[OpenSIPS-Users] OpenSIPS with public/private interface and RTPProxy

Michele Pinassi michele.pinassi at unisi.it
Thu May 9 13:09:20 CEST 2013 

Hi all,

i have an OpenSIPS server with two interface, PUBLIC (xxx) and PRIVATE
(172.20.1.2). The PRIVATE interface works inside a LAN dedicated to
VoIP, with a MediaServer (172.20.1.5) and a Patton Gateway for PSTN
(172.20.1.4).

Users phone's can register on both interface and i use RTPProxy (in
bridging mode) to ensure that both side can talk togheter.

But something don't work as expected....

Here's my OpenSIPS routing logic:

===========================================
route{
	if (!mf_process_maxfwd_header("10")) {
	    sl_send_reply("483","Too Many Hops");
	    exit;
	}
	
	if (msg:len >=  2048 ) {
	    sl_send_reply("513", "Message too big");
	    exit;
	};
	
	if(is_method("INVITE") && has_totag()) {
	    engage_rtp_proxy();
	}

	if (has_totag()) {
		# sequential request withing a dialog should
		# take the path determined by record-routing
		if (loose_route()) {
			if (is_method("BYE")) {
				setflag(1); # do accounting ...
				setflag(3); # ... even if the transaction fails
			} else if (is_method("INVITE")) {
				# even if in most of the cases is useless, do RR for
				# re-INVITEs alos, as some buggy clients do change route set
				# during the dialog.
				record_route();
			}
			# route it out to whatever destination was set by loose_route()
			# in $du (destination URI).
    			route(1);
		} else {
			/* uncomment the following lines if you want to enable presence */
			if (is_method("SUBSCRIBE") && $rd == "voip.unisi.it") {
				# in-dialog subscribe requests
				route(2);
				exit;
			}
			if ( is_method("ACK") ) {
				if ( t_check_trans() ) {
					# non loose-route, but stateful ACK; must be an ACK after
					# a 487 or e.g. 404 from upstream server
					t_relay();
					exit;
				} else {
					# ACK without matching transaction ->
					# ignore and discard
					exit;
				}
			}
			sl_send_reply("404","Not here");
		}
		exit;
	}

	#initial requests

	# CANCEL processing
	if (is_method("CANCEL"))
	{
		if (t_check_trans())
			t_relay();
		exit;
	}

	t_check_trans();

	# authenticate if from local subscriber (uncomment to enable auth)
	# authenticate all initial non-REGISTER request that pretend to be
	# generated by local subscriber (domain from FROM URI is local)
	# if (!(method=="REGISTER") && from_uri==myself) /*no multidomain version*/
	if (!(method=="REGISTER") && is_from_local())  /*multidomain version*/
	{
		if(!check_source_address("0")){
		    if (!proxy_authorize("", "subscriber")) {
			proxy_challenge("", "0");
			exit;
		    }
		    if (!db_check_from()) {
			sl_send_reply("403","Forbidden auth ID");
			exit;
		    }
	
		    consume_credentials();
		    # caller authenticated
		}
	}

	# preloaded route checking
	if (loose_route()) {
		xlog("L_ERR", "Attempt to route with preloaded Route's
[$fu/$tu/$ru/$ci]");
		if (!is_method("ACK"))
			sl_send_reply("403","Preload Route denied");
		exit;
	}

	# record routing
	if (!is_method("REGISTER|MESSAGE"))
		record_route();

	# account only INVITEs
	if (is_method("INVITE")) {
		setflag(1); # do accounting
	}
	if (!uri==myself) {
		append_hf("P-hint: outbound\r\n");
		route(1);
	}

	if( is_method("PUBLISH|SUBSCRIBE")) {
	    route(2);
	}
	
	if (is_method("REGISTER"))
	{
		# authenticate the REGISTER requests (uncomment to enable auth)
		if (!www_authorize("", "subscriber"))
		{
			www_challenge("", "0");
			exit;
		}
		
		if (!db_check_to())
		{
			sl_send_reply("403","Forbidden auth ID");
			exit;
		}

		if (!save("location"))
			sl_reply_error();

		exit;
	}

	if ($rU==NULL) {
		# request with no Username in RURI
		sl_send_reply("484","Address Incomplete");
		exit;
	}

	# media service number? (digits starting with *)
	if($rU=~"^\*") {
	    route(4);
	}
	
	# apply DB based aliases (uncomment to enable)
	alias_db_lookup("dbaliases");

	# do lookup with method filtering
	if (!lookup("location","m")) {
		switch ($retcode) {
			case -1: # no contact: route it !
				cr_user_carrier("$fU", "$fd", "$avp(carrier)");
				if($avp(carrier)==0) {
				    xlog("L_INFO","Not here: default route [$fd/$fu/$rd/$ru/$si]\n");
				    # Not here: default route
[172.20.1.4/sip:2425 at 172.20.1.4:5060/voip.unisi.it/sip:50 at voip.unisi.it:5060/172.20.1.4]
				    if($(rU{s.len}) < 4) {
					xlog("L_ERR", "Number incomplete/failure for $rU\n");
					prefix("FAIL_");
					route(4);
				    }
				
				    if(!cr_route("default", "$fd", "$rU", "$rU", "call_id",
"$avp(host)")) {
					xlog("L_ERR", "Number not found for $rU\n");
					prefix("FAIL_");
					route(4);
				    }
				} else {
				    xlog("L_INFO","Not here: user route
[$fd/$fu/$rd/$ru/$si/$avp(carrier)]\n");
				    $avp(domain)="voip.unisi.it";
				    if (!cr_route("$avp(carrier)", "$avp(domain)", "$rU",
"$rU","call_id", "$avp(host)")) {
					sl_send_reply("404", "Not found");
					xlog("L_ERR", "cr_route failed\n");
					exit;
				    }
				}
				t_on_failure("1");
				if (!t_relay()) {
				    sl_reply_error();
				};
				exit;
			case -3: # internal error
				t_newtran();
				t_reply("404", "Not Found");
				exit;
			case -2: # method not supported
				sl_send_reply("405", "Method Not Allowed");
				exit;
		}
	}

	# when routing via usrloc, log the missed calls also
	setflag(2);

	route(1);
}

route[1] {
	xlog("L_INFO","Route1  [$fd/$fu/$rd/$ru/$si/]\n");
	
	# for INVITEs enable some additional helper routes
	if (is_method("INVITE")) {
		t_on_branch("2");
		t_on_reply("2");
		t_on_failure("1");
	}

	if (!t_relay()) {
		sl_reply_error();
	};
	exit;
}


# Presence route
route[2] {
    xlog("L_INFO","Route2  [$fd/$fu/$rd/$ru/$si/]\n");

    if (!t_newtran())	{
	sl_reply_error();
	exit;
    };

    if(is_method("PUBLISH")) {
	handle_publish();
    } else if( is_method("SUBSCRIBE")) {
	handle_subscribe();
    }

    exit;
}

route[4] {
    xlog("L_INFO","Route4  [$fd/$fu/$rd/$ru/$si/]\n");

    rewritehostport("172.20.1.5:5060");
    route(1);
}

branch_route[2] {
    xlog("L_INFO","Branch Route2  [$fd/$fu/$rd/$ru/$si/]\n");
}

onreply_route[2] {
    xlog("L_INFO","OnReply Route2  [$fd/$fu/$rd/$ru/$si/]\n");
}

failure_route[1] {
    xlog("L_INFO","Failure Route1  [$fd/$fu/$rd/$ru/$si/]\n");

    if (t_was_cancelled()) {
    	exit;
    }

    if (t_check_status("408|5[0-9][0-9]")) {
        if(!cr_route("default", "$fd", "$rU", "$rU", "call_id",
"$avp(host)")){
    	    t_reply("403", "Not allowed");
	} else {
	    t_on_failure("2");
	    t_relay();
	}
    }
}

failure_route[2] {
    xlog("L_INFO","Failure Route2  [$fd/$fu/$rd/$ru/$si/]\n");

    if (t_was_cancelled()) {
    	exit;
    }

    revert_uri();
    prefix("FAILURE_");
    rewritehostport("172.20.1.5:5060");
    t_relay();
}
===========================================

and this is the RTPProxy config:

===========================================
CONTROL_SOCK=udp:127.0.0.1:12221

# Additional options that are passed to the daemon.
EXTRA_OPTS="-l [external IP]/172.20.1.2"
===========================================

Anybody can help me ?

Michele

-- 
Michele Pinassi
Responsabile Telefonia di Ateneo
Servizio Reti, Sistemi e Sicurezza Informatica - Università degli Studi
di Siena
tel: 0577.(23)2169 - fax: 0577.(23)2053

Per trovare una soluzione rapida ai tuoi problemi tecnici
consulta le FAQ di Ateneo, http://www.faq.unisi.it

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.opensips.org/pipermail/users/attachments/20130509/106ca8e6/attachment.pgp>

More information about the Users mailing list