[OpenSER-Users] openser config issue or asterisk bug

Patrick Baker pbaker at adeptra.com
Fri Dec 14 00:00:45 CET 2007


Internal UA's connecting to the sip proxy work fine, but as soon an External UA connects to the sip proxy via a NAT'd public IP address - the call lasts for approx 20 seconds then disconnects.  From what I can see openser is attempting to respond to asterisk after the session is initiated via the public IP NAT'd address - and is unable since asterisk and openser are behind the firewall on the internal network ( ELBOW routing ).  Any help getting this working would be most appreciated, I would also like to document the issue to help others that encounter similar problems as mine.

External phones:

UA -> [(public IP) Firewall (NAT to localip)] -> openser -> asterisk

Internal phones:

UA -> openser -> asterisk

#### Layout ( asterisk and openser are on the same machine )

NATD public ip	= xxx.206.xxx.136 -> 10.3.1.33
phone ip	= xxx.206.xxx.137
openser 	= 10.3.1.33 p5060
asteriskSIP	= 10.3.1.34 p5060

#### Asterisk SIP Config

[general]
canreinvite=no
externip=xxx.206.xxx.136
localnet=10.3.1.0/255.255.255.0
context=default 
bindport=5060   
bindaddr=10.3.1.34
sipdebug=yes

[openser]
type=friend
context=default
insecure=very
externalnotify=yes
allow=all
host=10.3.1.33

#### SER LOG

Dec 13 22:15:03 phonesys-slave openser[15976]: New request - M=INVITE RURI=sip:500 at xxx.206.xxx.136:5060;user=phone F=sip:pbaker at xxx.206.xxx.136 T=sip:500 at xxx.206.xxx.136;user=phone IP=xxx.206.xxx.137 ID=f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 
Dec 13 22:15:03 phonesys-slave openser[15976]: Callee is not local - M=INVITE RURI=sip:500 at xxx.206.xxx.136:5060;user=phone F=sip:pbaker at xxx.206.xxx.136 T=sip:500 at xxx.206.xxx.136;user=phone IP=xxx.206.xxx.137 ID=f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 
Dec 13 22:15:03 phonesys-slave openser[15976]: Request leaving server, D-URI='<null>' - M=INVITE RURI=sip:500 at 10.3.1.34:5060;transport=udp F=sip:pbaker at xxx.206.xxx.136 T=sip:500 at xxx.206.xxx.136;user=phone IP=xxx.206.xxx.137 ID=f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 
Dec 13 22:15:03 phonesys-slave openser[15973]: Reply - S=100 D=Trying F=sip:pbaker at xxx.206.xxx.136 T=sip:500 at xxx.206.xxx.136;user=phone IP=10.3.1.34 ID=f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 
Dec 13 22:15:03 phonesys-slave openser[15978]: Reply - S=200 D=OK F=sip:pbaker at xxx.206.xxx.136 T=sip:500 at xxx.206.xxx.136;user=phone IP=10.3.1.34 ID=f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 
Dec 13 22:15:04 phonesys-slave openser[15989]: Reply - S=200 D=OK F=sip:pbaker at xxx.206.xxx.136 T=sip:500 at xxx.206.xxx.136;user=phone IP=10.3.1.34 ID=f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 
Dec 13 22:15:05 phonesys-slave openser[15986]: Reply - S=200 D=OK F=sip:pbaker at xxx.206.xxx.136 T=sip:500 at xxx.206.xxx.136;user=phone IP=10.3.1.34 ID=f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 
Dec 13 22:15:07 phonesys-slave openser[15976]: Reply - S=200 D=OK F=sip:pbaker at xxx.206.xxx.136 T=sip:500 at xxx.206.xxx.136;user=phone IP=10.3.1.34 ID=f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 

#### Asterisk LOG

*CLI> [Dec 13 22:15:03] 
<--- SIP read from 10.3.1.33:5060 --->
INVITE sip:500 at 10.3.1.34:5060;transport=udp SIP/2.0
Record-Route: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
Via: SIP/2.0/UDP 10.3.1.33;branch=z9hG4bK2fc1.94c7bb96.0
Via: SIP/2.0/UDP xxx.206.xxx.137;rport=5060;branch=z9hG4bKcbd9a65f8D4E5FE0
From: "pbaker" <sip:pbaker at xxx.206.xxx.136>;tag=CFE2AAA1-5B882804
To: <sip:500 at xxx.206.xxx.136;user=phone>
CSeq: 2 INVITE
Call-ID: f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
Contact: <sip:pbaker at xxx.206.xxx.137>
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, INFO, MESSAGE, SUBSCRIBE, NOTIFY, PRACK, UPDATE, REFER
User-Agent: PolycomSoundPointIP-SPIP_501-UA/2.1.0.2708
Supported: 100rel,replaces
Allow-Events: talk,hold,conference
Max-Forwards: 69
Content-Type: application/sdp
Content-Length: 254

v=0
o=- 978310717 978310717 IN IP4 xxx.206.xxx.137
s=Polycom IP Phone
c=IN IP4 xxx.206.xxx.137
t=0 0
m=audio 35022 RTP/AVP 0 8 18 101
a=sendrecv
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=rtpmap:101 telephone-event/8000

<------------->
[Dec 13 22:15:03] --- (16 headers 11 lines) ---
[Dec 13 22:15:03]   == Using TOS bits 0
[Dec 13 22:15:03]   == Using CoS mark 5
[Dec 13 22:15:03] Sending to 10.3.1.33 : 5060 (no NAT)
[Dec 13 22:15:03] Using INVITE request as basis request - f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
[Dec 13 22:15:03] No user 'pbaker' in SIP users list
[Dec 13 22:15:03] Found peer 'openser' for 'pbaker' from 10.3.1.33:5060
[Dec 13 22:15:03] Found RTP audio format 0
[Dec 13 22:15:03] Found RTP audio format 8
[Dec 13 22:15:03] Found RTP audio format 18
[Dec 13 22:15:03] Found RTP audio format 101
[Dec 13 22:15:03] Peer audio RTP is at port xxx.206.xxx.137:35022
[Dec 13 22:15:03] Found audio description format PCMU for ID 0
[Dec 13 22:15:03] Found audio description format PCMA for ID 8
[Dec 13 22:15:03] Found audio description format G729 for ID 18
[Dec 13 22:15:03] Found audio description format telephone-event for ID 101
[Dec 13 22:15:03] Capabilities: us - 0x27f9fff (g723|gsm|ulaw|alaw|g726|adpcm|slin|lpc10|g729|speex|ilbc|g726aal2|g722|slin16|jpeg|png|h261|h263|h263p|h264|mpeg4|t140), peer - audio=0x10c (ulaw|alaw|g729)/video=0x0 (nothing)/text=0x0 (nothing), combined - 0x10c (ulaw|alaw|g729)
[Dec 13 22:15:03] Non-codec capabilities (dtmf): us - 0x1 (telephone-event), peer - 0x1 (telephone-event), combined - 0x1 (telephone-event)
[Dec 13 22:15:03] Peer audio RTP is at port xxx.206.xxx.137:35022
[Dec 13 22:15:03] Looking for 500 in default (domain 10.3.1.34)
[Dec 13 22:15:03] list_route: hop: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
[Dec 13 22:15:03] 
<--- Transmitting (no NAT) to 10.3.1.33:5060 --->
SIP/2.0 100 Trying
Via: SIP/2.0/UDP 10.3.1.33;branch=z9hG4bK2fc1.94c7bb96.0;received=10.3.1.33
Via: SIP/2.0/UDP xxx.206.xxx.137;rport=5060;branch=z9hG4bKcbd9a65f8D4E5FE0
Record-Route: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
From: "pbaker" <sip:pbaker at xxx.206.xxx.136>;tag=CFE2AAA1-5B882804
To: <sip:500 at xxx.206.xxx.136;user=phone>
Call-ID: f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
CSeq: 2 INVITE
User-Agent: Asterisk PBX SVN-trunk-r92779
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:500 at 10.3.1.34>
Content-Length: 0


<------------>
[Dec 13 22:15:03]     -- Executing [500 at default:1] Playback("SIP/xxx.206.xxx.136-090b5380", "demo-abouttotry") in new stack
[Dec 13 22:15:03] Audio is at 10.3.1.34 port 47068
[Dec 13 22:15:03] Adding codec 0x4 (ulaw) to SDP
[Dec 13 22:15:03] Adding codec 0x8 (alaw) to SDP
[Dec 13 22:15:03] Adding codec 0x100 (g729) to SDP
[Dec 13 22:15:03] Adding non-codec 0x1 (telephone-event) to SDP
[Dec 13 22:15:03] 
<--- Reliably Transmitting (no NAT) to 10.3.1.33:5060 --->
SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.3.1.33;branch=z9hG4bK2fc1.94c7bb96.0;received=10.3.1.33
Via: SIP/2.0/UDP xxx.206.xxx.137;rport=5060;branch=z9hG4bKcbd9a65f8D4E5FE0
Record-Route: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
From: "pbaker" <sip:pbaker at xxx.206.xxx.136>;tag=CFE2AAA1-5B882804
To: <sip:500 at xxx.206.xxx.136;user=phone>;tag=as26a99907
Call-ID: f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
CSeq: 2 INVITE
User-Agent: Asterisk PBX SVN-trunk-r92779
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:500 at 10.3.1.34>
Content-Type: application/sdp
Content-Length: 333

v=0
o=root 45593872 45593872 IN IP4 10.3.1.34
s=Asterisk PBX SVN-trunk-r92779
c=IN IP4 10.3.1.34
t=0 0
m=audio 47068 RTP/AVP 0 8 18 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=silenceSupp:off - - - -
a=ptime:20
a=sendrecv

<------------>
[Dec 13 22:15:04]     -- <SIP/xxx.206.xxx.136-090b5380> Playing 'demo-abouttotry.slin' (language 'en')
[Dec 13 22:15:04] Retransmitting #1 (no NAT) to 10.3.1.33:5060:
SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.3.1.33;branch=z9hG4bK2fc1.94c7bb96.0;received=10.3.1.33
Via: SIP/2.0/UDP xxx.206.xxx.137;rport=5060;branch=z9hG4bKcbd9a65f8D4E5FE0
Record-Route: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
From: "pbaker" <sip:pbaker at xxx.206.xxx.136>;tag=CFE2AAA1-5B882804
To: <sip:500 at xxx.206.xxx.136;user=phone>;tag=as26a99907
Call-ID: f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
CSeq: 2 INVITE
User-Agent: Asterisk PBX SVN-trunk-r92779
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:500 at 10.3.1.34>
Content-Type: application/sdp
Content-Length: 333

v=0
o=root 45593872 45593872 IN IP4 10.3.1.34
s=Asterisk PBX SVN-trunk-r92779
c=IN IP4 10.3.1.34
t=0 0
m=audio 47068 RTP/AVP 0 8 18 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=silenceSupp:off - - - -
a=ptime:20
a=sendrecv

---
[Dec 13 22:15:05] Retransmitting #2 (no NAT) to 10.3.1.33:5060:
SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.3.1.33;branch=z9hG4bK2fc1.94c7bb96.0;received=10.3.1.33
Via: SIP/2.0/UDP xxx.206.xxx.137;rport=5060;branch=z9hG4bKcbd9a65f8D4E5FE0
Record-Route: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
From: "pbaker" <sip:pbaker at xxx.206.xxx.136>;tag=CFE2AAA1-5B882804
To: <sip:500 at xxx.206.xxx.136;user=phone>;tag=as26a99907
Call-ID: f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
CSeq: 2 INVITE
User-Agent: Asterisk PBX SVN-trunk-r92779
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:500 at 10.3.1.34>
Content-Type: application/sdp
Content-Length: 333

v=0
o=root 45593872 45593872 IN IP4 10.3.1.34
s=Asterisk PBX SVN-trunk-r92779
c=IN IP4 10.3.1.34
t=0 0
m=audio 47068 RTP/AVP 0 8 18 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=silenceSupp:off - - - -
a=ptime:20
a=sendrecv

---
[Dec 13 22:15:07] Retransmitting #3 (no NAT) to 10.3.1.33:5060:
SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.3.1.33;branch=z9hG4bK2fc1.94c7bb96.0;received=10.3.1.33
Via: SIP/2.0/UDP xxx.206.xxx.137;rport=5060;branch=z9hG4bKcbd9a65f8D4E5FE0
Record-Route: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
From: "pbaker" <sip:pbaker at xxx.206.xxx.136>;tag=CFE2AAA1-5B882804
To: <sip:500 at xxx.206.xxx.136;user=phone>;tag=as26a99907
Call-ID: f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
CSeq: 2 INVITE
User-Agent: Asterisk PBX SVN-trunk-r92779
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:500 at 10.3.1.34>
Content-Type: application/sdp
Content-Length: 333

v=0
o=root 45593872 45593872 IN IP4 10.3.1.34
s=Asterisk PBX SVN-trunk-r92779
c=IN IP4 10.3.1.34
t=0 0
m=audio 47068 RTP/AVP 0 8 18 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=silenceSupp:off - - - -
a=ptime:20
a=sendrecv

---
[Dec 13 22:15:11] Retransmitting #4 (no NAT) to 10.3.1.33:5060:
SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.3.1.33;branch=z9hG4bK2fc1.94c7bb96.0;received=10.3.1.33
Via: SIP/2.0/UDP xxx.206.xxx.137;rport=5060;branch=z9hG4bKcbd9a65f8D4E5FE0
Record-Route: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
From: "pbaker" <sip:pbaker at xxx.206.xxx.136>;tag=CFE2AAA1-5B882804
To: <sip:500 at xxx.206.xxx.136;user=phone>;tag=as26a99907
Call-ID: f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
CSeq: 2 INVITE
User-Agent: Asterisk PBX SVN-trunk-r92779
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:500 at 10.3.1.34>
Content-Type: application/sdp
Content-Length: 333

v=0
o=root 45593872 45593872 IN IP4 10.3.1.34
s=Asterisk PBX SVN-trunk-r92779
c=IN IP4 10.3.1.34
t=0 0
m=audio 47068 RTP/AVP 0 8 18 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=silenceSupp:off - - - -
a=ptime:20
a=sendrecv

---
[Dec 13 22:15:15] Retransmitting #5 (no NAT) to 10.3.1.33:5060:
SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.3.1.33;branch=z9hG4bK2fc1.94c7bb96.0;received=10.3.1.33
Via: SIP/2.0/UDP xxx.206.xxx.137;rport=5060;branch=z9hG4bKcbd9a65f8D4E5FE0
Record-Route: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
From: "pbaker" <sip:pbaker at xxx.206.xxx.136>;tag=CFE2AAA1-5B882804
To: <sip:500 at xxx.206.xxx.136;user=phone>;tag=as26a99907
Call-ID: f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
CSeq: 2 INVITE
User-Agent: Asterisk PBX SVN-trunk-r92779
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:500 at 10.3.1.34>
Content-Type: application/sdp
Content-Length: 333

v=0
o=root 45593872 45593872 IN IP4 10.3.1.34
s=Asterisk PBX SVN-trunk-r92779
c=IN IP4 10.3.1.34
t=0 0
m=audio 47068 RTP/AVP 0 8 18 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=silenceSupp:off - - - -
a=ptime:20
a=sendrecv

---
[Dec 13 22:15:18]     -- Executing [500 at default:2] Dial("SIP/xxx.206.xxx.136-090b5380", "IAX2/guest at misery.digium.com/s at default") in new stack
[Dec 13 22:15:18]     -- Called guest at misery.digium.com/s at default
[Dec 13 22:15:18]     -- Call accepted by 216.207.245.8 (format gsm)
[Dec 13 22:15:18]     -- Format for call is gsm
[Dec 13 22:15:18]     -- IAX2/216.207.245.8:4569-1 is ringing
[Dec 13 22:15:19]     -- IAX2/216.207.245.8:4569-1 answered SIP/xxx.206.xxx.136-090b5380
[Dec 13 22:15:19] Retransmitting #6 (no NAT) to 10.3.1.33:5060:
SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.3.1.33;branch=z9hG4bK2fc1.94c7bb96.0;received=10.3.1.33
Via: SIP/2.0/UDP xxx.206.xxx.137;rport=5060;branch=z9hG4bKcbd9a65f8D4E5FE0
Record-Route: <sip:10.3.1.33;lr;ftag=CFE2AAA1-5B882804>
From: "pbaker" <sip:pbaker at xxx.206.xxx.136>;tag=CFE2AAA1-5B882804
To: <sip:500 at xxx.206.xxx.136;user=phone>;tag=as26a99907
Call-ID: f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137
CSeq: 2 INVITE
User-Agent: Asterisk PBX SVN-trunk-r92779
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY
Supported: replaces
Contact: <sip:500 at 10.3.1.34>
Content-Type: application/sdp
Content-Length: 333

v=0
o=root 45593872 45593872 IN IP4 10.3.1.34
s=Asterisk PBX SVN-trunk-r92779
c=IN IP4 10.3.1.34
t=0 0
m=audio 47068 RTP/AVP 0 8 18 101
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=silenceSupp:off - - - -
a=ptime:20
a=sendrecv

---
[Dec 13 22:15:23] WARNING[16421]: chan_sip.c:2337 retrans_pkt: Maximum retries exceeded on transmission f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 for seqno 2 (Critical Response)
[Dec 13 22:15:23] WARNING[16421]: chan_sip.c:2364 retrans_pkt: Hanging up call f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137 - no reply to our critical packet.
[Dec 13 22:15:23]     -- Hungup 'IAX2/216.207.245.8:4569-1'
[Dec 13 22:15:23]   == Spawn extension (default, 500, 2) exited non-zero on 'SIP/xxx.206.xxx.136-090b5380'
[Dec 13 22:15:24] Really destroying SIP dialog 'f7232b5-5d4b9a93-e6ff617e at xxx.206.xxx.137' Method: INVITE

#### PCAP Diagram

|Time     | xxx.206.xxx.137   | 10.3.1.33         |
|5.056    |         Request: INVITE sip           |SIP/SDP: Request: INVITE sip:500 at xxx.206.xxx.136:5060;user=phone, with session description
|         |(5060)   ------------------>  (5060)   |
|5.058    |         Status: 100 Trying            |SIP: Status: 100 Trying
|         |(5060)   <------------------  (5060)   |
|5.058    |         Status: 407 Proxy A           |SIP: Status: 407 Proxy Authentication Required
|         |(5060)   <------------------  (5060)   |
|5.140    |         Request: ACK sip:50           |SIP: Request: ACK sip:500 at xxx.206.xxx.136:5060
|         |(5060)   ------------------>  (5060)   |
|5.165    |         Request: INVITE sip           |SIP/SDP: Request: INVITE sip:500 at xxx.206.xxx.136:5060;user=phone, with session description
|         |(5060)   ------------------>  (5060)   |
|5.165    |         Status: 100 Trying            |SIP: Status: 100 Trying
|         |(5060)   <------------------  (5060)   |
|5.168    |         Status: 200 OK, wit           |SIP/SDP: Status: 200 OK, with session description
|         |(5060)   <------------------  (5060)   |
|6.169    |         Status: 200 OK, wit           |SIP/SDP: Status: 200 OK, with session description
|         |(5060)   <------------------  (5060)   |
|7.168    |         Status: 200 OK, wit           |SIP/SDP: Status: 200 OK, with session description
|         |(5060)   <------------------  (5060)   |
|9.168    |         Status: 200 OK, wit           |SIP/SDP: Status: 200 OK, with session description
|         |(5060)   <------------------  (5060)   |
|13.169   |         Status: 200 OK, wit           |SIP/SDP: Status: 200 OK, with session description
|         |(5060)   <------------------  (5060)   |
|17.169   |         Status: 200 OK, wit           |SIP/SDP: Status: 200 OK, with session description
|         |(5060)   <------------------  (5060)   |
|21.169   |         Status: 200 OK, wit           |SIP/SDP: Status: 200 OK, with session description
|         |(5060)   <------------------  (5060)   |


#### OpenSER Config 1.2

########################################################################
# This configuration is autogenerated by sip:wizard
# (http://www.sipwise.com/wizard) on Thu Dec 13 22:43:43 +0100 2007
# for OpenSER 1.2
#
# Copyright (C) 2007 Sipwise (support at sipwise.com)
########################################################################

########################################################################
# By obtaining, using, and/or copying this configuration and/or its
# associated documentation, you agree that you have read, understood,
# and will comply with the Terms of Usage provided at
# http://www.sipwise.com/news/?page_id=6 as well as the following
# additions:
#
# Permission to use, copy, modify, and distribute this configuration and
# its associated documentation for any purpose and without fee is hereby
# granted, provided that the above copyright notice appears in all
# copies, and that both that copyright notice and this permission notice
# appear in supporting documentation, and that the name of Sipwise or
# the author will not be used in advertising or publicity pertaining to
# distribution of the configuration without specific, written prior
# permission.
########################################################################

########################################################################
# Before using this configuration, read the following prerequisites in
# order to gain the designated functionallity:
#
# base:
#    You have to insert all locally served domains (i.e. 
#    "openserctl domain add your.domain.com").
#    
# nat-rtpproxy:
#    You have to install RTPProxy 
#    (http://www.openser.org/downloads/snapshots/rtpproxy/) for relaying 
#    RTP traffic.
#    
# offnet-pstn:
#    You have to add a routing entry for lcr (i.e. "openserctl  lcr 
#    addroute '' '' 1 1"). Additionally, you have to add your gateways 
#    (i.e. "openserctl lcr addgw my-test-gw 1.2.3.4 5060 sip udp 1").
#    
########################################################################

########################################################################
# Configuration 'sip:wizard - Thu Dec 13 22:43:43 +0100 2007'
########################################################################

listen = udp:10.3.1.33:5060
mpath = "/usr/local/lib/openser/modules"
children = 8
debug = 3
fork = yes
group = "openser"
user = "openser"
disable_tcp = no
log_facility = LOG_DAEMON
log_stderror = no
tcp_children = 4
mhomed = no
server_signature = yes
sock_group = "openser"
sock_mode = 0600
sock_user = "openser"
unix_sock = "/tmp/openser.sock"
unix_sock_children = 1
reply_to_via = no
sip_warning = yes
check_via = no
dns = no
rev_dns = no
disable_core_dump = no
dns_try_ipv6 = yes
dns_use_search_list = yes

loadmodule "usrloc.so"
modparam("usrloc", "user_column", "username")
modparam("usrloc", "domain_column", "domain")
modparam("usrloc", "contact_column", "contact")
modparam("usrloc", "expires_column", "expires")
modparam("usrloc", "q_column", "q")
modparam("usrloc", "callid_column", "callid")
modparam("usrloc", "cseq_column", "cseq")
modparam("usrloc", "methods_column", "methods")
modparam("usrloc", "flags_column", "flags")
modparam("usrloc", "user_agent_column", "user_agent")
modparam("usrloc", "received_column", "received")
modparam("usrloc", "socket_column", "socket")
modparam("usrloc", "use_domain", 0)
modparam("usrloc", "desc_time_order", 0)
modparam("usrloc", "timer_interval", 60)
modparam("usrloc", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("usrloc", "db_mode", 1)
modparam("usrloc", "matching_mode", 0)
modparam("usrloc", "cseq_delay", 20)
modparam("usrloc", "nat_bflag", 6)

loadmodule "textops.so"

loadmodule "rr.so"
modparam("rr", "enable_full_lr", 0)
modparam("rr", "append_fromtag", 1)
modparam("rr", "enable_double_rr", 1)
modparam("rr", "add_username", 0)

loadmodule "tm.so"
modparam("tm", "fr_timer", 30)
modparam("tm", "fr_inv_timer", 120)
modparam("tm", "wt_timer", 5)
modparam("tm", "delete_timer", 2)
modparam("tm", "noisy_ctimer", 0)
modparam("tm", "ruri_matching", 1)
modparam("tm", "via1_matching", 1)
modparam("tm", "unix_tx_timeout", 2)
modparam("tm", "restart_fr_on_each_reply", 1)
modparam("tm", "pass_provisional_replies", 0)

loadmodule "xlog.so"
modparam("xlog", "buf_size", 4096)
modparam("xlog", "force_color", 0)

loadmodule "mi_fifo.so"
modparam("mi_fifo", "fifo_name", "/tmp/openser_fifo")
modparam("mi_fifo", "fifo_mode", 0660)
modparam("mi_fifo", "fifo_group", "openser")
modparam("mi_fifo", "fifo_user", "openser")
modparam("mi_fifo", "reply_dir", "/tmp/")
modparam("mi_fifo", "reply_indent", "\t")

loadmodule "domain.so"
modparam("domain", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("domain", "db_mode", 1)
modparam("domain", "domain_table", "domain")
modparam("domain", "domain_col", "domain")

loadmodule "nathelper.so"
modparam("nathelper", "natping_interval", 60)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock")
modparam("nathelper", "rtpproxy_disable", 0)
modparam("nathelper", "rtpproxy_disable_tout", 60)
modparam("nathelper", "rtpproxy_tout", 1)
modparam("nathelper", "rtpproxy_retr", 5)
modparam("nathelper", "sipping_method", "OPTIONS")
modparam("nathelper", "received_avp", "$avp(i:801)")

loadmodule "sl.so"
modparam("sl", "enable_stats", 1)

loadmodule "uri.so"

loadmodule "registrar.so"
modparam("registrar", "default_expires", 3600)
modparam("registrar", "min_expires", 60)
modparam("registrar", "max_expires", 0)
modparam("registrar", "default_q", 0)
modparam("registrar", "append_branches", 1)
modparam("registrar", "case_sensitive", 0)
modparam("registrar", "received_param", "received")
modparam("registrar", "max_contacts", 0)
modparam("registrar", "retry_after", 0)
modparam("registrar", "method_filtering", 0)
modparam("registrar", "path_mode", 2)
modparam("registrar", "path_use_received", 0)
modparam("registrar", "received_avp", "$avp(i:801)")

loadmodule "maxfwd.so"
modparam("maxfwd", "max_limit", 256)

loadmodule "mysql.so"
modparam("mysql", "ping_interval", 300)
modparam("mysql", "auto_reconnect", 1)

loadmodule "auth.so"
modparam("auth", "nonce_expire", 300)
modparam("auth", "rpid_suffix", ";party=calling;id-type=subscriber;screen=yes")
modparam("auth", "rpid_avp", "$avp(s:rpid)")

loadmodule "auth_db.so"
modparam("auth_db", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("auth_db", "user_column", "username")
modparam("auth_db", "domain_column", "domain")
modparam("auth_db", "password_column", "password")
modparam("auth_db", "password_column_2", "ha1b")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "use_domain", 0)
modparam("auth_db", "load_credentials", "rpid")

loadmodule "uri_db.so"
modparam("uri_db", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("uri_db", "uri_table", "uri")
modparam("uri_db", "uri_user_column", "username")
modparam("uri_db", "uri_domain_column", "domain")
modparam("uri_db", "uri_uriuser_column", "uri_user")
modparam("uri_db", "subscriber_table", "subscriber")
modparam("uri_db", "subscriber_user_column", "username")
modparam("uri_db", "subscriber_domain_column", "domain")
modparam("uri_db", "use_uri_table", 0)
modparam("uri_db", "use_domain", 0)

loadmodule "lcr.so"
modparam("lcr", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("lcr", "gw_table", "gw")
modparam("lcr", "gw_name_column", "gw_name")
modparam("lcr", "ip_addr_column", "ip_addr")
modparam("lcr", "port_column", "port")
modparam("lcr", "uri_scheme_column", "uri_scheme")
modparam("lcr", "transport_column", "transport")
modparam("lcr", "grp_id_column", "grp_id")
modparam("lcr", "lcr_table", "lcr")
modparam("lcr", "strip_column", "strip")
modparam("lcr", "prefix_column", "prefix")
modparam("lcr", "from_uri_column", "from_uri")
modparam("lcr", "priority_column", "priority")
modparam("lcr", "gw_uri_avp", "1400")
modparam("lcr", "ruri_user_avp", "1402")
modparam("lcr", "contact_avp", "1401")
modparam("lcr", "fr_inv_timer_avp", "s:fr_inv_timer_avp")
modparam("lcr", "fr_inv_timer", 90)
modparam("lcr", "fr_inv_timer_next", 30)
modparam("lcr", "rpid_avp", "s:rpid")

########################################################################
# Request route 'main'
########################################################################
route[0]
{
        xlog("L_INFO", "New request - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
        force_rport();
        if(msg:len > max_len)
        {

                xlog("L_INFO", "Message too big - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                sl_send_reply("513", "Message Too Big");
                exit;
        }
        if (!mf_process_maxfwd_header("10"))
        {

                xlog("L_INFO", "Too many hops - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                sl_send_reply("483", "Too Many Hops");
                exit;
        }
        if(!is_method("REGISTER"))
        {
                if(nat_uac_test("19"))
                {
                        record_route(";nat=yes");
                }
                else
                {
                        record_route();
                }
        }
        if(is_method("CANCEL") || is_method("BYE"))
        {
                unforce_rtp_proxy();
        }
        if(loose_route())
        {
                if(!has_totag())
                {

                        xlog("L_INFO", "Initial loose-routing rejected - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                        sl_send_reply("403", "Initial Loose-Routing Rejected");
                        exit;
                }
                if(nat_uac_test("19") || search("^Route:.*;nat=yes"))
                {
                        fix_nated_contact();
                        setbflag(6);
                }

                route(3);
        }
        if(is_method("REGISTER"))
        {
                route(2);
        }
        if(is_method("INVITE"))
        {
                route(4);
        }
        if(is_method("CANCEL") || is_method("ACK"))
        {
                route(8);
        }

        route(9);
}

########################################################################
# Request route 'stop-rtp-proxy'
########################################################################
route[1]
{
        if(isflagset(22))
        {
                unforce_rtp_proxy();
        }

}

########################################################################
# Request route 'base-route-register'
########################################################################
route[2]
{
        sl_send_reply("100", "Trying");
        if(!www_authorize("", "subscriber")) 
        {

                xlog("L_INFO", "Register authentication failed - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                www_challenge("", "0");
                exit;
        }
        if(!check_to()) 
        {

                xlog("L_INFO", "Spoofed To-URI detected - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                sl_send_reply("403", "Spoofed To-URI Detected");
                exit;
        }
        consume_credentials();
        if(!search("^Contact:[ ]*\*") && nat_uac_test("19")) 
        {
                fix_nated_register();
                setbflag(6);
        }
        if(!save("location")) 
        {

                xlog("L_ERR", "Saving contact failed - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                sl_reply_error();
                exit;
        }

        xlog("L_INFO", "Registration successful - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
        exit;

}

########################################################################
# Request route 'base-outbound'
########################################################################
route[3]
{
        if(isbflagset(6))
        {
                if(!isflagset(22) && !search("^Content-Length:[ ]*0"))
                {
                        setflag(22);
                        force_rtp_proxy();
                }

                t_on_reply("2");
        }
        else
        {

                t_on_reply("1");
        }
        if(!isflagset(21))
        {

                t_on_failure("2");
        }
        if(isflagset(29))
        {
                append_branch();
        }
        if(is_present_hf("Proxy-Authorization"))
        {
                consume_credentials();
        }

        xlog("L_INFO", "Request leaving server, D-URI='$du' - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
        # no 100 (we already sent it) and no DNS blacklisting
        if(!t_relay("0x05"))
        {
                sl_reply_error();
                if(is_method("INVITE") && isbflagset(6))
                {
                        unforce_rtp_proxy();
                }
        }
        exit;

}

########################################################################
# Request route 'base-route-invite'
########################################################################
route[4]
{
        sl_send_reply("100", "Trying");
        if(from_gw())
        {

                xlog("L_INFO", "Call from PSTN' - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                setflag(23);
        }
        else
        {
                if(!proxy_authorize("", "subscriber")) 
                {

                        xlog("L_INFO", "Proxy authentication failed - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                        proxy_challenge("", "0");
                        exit;
                }
                if(!check_from()) 
                {

                        xlog("L_INFO", "Spoofed From-URI detected - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                        sl_send_reply("403", "Spoofed From-URI Detected");
                        exit;
                }
        }
        if(nat_uac_test("19")) 
        {
                fix_nated_contact();
                setbflag(6);
        }

        route(5);
}

########################################################################
# Request route 'invite-find-callee'
########################################################################
route[5]
{
        if(!is_domain_local("$rd"))
        {
                setflag(20);

                route(7);
        }
        if(does_uri_exist())
        {

                xlog("L_INFO", "Callee is local - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                route(6);
        }
        else
        {

                xlog("L_INFO", "Callee is not local - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                route(7);
        }
        exit;

}

########################################################################
# Request route 'invite-to-internal'
########################################################################
route[6]
{
        if(!lookup("location")) 
        {

                xlog("L_INFO", "Local user offline - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                sl_send_reply("404", "User Offline");
        }
        else
        {

                xlog("L_INFO", "Local user online - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                route(3);
        }
        exit;

}

########################################################################
# Request route 'invite-to-external'
########################################################################
route[7]
{
        if(isflagset(20))
        {

                xlog("L_INFO", "Call to foreign domain - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                route(3);
                exit;
        }
        if(!isflagset(23))
        {
                # don't allow calls relaying from PSTN to PSTN, if not explicitely forwarded
                if(uri =~ "^sip:[0-9]+@")
                {
                        # only route numeric users to PSTN
                        if(!load_gws())
                        {

                                xlog("L_ERR", "Error loading PSTN gateways - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                                sl_send_reply("503", "PSTN Termination Currently Unavailable");
                                exit;
                        }
                        if(!next_gw())
                        {

                                xlog("L_ERR", "No PSTN gateways available - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                                sl_send_reply("503", "PSTN Termination Currently Unavailable");
                                exit;
                        }
                        setflag(21);

                        t_on_failure("1");
                        route(3);
                }
        }

        xlog("L_INFO", "Call to unknown user - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
        sl_send_reply("404", "User Not Found");
        exit;

}

########################################################################
# Request route 'base-route-local'
########################################################################
route[8]
{
        t_on_reply("1");
        if(t_check_trans())
        {

                xlog("L_INFO", "Request leaving server - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                if(!t_relay())
                {
                        sl_reply_error();
                }
        }
        else
        {

                xlog("L_INFO", "Dropping mis-routed request - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
        }
        exit;

}

########################################################################
# Request route 'base-route-generic'
########################################################################
route[9]
{
        xlog("L_INFO", "Method not supported - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
        sl_send_reply("501", "Method Not Supported Here");
        exit;

}

########################################################################
# Request route 'base-filter-failover'
########################################################################
route[10]
{
        if(!t_check_status("408|500|503"))
        {

                xlog("L_INFO", "No failover routing needed for this response code - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                route(1);
                exit;
        }

}

########################################################################
# Reply route 'base-standard-reply'
########################################################################
onreply_route[1]
{
        xlog("L_INFO", "Reply - S=$rs D=$rr F=$fu T=$tu IP=$si ID=$ci\n");
        exit;

}

########################################################################
# Reply route 'base-nat-reply'
########################################################################
onreply_route[2]
{
        xlog("L_INFO", "NAT-Reply - S=$rs D=$rr F=$fu T=$tu IP=$si ID=$ci\n");
        if(nat_uac_test("1"))
        {
                fix_nated_contact();
        }
        if(isbflagset(6) && status=~"(180)|(183)|2[0-9][0-9]") 
        {
                if(!search("^Content-Length:[ ]*0"))
                {
                        force_rtp_proxy();
                }
        }
        exit;

}

########################################################################
# Failure route 'pstn-failover'
########################################################################
failure_route[1]
{
        xlog("L_INFO", "Failure route for PSTN entered - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
        route(10);
        if(!next_gw())
        {

                xlog("L_ERR", "Failed to select next PSTN gateway - M=$rm RURI=$ru F=$fu T=$tu IP=$si ID=$ci\n");
                route(1);
                exit;
        }

        t_on_failure("1");
        route(3);
}

########################################################################
# Failure route 'base-standard-failure'
########################################################################
failure_route[2]
{
        route(10);
        route(1);
}




More information about the Users mailing list