[SR-Users] Problem with Record-Route in Public to Private Network

Tue May 3 15:38:19 CEST 2022

Adding some more info:
It also can be tricky to manage Route headers via loose_route as Kamailio
might not find an external (advertised ) IP and keep sending requests to
this IP as it will present at the routes
There are 2 ways how to avoid it:
 - Use one Record-Route and regex to change Record-Route header values
depending on packet direction
 - Use record_route_preset(addr1, addr2 ) and rewrite the loose_route()
function behavior to force it to handle Route handing logic to make it
possible to remove addresses Kamailio doesn't know

P.S. I believe Kamailio must remove all Route headers containing
its addresses whether it is advertised or not, but at 5.5 it wasn't working
for me in that way. I did not have a chance to spend much time diving into
the source code and find why, but I rewrote loose_route on Lua with KEMI to
make it work. The benefit I've got - the Kamailio script logic is
now independent of the IP addresses it listens to.

вт, 3 мая 2022 г. в 12:23, Daniel-Constantin Mierla <miconda at gmail.com>:

> Hello
>
> using two sockets for internal and external traffic is the easier way. The
> alternative is to use various functions from rr and core to set
> record-route and via headers.
>
> To detect what is the incoming local sockets, there are variables for
> received ip, port or socket name -- see the pv cookbook.
>
> Cheers,
> Daniel
> On 29.04.22 19:02, Carlos Escalona wrote:
>
>
> Hello! I wish everyone who reads this message a good day.
>
> I would appreciate some guidance with the configuration of my Kamailio.
>
> Initially, I have the following architecture:
>
> Endpoints <----Public IP----> Kamailio (listen PrivateIP advertise
> PublicIP) <----Private IP----> Asterisk
>
> CONFIG:
> https://gist.github.com/Carlos-Escalona94/3a289af05b05c69ae563ab29c9ec4710
>
> In general, calls initiated from outside the system work perfectly, but I
> have a problem with calls initiated from Asterisk.
>
> According to what I was able to investigate and understand, the problem
> arises from the fact that Kamailio uses the public IP for the entire
> routing system that involves the Record-Route and Route Headers. This in
> turn causes Asterisk to get lost trying to send messages outside of the
> INITIAL INVITE transaction, for example, the ACK response to the 200 Ok
> received from the Endpoint since it tries to use Kamailio's public IP to
> which Asterisk doesn't have access.
>
> I tried to force Asterisk to send all messages to Kamailio's private IP
> regardless of their nature, but it doesn't seem like an appropriate
> solution.
>
> On the other hand, I tried to modify the architecture a bit so that it was
> something similar to this:
>
> Endpoints <---- Public IP----> Kamailio (listen PrivateIP:P1 advertise
> PublicIP) <---- PrivateIP-----> Kamailio (listen PrivateIP:P2) <----
> PrivateIP ----> Asterisk
>
> CONFIG:
> https://gist.github.com/Carlos-Escalona94/4d681bb189c6190941d291965e123889
>
> It seems to me that this would solve the problem, but I have two doubts
> about this architecture, the first is that I would like to know if there is
> an easier way to solve the problem that I am not considering, and on the
> other hand, I have not found a way to identify from which interface is
> receiving the message to perform the routing properly.
>
>
> Thanks for the attention.
>
>
>
> *Esta mensagem pode conter informação confidencial ou privilegiada, sendo
> seu sigilo protegido por lei. Se você não for o destinatário ou a pessoa
> autorizada a receber esta mensagem, não pode usar, copiar ou divulgar as
> informações nela contidas ou tomar qualquer ação baseada nessas
> informações. Se você recebeu esta mensagem por engano, por favor, avise
> imediatamente ao remetente, respondendo o e-mail e em seguida apague-a.
> Agradecemos sua cooperação. *
>
>
> *This message may contain confidential or privileged information and its
> confidentiality is protected by law. If you are not the addressed or
> authorized person to receive this message, you must not use, copy, disclose
> or take any action based on it or any information herein. If you have
> received this message by mistake, please advise the sender immediately by
> replying the e-mail and then deleting it. Thank you for your cooperation. *
>
>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> --
> Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda
> Kamailio Advanced Training - Online
>   * https://www.asipto.com/sw/kamailio-advanced-training-online/
>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
>   * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>   * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20220503/5679b29a/attachment.htm>