Re: [OpenSIPS-Users] Clustering Presence opensips 3.2/3.3 in K8s environment

[Jonathan Hunter]

Hi Bogdan,

Thank you for the reply I can see there are tcp connections but I don’t seem to 
get anything. I assume it may well be k8s related?.

I also cant seem to get NAT ping working, I assume this should work out to 
websocket connections as long as flags are set?

The outputs are;

  "ID": 131797,
"Type": "ws",
"State": 0,
"Remote": "10.10.51.228:35462",
"Local": "10.10.2.91:8081",
"Lifetime": "2022-04-25 14:11:31",
"Alias port": 35462
}
]

And location shows;

"AORs": [
{
"AOR": "61067470a372a031a7495a1a@",
"Contacts": [
{
"Contact": 
"sip:c0r0d0i7@b0ek39eabrvf.invalid;transport=wss",
"ContactID": "4544061655272656153",
"Expires": 519,
"Q": "",
"Callid": "jbbvtjp2l7bujcom73s3",
"Cseq": 2,
"User-agent": "SIP.js/0.20.0",
"Received": "sip:10.10.51.228:35462;transport=ws",
"State": "CS_NEW",
"Flags": 0,
"Cflags": "WS_DEVICE SIPPING_RTO SIPPING_ENABLE",
"Socket": "ws::8081",
"Methods": 5439
}
]
}
]

However I cant seem to also get opensips to send SIP keepalive with these 
settings;

 NAThelper module
loadmodule "nathelper.so"
modparam("nathelper", "received_avp", "$avp(rcv)")
modparam("nathelper", "natping_tcp",1)
modparam("nathelper", "natping_interval", 5)
modparam("nathelper", "sipping_bflag", "SIPPING_ENABLE")
modparam("nathelper", "remove_on_timeout_bflag", "SIPPING_RTO")
modparam("nathelper", "sipping_from", "sip:pinger@DOMAIN")
modparam("nathelper", "max_pings_lost", 2)
modparam("nathelper", "cluster_id", 9)
modparam("nathelper", "cluster_sharing_tag", "node/2=active")


Am I missing something here?

Many thanks

Jon

Sent from Mail for Windows

From: Bogdan-Andrei Iancu
Sent: 18 April 2022 13:59
To: OpenSIPS users mailling list; Jonathan 
Hunter
Subject: Re: [OpenSIPS-Users] Clustering Presence opensips 3.2/3.3 in K8s 
environment

Hi Jonathan,

Maybe the k8s layer (the ingress ??) sticks its tails in there - could you 
check at opensips level if the TCP conn is still seen as up ? Use the mi 
list_tcp_conns MI function
https://www.opensips.org/Documentation/Interface-CoreMI-3-2#toc4


Best regard,


Bogdan-Andrei Iancu



OpenSIPS Founder and Developer

  
https://www.opensips-solutions.com

OpenSIPS eBootcamp 23rd May - 3rd June 2022

  
https://opensips.org/training/OpenSIPS_eBootcamp_2022/
On 4/13/22 6:08 PM, Jonathan Hunter wrote:
Hi All,

Has anyone managed to get presence working when using an active/active opensips 
setup with k8s ?

Everything works apart from presence, In particular when a websocket user 
disconnects due to a client crash.

I ideally would want to use event_route[E_CORE_TCP_DISCONNECT] to then grab the 
disconnect when it comes in via websockets/tcp, however I cant seem to get it 
to trigger. Could this be due to the underlying hooks OpenSIPS uses to interact 
with with OS with TCP or something else?

As I would use the event route, to then remove the registration from the 
location table, as otherwise I have duplicate entries in both location and the 
presentity list.

Is this something anyone else has encountered?

I have tried using clustering with both presence and pua a

[OpenSIPS-Users] Stir Shaken Verification issue

[Devang Dhandhalya via Users]

Hello All

I am testing STIR/SHAKEN calls using two servers.
calls originating to the first server adding identity header and when
sending calls to the second server for verification service at the time of
verification service i am getting below error .

error :437 , Unsupported Credential , Verification Fails with Return code
:-8 INFO:stir_shaken:verify_callback: certificate validation failed: self
signed certificate INFO:stir_shaken:w_stir_verify: Invalid certificate
OpenSIPS Version : 3.2.2 I generate certificate using domain which mapped
with those 2 server :
https://github.com/OpenSIPIt/OpenSIPIt_00/blob/master/STIR_SHAKEN/Certgen/gencert.sh
When the same server generates an identity header and verifies it at that
time not getting an issue call is working fine but when the identity header
generated by server 1 and going to verify it by server 2 we get this above
error.
Is it related to the URL which is in the info param ? When I open that URL
in the browser I am able to see the certificate.

Please suggest a solution for this issue.

Regards
Devang Dhandhalya

-- 
*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely those of 
the originator and do not necessarily represent those of the Company or its 
sister concerns. Any liability (in negligence, contract or otherwise) 
arising from any third party taking any action, or refraining from taking 
any action on the basis of any of the information contained in this email 
is hereby excluded.



*Confidentiality*
This communication (including any 
attachment/s) is intended only for the use of the addressee(s) and contains 
information that is PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, 
dissemination, distribution, or copying of this communication is 
prohibited. Please inform originator if you have received it in error.


*Caution for viruses, malware etc.*
This communication, including any 
attachments, may not be free of viruses, trojans, similar or new 
contaminants/malware, interceptions or interference, and may not be 
compatible with your systems. You shall carry out virus/malware scanning on 
your own before opening any attachment to this e-mail. The sender of this 
e-mail and Company including its sister concerns shall not be liable for 
any damage that may incur to you as a result of viruses, incompleteness of 
this message, a delay in receipt of this message or any other computer 
problems. 
___
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users