[OpenSIPS-Users] Transparent TLS

H Yavari hyavari at rocketmail.com
Sat Jan 9 07:00:56 EST 2021

 Hi Razvan,
Thanks for reply. But let me describe the scenario better:Clients must have TLS connection and we have an OpenSIPS cluster on the front of Asterisk servers. So in this case, if client's connection with one SIP proxy node goes down, it should be re-establish with other node in cluster? or as all cluster nodes are using shared DB and they talk to each other via BIN, client connection remains? thanks.

    On Monday, January 4, 2021, 01:04:34 AM PST, Răzvan Crainea <razvan at opensips.org> wrote:  
 Hi, Yavari!

Happy new year!
No, this is not possible - OpenSIPS is only able to route packages based 
on SIP packets - if you create an end-to-end connection between the 
client and media servers, OpenSIPS will not be able to decrypt the 
packages to know where to send what. OpenSIPS (and the entire SIP stack, 
by specifications) is not connection oriented, so packets can't be 
routed based on a previously established connection, only by SIP headers.

Best regards,

Răzvan Crainea
OpenSIPS Core Developer

On 12/31/20 2:57 AM, H Yavari via Users wrote:
> Hi to all,
> Happy holidays.
> In a distributed scenario, is it possible to have a TLS transparent with 
> Opensips?
> I mean clients make TLS connection with the nodes behind the proxy 
> server/load balancer and next time they can connect to the other nodes 
> but TLS connection is end to end between client and media server (AS/FS 
> etc.).
> Please advise.
> Regards,
> HYavari
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

Users mailing list
Users at lists.opensips.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20210109/b0a66fd4/attachment.html>

More information about the Users mailing list