[Users] OpenSER as load balancer for several Asterisk servers
Max Gregorian
gregorian442 at googlemail.com
Wed Dec 20 14:40:31 CET 2006
Forgot to add,
you may need to rewritehost (or even contact information) to point at the
Asterisk server before you do the forwarding to Asterisk.
On 20/12/06, Max Gregorian <gregorian442 at googlemail.com> wrote:
>
> I think I may have spotted the problem in the signalling.
>
> In this reply to the INVITE, the *first stage* is fine:
>
> Asterisk -> OpenSER (The signalling here is fine from Asterisk)
>
>
> In the *second stage*, the reply from OpenSER to UAC
>
> OpenSER -> Client
>
> this part
>
> Session Description Protocol
> Session Description Protocol Version (v): 0
> Owner/Creator, Session Id (o): root 20137 20138 IN IP4
> *OOO.OOO.OOO.OOO*
> Session Name (s): session
> Connection Information (c): IN IP4 Session Description Protocol
> Session Description Protocol Version (v): 0
> Owner/Creator, Session Id (o): root 20137 20138 IN IP4
> OOO.OOO.OOO.OOO
> Session Name (s): session
> Connection Information (c): IN IP4 OOO.OOO.OOO.OOO
> Time Description, active time (t): 0 0
> Media Description, name and address (m): audio
> 58508 Time Description, active time (t): 0 0
> Media Description, name and address (m): audio 58508
>
>
> you see where it says IN IP4, this should *still* have the IP of Asterisk
> if you want the RTP to go to the Asterisk server, but instead it has the IP
> of OpenSER so RTP is sent to OpenSER.
>
> This information is taken from somewhere (I forget - i think it's the *
> contact* of the REGISTER message), but it can be fixed.
>
> You will need to look at the entire call flow starting from when the UAC
> first registers with OpenSER. Then, in your NAT handling routine use I think
> *fix_nated_register* and *fix_nated_contact *.
>
> Hope this helps.
>
>
>
>
> On 12/19/06, Edoardo Serra <osdevel at webrainstorm.it> wrote:
> >
> > At 13.51 19/12/2006, Klaus Darilion wrote:
> > >You said that the 200 contains openser's IP in the SDP? Is it put in
> > >there by openser or already by Asterisk?
> >
> > Tnx very much for help
> >
> > It's put in there by OpenSER.
> >
> > I'm attaching the 2 SIP/SDP packets (1 from asterisk to openser and 1
> > from openser to client)
> >
> > AAA.AAA.AAA.AAA stands for IP of Asterisk
> > OOO.OOO.OOO.OOO stands for IP of OpenSER
> > CCC.CCC.CCC.CCC stands for IP of client
> > 3333333333 is the called number
> >
> >
> > No. Time Source Destination Protocol
> > Info
> > 20 12.646925 AAA.AAA.AAA.AAA OOO.OOO.OOO.OOO SIP/SDP
> > Status: 200 OK, with session description
> >
> > Session Initiation Protocol
> > Status-Line: SIP/2.0 200 OK
> > Message Header
> > Via: SIP/2.0/UDP
> > OOO.OOO.OOO.OOO;branch=z9hG4bK5bbd.eaf4f093.0;received=OOO.OOO.OOO.OOO
> > Via: SIP/2.0/UDP
> > CCC.CCC.CCC.CCC
> > :8952;branch=z9hG4bK-d87543-e15656230434101e-1--d87543-;rport=8952
> > Record-Route: <sip:OOO.OOO.OOO.OOO ;lr=on;ftag=9043ec70>
> > From: "test"<sip:test at OOO.OOO.OOO.OOO>;tag=9043ec70
> > To: "3333333333"< sip:3333333333 at OOO.OOO.OOO.OOO>;tag=as30a7528b
> > Call-ID:
> > 98684a222a2eeb7aYmVlZTUzZDRhNjMzN2Y0MTZhYmNmOTc5MzQ4OGI3ZGU.
> > CSeq: 3 INVITE
> > User-Agent: Asterisk
> > Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE,
> > NOTIFY
> > Contact: <sip:3333333333 at AAA.AAA.AAA.AAA:5060>
> > Content-Type: application/sdp
> > Content-Length: 291
> > Message body
> > Session Description Protocol
> > Session Description Protocol Version (v): 0
> > Owner/Creator, Session Id (o): root 20137 20138 IN IP4
> > AAA.AAA.AAA.AAA
> > Session Name (s): session
> > Connection Information (c): IN IP4 AAA.AAA.AAA.AAA
> > Time Description, active time (t): 0 0
> > Media Description, name and address (m): audio 58508
> > RTP/AVP 98 3 8 0 101
> > Media Attribute (a): rtpmap:98 iLBC/8000
> > Media Attribute (a): rtpmap:3 GSM/8000
> > Media Attribute (a): rtpmap:8 PCMA/8000
> > Media Attribute (a): rtpmap:0 PCMU/8000
> > Media Attribute (a): rtpmap:101 telephone-event/8000
> > Media Attribute (a): fmtp:101 0-16
> > Media Attribute (a): silenceSupp:off - - - -
> >
> > No. Time Source Destination Protocol
> > Info
> > 21 12.647437 OOO.OOO.OOO.OOO CCC.CCC.CCC.CCC SIP/SDP
> > Status: 200 OK, with session description
> >
> > Session Initiation Protocol
> > Status-Line: SIP/2.0 200 OK
> > Message Header
> > Via: SIP/2.0/UDP
> > OOO.OOO.OOO.OOO
> > :5060;branch=z9hG4bK-d87543-e15656230434101e-1--d87543-;rport=8952
> > Record-Route: <sip:OOO.OOO.OOO.OOO;lr=on;ftag=9043ec70>
> > From: "test"<sip:test at OOO.OOO.OOO.OOO>;tag=9043ec70
> > To: "3333333333"<sip:3333333333 at OOO.OOO.OOO.OOO >;tag=as30a7528b
> > Call-ID:
> > 98684a222a2eeb7aYmVlZTUzZDRhNjMzN2Y0MTZhYmNmOTc5MzQ4OGI3ZGU.
> > CSeq: 3 INVITE
> > User-Agent: Asterisk
> > Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE,
> > NOTIFY
> > Contact: <sip:3333333333 at AAA.AAA.AAA.AAA:5060>
> > Content-Type: application/sdp
> > Content-Length: 291
> > Message body
> > Session Description Protocol
> > Session Description Protocol Version (v): 0
> > Owner/Creator, Session Id (o): root 20137 20138 IN IP4
> > OOO.OOO.OOO.OOO
> > Session Name (s): session
> > Connection Information (c): IN IP4 OOO.OOO.OOO.OOO
> > Time Description, active time (t): 0 0
> > Media Description, name and address (m): audio 58508
> > RTP/AVP 98 3 8 0 101
> > Media Attribute (a): rtpmap:98 iLBC/8000
> > Media Attribute (a): rtpmap:3 GSM/8000
> > Media Attribute (a): rtpmap:8 PCMA/8000
> > Media Attribute (a): rtpmap:0 PCMU/8000
> > Media Attribute (a): rtpmap:101 telephone-event/8000
> > Media Attribute (a): fmtp:101 0-16
> > Media Attribute (a): silenceSupp:off - - - -
> >
> > Tnx very much for help again
> >
> > Regards
> >
> > Edoardo
> >
> >
> > >regards
> > >klaus
> > >
> > >
> > >regards
> > >klaus
> > >
> > >Edoardo Serra wrote:
> > >>Hi guys,
> > >> I'm having a problem with an OpenSER acting as registrar
> > >> server and load balancer for many Asterisk servers.
> > >>In a few words: "users are registering on openser and, when they
> > >>want to make a call, OpenSER proxies the request to an Asterisk
> > >>server with the dispatcher module"
> > >>Here is the intended data flow (SIP goes through OpenSER and media
> > >>goes directly to Asterisk)
> > >>User <-- SIP --> OpenSER <-- SIP --> Asterisk
> > >>User <-- RTP --> Asterisk
> > >>Both, OpenSER and Asterisks have public IPs
> > >>I already have a working setup of that and everything seems working
> > >>correctly.
> > >>I'm trying to replicate that setup on another site, same
> > >>configurations of the boxes, same versions of OpenSER and Asterisk,
> > >>etc... but I'm having monodirectional Audio.
> > >>Having a look with tethereal I see that OpenSER, when the
> > >>communication is answered, sends a SIP packet (200 OK) to the user
> > >>indicating itself as media endpoint instead of the Asterisks.
> > >> From that moment I see RTP packets flowing from the client to
> > OpenSER
> > >>This seems really strange to me because I just copied the same
> > >>configurations file from a working setup to the new installation.
> > >>Tnx in advance for help.
> > >>Regards
> > >>P.S.: Here is my openser.cfg
> > >>## $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
> > >>## simple quick-start config script
> > >>#
> > >># ----------- global configuration parameters ------------------------
> > >>#debug=3 # debug level (cmd line: -dddddddddd)
> > >>fork=yes
> > >>#log_stderror=no # (cmd line: -E)
> > >>check_via=no # (cmd. line: -v)
> > >>dns=no # (cmd. line: -r)
> > >>rev_dns=no # (cmd. line: -R)
> > >>#children=4
> > >>#port=5060
> > >>fifo="/tmp/ser_fifo"
> > >>#uid=nobody
> > >>#gid=nobody
> > >># ------------------ module loading ----------------------------------
> > >>loadmodule "/usr/lib/openser/modules/sl.so"
> > >>loadmodule "/usr/lib/openser/modules/tm.so"
> > >>loadmodule "/usr/lib/openser/modules/rr.so"
> > >>loadmodule "/usr/lib/openser/modules/maxfwd.so"
> > >>loadmodule "/usr/lib/openser/modules/usrloc.so"
> > >>loadmodule "/usr/lib/openser/modules/registrar.so"
> > >>loadmodule "/usr/lib/openser/modules/nathelper.so"
> > >>loadmodule "/usr/lib/openser/modules/textops.so"
> > >>loadmodule "/usr/lib/openser/modules/exec.so"
> > >>loadmodule "/usr/lib/openser/modules/uri.so"
> > >>loadmodule "/usr/lib/openser/modules/uri_db.so"
> > >>loadmodule "/usr/lib/openser/modules/dispatcher.so"
> > >># Uncomment this if you want digest authentication
> > >># mysql.so must be loaded !
> > >>loadmodule "/usr/lib/openser/modules/mysql.so"
> > >>loadmodule "/usr/lib/openser/modules/auth.so"
> > >>loadmodule "/usr/lib/openser/modules/auth_db.so"
> > >>modparam("usrloc", "db_mode", 2)
> > >>modparam("usrloc", "db_url", "mysql://xxx:xxx@xxx.xxx.xxx.xxx
> > /openser")
> > >>modparam("usrloc", "timer_interval", 120)
> > >>modparam("auth_db", "calculate_ha1", 0)
> > >>modparam("auth_db", "db_url", "mysql://xxx:xxx@xxx.xxx.xxx.xxx/voip")
> > >>modparam("uri_db", "db_url", " mysql://xxx:xxx@xxx.xxx.xxx.xxx
> > /openser")
> > >>modparam("rr", "enable_full_lr", 1)
> > >>modparam("registrar", "nat_flag", 6)
> > >>modparam("registrar", "max_expires", 3600)
> > >>modparam("registrar", "min_expires", 60)
> > >>modparam("registrar", "append_branches", 0)
> > >>modparam("registrar", "desc_time_order", 1)
> > >>modparam("nathelper", "natping_interval", 20) # Ping interval 20 s
> > >>modparam("nathelper", "ping_nated_only", 1) # Ping only clients behind
> > NAT
> > >>modparam("dispatcher", "force_dst", 1)
> > >># ------------------------- request routing logic -------------------
> > >># main routing logic
> > >>route{
> > >># initial sanity checks -- messages with
> > >># max_forwards==0, or excessively long requests
> > >>if (!mf_process_maxfwd_header("10")) {
> > >>sl_send_reply("483","Too Many Hops");
> > >>exit;
> > >>};
> > >>if ( msg:len > max_len ) {
> > >>sl_send_reply("513", "Message too big");
> > >>exit;
> > >>};
> > >>if ( (method=="OPTIONS") || (method=="SUBSCRIBE") ||
> > (method=="NOTIFY") ) {
> > >>sl_send_reply("405", "Method Not Allowed");
> > >>exit;
> > >>}
> > >>if (!method=="REGISTER") {
> > >>record_route();
> > >>};
> > >>if ((src_ip==xxx.xxx.xxx.xxx) || (src_ip==xxx.xxx.xxx.xxx)) { # IP
> > >>of Asterisks
> > >>if (!lookup("location")) {
> > >>sl_send_reply("404", "Not Found");
> > >>exit;
> > >>};
> > >># forward to current uri now; use stateful forwarding; that
> > >># works reliably even if we forward from TCP to UDP
> > >>if (!t_relay()) {
> > >>sl_reply_error();
> > >>};
> > >>exit;
> > >>};
> > >>if (nat_uac_test("3")) {
> > >>if ((method=="REGISTER") || (method=="INVITE") || (method=="OPTIONS"))
> > {
> > >>fix_nated_contact();
> > >>force_rport();
> > >>setflag(6); # Mark as NATed
> > >>}
> > >>}
> > >># if the request is for other domain use UsrLoc
> > >># (in case, it does not work, use the following command
> > >># with proper names and addresses in it)
> > >>if (method=="REGISTER") {
> > >>if (!proxy_authorize("domain", "openser_view")) {
> > >>proxy_challenge("domain", "0");
> > >>exit;
> > >>}
> > >>if (!check_to()) {
> > >>sl_send_reply("403", "Digest username and URI username do NOT
> > >>match! Stay away!");
> > >>exit;
> > >>}
> > >>save("location");
> > >>exit;
> > >>};
> > >>
> > >>if (method=="INVITE") {
> > >>if (!proxy_authorize("domain", "openser_view")) {
> > >>proxy_challenge("domain", "0");
> > >>exit;
> > >>}
> > >>if (!check_from()) {
> > >>sl_send_reply("403", "Digest username and URI username do NOT
> > >>match! Stay away!");
> > >>exit;
> > >>}
> > >>}
> > >># loose-route processing
> > >>if (loose_route()) {
> > >># mark routing logic in request
> > >>append_hf("P-hint: rr-enforced\r\n");
> > >>route(1);
> > >>exit;
> > >>};
> > >>if (!uri==myself) {
> > >># mark routing logic in request
> > >>append_hf("P-hint: outbound\r\n");
> > >>route(1);
> > >>exit;
> > >>};
> > >>append_hf("P-hint: usrloc applied\r\n");
> > >>route(1);
> > >>}
> > >>route[1]
> > >>{
> > >># ! Nathelper
> > >>if (uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" &&
> > >>!search("^Route:")){
> > >>sl_send_reply("479", "We don't forward to private IP addresses");
> > >>exit;
> > >>};
> > >># NAT processing of replies; apply to all transactions (for example,
> > >># re-INVITEs from public to private UA are hard to identify as
> > >># NATed at the moment of request processing); look at replies
> > >>t_on_reply("1");
> > >># send it out now; use stateful forwarding as it works reliably
> > >># even for UDP2TCP
> > >>if ((src_ip!= xxx.xxx.xxx.xxx) && (src_ip!=xxx.xxx.xxx.xxx)) { # IP
> > >>of Asterisks
> > >>ds_select_dst("2", "0");
> > >>}
> > >>if (!t_relay()) {
> > >>sl_reply_error();
> > >>};
> > >>}
> > >># ! Nathelper
> > >>onreply_route[1] {
> > >># NATed transaction ?
> > >>if (isflagset(6) && status =~ "(183)|2[0-9][0-9]") {
> > >>fix_nated_contact();
> > >># otherwise, is it a transaction behind a NAT and we did not
> > >># know at time of request processing ? (RFC1918 contacts)
> > >>} else if (nat_uac_test("1")) {
> > >>fix_nated_contact();
> > >>};
> > >>}
> > >>
> > >>_______________________________________________
> > >>Users mailing list
> > >>Users at openser.org
> > >>http://openser.org/cgi-bin/mailman/listinfo/users
> > >
> > >
> > >--
> > >Klaus Darilion
> > >nic.at
> > >
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at openser.org
> > http://openser.org/cgi-bin/mailman/listinfo/users
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.kamailio.org/pipermail/users/attachments/20061220/ea51031a/attachment.htm
More information about the Users
mailing list