[Freeswitch-users] all-reg-options-ping and tls issue
Seeliger, Adam
Adam.Seeliger at qsc.de
Fri Feb 26 17:59:14 MSK 2016
Hi, here is the requested output.
I changed the real user, domain and ip address values into descriptions.
I guess the values are not necessary?
Both, FreeSWITCH and the phone are in the same network (no NAT involved here)
Registrations:
=================================================================================================
Call-ID: 3134353634383833373032323631-ncwgvit2obfp
User: user at domain
Contact: "User Name" <sip:user at ip:60206;transport=tls;line=gvg9q8jh;fs_nat=yes;fs_path=sip%3Auser%40ip%3A60206>
Agent: snom715/8.7.5.35
Status: Registered(AUTO-NAT-2.0)(unknown) EXP(2016-02-26 16:21:32) EXPSECS(1912)
Ping-Status: Reachable
Host: hostname
IP: ip
Port: 60206
Auth-User: user
Auth-Realm: domain
MWI-Account: user at domain
Total items returned: 1
=================================================================================================
2016-02-26 15:50:09.326648 [WARNING] sofia.c:5769 Sip user 'user at domain' is now Unreachable
2016-02-26 15:50:09.326648 [WARNING] sofia.c:5780 Expire sip user 'user at domain' due to options failure
As you can see, the user immediately got unregistered again ☹
Best regards,
Adam
Von: freeswitch-users-bounces at lists.freeswitch.org [mailto:freeswitch-users-bounces at lists.freeswitch.org] Im Auftrag von Sergey Safarov
Gesendet: Freitag, 26. Februar 2016 15:45
An: FreeSWITCH Users Help
Betreff: Re: [Freeswitch-users] all-reg-options-ping and tls issue
Please send output of command "sofia status profile internal reg <exten_number>"
On Fri, Feb 26, 2016 at 4:21 PM, Seeliger, Adam <Adam.Seeliger at qsc.de<mailto:Adam.Seeliger at qsc.de>> wrote:
Hi,
the phone uses sip+tls.
I test using a snom715, got plenty other phones here, but I guess they will behave the same way.
It really looks like FreeSWITCH is doing something wrong (or is wrongly configured – if there are any parameters for options ping supporting both, udp and tls)
Regards
Von: freeswitch-users-bounces at lists.freeswitch.org<mailto:freeswitch-users-bounces at lists.freeswitch.org> [mailto:freeswitch-users-bounces at lists.freeswitch.org<mailto:freeswitch-users-bounces at lists.freeswitch.org>] Im Auftrag von Sergey Safarov
Gesendet: Freitag, 26. Februar 2016 13:59
An: FreeSWITCH Users Help
Betreff: Re: [Freeswitch-users] all-reg-options-ping and tls issue
If your phone has enabled SIPS uri please disable and use sip+tls.
On Fri, Feb 26, 2016 at 3:37 PM, Seeliger, Adam <Adam.Seeliger at qsc.de<mailto:Adam.Seeliger at qsc.de>> wrote:
Hi and thanks for the feedback,
sry that I did not respond for a long time.
I already use:
<variable name=“sip-force-contact” value="NDLB-connectile-dysfunction-2.0"/>
I also tested all mentioned params below, nothing works.
When I register a User via TLS FreeSWITCH does not even try to ping the user.
I turned sofia global siptrace on and watched the flow:
User Server
13:09:33.311446: REGISTER [TLS] ->
13:09:33.312552: <- 401 UNAUTHORIZED [TLS]
13:09:33.331948: REGISTER (AUTH) [TLS] ->
13:09:33.336959: <- 200 OK [TLS]
Nothing happens
2016-02-26 13:10:00.619525 [WARNING] sofia.c:5769 Sip user 'user at host' is now Unreachable
2016-02-26 13:10:00.619525 [WARNING] sofia.c:5780 Expire sip user 'user at host' due to options failure
When I REGISTER the User via UDP FreeSWITCH starts to ping (OPTIONS) the user as soon as he is registered.
Is there any way to force FreeSWITCH to send OPTIONs in both, udp and tls, depending on the registration?
Thanks in advance,
Adam
Von: freeswitch-users-bounces at lists.freeswitch.org<mailto:freeswitch-users-bounces at lists.freeswitch.org> [mailto:freeswitch-users-bounces at lists.freeswitch.org<mailto:freeswitch-users-bounces at lists.freeswitch.org>] Im Auftrag von Emrah
Gesendet: Freitag, 29. Januar 2016 09:25
An: FreeSWITCH Users Help
Betreff: Re: [Freeswitch-users] all-reg-options-ping and tls issue
Hi!
This is interesting. I experienced something rather similar where calls would drop because FS would timeout on certain packets sent over UDP instead of TLS.
I assume you mean FS exits with port 5060 instead of port 5061? Because the port on the remote end should be dynamically set.
I found out that in my case, what works best even with TLS, is to use:
<variable name=“sip-force-contact” value="NDLB-connectile-dysfunction-2.0"/>
This goes as far as it can to lay out the path to contacting the client with all consideration in regards to NAT and dynamic ports.
Not sure if it will help you. I’ve personally disabled options-ping an let my clients deal with keep-alive instead.
You could also look into:
<!-- add a ;received="<ip>:<port>" to the contact when replying to register for nat handling -->
<!— <param name="NDLB-received-in-nat-reg-contact" value="true"/> -->
<!— <param name="bind-params" value="transport=tcp,udp,tls"/> -->
<!-- additional bind parameters for TLS -->
<param name=“tls-bind-params" value="transport=tls"/>
I’ll leave it up to you to investigate those options more in details on the FS documentation.
Please keep us posted!
E
On Jan 28, 2016, at 11:48 AM, Seeliger, Adam <Adam.Seeliger at qsc.de<mailto:Adam.Seeliger at qsc.de>> wrote:
Hi all,
I have a problem, when I enable TLS and register a phone using TLS on Port 5061.
FreeSWITCH still tries to “ping” the phone using Port 5060 using UDP, which is ignored by the phone.
Moments later FreeSWITCH deletes the registration, because “unregister-on-options-fail” is set to “true”.
I already figured out, that you can set “all-reg-options-ping” to “udp-only”, but this would completely disable this feature for TLS.
Is there any way to ping TLS registered using TLS?
Thanks in advance
- Adam
_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
consulting at freeswitch.org<mailto:consulting at freeswitch.org>
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org<mailto:FreeSWITCH-users at lists.freeswitch.org>
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
consulting at freeswitch.org<mailto:consulting at freeswitch.org>
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org<mailto:FreeSWITCH-users at lists.freeswitch.org>
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_________________________________________________________________________
Professional FreeSWITCH Consulting Services:
consulting at freeswitch.org<mailto:consulting at freeswitch.org>
http://www.freeswitchsolutions.com
Official FreeSWITCH Sites
http://www.freeswitch.org
http://confluence.freeswitch.org
http://www.cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org<mailto:FreeSWITCH-users at lists.freeswitch.org>
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20160226/4adb3c20/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list