Re: [SR-Users] Struggling with RTPProxy and RTPEngine
On Thu, Aug 23, 2018 at 11:39:32AM +, Wilkins, Steve wrote: > If RTPEngine is on the same server as Kamailio (Asterisk being on > another server), and RTP traffic is sent to and from RTPEngine, then > the provider only needs to whitelist one IP-Address. I thought with > RTPEngine that all RTP traffic would go through it and then it would > pass it on to the correct destination. Is this correct? Yes it is, if you tell kamailio to rewrite SDP by calling rtpengine functions. During your previous messages I never got the idea you were talking about an uplink/provider interconnect (might be me just skimming your mails). But without a config (of kamailio and rtpengine and a clear network topology) it is not possible to tell what the problem is. The standard config in the kamailio repo does NAT checks before calling rtpengine, if you scrap those conditions it will trigger rtpengine on all calls. signature.asc Description: PGP signature ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
Good morning Daniel, If RTPEngine is on the same server as Kamailio (Asterisk being on another server), and RTP traffic is sent to and from RTPEngine, then the provider only needs to whitelist one IP-Address. I thought with RTPEngine that all RTP traffic would go through it and then it would pass it on to the correct destination. Is this correct? Thank you -Original Message- From: sr-users On Behalf Of Daniel Tryba Sent: Thursday, August 23, 2018 4:36 AM To: Kamailio (SER) - Users Mailing List Subject: Re: [SR-Users] Struggling with RTPProxy and RTPEngine MITRE WARNING: Do not open unexpected password-protected attachments. >>>Email originates from a non-MITRE system. Use caution.<<< On Wed, Aug 22, 2018 at 05:05:02PM +, Wilkins, Steve wrote: > The SIP traffic is working this way for me but I still see RTP traffic going > directly from Asterisk to the UAC, which means they need to whitelist > asterisk IP. Am I missing something? In what sense do they need whitelisting? In a common NATed solution where is no white/blacklist needed. UA gets RTP endpoints from SDP, starts sending packets to ip/port and the destination will send back packets to the source ip/port, the router/firewall will just send this to the actual UA. I have yet to find an UA that cares about where the RTP stream is coming from with regards to the SIP traffic. ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
On Thu, Aug 23, 2018 at 04:43:40AM -0400, Alex Balashov wrote: > The expectation that the RTP will come from the same place as the > signalling does exist in some sclerotic telco interconnects, since big > brand SBCs would ordinarily meet this need and big brand SBCs are the > only thing sclerotic telcos understand. What a lovely word: sclerotic. First time I've ever seen it :) But yes, in those cases I'm using a combined kamailio/rtpengine instance. signature.asc Description: PGP signature ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
That's good old sngrep. Well, okay, it's not old, it's still the new news. https://github.com/irontec/sngrep -- Sent from mobile. Apologies for brevity and errors.___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
Hi, which debug tool is that in your screenshot? Thank you very much! Kevin Am Mi., 22. Aug. 2018 um 18:47 Uhr schrieb Sergiu Pojoga : > Why would the UAC need to 'whitelist' Asterisk? > > Here's an example of an inbound call from Asterisk to a UAC with a sip > proxy in the middle. > Notice how the proxy mangles SDP in the 200 OK reply. Media will flow > directly. > > Not saying you shouldn't figure it out how to setup and use rtp proxies, > just that it's not a must in all scenarios, especially when you have a > media gateway such as Asterisk listening on a public interface. > > [image: image.png] > > > On Wed, Aug 22, 2018 at 12:21 PM Wilkins, Steve > wrote: > >> Hello, >> >> >> >> Yes, I don’t the UAC to have to whitelist the Asterisk Server. >> Everything works great for SIP traffic and I want the same thing for RTP >> traffic, but I just can’t get rtpengine to work (and I have tried many >> configurations). >> >> *From:* sr-users * On Behalf Of *Sergiu >> Pojoga >> *Sent:* Wednesday, August 22, 2018 11:23 AM >> *To:* Kamailio (SER) - Users Mailing List >> *Subject:* Re: [SR-Users] Struggling with RTPProxy and RTPEngine >> >> >> >> Is there a particular reason why you'd want to involve an rtp proxy in >> your setup? >> >> Considering Asterisk is facing a public interface, media can be set up to >> flow direct between UACs and Asterisk. >> >> >> >> >> >> On Wed, Aug 22, 2018 at 9:57 AM Daniel Tryba wrote: >> >> On Wed, Aug 22, 2018 at 12:49:54PM +, Wilkins, Steve wrote: >> > My offer and answer => >> > rtpengine_offer("trust-address replace-session-connection >> replace-origin"); >> >> If this is really your config you should change the offer to answer for >> the answer part of the config. Either use rtpengine_offer and >> rtengine_answer in the correct places of simply use rptengine_manage and >> let the module figure out the right command. >> >> I.O.W. you aren't giving any indepth info on your config. >> ___ >> Kamailio (SER) - Users Mailing List >> sr-users@lists.kamailio.org >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >> >> ___ >> Kamailio (SER) - Users Mailing List >> sr-users@lists.kamailio.org >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users >> > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
The expectation that the RTP will come from the same place as the signalling does exist in some sclerotic telco interconnects, since big brand SBCs would ordinarily meet this need and big brand SBCs are the only thing sclerotic telcos understand. But I agree that it's an exotic and uncommon requirement, certainly not applicable to anything like end-user UAs or ordinary business SIP devices. -- Sent from mobile. Apologies for brevity and errors. -Original Message- From: Daniel Tryba To: "Kamailio (SER) - Users Mailing List" Sent: Thu, 23 Aug 2018 4:35 AM Subject: Re: [SR-Users] Struggling with RTPProxy and RTPEngine On Wed, Aug 22, 2018 at 05:05:02PM +, Wilkins, Steve wrote: > The SIP traffic is working this way for me but I still see RTP traffic going > directly from Asterisk to the UAC, which means they need to whitelist > asterisk IP. Am I missing something? In what sense do they need whitelisting? In a common NATed solution where is no white/blacklist needed. UA gets RTP endpoints from SDP, starts sending packets to ip/port and the destination will send back packets to the source ip/port, the router/firewall will just send this to the actual UA. I have yet to find an UA that cares about where the RTP stream is coming from with regards to the SIP traffic. ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
On Wed, Aug 22, 2018 at 05:05:02PM +, Wilkins, Steve wrote: > The SIP traffic is working this way for me but I still see RTP traffic going > directly from Asterisk to the UAC, which means they need to whitelist > asterisk IP. Am I missing something? In what sense do they need whitelisting? In a common NATed solution where is no white/blacklist needed. UA gets RTP endpoints from SDP, starts sending packets to ip/port and the destination will send back packets to the source ip/port, the router/firewall will just send this to the actual UA. I have yet to find an UA that cares about where the RTP stream is coming from with regards to the SIP traffic. signature.asc Description: PGP signature ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
Why would the UAC need to 'whitelist' Asterisk? Here's an example of an inbound call from Asterisk to a UAC with a sip proxy in the middle. Notice how the proxy mangles SDP in the 200 OK reply. Media will flow directly. Not saying you shouldn't figure it out how to setup and use rtp proxies, just that it's not a must in all scenarios, especially when you have a media gateway such as Asterisk listening on a public interface. [image: image.png] On Wed, Aug 22, 2018 at 12:21 PM Wilkins, Steve wrote: > Hello, > > > > Yes, I don’t the UAC to have to whitelist the Asterisk Server. > Everything works great for SIP traffic and I want the same thing for RTP > traffic, but I just can’t get rtpengine to work (and I have tried many > configurations). > > *From:* sr-users * On Behalf Of *Sergiu > Pojoga > *Sent:* Wednesday, August 22, 2018 11:23 AM > *To:* Kamailio (SER) - Users Mailing List > *Subject:* Re: [SR-Users] Struggling with RTPProxy and RTPEngine > > > > Is there a particular reason why you'd want to involve an rtp proxy in > your setup? > > Considering Asterisk is facing a public interface, media can be set up to > flow direct between UACs and Asterisk. > > > > > > On Wed, Aug 22, 2018 at 9:57 AM Daniel Tryba wrote: > > On Wed, Aug 22, 2018 at 12:49:54PM +, Wilkins, Steve wrote: > > My offer and answer => > > rtpengine_offer("trust-address replace-session-connection > replace-origin"); > > If this is really your config you should change the offer to answer for > the answer part of the config. Either use rtpengine_offer and > rtengine_answer in the correct places of simply use rptengine_manage and > let the module figure out the right command. > > I.O.W. you aren't giving any indepth info on your config. > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
Hello, Yes, I don’t the UAC to have to whitelist the Asterisk Server. Everything works great for SIP traffic and I want the same thing for RTP traffic, but I just can’t get rtpengine to work (and I have tried many configurations). From: sr-users On Behalf Of Sergiu Pojoga Sent: Wednesday, August 22, 2018 11:23 AM To: Kamailio (SER) - Users Mailing List Subject: Re: [SR-Users] Struggling with RTPProxy and RTPEngine Is there a particular reason why you'd want to involve an rtp proxy in your setup? Considering Asterisk is facing a public interface, media can be set up to flow direct between UACs and Asterisk. On Wed, Aug 22, 2018 at 9:57 AM Daniel Tryba mailto:d.tr...@pocos.nl>> wrote: On Wed, Aug 22, 2018 at 12:49:54PM +, Wilkins, Steve wrote: > My offer and answer => > rtpengine_offer("trust-address replace-session-connection replace-origin"); If this is really your config you should change the offer to answer for the answer part of the config. Either use rtpengine_offer and rtengine_answer in the correct places of simply use rptengine_manage and let the module figure out the right command. I.O.W. you aren't giving any indepth info on your config. ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org<mailto:sr-users@lists.kamailio.org> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
Is there a particular reason why you'd want to involve an rtp proxy in your setup? Considering Asterisk is facing a public interface, media can be set up to flow direct between UACs and Asterisk. On Wed, Aug 22, 2018 at 9:57 AM Daniel Tryba wrote: > On Wed, Aug 22, 2018 at 12:49:54PM +, Wilkins, Steve wrote: > > My offer and answer => > > rtpengine_offer("trust-address replace-session-connection > replace-origin"); > > If this is really your config you should change the offer to answer for > the answer part of the config. Either use rtpengine_offer and > rtengine_answer in the correct places of simply use rptengine_manage and > let the module figure out the right command. > > I.O.W. you aren't giving any indepth info on your config. > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
On Wed, Aug 22, 2018 at 12:49:54PM +, Wilkins, Steve wrote: > My offer and answer => > rtpengine_offer("trust-address replace-session-connection replace-origin"); If this is really your config you should change the offer to answer for the answer part of the config. Either use rtpengine_offer and rtengine_answer in the correct places of simply use rptengine_manage and let the module figure out the right command. I.O.W. you aren't giving any indepth info on your config. signature.asc Description: PGP signature ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
I was attempting to log to local1 => rtpengine --interface 172.21.1.108\!34.226.187.61 --listen-ng 127.0.0.1:12221 --dtls-passive -f -m 1 -M 2 -E -L 7 --log-facility=local1. However, even after adding "local1.*/var/log/rtpengine.log" to /etc/rsyslog.conf and restarting rsyslog, I get no logs. I am on Cento7. I do this for Kamailio and logging works. Thank you for your response, -Steve From: sr-users On Behalf Of Richard Fuchs Sent: Wednesday, August 22, 2018 8:57 AM To: sr-users@lists.kamailio.org Subject: Re: [SR-Users] Struggling with RTPProxy and RTPEngine It may be more helpful to post some logs from rtpengine. You should never see "Call-ID not found" from an offer. Cheers On 2018-08-22 08:49, Wilkins, Steve wrote: Here is my start up => rtpengine --interface 111.121.22.11\!27.22.132.10 --listen-ng 127.0.0.1:12221 --dtls-passive -f -m 1 -M 2 -E -L 7 --log-facility=local1 My offer and answer => rtpengine_offer("trust-address replace-session-connection replace-origin"); From: sr-users <mailto:sr-users-boun...@lists.kamailio.org> On Behalf Of Wilkins, Steve Sent: Wednesday, August 22, 2018 8:43 AM To: Kamailio (SER) - Users Mailing List <mailto:sr-users@lists.kamailio.org> Subject: [SR-Users] Struggling with RTPProxy and RTPEngine Hello all, I can't seem to get either RTPProxy or RTPEngine to work correctly. I have decided to concentrate on RTPEngine because I have read that it works the best. I am using Asterisk with Kamailio in front. When I make calls, I see RTPEngine being hit but I continually get the error "Call-ID not found", calls work but media traffic doesn't go through RTPEngine. I have tried many combination of the flags but I seem to always get the same error.When I look at the tcpdump log, I see that the media offer is not on the RTPEngine port. Is there a common mis-configuration error that can cause this? I know I can send all my logs and configurations but I really want to try and resolve this as a learning experience. Thanks all, -Steve ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org<mailto:sr-users@lists.kamailio.org> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
Yes I do. From: sr-users On Behalf Of Nicolas Breuer Sent: Wednesday, August 22, 2018 8:55 AM To: Kamailio (SER) - Users Mailing List Subject: Re: [SR-Users] Struggling with RTPProxy and RTPEngine Do you load the module ? De : sr-users mailto:sr-users-boun...@lists.kamailio.org>> De la part de Wilkins, Steve Envoyé : mercredi 22 août 2018 14:50 À : Kamailio (SER) - Users Mailing List mailto:sr-users@lists.kamailio.org>> Objet : Re: [SR-Users] Struggling with RTPProxy and RTPEngine Here is my start up => rtpengine --interface 111.121.22.11\!27.22.132.10 --listen-ng 127.0.0.1:12221 --dtls-passive -f -m 1 -M 2 -E -L 7 --log-facility=local1 My offer and answer => rtpengine_offer("trust-address replace-session-connection replace-origin"); From: sr-users mailto:sr-users-boun...@lists.kamailio.org>> On Behalf Of Wilkins, Steve Sent: Wednesday, August 22, 2018 8:43 AM To: Kamailio (SER) - Users Mailing List mailto:sr-users@lists.kamailio.org>> Subject: [SR-Users] Struggling with RTPProxy and RTPEngine Hello all, I can't seem to get either RTPProxy or RTPEngine to work correctly. I have decided to concentrate on RTPEngine because I have read that it works the best. I am using Asterisk with Kamailio in front. When I make calls, I see RTPEngine being hit but I continually get the error "Call-ID not found", calls work but media traffic doesn't go through RTPEngine. I have tried many combination of the flags but I seem to always get the same error.When I look at the tcpdump log, I see that the media offer is not on the RTPEngine port. Is there a common mis-configuration error that can cause this? I know I can send all my logs and configurations but I really want to try and resolve this as a learning experience. Thanks all, -Steve ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
It may be more helpful to post some logs from rtpengine. You should never see "*Call-ID not found*" from an offer. Cheers On 2018-08-22 08:49, Wilkins, Steve wrote: Here is my start up => rtpengine --interface 111.121.22.11\!27.22.132.10 --listen-ng 127.0.0.1:12221 --dtls-passive -f -m 1 -M 2 -E -L 7 --log-facility=local1 My offer and answer => rtpengine_offer("trust-address replace-session-connection replace-origin"); *From:* sr-users *On Behalf Of *Wilkins, Steve *Sent:* Wednesday, August 22, 2018 8:43 AM *To:* Kamailio (SER) - Users Mailing List *Subject:* [SR-Users] Struggling with RTPProxy and RTPEngine Hello all, I can’t seem to get either RTPProxy or RTPEngine to work correctly. I have decided to concentrate on RTPEngine because I have read that it works the best. I am using Asterisk with Kamailio in front. When I make calls, I see RTPEngine being hit but I continually get the error “*Call-ID not found*”, calls work but media traffic doesn’t go through RTPEngine. I have tried many combination of the flags but I seem to always get the same error. When I look at the tcpdump log, I see that the media offer is not on the RTPEngine port. Is there a common mis-configuration error that can cause this? I know I can send all my logs and configurations but I really want to try and resolve this as a learning experience. Thanks all, -Steve ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
Do you load the module ? De : sr-users De la part de Wilkins, Steve Envoyé : mercredi 22 août 2018 14:50 À : Kamailio (SER) - Users Mailing List Objet : Re: [SR-Users] Struggling with RTPProxy and RTPEngine Here is my start up => rtpengine --interface 111.121.22.11\!27.22.132.10 --listen-ng 127.0.0.1:12221 --dtls-passive -f -m 1 -M 2 -E -L 7 --log-facility=local1 My offer and answer => rtpengine_offer("trust-address replace-session-connection replace-origin"); From: sr-users mailto:sr-users-boun...@lists.kamailio.org>> On Behalf Of Wilkins, Steve Sent: Wednesday, August 22, 2018 8:43 AM To: Kamailio (SER) - Users Mailing List mailto:sr-users@lists.kamailio.org>> Subject: [SR-Users] Struggling with RTPProxy and RTPEngine Hello all, I can't seem to get either RTPProxy or RTPEngine to work correctly. I have decided to concentrate on RTPEngine because I have read that it works the best. I am using Asterisk with Kamailio in front. When I make calls, I see RTPEngine being hit but I continually get the error "Call-ID not found", calls work but media traffic doesn't go through RTPEngine. I have tried many combination of the flags but I seem to always get the same error.When I look at the tcpdump log, I see that the media offer is not on the RTPEngine port. Is there a common mis-configuration error that can cause this? I know I can send all my logs and configurations but I really want to try and resolve this as a learning experience. Thanks all, -Steve ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Struggling with RTPProxy and RTPEngine
Here is my start up => rtpengine --interface 111.121.22.11\!27.22.132.10 --listen-ng 127.0.0.1:12221 --dtls-passive -f -m 1 -M 2 -E -L 7 --log-facility=local1 My offer and answer => rtpengine_offer("trust-address replace-session-connection replace-origin"); From: sr-users On Behalf Of Wilkins, Steve Sent: Wednesday, August 22, 2018 8:43 AM To: Kamailio (SER) - Users Mailing List Subject: [SR-Users] Struggling with RTPProxy and RTPEngine Hello all, I can't seem to get either RTPProxy or RTPEngine to work correctly. I have decided to concentrate on RTPEngine because I have read that it works the best. I am using Asterisk with Kamailio in front. When I make calls, I see RTPEngine being hit but I continually get the error "Call-ID not found", calls work but media traffic doesn't go through RTPEngine. I have tried many combination of the flags but I seem to always get the same error.When I look at the tcpdump log, I see that the media offer is not on the RTPEngine port. Is there a common mis-configuration error that can cause this? I know I can send all my logs and configurations but I really want to try and resolve this as a learning experience. Thanks all, -Steve ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
[SR-Users] Struggling with RTPProxy and RTPEngine
Hello all, I can't seem to get either RTPProxy or RTPEngine to work correctly. I have decided to concentrate on RTPEngine because I have read that it works the best. I am using Asterisk with Kamailio in front. When I make calls, I see RTPEngine being hit but I continually get the error "Call-ID not found", calls work but media traffic doesn't go through RTPEngine. I have tried many combination of the flags but I seem to always get the same error.When I look at the tcpdump log, I see that the media offer is not on the RTPEngine port. Is there a common mis-configuration error that can cause this? I know I can send all my logs and configurations but I really want to try and resolve this as a learning experience. Thanks all, -Steve ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users