[SR-Users] Integration with multiple MS Teams instances

Tue Aug 10 08:22:11 CEST 2021

Hello,

setting outbound tcpid is facilitating searching first by id, but in
case of failure to find the connection, then it falls back to target
address search.

Cheers,
Daniel

On 09.08.21 16:26, Володимир Іванець wrote:
> Hello all!
>
> Does anyone know if function tcp_set_otcpid() can be used in
> "event_route[tm:local-request]"? I added this to the configuration:
>
>     /$var(conid) = 10;/
>     /tcp_set_otcpid("$var(conid)");/
>
> ... and was expecting that Kamailio will not find a match (there is no
> connection id #10 at this point), go
> here https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1615
> <https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1615>
> and then initiate a new connection
> https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1993
> <https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1993>.
> But it went
> to https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1594
> <https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1594>
> and could find a match:
>
>     /Aug  9 17:08:31 kamailio-dev-2 /usr/sbin/kamailio[3858]: DEBUG:
>     <core> [core/tcp_main.c:1610]: _tcpconn_find(): found connection
>     by peer address (id: 2)/
>
>
> Thanks a lot!
>
> Regards, Volodymyr Ivanets.
>
> пт, 6 серп. 2021 о 15:53 Володимир Іванець <volodyaivanets at gmail.com
> <mailto:volodyaivanets at gmail.com>> пише:
>
>     Or maybe some special "id" to tell Kamailio to skip the
>     verification and just create a new connection? Then I could use
>     the real "id" for further outbound traffic.
>
>     Thank you!
>
>     Regards, Volodymyr Ivanets.
>
>     пт, 6 серп. 2021 о 15:45 Володимир Іванець
>     <volodyaivanets at gmail.com <mailto:volodyaivanets at gmail.com>> пише:
>
>         Hello Daniel!
>
>         Thank you for the suggestion. Unfortunately adding the
>         "tcp_connection_match=1" did not made a difference. Kamailio
>         found other connection to the same peer and used it instead:
>
>             /<core> [core/tcp_main.c:1610]: _tcpconn_find(): found
>             connection by peer address (id: 2)/
>             /
>             /
>
>         Also, it looks like the answer is in this comment:
>         https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1563
>         <https://github.com/kamailio/kamailio/blob/master/src/core/tcp_main.c#L1563>.
>         And below are active tls connections for the previous trunk.
>         Is there a way to add an additional field like a "tag" that
>         could be used in peer matching as well? Otherwise, I guess the
>         only option I have is to run separate instances of Kamailio
>         with a very basic configuration for each MS Teams connection.
>
>             /# kamcmd tls.list
>             {
>                     id: 2
>                     timeout: 0
>                     src_ip: 52.114.75.24
>                     src_port: 5061
>                     dst_ip: 172.16.30.206
>                     *dst_port: 0*
>                     cipher: ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2
>             Kx=ECDH     Au=RSA  Enc=AESGCM(256) Mac=AEAD
>                     ct_wq_size: 0
>                     enc_rd_buf: 0
>                     flags: 2
>                     state: established
>             }
>             {
>                     id: 3
>                     timeout: 0
>                     src_ip: 52.114.75.24
>                     src_port: 6272
>                     dst_ip: 172.16.30.206
>                     dst_port: 5063
>                     cipher: AES256-GCM-SHA384       TLSv1.2 Kx=RSA    
>              Au=RSA  Enc=AESGCM(256) Mac=AEAD
>                     ct_wq_size: 0
>                     enc_rd_buf: 0
>                     flags: 2
>                     state: established
>             }
>             {
>                     id: 4
>                     timeout: 581
>                     src_ip: 52.114.75.24
>                     src_port: 6273
>                     dst_ip: 172.16.30.206
>                     dst_port: 5063
>                     cipher: AES256-GCM-SHA384       TLSv1.2 Kx=RSA    
>              Au=RSA  Enc=AESGCM(256) Mac=AEAD
>                     ct_wq_size: 0
>                     enc_rd_buf: 0
>                     flags: 2
>                     state: established/
>             /} /
>             /
>             /
>
>         Thank you!
>
>         Regards, Volodymyr Ivanets.
>
>         ср, 4 серп. 2021 о 13:45 Daniel-Constantin Mierla
>         <miconda at gmail.com <mailto:miconda at gmail.com>> пише:
>
>             Hello,
>
>             can you set
>             https://www.kamailio.org/wiki/cookbooks/5.5.x/core#tcp_connection_match
>             <https://www.kamailio.org/wiki/cookbooks/5.5.x/core#tcp_connection_match>
>             ?
>
>             It may work only for connections accepted by Kamailio, but
>             worth a try.
>
>             Cheers,
>             Daniel
>
>             On 03.08.21 14:48, Володимир Іванець wrote:
>>             Hello Daniel,
>>
>>             Yes, I have "socket=tls:172.16.30.206:5062
>>             <http://172.16.30.206:5062>" and
>>             "socket=tls:172.16.30.206:5063
>>             <http://172.16.30.206:5063>" attributes for corresponding
>>             records in the Dispatcher configuration table. $fs prints
>>             out correct values in the "event_route[tm:local-request]".
>>
>>             But I thought that TCP/TLS connections are established
>>             from a random port to a destination port on the peer
>>             side. And then the remote peer connects from its random
>>             port to our port 5062/5063.
>>
>>             If understood Kamailio log correctly when it is about to
>>             establish a second connection to the same peer it sees an
>>             active connection for the previous trunk and uses it
>>             instead of creating a new one.
>>
>>             Thank you!
>>
>>             Regards, Volodymyr Ivanets.
>>
>>             пн, 2 серп. 2021 о 22:21 Daniel-Constantin Mierla
>>             <miconda at gmail.com <mailto:miconda at gmail.com>> пише:
>>
>>                 Hello,
>>
>>                 do you force local send socket?
>>
>>                 Cheers,
>>                 Daniel
>>
>>                 On 02.08.21 18:21, Володимир Іванець wrote:
>>>                 Hello Daniel!
>>>
>>>                 I updated Kamailio to the latest released version.
>>>                 The problem is that still with
>>>                 tls_set_connect_server_id() I can not make a single
>>>                 instance of Kamailio connect to multiple MS Teams
>>>                 domains. I use a single IP address with different
>>>                 ports for different trunks. I can see it
>>>                 establishing a connection to one trunk and using it
>>>                 for other domains.
>>>
>>>                 Is there a way to force Kamailio to make a new TLS
>>>                 connection to the same peer address that it is
>>>                 already connected to?
>>>
>>>                 Thank you!
>>>
>>>                 Regards, Volodymyr Ivanets.
>>>
>>>                 пн, 2 серп. 2021 о 13:44 Daniel-Constantin Mierla
>>>                 <miconda at gmail.com <mailto:miconda at gmail.com>> пише:
>>>
>>>                     Hello,
>>>
>>>                     upgrading is the recommended way, indeed, if you
>>>                     want to use tls_set_connect_server_id(). For
>>>                     older version you may want to try looping back
>>>                     to kamailio (can be over udp) and the use the
>>>                     xavps. Adds some overhead and hops, but if you
>>>                     are stuck to a version and can't really upgrade
>>>                     soon, might be an option to look at.
>>>
>>>                     Cheers,
>>>                     Daniel
>>>
>>>                     On 29.07.21 18:48, Володимир Іванець wrote:
>>>>                     Hello Rob!
>>>>
>>>>                     Yes, I'm using Letsencrypt while I'm testing.
>>>>                     But I would like to be able to use different
>>>>                     certificates with different sockets.
>>>>
>>>>                     I found this
>>>>                     discussion https://github.com/kamailio/kamailio/issues/2413
>>>>                     <https://github.com/kamailio/kamailio/issues/2413>.
>>>>                     Looks like I need to use
>>>>                     "tls_set_connect_server_id()" instead of
>>>>                     setting $xavp(tls=>server_name)" and
>>>>                     "$xavp(tls[0]=>server_id)". Unfortunately I'm
>>>>                     currently using Kamailio v5.4 on my test system
>>>>                     and this function is not available. I will
>>>>                     update Kamailio and give it another try. Then I
>>>>                     will update everyone in the hope it will be
>>>>                     useful for someone :)
>>>>
>>>>                     Thank you!
>>>>
>>>>                     Regards, Volodymyr Ivanets
>>>>
>>>>                     чт, 29 лип. 2021 о 19:07 Rob van den Bulk
>>>>                     <rob.van.den.bulk at gmail.com
>>>>                     <mailto:rob.van.den.bulk at gmail.com>> пише:
>>>>
>>>>                         Hello, are u using letsencrypt?
>>>>
>>>>                         U can use a multi domain.
>>>>
>>>>                         Muti domain names in one certificate 
>>>>
>>>>                         Outlook voor Android
>>>>                         <https://aka.ms/AAb9ysg> downloaden
>>>>                         ------------------------------------------------------------------------
>>>>                         *From:* sr-users
>>>>                         <sr-users-bounces at lists.kamailio.org
>>>>                         <mailto:sr-users-bounces at lists.kamailio.org>>
>>>>                         on behalf of Володимир Іванець
>>>>                         <volodyaivanets at gmail.com
>>>>                         <mailto:volodyaivanets at gmail.com>>
>>>>                         *Sent:* Thursday, July 29, 2021 4:44:16 PM
>>>>                         *To:* Kamailio (SER) - Users Mailing List
>>>>                         <sr-users at lists.kamailio.org
>>>>                         <mailto:sr-users at lists.kamailio.org>>
>>>>                         *Subject:* [SR-Users] Integration with
>>>>                         multiple MS Teams instances
>>>>                          
>>>>                         Hello all!
>>>>
>>>>                         I was able to connect Kamailio with MS
>>>>                         Teams and now trying to add one more Teams
>>>>                         instance. It looks like I have some
>>>>                         misconfiguration or there is a bug.
>>>>
>>>>                         My test server has 2 domain records
>>>>                         pointing at it (kamailio.domain1.com
>>>>                         <http://kamailio.domain1.com> and
>>>>                         kamailio.domain2.com
>>>>                         <http://kamailio.domain2.com>). My tls.cfg
>>>>                         configuration file looks like this. As you
>>>>                         can see the Default section is configured
>>>>                         with a kamailio.domain1.com
>>>>                         <http://kamailio.domain1.com> sertificate:
>>>>
>>>>                             /[server:default]/
>>>>                             /method = TLSv1.0+/
>>>>                             /require_certificate = no/
>>>>                             /verify_certificate = no/
>>>>                             /private_key =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/server/key.pem
>>>>                             <http://kamailio.domain1.com/server/key.pem>/
>>>>                             /certificate =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem
>>>>                             <http://kamailio.domain1.com/server/cert.pem>/
>>>>                             /ca_list =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem
>>>>                             <http://kamailio.domain1.com/CA/cert.pem>/
>>>>
>>>>                         /
>>>>                         /
>>>>
>>>>                             /[client:default]/
>>>>                             /method = TLSv1.0+/
>>>>                             /require_certificate = no/
>>>>                             /verify_certificate = no/
>>>>                             /private_key =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/server/key.pem
>>>>                             <http://kamailio.domain1.com/server/key.pem>/
>>>>                             /certificate =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem
>>>>                             <http://kamailio.domain1.com/server/cert.pem>/
>>>>                             /ca_list =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem
>>>>                             <http://kamailio.domain1.com/CA/cert.pem>/
>>>>
>>>>                         /
>>>>                         /
>>>>                         /
>>>>                         /
>>>>
>>>>                             /[server:172.16.30.206:5062
>>>>                             <http://172.16.30.206:5062>]/
>>>>                             /method = TLSv1.0+/
>>>>                             /require_certificate = no/
>>>>                             /verify_certificate = no/
>>>>                             /private_key =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/server/key.pem
>>>>                             <http://kamailio.domain1.com/server/key.pem>/
>>>>                             /certificate =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem
>>>>                             <http://kamailio.domain1.com/server/cert.pem>/
>>>>                             /ca_list =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem
>>>>                             <http://kamailio.domain1.com/CA/cert.pem>/
>>>>                             /server_name = "kamailio.domain1.com
>>>>                             <http://kamailio.domain1.com>"/
>>>>                             /server_id = "//"kamailio.domain1.com
>>>>                             <http://kamailio.domain1.com>"//
>>>>                             /
>>>>
>>>>                         /
>>>>                         /
>>>>
>>>>                             /[client:172.16.30.206:5062
>>>>                             <http://172.16.30.206:5062>]/
>>>>                             /method = TLSv1.0+/
>>>>                             /require_certificate = no/
>>>>                             /verify_certificate = no/
>>>>                             /private_key =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/server/key.pem
>>>>                             <http://kamailio.domain1.com/server/key.pem>/
>>>>                             /certificate =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/server/cert.pem
>>>>                             <http://kamailio.domain1.com/server/cert.pem>/
>>>>                             /ca_list =
>>>>                             /var/kamailio/certificates/kamailio.domain1.com/CA/cert.pem
>>>>                             <http://kamailio.domain1.com/CA/cert.pem>/
>>>>
>>>>                         /
>>>>
>>>>                         /
>>>>
>>>>                             /[server:172.16.30.206:5063
>>>>                             <http://172.16.30.206:5063>]/
>>>>                             /method = TLSv1.0+/
>>>>                             /require_certificate = no/
>>>>                             /verify_certificate = no/
>>>>                             /private_key =
>>>>                             /var/kamailio/certificates/kamailio.domain2.com/server/key.pem
>>>>                             <http://kamailio.domain2.com/server/key.pem>/
>>>>                             /certificate =
>>>>                             /var/kamailio/certificates/kamailio.domain2.com/server/cert.pem
>>>>                             <http://kamailio.domain2.com/server/cert.pem>/
>>>>                             /ca_list =
>>>>                             /var/kamailio/certificates/kamailio.domain2.com/CA/cert.pem
>>>>                             <http://kamailio.domain2.com/CA/cert.pem>/
>>>>                             /server_name = "kamailio.domain2.com
>>>>                             <http://kamailio.domain2.com>"/
>>>>
>>>>                             /server_id = "//"kamailio.domain2.com
>>>>                             <http://kamailio.domain2.com>"/
>>>>
>>>>                         /
>>>>                         /
>>>>
>>>>                             /[client:172.16.30.206:5063
>>>>                             <http://172.16.30.206:5063>]/
>>>>                             /method = TLSv1.0+/
>>>>                             /require_certificate = no/
>>>>                             /verify_certificate = no/
>>>>                             /private_key =
>>>>                             /var/kamailio/certificates/kamailio.domain2.com/server/key.pem
>>>>                             <http://kamailio.domain2.com/server/key.pem>/
>>>>                             /certificate =
>>>>                             /var/kamailio/certificates/kamailio.domain2.com/server/cert.pem
>>>>                             <http://kamailio.domain2.com/server/cert.pem>/
>>>>                             /ca_list =
>>>>                             /var/kamailio/certificates/kamailio.domain2.com/CA/cert.pem
>>>>                             <http://kamailio.domain2.com/CA/cert.pem>/
>>>>
>>>>
>>>>                         The dispatcher configuration table looks
>>>>                         like this:
>>>>
>>>>                             +----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+
>>>>                             | id | setid | destination            
>>>>                                                  | flags | priority
>>>>                             | attrs                               
>>>>                                                           |
>>>>                             description |
>>>>                             +----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+
>>>>                             |  1 |     1 |
>>>>                             sip:sip.pstnhub.microsoft.com
>>>>                             <http://sip.pstnhub.microsoft.com>;transport=tls
>>>>                              |     0 |        3 |
>>>>                             socket=tls:172.16.30.206:5062;ping_from=sip:kamailio.domain1.com
>>>>                             <http://kamailio.domain1.com>   | MS
>>>>                             Teams 1  |
>>>>                             |  2 |     2 |
>>>>                             sip:sip.pstnhub.microsoft.com
>>>>                             <http://sip.pstnhub.microsoft.com>;transport=tls
>>>>                              |     0 |        3 |
>>>>                             socket=tls:172.16.30.206:5063;ping_from=sip:kamailio.domain2.com
>>>>                             <http://kamailio.domain2.com>   | MS
>>>>                             Teams 2  |
>>>>                             +----+-------+----------------------------------------------+-------+----------+--------------------------------------------------------------------+-------------+
>>>>
>>>>
>>>>
>>>>                         When Kamailio is started only connection
>>>>                         with the first trunk is established:
>>>>
>>>>                             /# kamcmd tls.list/
>>>>                             /{/
>>>>                             /        id: 1/
>>>>                             /        timeout: 0/
>>>>                             /        src_ip: 52.114.75.24/
>>>>                             /        src_port: 5061/
>>>>                             /        dst_ip: 172.16.30.206/
>>>>                             /        dst_port: 0/
>>>>                             /        cipher:
>>>>                             ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2
>>>>                             Kx=ECDH     Au=RSA  Enc=AESGCM(256)
>>>>                             Mac=AEAD/
>>>>                             /        ct_wq_size: 0/
>>>>                             /        enc_rd_buf: 0/
>>>>                             /        flags: 2/
>>>>                             /        state: established/
>>>>                             /}/
>>>>                             /{/
>>>>                             /        id: 2/
>>>>                             /        timeout: 0/
>>>>                             /        src_ip: 52.114.75.24/
>>>>                             /        src_port: 7810/
>>>>                             /        dst_ip: 172.16.30.206/
>>>>                             /        dst_port: 5062/
>>>>                             /        cipher: AES256-GCM-SHA384    
>>>>                               TLSv1.2 Kx=RSA      Au=RSA
>>>>                              Enc=AESGCM(256) Mac=AEAD/
>>>>                             /        ct_wq_size: 0/
>>>>                             /        enc_rd_buf: 0/
>>>>                             /        flags: 2/
>>>>                             /        state: established/
>>>>                             /}/
>>>>                             /{/
>>>>                             /        id: 3/
>>>>                             /        timeout: 596/
>>>>                             /        src_ip: 52.114.75.24/
>>>>                             /        src_port: 7811/
>>>>                             /        dst_ip: 172.16.30.206/
>>>>                             /        dst_port: 5062/
>>>>                             /        cipher: AES256-GCM-SHA384    
>>>>                               TLSv1.2 Kx=RSA      Au=RSA
>>>>                              Enc=AESGCM(256) Mac=AEAD/
>>>>                             /        ct_wq_size: 0/
>>>>                             /        enc_rd_buf: 0/
>>>>                             /        flags: 2/
>>>>                             /        state: established/
>>>>                             /}/
>>>>
>>>>
>>>>                         Here is what I can see in Kamailio log file
>>>>                         when it sends an OPTIONS request to the
>>>>                         second trunk. Kamailio uses Default tls
>>>>                         configuration and MS Teams don't accept it:
>>>>
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: ALERT:
>>>>                             <script>: == TRACE. tm:local-request.
>>>>                             fs is tls:172.16.30.206:5063
>>>>                             <http://172.16.30.206:5063>/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG: tm
>>>>                             [uac.c:352]: t_run_local_req(): apply
>>>>                             new updates without Via to sip msg/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/msg_translator.c:1796]:
>>>>                             check_boundaries(): no multi-part body/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:610]:
>>>>                             parse_msg(): SIP Request:/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:612]:
>>>>                             parse_msg():  method:  <OPTIONS>/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:614]:
>>>>                             parse_msg():  uri:    
>>>>                             <sip:sip.pstnhub.microsoft.com
>>>>                             <http://sip.pstnhub.microsoft.com>;transport=tls>/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:616]:
>>>>                             parse_msg():  version: <SIP/2.0>/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/parse_via.c:1303]:
>>>>                             parse_via_param(): Found param type
>>>>                             232, <branch> =
>>>>                             <z9hG4bK169b.6411b4c3000000000000000000000000.0>;
>>>>                             state=16/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/parse_via.c:2639]:
>>>>                             parse_via(): end of header reached,
>>>>                             state=5/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:498]:
>>>>                             parse_headers(): Via found, flags=2/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:500]:
>>>>                             parse_headers(): this is the first via/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core>
>>>>                             [core/parser/parse_addr_spec.c:864]:
>>>>                             parse_addr_spec(): end of header
>>>>                             reached, state=10/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:171]:
>>>>                             get_hdr_field(): <To> [47];
>>>>                             uri=[sip:sip.pstnhub.microsoft.com
>>>>                             <http://sip.pstnhub.microsoft.com>;transport=tls]/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:174]:
>>>>                             get_hdr_field(): to body
>>>>                             (47)[<sip:sip.pstnhub.microsoft.com
>>>>                             <http://sip.pstnhub.microsoft.com>;transport=tls>^M/
>>>>                             /], to tag (0)[]/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:152]:
>>>>                             get_hdr_field(): cseq <CSeq>: <10>
>>>>                             <OPTIONS>/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:185]:
>>>>                             get_hdr_field(): content_length=0/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:89]:
>>>>                             get_hdr_field(): found end of header/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:610]:
>>>>                             parse_msg(): SIP Request:/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:612]:
>>>>                             parse_msg():  method:  <OPTIONS>/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:614]:
>>>>                             parse_msg():  uri:    
>>>>                             <sip:sip.pstnhub.microsoft.com
>>>>                             <http://sip.pstnhub.microsoft.com>;transport=tls>/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:616]:
>>>>                             parse_msg():  version: <SIP/2.0>/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/parse_via.c:1303]:
>>>>                             parse_via_param(): Found param type
>>>>                             232, <branch> =
>>>>                             <z9hG4bK169b.6411b4c3000000000000000000000000.0>;
>>>>                             state=16/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/parse_via.c:2639]:
>>>>                             parse_via(): end of header reached,
>>>>                             state=5/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:498]:
>>>>                             parse_headers(): Via found, flags=2/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:500]:
>>>>                             parse_headers(): this is the first via/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core>
>>>>                             [core/parser/parse_addr_spec.c:864]:
>>>>                             parse_addr_spec(): end of header
>>>>                             reached, state=10/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:171]:
>>>>                             get_hdr_field(): <To> [47];
>>>>                             uri=[sip:sip.pstnhub.microsoft.com
>>>>                             <http://sip.pstnhub.microsoft.com>;transport=tls]/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:174]:
>>>>                             get_hdr_field(): to body
>>>>                             (47)[<sip:sip.pstnhub.microsoft.com
>>>>                             <http://sip.pstnhub.microsoft.com>;transport=tls>^M/
>>>>                             /], to tag (0)[]/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/parser/msg_parser.c:152]:
>>>>                             get_hdr_field(): cseq <CSeq>: <10>
>>>>                             <OPTIONS>/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG: tm
>>>>                             [uac.c:189]:
>>>>                             uac_refresh_hdr_shortcuts(): cseq:
>>>>                             [CSeq: 10]/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/tcp_main.c:1993]:
>>>>                             tcp_send(): no open tcp connection
>>>>                             found, opening new one/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/ip_addr.c:229]:
>>>>                             print_ip(): tcpconn_new: new tcp
>>>>                             connection: 52.114.75.24/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/tcp_main.c:1175]:
>>>>                             tcpconn_new(): on port 5061, type 3,
>>>>                             socket -1/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG:
>>>>                             <core> [core/tcp_main.c:1498]:
>>>>                             tcpconn_add(): hashes: 2831:67:0, 1/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG: tls
>>>>                             [tls_server.c:199]:
>>>>                             tls_complete_init(): completing tls
>>>>                             connection initialization/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG: tls
>>>>                             [tls_server.c:162]:
>>>>                             tls_get_connect_server_name(): *xavp
>>>>                             with outbound server name not found*/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG: tls
>>>>                             [tls_server.c:142]:
>>>>                             tls_get_connect_server_id(): *xavp with
>>>>                             outbound server id not found*/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG: tls
>>>>                             [tls_server.c:228]:
>>>>                             tls_complete_init(): *Using initial TLS
>>>>                             domain TLSc<default>* (dom
>>>>                             0x7f35509da688 ctx 0x7f3550b7a568 sn [])/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG: tls
>>>>                             [tls_domain.c:1177]:
>>>>                             tls_lookup_private_key(): Private key
>>>>                             lookup for SSL_CTX-0x7f3550b7a568: (nil)/
>>>>                             /Jul 29 16:46:14 kamailio
>>>>                             /usr/sbin/kamailio[11809]: DEBUG: tls
>>>>                             [tls_domain.c:747]:
>>>>                             sr_ssl_ctx_info_callback(): SSL
>>>>                             handshake started/
>>>>                             /.../
>>>>
>>>>
>>>>                         If I change the Default configuration to
>>>>                         use kamailio.domain2.com
>>>>                         <http://kamailio.domain2.com> certificate,
>>>>                         the second trunk will connect but the first
>>>>                         one will fail.
>>>>                         I tried to set "$xavp(tls=>server_name)"
>>>>                         and "$xavp(tls[0]=>server_id)" variables to
>>>>                         the event_route[tm:local-request] section
>>>>                         but log still stated that server Name and
>>>>                         ID were not found.
>>>>
>>>>                         Can someone please point me in the right
>>>>                         direction, how can I make Kamailio use the
>>>>                         correct certificates when establishing
>>>>                         multiple TLS connections?
>>>>
>>>>                         Thanks a lot!
>>>>
>>>>                         Regards, Volodymyr Ivanets
>>>>                         __________________________________________________________
>>>>                         Kamailio - Users Mailing List - Non
>>>>                         Commercial Discussions
>>>>                           * sr-users at lists.kamailio.org
>>>>                         <mailto:sr-users at lists.kamailio.org>
>>>>                         Important: keep the mailing list in the
>>>>                         recipients, do not reply only to the sender!
>>>>                         Edit mailing list options or unsubscribe:
>>>>                           *
>>>>                         https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>                         <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>>>>
>>>>
>>>>                     __________________________________________________________
>>>>                     Kamailio - Users Mailing List - Non Commercial Discussions
>>>>                       * sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
>>>>                     Important: keep the mailing list in the recipients, do not reply only to the sender!
>>>>                     Edit mailing list options or unsubscribe:
>>>>                       * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>>>
>>>                     -- 
>>>                     Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com>
>>>                     www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
>>>
>>                 -- 
>>                 Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com>
>>                 www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
>>
>             -- 
>             Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com>
>             www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
>
-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20210810/3c95fae8/attachment.htm>