Hi, Did you manage to get 2way audio now ? There could be other ways as well, you'll get to use other functions based on your needs. What I've usually seen is as follows:
if(route(FROM_LAN)){ rtpproxy_engage("eis"); route(LOCATION); }else{ rtpproxy_engage("ies"); route(TO_LAN); } route(RELAY); There are multiple variations depending on how you use rtpproxy and in which route you use them i,.e branch_route or main route etc. Regards, Sammy On Wed, Jan 8, 2020 at 2:16 PM Matthew Schumacher <s...@schu.net> wrote: > SamyGo, > > Thank you for the help. > > I configured rtpproxy as you said and used: > > if($rd=="cc.cc.cc.cc") { > rtpproxy_engage("ies"); > } else { > rtpproxy_engage("eis"); > } > > Is that a reasonable way to do it? > > Thanks, > schu > > On 1/7/20 9:02 PM, SamyGo wrote: > > Hi, > if *a.a.a.a* is PublicIP and *b.b.b.b* is Private IP ; where c.c.c.c is > another Private IP address then you just need to enable multihome param " > *mhomed=1" *in your opensips.cfg script and OpenSIPS should take care of > relaying the packet our with proper SIP headers, the selection of the > interface to "c.c.c.c" will be done automatically if the Operating System's > IP routes are configured properly i.e b.b.b.b can reach c.c.c.c. > > Next up is the rpproxy engagement, you'll need to do couple of things for > that. > 1 - start RTPproxy in bridging mode i.e -l a.a.a.a/b.b.b.b > 2 - in your opensips.cfg you've to explicitly tell the rtpproxy which > direction this call is flowing by use of flags and other functions. > > i.e > if(call-from-WAN->LAN) > * rtpproxy_engage("ei");* > > if(call-from-LAN->WAN) > * rtpproxy_engage("ie");* > > You might need additional flags in there as this is just an example. Hope > this helps. > > Regards, > Sammy > > > > > On Tue, Jan 7, 2020 at 8:22 PM Matthew Schumacher <s...@schu.net> wrote: > >> Hello all, >> >> I'm trying to setup an SBC of sorts so that I can have users >> authenticate to opensips using a public interface, then have opensips >> relay and rtpproxy that request to a private sip host. >> >> Something like this: >> >> public sip client ---(proxy authetication)--> aa.aa.aa.aa bb.bb.bb.bb >> ----(sip trunk auth by ip) ---> cc.cc.cc.cc (inside sip gateway) >> >> Where aa.aa.aa.aa and bb.bb.bb.bb live on the same host. >> >> I used osipsconfig with use_auth, use_dbacc, use_dbusrloc, use_dialog, >> use_multidomain, use_dialplan, have_inbound_pstn, have_outbound_pstn >> >> I then took the config it created and added rtpproxy module and config >> as well as force_send_socket() because when it sent sip to cc.cc.cc.c it >> was sourcing from aa.aa.aa.aa instead of bb.bb.bb.bb. >> >> It almost works, and actually works with one way audio from cc.cc.cc.cc >> through the proxy to the client, but opensips tells the client that the >> audio is at cc.cc.cc.cc which doesn't route. >> >> What's the best way to do multi homing? opensips seems fairly straight >> forward with a single IP address, but things got complicated fast when I >> added a second IP. >> >> I would just use b2b_init_request("top hiding"); but I get lots of loops >> when I do that. >> >> Thanks, >> Matt >> >> >> ####### Global Parameters ######### >> >> log_level=4 >> log_stderror=yes >> log_facility=LOG_LOCAL0 >> >> children=4 >> >> /* uncomment the following lines to enable debugging */ >> #debug_mode=yes >> >> /* uncomment the next line to enable the auto temporary blacklisting of >> not available destinations (default disabled) */ >> #disable_dns_blacklist=no >> >> /* uncomment the next line to enable IPv6 lookup after IPv4 dns >> lookup failures (default disabled) */ >> #dns_try_ipv6=yes >> >> /* comment the next line to enable the auto discovery of local aliases >> based on reverse DNS on IPs */ >> auto_aliases=no >> >> listen=udp:bb.bb.bb.bb:5060 # CUSTOMIZE ME >> listen=udp:aa.aa.aa.aa:5060 # CUSTOMIZE ME >> >> >> ####### Modules Section ######## >> >> #set module path >> mpath="/usr/lib64/opensips/modules/" >> >> #### SIGNALING module >> loadmodule "signaling.so" >> >> #### StateLess module >> loadmodule "sl.so" >> >> #### Transaction Module >> loadmodule "tm.so" >> modparam("tm", "fr_timeout", 5) >> modparam("tm", "fr_inv_timeout", 30) >> modparam("tm", "restart_fr_on_each_reply", 0) >> modparam("tm", "onreply_avp_mode", 1) >> >> #### Record Route Module >> loadmodule "rr.so" >> /* do not append from tag to the RR (no need for this script) */ >> modparam("rr", "append_fromtag", 0) >> >> #### MAX ForWarD module >> loadmodule "maxfwd.so" >> >> #### SIP MSG OPerationS module >> loadmodule "sipmsgops.so" >> >> #### FIFO Management Interface >> loadmodule "mi_fifo.so" >> modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo") >> modparam("mi_fifo", "fifo_mode", 0666) >> >> #### PGSQL module >> loadmodule "db_postgres.so" >> >> #### HTTPD module >> loadmodule "httpd.so" >> modparam("httpd", "port", 8888) >> >> #### USeR LOCation module >> loadmodule "usrloc.so" >> modparam("usrloc", "nat_bflag", "NAT") >> modparam("usrloc", "db_mode", 2) >> modparam("usrloc", "db_url", >> "postgres://opensips:longpassword@localhost/opensips") # CUSTOMIZE >> ME >> >> >> #### REGISTRAR module >> loadmodule "registrar.so" >> modparam("registrar", "tcp_persistent_flag", "TCP_PERSISTENT") >> /* uncomment the next line not to allow more than 10 contacts per AOR */ >> #modparam("registrar", "max_contacts", 10) >> >> #### ACCounting module >> loadmodule "acc.so" >> /* what special events should be accounted ? */ >> modparam("acc", "early_media", 0) >> modparam("acc", "report_cancels", 0) >> /* by default we do not adjust the direct of the sequential requests. >> if you enable this parameter, be sure the enable "append_fromtag" >> in "rr" module */ >> modparam("acc", "detect_direction", 0) >> modparam("acc", "db_url", >> "postgres://opensips:longpassword@localhost/opensips") # CUSTOMIZE >> ME >> >> #### AUTHentication modules >> loadmodule "auth.so" >> loadmodule "auth_db.so" >> modparam("auth_db", "calculate_ha1", yes) >> modparam("auth_db", "password_column", "password") >> modparam("auth_db", "db_url", >> "postgres://opensips:longpassword@localhost/opensips") # CUSTOMIZE >> ME >> modparam("auth_db", "load_credentials", "") >> >> #### DOMAIN module >> loadmodule "domain.so" >> modparam("domain", "db_url", >> "postgres://opensips:longpassword@localhost/opensips") # >> CUSTOMIZE ME >> modparam("domain", "db_mode", 1) # Use caching >> modparam("auth_db|usrloc", "use_domain", 1) >> >> #### DIALOG module >> loadmodule "dialog.so" >> modparam("dialog", "dlg_match_mode", 1) >> modparam("dialog", "default_timeout", 21600) # 6 hours timeout >> modparam("dialog", "db_mode", 2) >> modparam("dialog", "db_url", >> "postgres://opensips:longpassword@localhost/opensips") # CUSTOMIZE >> ME >> >> #### DIALPLAN module >> loadmodule "dialplan.so" >> modparam("dialplan", "db_url", >> "postgres://opensips:longpassword@localhost/opensips") # CUSTOMIZE >> ME >> >> #### MI_HTTP module >> loadmodule "mi_http.so" >> modparam("mi_http", "root", "json") >> >> loadmodule "proto_udp.so" >> loadmodule "proto_tcp.so" >> >> loadmodule "rtpproxy.so" >> modparam("rtpproxy", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock") # >> CUSTOMIZE ME >> >> loadmodule "json.so" >> loadmodule "jsonrpc.so" >> loadmodule "event_jsonrpc.so" >> >> ####### Routing Logic ######## >> >> # main request routing logic >> >> route{ >> >> if (!mf_process_maxfwd_header(10)) { >> send_reply(483,"Too Many Hops"); >> exit; >> } >> >> if (has_totag()) { >> >> # handle hop-by-hop ACK (no routing required) >> if ( is_method("ACK") && t_check_trans() ) { >> t_relay(); >> exit; >> } >> >> # sequential request within a dialog should >> # take the path determined by record-routing >> if ( !loose_route() ) { >> # we do record-routing for all our traffic, so we should not >> # receive any sequential requests without Route hdr. >> send_reply(404,"Not here"); >> exit; >> } >> >> # validate the sequential request against dialog >> if ( $DLG_status!=NULL && !validate_dialog() ) { >> xlog("In-Dialog $rm from $si (callid=$ci) is not valid >> according to dialog\n"); >> ## exit; >> } >> >> if (is_method("BYE")) { >> # do accounting even if the transaction fails >> do_accounting("db","failed"); >> >> } >> >> # route it out to whatever destination was set by loose_route() >> # in $du (destination URI). >> route(relay); >> exit; >> } >> >> # CANCEL processing >> if (is_method("CANCEL")) { >> if (t_check_trans()) >> t_relay(); >> exit; >> } >> >> # absorb retransmissions, but do not create transaction >> t_check_trans(); >> >> if ( !(is_method("REGISTER") || ($si==cc.cc.cc.cc && $sp==5060 /* >> CUSTOMIZE ME */) ) ) { >> >> if (is_myself("$fd")) { >> >> # authenticate if from local subscriber >> # authenticate all initial non-REGISTER request that >> pretend to be >> # generated by local subscriber (domain from FROM URI is >> local) >> if (!proxy_authorize("", "subscriber")) { >> proxy_challenge("", 0); >> exit; >> } >> if ($au!=$fU) { >> send_reply(403,"Forbidden auth ID"); >> exit; >> } >> >> consume_credentials(); >> # caller authenticated >> >> } else { >> # if caller is not local, then called number must be local >> >> if (!is_myself("$rd")) { >> send_reply(403,"Relay Forbidden"); >> exit; >> } >> } >> >> } >> >> # preloaded route checking >> if (loose_route()) { >> xlog("L_ERR", >> "Attempt to route with preloaded Route's [$fu/$tu/$ru/$ci]"); >> if (!is_method("ACK")) >> send_reply(403,"Preload Route denied"); >> exit; >> } >> >> # record routing >> if (!is_method("REGISTER|MESSAGE")) >> record_route(); >> >> # account only INVITEs >> if (is_method("INVITE")) { >> >> # create dialog with timeout >> if ( !create_dialog("B") ) { >> send_reply(500,"Internal Server Error"); >> exit; >> } >> >> do_accounting("db"); >> >> } >> >> >> if (!is_myself("$rd")) { >> append_hf("P-hint: outbound\r\n"); >> >> route(relay); >> } >> >> # requests for my domain >> >> if (is_method("PUBLISH|SUBSCRIBE")) { >> send_reply(503, "Service Unavailable"); >> exit; >> } >> >> if (is_method("REGISTER")) { >> # authenticate the REGISTER requests >> if (!www_authorize("", "subscriber")) { >> www_challenge("", 0); >> exit; >> } >> >> if ($au!=$tU) { >> send_reply(403,"Forbidden auth ID"); >> exit; >> } >> if ($proto == "tcp") >> setflag(TCP_PERSISTENT); >> >> if (!save("location")) >> sl_reply_error(); >> >> exit; >> } >> >> if ($rU==NULL) { >> # request with no Username in RURI >> send_reply(484,"Address Incomplete"); >> exit; >> } >> >> >> >> >> # apply transformations from dialplan table >> dp_translate( 0, "$rU", $rU); >> >> if ($rU=~"^\+[1-9][0-9]+$") { >> >> >> $rd="cc.cc.cc.cc"; # CUSTOMIZE ME >> $rp=5060; >> force_send_socket(udp:bb.bb.bb.bb:5060); >> rtpproxy_engage(); >> >> route(relay); >> exit; >> } >> >> # do lookup with method filtering >> if (!lookup("location","m")) { >> if (!db_does_uri_exist("$ru","subscriber")) { >> send_reply(420,"Bad Extension"); >> exit; >> } >> >> t_reply(404, "Not Found"); >> exit; >> } >> >> >> >> # when routing via usrloc, log the missed calls also >> do_accounting("db","missed"); >> >> route(relay); >> } >> >> >> route[relay] { >> # for INVITEs enable some additional helper routes >> if (is_method("INVITE")) { >> >> >> >> t_on_branch("per_branch_ops"); >> t_on_reply("handle_nat"); >> t_on_failure("missed_call"); >> } >> >> >> >> if (!t_relay()) { >> send_reply(500,"Internal Error"); >> } >> exit; >> } >> >> >> >> >> branch_route[per_branch_ops] { >> xlog("new branch at $ru\n"); >> } >> >> >> onreply_route[handle_nat] { >> >> xlog("incoming reply\n"); >> } >> >> >> failure_route[missed_call] { >> if (t_was_cancelled()) { >> exit; >> } >> >> # uncomment the following lines if you want to block client >> # redirect based on 3xx replies. >> ##if (t_check_status("3[0-9][0-9]")) { >> ##t_reply(404,"Not found"); >> ## exit; >> ##} >> >> >> } >> >> >> >> local_route { >> if (is_method("BYE") && $DLG_dir=="UPSTREAM") { >> >> acc_db_request("200 Dialog Timeout", "acc"); >> >> } >> } >> >> _______________________________________________ >> Users mailing list >> Users@lists.opensips.org >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> > > _______________________________________________ > Users mailing > listUsers@lists.opensips.orghttp://lists.opensips.org/cgi-bin/mailman/listinfo/users > > > _______________________________________________ > Users mailing list > Users@lists.opensips.org > http://lists.opensips.org/cgi-bin/mailman/listinfo/users >
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users