[SR-Users] Ynt: Using Kamalio as a proxy for internal servers

egemen ulus ulus_egemen at hotmail.com
Fri Sep 11 12:39:50 CEST 2020


You can use force socket in kamailio.cfg in these ways;

1- force_send_socket(udp:10.10.10.10:5060);
or if you want to use variable in it;
2- $fs = "udp" + $var(x) + ":5060":

Regards
Egemen U.

________________________________
Gönderen: Moshe Katz <kohenkatz at gmail.com> adına sr-users <sr-users-bounces at lists.kamailio.org>
Gönderildi: 7 Eylül 2020 Pazartesi 15:44
Kime: Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>
Konu: Re: [SR-Users] Using Kamalio as a proxy for internal servers

Olle,

If I define another listen line, how do I tell Kamailio to use one listen line for inside traffic and the other for outside traffic?


Sergey,

Using IPv6 internally is a great idea. I'll have to see if I can try it.


Thank you both!



On Mon, Sep 7, 2020 at 7:39 AM Olle E. Johansson <oej at edvina.net<mailto:oej at edvina.net>> wrote:


On 7 Sep 2020, at 12:24, Sergey Safarov <s.safarov at gmail.com<mailto:s.safarov at gmail.com>> wrote:

To resolve such an issue I switched to use IPv6 on internal SIP servers for signaling and IPv4 for RTPmedia.

For me works like a charm.
Very elegant solution!

/O

On Mon, Sep 7, 2020 at 9:58 AM Olle E. Johansson <oej at edvina.net<mailto:oej at edvina.net>> wrote:
You need to define another listen= without the advertise for communication with internal servers. Either another IP or another port.

/O

On 6 Sep 2020, at 17:34, Moshe Katz <kohenkatz at gmail.com<mailto:kohenkatz at gmail.com>> wrote:

Hello all,

(Note: I previously posted a more detailed version of this question on StackOverflow at https://stackoverflow.com/q/63760506/829970 . This version is simplified to fit better in an email.)

I have Kamailio 5.4.1 (and RTPEngine) running on an internal server with a private IP address 172.31.7.96 and One-to-one NAT to an external IP address. The external IP is 192.0.2.100. (Note: The internal IP addresses are all unedited, but the public IPs have been replaced with TEST-NET-1 and TEST-NET-2 example addresses.) I will eventually be doing transcoding with RTPEngine, but for now this is a simple SIP Proxy.

Kamailio is installed on Ubuntu 18.04 using the DEB packages from dev.kamailio.org/kamailio54<http://dev.kamailio.org/kamailio54> and is using the stock configuration that comes with those packages, except for the following changes:


#!define WITH_NAT
#!define WITH_RTPENGINE
#!define WITH_MYSQL
#!define WITH_AUTH
#!define WITH_IPAUTH

listen=udp:0.0.0.0:5060<http://0.0.0.0:5060/> advertise 192.0.2.100:5060<http://192.0.2.100:5060/>

#!define DBURL "mysql://kamailio:REAL_PASSWORD_HERE@127.0.0.1/kamailio<http://kamailio:REAL_PASSWORD_HERE@127.0.0.1/kamailio>"

I have internal SIP servers with private IP addresses in the 172.31.7.0/24<http://172.31.7.0/24> range that I want to have send all SIP traffic through the Kamailio server. The internal servers are running a Java SIP client with the `OUTBOUND_PROXY` setting set to 172.31.7.96.

The problem I have is that the SIP `200 OK` message sent by Kamailio to my SIP server has its `Record-Route` header set to the public IP address `192.0.2.100` instead of the private address `172.31.7.96`. The SIP client therefore tries to send the `ACK` message back to the public address, but it has no route to the public address so the ACK never gets sent.

How can I configure Kamailio to use the public IP for external traffic but the private IP for communicating with internal machines on the same subnet?

I tried setting `mhomed=1`, but the machine isn't actually multi-homed so that didn't work.

I thought of adding a second listen line `listen=udp:172.31.7.96:5061<http://172.31.7.96:5061/>` and having the internal servers talk to port 5061, but that doesn't work because Kamailio uses the 5061 definition for the external side too.

I see in the docs that it is possible to name the listener lines, but I don't understand how to use those names in a way that would be relevant to my issue.

Thank you very much for your help,

Moshe
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20200911/ccc3c638/attachment.htm>


More information about the sr-users mailing list