[SR-Users] No ACK from MS Teams
Daniel-Constantin Mierla
miconda at gmail.com
Thu Feb 25 13:01:30 CET 2021
Hello,
sockets are matched only on address/ip or advertised value, if you want
to match on domain, you have to add advertised address to listen global
parameter.
There is no dns done on route header to do the match, that can have
significant on performance, security and routing impact (e.g., a bad
actor controlling whatever dns record can point a domain to your sip
server address and then your server believes that route headers are
added by itself).
You can eventually do it yourself in the config using ipops module and
select the socket based on the result.
Cheers,
Daniel
On 25.02.21 12:16, Ilie Soltanici wrote:
> Hello,
>
> I do have 2 network interfaces in 2 different networks, so I don't
> know if disabling this warning will be the best option here, it's just
> like a workaround.
> The weird thing is that the 'rr' Kamailio is complaining (
> sbc-fqdn:5067) is actually the IP address (socket) he is listening on:
>
> ping sbc-fqdn
> 64 bytes from kamailio (1.1.1.1): icmp_seq=1 ttl=64 time=0.041 ms
>
> kamcmd corex.list_sockets
> {
> PROTO: tls
> NAME: 1.1.1.1
> ADDRLIST: {
> ADDR: 1.1.1.1
> }
> PORT: 5067
> MCAST: no
> MHOMED: no
> SOCKNAME: -
> ADVERTISE: -
> }
>
> (IP Address is replaced)
>
> I was trying to enable sockname_mode for the rr module (
> modparam("rr", "sockname_mode", 1) ), but didn't notice any changes in
> the RR header. Still missing the 'sn' parameter:
>
> INVITE sip:+123456789 at sbc-fqdn:5067;user=phone;transport=tls SIP/2.0
> Record-Route:
> <sip:192.168.1.1:5060;ftag=98c057b8808f44c48900f71f51443eeb;lr;r2=on>
> Record-Route:
> <sip:sbc-fqdn:5067;transport=tls;ftag=98c057b8808f44c48900f71f51443eeb;lr;r2=on>
>
> I'm missing something else here?
> Thank you.
>
> On Thu, 25 Feb 2021 at 10:18, Daniel-Constantin Mierla
> <miconda at gmail.com <mailto:miconda at gmail.com>> wrote:
>
> Hello,
>
> there is a rr modparam to turn of that warning, if you do not have
> many network interfaces/sockets that would require to select a
> specific one, then should be enough. Otherwise, see the archive in
> the past two weeks or so, there was a discussion about using
> socket names with record routes.
>
> Cheers,
> Daniel
>
> On 25.02.21 10:51, Ilie Soltanici wrote:
>> Hello,
>>
>> The loose_route function from the rr module is always getting an
>> error in the logs that's not able to find the socket when the BYE
>> request is coming from Kam to the Teams:
>>
>> Feb 24 18:20:58 kamailio kam[24681]: WARNING: {BYE (1) | Seq=102
>> | Source IP=192.1668.1.1 (udp) | Call
>> ID=2e701c07f99c5cb89fc72db225a6e309} rr [loose.c:800]:
>> rr_do_force_send_socket(): no socket found to match second RR
>> (sip:sbc-fqdn:5067;transport=tls;ftag=4ccd608c55e94f4aa094151dfd9e23a4;lr;r2=on)
>>
>> This is the BYE message:
>>
>> ||||||||||||||||||||
>> ====================
>> tag: rcv
>> pid: 24681
>> process: 3
>> time: 1614190858.750938
>> date: Wed Feb 24 18:20:58 2021
>> proto: udp ipv4
>> srcip: 192.168.1.2
>> srcport: 5060
>> dstip: 192.1668.1.1
>> dstport: 5060
>> ~~~~~~~~~~~~~~~~~~~~
>> BYE
>> sip:api-du-c-euno.pstnhub.microsoft.com:443;x-i=58a922ac-934d-49cb-93b0-a7b435a36ea5;x-c=2e701c07f99c5cb89fc72db225a6e309/d/8/7776d3cf84d340a79f0a433d743e7a1a
>> SIP/2.0
>> Via: SIP/2.0/UDP 192.168.1.2:5060;branch=z9hG4bK24411a29;rport
>> Route:
>> <sip:192.168.1.1:5060;ftag=4ccd608c55e94f4aa094151dfd9e23a4;lr;r2=on>,<sip:sbc-fqdn:5067;transport=tls;ftag=4ccd608c55e94f4aa094151dfd9e23a4;lr;r2=on>,<sip:sip-du-a-eu.pstnhub.microsoft.com:5061;transport=tls;lr>
>> Max-Forwards: 70
>> From: <sip:+1234566789 at sbc-fqdn:5067;user=phone>;tag=as72ae570b
>> To:
>> user1<sip:+87654321 at sip.pstnhub.microsoft.com:5061;user=phone>;tag=4ccd608c55e94f4aa094151dfd9e23a4
>> Call-ID: 2e701c07f99c5cb89fc72db225a6e309
>> CSeq: 102 BYE
>> User-Agent: COMPANY
>> Content-Length: 0
>>
>> ||||||||||||||||||||
>> ====================
>>
>> The domain from the second rr (sbc-fqdn:5067) it's perfectly
>> valid and resolved from the kam server and from outside.
>>
>> version: kamailio 5.4.4 (x86_64/linux) bdf4e0
>>
>> Any thought here?
>> Thanks
>>
>>
>> On Wed, 24 Feb 2021 at 21:40, Ilie Soltanici
>> <iliusha.md at gmail.com <mailto:iliusha.md at gmail.com>> wrote:
>>
>> Changing enable_full_lr parameter from the rr module fixed
>> the issue. Now I'm getting ACK from MS to 200OK.
>> Thank you
>>
>> On Wed, 24 Feb 2021 at 15:12, Juha Heinanen <jh at tutpro.com
>> <mailto:jh at tutpro.com>> wrote:
>>
>>
>> > SIP/2.0 200 OK
>> > Via: SIP/2.0/TLS 52.114.75.24:5061;branch=z9hG4bK6b5ac083
>> > Record-Route:
>> >
>> <sip:fqdn:5067;transport=tls;r2=on;ftag=7a6409ee42ac48a897be110166a2bb0b;lr=on>
>> > Record-Route:
>> <sip:sip-du-a-eu.pstnhub.microsoft.com:5061;transport=tls;lr>
>>
>> I have ;r2=on in both R-R headers. And also you have
>> ;lr=on in one and
>> ;lr in the other.
>>
>> -- Juha
>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> <mailto:sr-users at lists.kamailio.org>
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>> <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>>
>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org <mailto:sr-users at lists.kamailio.org>
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
>
> --
> Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com>
> www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda>
> Funding: https://www.paypal.me/dcmierla <https://www.paypal.me/dcmierla>
>
--
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Funding: https://www.paypal.me/dcmierla
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20210225/1629bdae/attachment.htm>
More information about the sr-users
mailing list