[Freeswitch-users] all-reg-options-ping and tls issue

covici at ccs.covici.com covici at ccs.covici.com
Sun Feb 28 00:54:40 MSK 2016 

Why use options ping at all -- I have never had good success with it, if
it fails then it causes lots of problems, more than its supposed
advantages.

Seeliger, Adam <Adam.Seeliger at qsc.de> wrote:

> Hi, here is the requested output.
> 
> I changed the real user, domain and ip address values into descriptions.
> I guess the values are not necessary?
> 
> Both, FreeSWITCH and the phone are in the same network (no NAT involved here)
> 
> Registrations:
> =================================================================================================
> Call-ID:         3134353634383833373032323631-ncwgvit2obfp
> User:            user at domain
> Contact:       "User Name" <sip:user at ip:60206;transport=tls;line=gvg9q8jh;fs_nat=yes;fs_path=sip%3Auser%40ip%3A60206>
> Agent:          snom715/8.7.5.35
> Status:         Registered(AUTO-NAT-2.0)(unknown) EXP(2016-02-26 16:21:32) EXPSECS(1912)
> Ping-Status:   Reachable
> Host:            hostname
> IP:               ip
> Port:            60206
> Auth-User:    user
> Auth-Realm: domain
> MWI-Account:          user at domain
> 
> Total items returned: 1
> =================================================================================================
> 2016-02-26 15:50:09.326648 [WARNING] sofia.c:5769 Sip user 'user at domain' is now Unreachable
> 2016-02-26 15:50:09.326648 [WARNING] sofia.c:5780 Expire sip user 'user at domain' due to options failure
> 
> As you can see, the user immediately got unregistered again ☹
> 
> Best regards,
> Adam
> 
> Von: freeswitch-users-bounces at lists.freeswitch.org [mailto:freeswitch-users-bounces at lists.freeswitch.org] Im Auftrag von Sergey Safarov
> Gesendet: Freitag, 26. Februar 2016 15:45
> An: FreeSWITCH Users Help
> Betreff: Re: [Freeswitch-users] all-reg-options-ping and tls issue
> 
> Please send output of command "sofia status profile internal reg <exten_number>"
> 
> On Fri, Feb 26, 2016 at 4:21 PM, Seeliger, Adam <Adam.Seeliger at qsc.de<mailto:Adam.Seeliger at qsc.de>> wrote:
> Hi,
> 
> the phone uses sip+tls.
> I test using a snom715, got plenty other phones here, but I guess they will behave the same way.
> It really looks like FreeSWITCH is doing something wrong (or is wrongly configured – if there are any parameters for options ping supporting both, udp and tls)
> 
> Regards
> 
> Von: freeswitch-users-bounces at lists.freeswitch.org<mailto:freeswitch-users-bounces at lists.freeswitch.org> [mailto:freeswitch-users-bounces at lists.freeswitch.org<mailto:freeswitch-users-bounces at lists.freeswitch.org>] Im Auftrag von Sergey Safarov
> Gesendet: Freitag, 26. Februar 2016 13:59
> 
> An: FreeSWITCH Users Help
> Betreff: Re: [Freeswitch-users] all-reg-options-ping and tls issue
> 
> If your phone has enabled SIPS uri please disable and use sip+tls.
> 
> 
> On Fri, Feb 26, 2016 at 3:37 PM, Seeliger, Adam <Adam.Seeliger at qsc.de<mailto:Adam.Seeliger at qsc.de>> wrote:
> Hi and thanks for the feedback,
> 
> sry that I did not respond for a long time.
> 
> I already use:
> <variable name=“sip-force-contact” value="NDLB-connectile-dysfunction-2.0"/>
> 
> I also tested all mentioned params below, nothing works.
> 
> When I register a User via TLS FreeSWITCH does not even try to ping the user.
> I turned sofia global siptrace on and watched the flow:
> 
> User                                        Server
> 13:09:33.311446:             REGISTER [TLS] ->
> 13:09:33.312552:             <- 401 UNAUTHORIZED [TLS]
> 13:09:33.331948:             REGISTER (AUTH) [TLS]  ->
> 13:09:33.336959:             <- 200 OK [TLS]
> Nothing happens
> 2016-02-26 13:10:00.619525 [WARNING] sofia.c:5769 Sip user 'user at host' is now Unreachable
> 2016-02-26 13:10:00.619525 [WARNING] sofia.c:5780 Expire sip user 'user at host' due to options failure
> 
> When I REGISTER the User via UDP FreeSWITCH starts to ping (OPTIONS) the user as soon as he is registered.
> 
> Is there any way to force FreeSWITCH to send OPTIONs in both, udp and tls, depending on the registration?
> 
> Thanks in advance,
> Adam
> 
> Von: freeswitch-users-bounces at lists.freeswitch.org<mailto:freeswitch-users-bounces at lists.freeswitch.org> [mailto:freeswitch-users-bounces at lists.freeswitch.org<mailto:freeswitch-users-bounces at lists.freeswitch.org>] Im Auftrag von Emrah
> Gesendet: Freitag, 29. Januar 2016 09:25
> An: FreeSWITCH Users Help
> Betreff: Re: [Freeswitch-users] all-reg-options-ping and tls issue
> 
> Hi!
> This is interesting. I experienced something rather similar where calls would drop because FS would timeout on certain packets sent over UDP instead of TLS.
> I assume you mean FS exits with port 5060 instead of port 5061? Because the port on the remote end should be dynamically set.
> I found out that in my case, what works best even with TLS, is to use:
> <variable name=“sip-force-contact” value="NDLB-connectile-dysfunction-2.0"/>
> This goes as far as it can to lay out the path to contacting the client with all consideration in regards to NAT and dynamic ports.
> Not sure if it will help you. I’ve personally disabled options-ping an let my clients deal with keep-alive instead.
> 
> You could also look into:
>     <!-- add a ;received="<ip>:<port>" to the contact when replying to register for nat handling -->
> <!— <param name="NDLB-received-in-nat-reg-contact" value="true"/> -->
> <!— <param name="bind-params" value="transport=tcp,udp,tls"/>  -->
> <!-- additional bind parameters for TLS -->
>     <param name=“tls-bind-params" value="transport=tls"/>
> 
> I’ll leave it up to you to investigate those options more in details on the FS documentation.
> 
> Please keep us posted!
> 
> E
> On Jan 28, 2016, at 11:48 AM, Seeliger, Adam <Adam.Seeliger at qsc.de<mailto:Adam.Seeliger at qsc.de>> wrote:
> 
> Hi all,
> 
> I have a problem, when I enable TLS and register a phone using TLS on Port 5061.
> FreeSWITCH still tries to “ping” the phone using Port 5060 using UDP, which is ignored by the phone.
> Moments later FreeSWITCH deletes the registration, because “unregister-on-options-fail” is set to “true”.
> 
> I already figured out, that you can set “all-reg-options-ping” to “udp-only”, but this would completely disable this feature for TLS.
> Is there any way to ping TLS registered using TLS?
> 
> Thanks in advance
> 
> - Adam
> 
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org<mailto:consulting at freeswitch.org>
> http://www.freeswitchsolutions.com
> 
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
> 
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org<mailto:FreeSWITCH-users at lists.freeswitch.org>
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
> 
> 
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org<mailto:consulting at freeswitch.org>
> http://www.freeswitchsolutions.com
> 
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
> 
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org<mailto:FreeSWITCH-users at lists.freeswitch.org>
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
> 
> 
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org<mailto:consulting at freeswitch.org>
> http://www.freeswitchsolutions.com
> 
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
> 
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org<mailto:FreeSWITCH-users at lists.freeswitch.org>
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
> 
> 
> ----------------------------------------------------
> Alternatives:
> 
> ----------------------------------------------------
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services: 
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
> 
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
> 
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org

-- 
Your life is like a penny.  You're going to lose it.  The question is:
How do
you spend it?

         John Covici
         covici at ccs.covici.com

Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list