIP client
>> therefore tries to send the `ACK` message back to the public address, but
>> it has no route to the public address so the ACK never gets sent.
>>
>> How can I configure Kamailio to use the public IP for external traffic
>> but the private IP for communicating with internal machines on the same
>> subnet?
>>
>> I tried setting `mhomed=1`, but the machine isn't actually multi-homed so
>> that didn't work.
>>
>> I thought of adding a second listen line `listen=udp:172.31.7.96:5061`
>> and having the internal servers talk to port 5061, but that doesn't work
>> because Kamailio uses the 5061 definition for the external side too.
>>
>> I see in the docs that it is possible to name the listener lines, but I
>> don't understand how to use those names in a way that would be relevant to
>> my issue.
>>
>> Thank you very much for your help,
>>
>> Moshe
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20200907/33bd76fa/attachment.htm>

More information about the sr-users mailing list