[SR-Users] Problem with Record-Route in Public to Private Network

Tue May 3 12:19:16 CEST 2022

Hello

using two sockets for internal and external traffic is the easier way.
The alternative is to use various functions from rr and core to set
record-route and via headers.

To detect what is the incoming local sockets, there are variables for
received ip, port or socket name -- see the pv cookbook.

Cheers,
Daniel

On 29.04.22 19:02, Carlos Escalona wrote:
>
> Hello! I wish everyone who reads this message a good day.
>
> I would appreciate some guidance with the configuration of my Kamailio.
>
> Initially, I have the following architecture:
>
> Endpoints <----Public IP----> Kamailio (listen PrivateIP advertise
> PublicIP) <----Private IP----> Asterisk
>
> CONFIG: https://gist.github.com/Carlos-Escalona94/3a289af05b05c69ae563ab29c9ec4710
>
> In general, calls initiated from outside the system work perfectly,
> but I have a problem with calls initiated from Asterisk.
>
> According to what I was able to investigate and understand, the
> problem arises from the fact that Kamailio uses the public IP for the
> entire routing system that involves the Record-Route and Route
> Headers. This in turn causes Asterisk to get lost trying to send
> messages outside of the INITIAL INVITE transaction, for example, the
> ACK response to the 200 Ok received from the Endpoint since it tries
> to use Kamailio's public IP to which Asterisk doesn't have access.
>
> I tried to force Asterisk to send all messages to Kamailio's private
> IP regardless of their nature, but it doesn't seem like an appropriate
> solution.
>
> On the other hand, I tried to modify the architecture a bit so that it
> was something similar to this:
>
> Endpoints <---- Public IP----> Kamailio (listen PrivateIP:P1 advertise
> PublicIP) <---- PrivateIP-----> Kamailio (listen PrivateIP:P2) <----
> PrivateIP ----> Asterisk
>
> CONFIG: https://gist.github.com/Carlos-Escalona94/4d681bb189c6190941d291965e123889
>
> It seems to me that this would solve the problem, but I have two
> doubts about this architecture, the first is that I would like to know
> if there is an easier way to solve the problem that I am not
> considering, and on the other hand, I have not found a way to identify
> from which interface is receiving the message to perform the routing
> properly.
>
>
> Thanks for the attention.
>
>
> /Esta mensagem pode conter informação confidencial ou privilegiada,
> sendo seu sigilo protegido por lei. Se você não for o destinatário ou
> a pessoa autorizada a receber esta mensagem, não pode usar, copiar ou
> divulgar as informações nela contidas ou tomar qualquer ação baseada
> nessas informações. Se você recebeu esta mensagem por engano, por
> favor, avise imediatamente ao remetente, respondendo o e-mail e em
> seguida apague-a. Agradecemos sua cooperação.
> /
> /
> /
> /This message may contain confidential or privileged information and
> its confidentiality is protected by law. If you are not the addressed
> or authorized person to receive this message, you must not use, copy,
> disclose or take any action based on it or any information herein. If
> you have received this message by mistake, please advise the sender
> immediately by replying the e-mail and then deleting it. Thank you for
> your cooperation.
> /
>
>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - Online
  * https://www.asipto.com/sw/kamailio-advanced-training-online/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20220503/2150a271/attachment.htm>