[SR-Users] Re: Dealing with failed SRV peers

Hi Daniel, of course, just used an older version on a test server. Now its dst_blocklist… Cheers, Henning -- Henning Westerholt – https://skalatan.de/blog/ Kamailio services – https://gilawa.com From: Daniel-Constantin Mierla Sent: Thursday, December 15, 2022 6:54 PM To:

[SR-Users] Re: auth_challenge() and async

One more thing, and I apologise profusely for the spam: This is not caused by immediate re-suspension of the transaction upon successful authorisation of new INVITE+credentials. Even if I attempt to complete the onward routing in the same route which does the authentication, without any

[SR-Users] Re: auth_challenge() and async

Setting tm.wt_timer to a very low value (e.g. 200 ms) does provide a hack around this behaviour, but it doesn't seem to me that this is the correct solution. │AC 172.24.0.9:39777 172.24.0.7:5060 │K

[SR-Users] Re: auth_challenge() and async

Adding further to this, it seems to me the real problem is that I can't use t_release() in an async resume route, because it's internally structured to take place inside a failure_route context. If I could, I think that would rid me of the first transaction after I send the challenge and call

[SR-Users] Re: Dealing with failed SRV peers

Hello, On 15.12.22 18:46, Henning Westerholt wrote: > > Hi Sebastian, > >   > > I’ve guessed that, you are not the only one with that challenge.  > >   > > Of course, Kamailio could be extended to support some block/unblock > operations from the script. Right now, you can do that already from >

[SR-Users] Re: Dealing with failed SRV peers

Hi Sebastian, I’ve guessed that, you are not the only one with that challenge.  Of course, Kamailio could be extended to support some block/unblock operations from the script. Right now, you can do that already from the command line or API: kamcmd> dst_blacklist dst_blacklist.add

[SR-Users] Re: auth_challenge() and async

As a test, I tried to put the auth_challenge() in the request_route before any async suspension, and in that case works fine. The issue is definitely with the way auth_challenge() issued from _within_ an async resume route (failure_route context) bears upon transaction state. -- Alex > On

[SR-Users] Re: auth_challenge() and async

Well, the difference seems pretty clear. In a scenario with an auth challenge and no subsequent INVITE+credentials, the negative ACK is matched: 4(54) DEBUG: [core/receive.c:389]: receive_msg(): --- received sip message - request - call-id: [01eed151-4234-4518-9a0e-9b9168f21a3f] - cseq:

[SR-Users] Re: Dealing with failed SRV peers

Hi Henning, thanks for the input. Problem is, the peer(s) we have to find a workaround for is actually Deutsche Telekom with their CompanyFlex accounts. I know that it's bad to have non-working servers in their SRV entries, especially with the highest prio. But apparently, they are in the

[SR-Users] Re: auth_challenge() and async

Hi Alex, it might not help you much, but recently I was implementing a similar structure in one larger migration project, and it seems to work fine. I am not using any special flags for the challenge etc.. It’s basically like this (pseudo-code) route{ if no auth user -> auth_challenge() else

[SR-Users] Re: auth_challenge() and async

Hi Henning, > On Dec 15, 2022, at 11:51 AM, Henning Westerholt wrote: > > Hi Alex, > it might not help you much, but recently I was implementing a similar > structure in one larger migration project, and it seems to work fine. > I am not using any special flags for the challenge etc.. > It’s

[SR-Users] Re: NAT issues with Kamailio + Asterisk with 2 NICs

Hello, while you can use Kamailio operations to modify the SDP, usually you use something like rtpengine to do this job. It will additionally also process the RTP for you to be able to handle NAT better. Have a look e.g., to the Kamailio default cfg for an inspiration how to use it. Cheers,

[SR-Users] Re: auth_challenge() and async

Just as an update, still haven't been able to solve this. I have tried a number of different permutations, but it seems that whenever a new INVITE (CSeq+1) comes in response to an auth challenge sent from a async resume route, the 407 challenge for the old INVITE keeps being retransmitted. It

[SR-Users] Re: Dealing with failed SRV peers

Hello Sebastian, actually, it's the fault is by the provider, that they do not manage their DNS records properly. It makes no sense to return non-working systems in the end, but some of them do not care. I would probably just use the dst_blocklist functionality, probably with a shorter

[SR-Users] Re: kamailio.org server maintenance - Dec 14, 2022 (tomorrow)

Hello, the upgrade of the system went pretty smooth for most of the services (e.g., website, wiki), but migration of the mailing lists from mailman 2 (mm2) to mailman 3 (mm3) proved to be a very lengthy process. Practically mm3 is more or less a completely different application/toolkit than mm2.