[Spce-user] loose-routing
Andreas Granig
agranig at sipwise.com
Tue Nov 7 04:22:54 EST 2017
Hi,
In general, I'd say it WOULD work fine, if the Route header at least had
the "lr" flag set. That is, it would need to indicate loose-routing and
look like this:
Route: <sip:3482209875 at c.voceblu.it;lr>
Since this param is missing, it expects the next hop to be a strict
router and inserts the previously set R-URI sip:centrale03.avanzati.it
into another Route once again.
I played a bit with this and managed to get it working, however there is
NO GUARANTEE WHATSOEVER that this is going to cause any security issues
or side effects in routing or billing or anything else. I've just tested
if the proxy is continuing to process the call instead of getting
rejected due to loose-routing restrictions. Having said that, here you
go, there is the patch:
########################
--- /etc/ngcp-config/templates/etc/kamailio/proxy/proxy.cfg.tt2
2017-11-07 10:06:34.939673459 +0100
+++ /etc/ngcp-config/templates/etc/kamailio/proxy/proxy.cfg.customtt.tt2
2017-11-07 10:18:30.748835620 +0100
@@ -105,6 +105,7 @@
$(avp(s:first_caller_ipv46_for_rtpproxy)[*]) = $null;
+ $var(ruri_before_loose) = $ru;
if(loose_route())
{
if(check_route_param("rtpprx=yes") || $dlg_var(rtpprx) == "1")
@@ -125,7 +126,13 @@
}
if(!has_totag())
{
- if($du != $null && is_domain_local("$dd"))
+ if($du == $null && $rU == $null &&
+ is_domain_local("$rd") &&
is_domain_local("$(var(ruri_before_loose){nameaddr.uri}{uri.host})"))
+ {
+ xlog("L_NOTICE", "HACK: restore strict routed request - [% logreq
-%]\n");
+ $ru = $var(ruri_before_loose);
+ }
+ else if($du != $null && is_domain_local("$dd"))
{
xlog("L_INFO", "Reset initial local route - [% logreq -%]\n");
$du = $null;
########################
So, what it does is checking within loose_route() whether $du is null
(which on a loose-routed request shouldn't be the case) and if the
resulting request-uri has no user-part (because it's set to
"sip:centrale03.avanzati.it" by kamailio after loose_route), and if the
domain part of the request uri is in your domains list (which is true if
you have centrale03.avanzati.it created as a domain in the panel).
Finally it also checks if the original request uri (which we're about to
restore and continue to work with) is also in your domains list (which
is true if you also have c.voceblu.it created as domain in the panel).
If all of this is the case, it takes the previously set request uri (the
one being there in the original Route header) and takes that to continue
routing.
I'm not confident whether this is the correct behavior of a proxy in
general for these types of requests, but it looks strict and reasonable
enough. Anyways, use at own risk.
Andreas
On 11/06/2017 05:00 PM, Daniel Grotti wrote:
> Hi Stefano,
> the INVITE the Gigaset is sending is quite weird, never seen this before.
> RURI contains the Proxy domain, and conaints a ROUTE header with the
> number to call:
>
> INVITE sip:centrale03.avanzati.it SIP/2.0
> Via: SIP/2.0/UDP
> 192.168.192.50:5070;rport;branch=z9hG4bKPjb90130da-94b5-46f2-9fa0-e13110f185f8
>
> From:
> <sip:0119084086 at c.voceblu.it>;tag=d8629edc-773b-4100-97b6-27d2dcc4e417
> To: <sip:3482209875 at c.voceblu.it>
> Contact: <sip:0119084086 at 192.168.192.50:5070>
> Call-ID: 4ae7566c-c8ab-4b29-9950-d6829953f085
> CSeq: 20617 INVITE
> Allow: OPTIONS, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL,
> UPDATE, PRACK, REGISTER, REFER, MESSAGE
> Supported: 100rel, timer, replaces, norefersub
> Session-Expires: 1800
> Min-SE: 90
> P-Asserted-Identity: <sip:112 at galilei.local>
> P-Preferred-Identity: <sip:112 at galilei.local>
> Route: <sip:3482209875 at c.voceblu.it>
> Max-Forwards: 70
> User-Agent: Gigaset T440/T640
> Content-Type: application/sdp
> Content-Length: 239
>
>
> Also, what is strange is that the INVITE from LB to PROXY looks lile:
>
>
> INVITE sip:3482209875 at c.voceblu.it SIP/2.0
> Record-Route:
> <sip:127.0.0.1;r2=on;lr=on;ftag=d8629edc-773b-4100-97b6-27d2dcc4e417;nat=yes;ngcplb=yes;socket=udp:94.125.235.56:5060>
>
> Record-Route:
> <sip:94.125.235.56;r2=on;lr=on;ftag=d8629edc-773b-4100-97b6-27d2dcc4e417;nat=yes;ngcplb=yes;socket=udp:94.125.235.56:5060>
>
> Via: SIP/2.0/UDP
> 127.0.0.1;branch=z9hG4bK574d.ba877c02a02cf37c79ee52087c29a8d0.0
> Via: SIP/2.0/UDP
> 192.168.192.50:5070;received=178.255.188.147;rport=42652;branch=z9hG4bKPjb90130da-94b5-46f2-9fa0-e13110f185f8
>
> From:
> <sip:0119084086 at c.voceblu.it>;tag=d8629edc-773b-4100-97b6-27d2dcc4e417
> To: <sip:3482209875 at c.voceblu.it>
> Contact: <sip:0119084086 at 192.168.192.50:5070;alias=178.255.188.147~42652~1>
> Call-ID: 4ae7566c-c8ab-4b29-9950-d6829953f085
> CSeq: 20617 INVITE
> Allow: OPTIONS, SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL,
> UPDATE, PRACK, REGISTER, MESSAGE
> Supported: 100rel, timer, replaces, norefersub
> Session-Expires: 1800
> Min-SE: 90
> P-Asserted-Identity: <sip:112 at galilei.local>
> P-Preferred-Identity: <sip:112 at galilei.local>
> Max-Forwards: 69
> User-Agent: Gigaset T440/T640
> Content-Type: application/sdp
> Content-Length: 269
> P-NGCP-Src-Ip: 178.255.188.147
> P-NGCP-Src-Port: 42652
> P-NGCP-Src-Proto: udp
> P-NGCP-Src-Af: 4
> P-Sock-Info: udp:94.125.235.56:5060
> P-NGCP-Src-Nat: 1
> Route: <sip:centrale03.avanzati.it>
>
>
> And this is also weird, cause it contains a ROUTE header, that should
> not be there.
>
> Which version are you using ?
> Do you have kamailo customtt in place ?
>
>
> I would recommend to check your UA configuration, cause the first invite
> with that RURI and the Route header looks very strange, that should not
> the way to initiate a SIP session. INVITE's R-URI should contains
> sip:<number_called>@<sip_domain>, and usually no route header, or if
> any, they should contain the IP/domain of your NGCP.
>
>
>
> --
> Daniel Grotti
> Head of Customer Support
> Sipwise GmbH, Campus 21/Europaring F15
> AT-2345 Brunn am Gebirge
>
> Office: +43(0)130120332
> Email: dgrotti at sipwise.com
> Website: https://www.sipwise.com
>
> On 11/06/2017 12:06 PM, Daniel Grotti wrote:
>> Or better to send me the entire pcap (you can use my email if you
>> don't want to share data).
>>
>> --
>> Daniel Grotti
>> Head of Customer Support
>> Sipwise GmbH, Campus 21/Europaring F15
>> AT-2345 Brunn am Gebirge
>>
>> Office: +43(0)130120332
>> Email: dgrotti at sipwise.com
>> Website: https://www.sipwise.com
>> On 11/06/2017 12:05 PM, Daniel Grotti wrote:
>>> Please show me the INIVTE from 127.0.0.1:5060 (lb) to 127.0.0.1:5062
>>> (proxy).
>>> Thanks
>>>
>>>
>>> --
>>> Daniel Grotti
>>> Head of Customer Support
>>> Sipwise GmbH, Campus 21/Europaring F15
>>> AT-2345 Brunn am Gebirge
>>>
>>> Office: +43(0)130120332
>>> Email: dgrotti at sipwise.com
>>> Website: https://www.sipwise.com
>>> On 11/06/2017 11:56 AM, stefanormc wrote:
>>>> Great tool!
>>>>
>>>> *
>>>> Call flow for 4ae7566c-c8ab-4b29-9950-d6829953f085 (Color by
>>>> Request/Response)*
>>>>
>>>>
>>>>
>>>> │*INVITE**sip:centrale03.avanzati.it
>>>> <http://centrale03.avanzati.it>*SIP/2.0
>>>>
>>>> 178.255.188.147:42652 <http://178.255.188.147:42652>
>>>> *94.125.235.56:5060 <http://94.125.235.56:5060>*
>>>> *127.0.0.1:5060 <http://127.0.0.1:5060>*
>>>> *127.0.0.1:5062 <http://127.0.0.1:5062>* │Via:SIP/2.0/UDP
>>>> 192.168.192.50:5070;rport;branch=z9hG4bKPjb90130da-94b5-46f2-9fa0-e13
>>>>
>>>> ──────────┬───────── ──────────┬─────────
>>>> ──────────┬───────── ──────────┬─────────│0f185f8
>>>>
>>>> │ * INVITE (SDP) *│
>>>> │ │
>>>> │From:<sip:0119084086 at c.voceblu.it
>>>> <mailto:sip%3A0119084086 at c.voceblu.it>>;tag=d8629edc-773b-4100-97b6-27d2dcc4e417
>>>>
>>>> *11:44:32.102554* │ *──────────────────────────>*│
>>>> │ │
>>>> │To:<sip:3482209875 at c.voceblu.it <mailto:sip%3A3482209875 at c.voceblu.it>>
>>>>
>>>> +0.000462 │ │
>>>> │ INVITE (SDP) │
>>>> │Contact:<sip:0119084086 at 192.168.192.50:5070
>>>> <http://sip:0119084086@192.168.192.50:5070>>
>>>>
>>>> 11:44:32.103016 │ │
>>>> │ ──────────────────────────>│
>>>> │Call-ID:*4ae7566c-c8ab-4b29-9950-d6829953f085*
>>>>
>>>> +0.000214 │ │
>>>> │ 100 Trying │ │CSeq:20617 INVITE
>>>>
>>>> 11:44:32.103230 │ │
>>>> │ <──────────────────────────│ │Allow:OPTIONS,
>>>> SUBSCRIBE, NOTIFY, PUBLISH, INVITE, ACK, BYE, CANCEL, UPDATE, PRACK, R
>>>>
>>>> +0.000176 │ │
>>>> │ 403 Initial Loose-Routing │ │ISTER, REFER, MESSAGE
>>>>
>>>> 11:44:32.103406 │ │
>>>> │ <──────────────────────────│ │Supported:100rel,
>>>> timer, replaces, norefersub
>>>>
>>>> +0.000194 │ 100 Trying │
>>>> │ │ │Session-Expires:1800
>>>>
>>>> 11:44:32.103600 │ <──────────────────────────│
>>>> │ │ │Min-SE:90
>>>>
>>>> +0.000060 │ 403 Initial Loose-Routing │
>>>> │ │
>>>> │P-Asserted-Identity:<sip:112 at galilei.local>
>>>>
>>>> 11:44:32.103660 │ <──────────────────────────│
>>>> │ │
>>>> │P-Preferred-Identity:<sip:112 at galilei.local>
>>>>
>>>> +0.010267 │ ACK │
>>>> │ │
>>>> │Route:<sip:3482209875 at c.voceblu.it
>>>> <mailto:sip%3A3482209875 at c.voceblu.it>>
>>>>
>>>> 11:44:32.113927 │ ──────────────────────────>│
>>>> │ │ │Max-Forwards:70
>>>>
>>>> +0.000254 │ │
>>>> │ ACK │ │User-Agent:Gigaset
>>>> T440/T640
>>>>
>>>> 11:44:32.114181 │ │
>>>> │ ──────────────────────────>│
>>>> │Content-Type:application/sdp
>>>>
>>>> │ │
>>>> │ │ │Content-Length: 239
>>>>
>>>> │ │
>>>> │ │ │
>>>>
>>>> │ │
>>>> │ │ │v=0
>>>>
>>>> │ │
>>>> │ │ │o=- 370697073
>>>> 370697073 IN IP4 192.168.192.50
>>>>
>>>> │ │
>>>> │ │ │s=Asterisk
>>>>
>>>> │ │
>>>> │ │ │c=IN IP4 192.168.192.50
>>>>
>>>> │ │
>>>> │ │ │t=0 0
>>>>
>>>> │ │
>>>> │ │ │m=audio 12360
>>>> RTP/AVP 0 101
>>>>
>>>> │ │
>>>> │ │ │a=rtpmap:0 PCMU/8000
>>>>
>>>> │ │
>>>> │ │ │a=rtpmap:101
>>>> telephone-event/8000
>>>>
>>>> │ │
>>>> │ │ │a=fmtp:101 0-16
>>>>
>>>> │ │
>>>> │ │ │a=ptime:20
>>>>
>>>> │ │
>>>> │ │ │a=maxptime:150
>>>>
>>>> │ │
>>>> │ │ │a=sendrecv
>>>>
>>>> │ │
>>>> │ │ │
>>>>
>>>> │ │
>>>> │ │ │
>>>>
>>>> │ │
>>>> │ │ │
>>>>
>>>>
>>>> can it be the p-asserted-identity the problem? I see is the PBX
>>>> endpoint instead of the sipwise account
>>>>
>>>>
>>>>
>>>>
>>>> Il giorno 6 novembre 2017 @ 11:34:13, Daniel Grotti
>>>> (dgrotti at sipwise.com <mailto:dgrotti at sipwise.com>) ha scritto:
>>>>
>>>>> mmm...so the problem could be in the $du variable.
>>>>> Since loose_route() return TRUE, it means that the INVITE contains
>>>>> a Route header.
>>>>>
>>>>> Can you take a trace of such call (with sngrep for example) and
>>>>> paste here the INVITE you receive from this UA ?
>>>>>
>>>>>
>>>>> --
>>>>> Daniel Grotti
>>>>> Head of Customer Support
>>>>> Sipwise GmbH, Campus 21/Europaring F15
>>>>> AT-2345 Brunn am Gebirge
>>>>>
>>>>> Office: +43(0)130120332
>>>>> Email: dgrotti at sipwise.com
>>>>> Website: https://www.sipwise.com
>>>>> On 11/06/2017 11:24 AM, stefanormc wrote:
>>>>>>
>>>>>> MariaDB [ngcp]> select * from kamailio.domain;
>>>>>>
>>>>>> +----+----------------------------+---------------------+------+
>>>>>>
>>>>>> | id | domain | last_modified | did |
>>>>>>
>>>>>> +----+----------------------------+---------------------+------+
>>>>>>
>>>>>> | 1 | voip.sipwise.local | 1900-01-01 00:00:01 | NULL |
>>>>>>
>>>>>> | 2 | sipd.bandablu.com <http://sipd.bandablu.com> |
>>>>>> 1900-01-01 00:00:01 | NULL |
>>>>>>
>>>>>> | 3 | d.voceblu.it <http://d.voceblu.it> |
>>>>>> 1900-01-01 00:00:01 | NULL |
>>>>>>
>>>>>> | 5 | c.voceblu.it <http://c.voceblu.it> |
>>>>>> 1900-01-01 00:00:01 | NULL |
>>>>>>
>>>>>> | 8 | netgen.voceblu.it <http://netgen.voceblu.it> |
>>>>>> 1900-01-01 00:00:01 | NULL |
>>>>>>
>>>>>> | 11 | res.voceblu.it <http://res.voceblu.it> |
>>>>>> 1900-01-01 00:00:01 | NULL |
>>>>>>
>>>>>> | 12 | via-bolletta.telefonica.it
>>>>>> <http://via-bolletta.telefonica.it> | 1900-01-01 00:00:01 | NULL |
>>>>>>
>>>>>> | 13 | centrale03.avanzati.it <http://centrale03.avanzati.it>
>>>>>> | 1900-01-01 00:00:01 | NULL |
>>>>>>
>>>>>> +----+----------------------------+---------------------+------+
>>>>>>
>>>>>> *8 rows in set (0.02 sec)*
>>>>>>
>>>>>> *
>>>>>> *
>>>>>> *
>>>>>> *
>>>>>> *
>>>>>> *
>>>>>>
>>>>>> centrale03:~# ngcp-kamctl proxy fifo domain_dump
>>>>>>
>>>>>> domain:: sipd.bandablu.com <http://sipd.bandablu.com>
>>>>>>
>>>>>> did:: sipd.bandablu.com <http://sipd.bandablu.com>
>>>>>>
>>>>>> domain:: voip.sipwise.local
>>>>>>
>>>>>> did:: voip.sipwise.local
>>>>>>
>>>>>> domain:: via-bolletta.telefonica.it
>>>>>> <http://via-bolletta.telefonica.it>
>>>>>>
>>>>>> did:: via-bolletta.telefonica.it <http://via-bolletta.telefonica.it>
>>>>>>
>>>>>> domain:: centrale03.avanzati.it <http://centrale03.avanzati.it>
>>>>>>
>>>>>> did:: centrale03.avanzati.it <http://centrale03.avanzati.it>
>>>>>>
>>>>>> domain:: res.voceblu.it <http://res.voceblu.it>
>>>>>>
>>>>>> did:: res.voceblu.it <http://res.voceblu.it>
>>>>>>
>>>>>> domain:: d.voceblu.it <http://d.voceblu.it>
>>>>>>
>>>>>> did:: d.voceblu.it <http://d.voceblu.it>
>>>>>>
>>>>>> domain:: c.voceblu.it <http://c.voceblu.it>
>>>>>>
>>>>>> did:: c.voceblu.it <http://c.voceblu.it>
>>>>>>
>>>>>> domain:: netgen.voceblu.it <http://netgen.voceblu.it>
>>>>>>
>>>>>> did:: netgen.voceblu.it <http://netgen.voceblu.it>
>>>>>>
>>>>>>
>>>>>>
>>>>>> Il giorno 6 novembre 2017 @ 11:18:40, Daniel Grotti
>>>>>> (dgrotti at sipwise.com <mailto:dgrotti at sipwise.com>) ha scritto:
>>>>>>
>>>>>>> select * from kamailio.domain;
>>>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> Spce-user mailing list
>>> Spce-user at lists.sipwise.com
>>> https://lists.sipwise.com/listinfo/spce-user
>>
>>
>>
>> _______________________________________________
>> Spce-user mailing list
>> Spce-user at lists.sipwise.com
>> https://lists.sipwise.com/listinfo/spce-user
>
>
>
> _______________________________________________
> Spce-user mailing list
> Spce-user at lists.sipwise.com
> https://lists.sipwise.com/listinfo/spce-user
>
More information about the Spce-user
mailing list