[OpenSIPS-Users] What is protocol/port mismatch?
opensipslist at encambio.com
opensipslist at encambio.com
Tue Feb 2 19:32:06 CET 2010
Hello list,
The problem was that the voicemail server was respecting the host
and port of the routeset which OpenSIPS was rewriting to acommodate
the transport change from TLS to TCP. The voicemail server was
configured to send over TLS to the outbound proxy however, so
traffic was arriving at OpenSIPS on the port 5060 using TLS.
It's clear now why the warnings were appearing in the logs, but
even more it seems that OpenSIPS sometimes crashes when sending
TLS traffic to a TCP port which it is expecting clear text from.
To know about the solution to this problem, read below.
An ven., janv 29, 2010, opensipslist at encambio.com schrieb:
>An ven., janv 29, 2010, Bogdan-Andrei Iancu schrieb:
>>opensipslist at encambio.com wrote:
>>> ...and I see this in the log:
>>>
>>> <warning> opensips[2717]: WARNING:core:get_send_socket: protocol/port mismatch
>>>
>>> some hundreds of times per day (about once every 20 minutes
>>> per registered UAC.)
>>>
>>> I have this in the route script:
>>>
>>> listen = tls:name.host.tld:5061
>>> [...]
>>> t_relay("name.host.tld:5080");
>>>
First, although all UAs were exchanging SIP traffic with OpenSIPS
over TLS, t_relay was relaying the messages over UDP. I assume that
t_relay is either hardcoded to use UDP or OpenSIPS was routing the
messages to itself internally over UDP (to recursively resolve
aliases.) In this case maybe t_relay implicitly uses the transport
over which the message was last received (even internally.)
In any case, the call to t_relay should look like this if relaying
over the TCP transport is desired:
t_relay("tcp:name.host.tld:5080");
The problem then is that the rr module will add two Record-Route
headers, expecting a symetrical fashion of SIP traffic. I turned
this off with modparam("rr", "enable_double_rr", 0) because the
voicemail server (Asterisk) is very tricky (maybe even buggy) to
configure to use TLS and outbound proxies.
At this point I saw that traffic was arriving at OpenSIPS port 5061
over TLS as expected, and as indicated by the routeset. The problem
is solved.
>Is the basic idea of this warning message that OpenSIPS
>exchanges a SIP message with a UA over a certain transport
>(TLS in this case) and port number (5061 in this case), but
>a t_relay in the route script forwards the message over a
>different transport or to a different port number?
>
The basic idea of this warning message is that OpenSIPS expects
a certain type (TLS or not TLS) of traffic at a certain TCP port
as configured by the 'listen' directives. If a UAC sends TLS
traffic to a port only configured to listen to plain text traffic
then this warning will appear. What happens to the mismatched
traffic is not clear, but I assume that it is ignored by OpenSIPS.
>If so, what is being compared and how is it compared?
>
The TCP port on which OpenSIPS listens to and the type of traffic,
either TLS encrypted or plain text.
Regards,
Brian
More information about the Users
mailing list