Summary: | ASTERISK-29202: res_pjsip: Cannot send OPTIONS to endpoint when transport= is unset and multiple explicitly bound transports | ||
Reporter: | Mark Murawski (kobaz) | Labels: | |
Date Opened: | 2020-12-07 20:55:37.000-0600 | Date Closed: | 2021-03-13 07:59:45.000-0600 |
Priority: | Minor | Regression? | |
Status: | Closed/Complete | Components: | Resources/res_pjsip |
Versions: | 16.15.0 | Frequency of Occurrence | Constant |
Related Issues: | |||
Environment: | Attachments: | ||
Description: | Reasonably complex setup here, but nothing out of the ordinary. We have multiple ways to get in and out of this box, and we need to make sure Asterisk uses the right settings for the right subnet!
{noformat} -------------------------------- pjsip.conf ------------------------------- [transport-udp-lo] type = transport protocol = udp bind = 127.0.0.1:5060 external_media_address = 127.0.0.1 external_signaling_address = 127.0.0.1 external_signaling_port = 5060 allow_reload = yes tos = cs3 cos = 3 [transport-udp-tun0] type = transport protocol = udp bind = 10.1.2.20:5060 external_media_address = 10.1.2.20 external_signaling_address = 10.1.2.20 external_signaling_port = 5060 allow_reload = yes tos = cs3 cos = 3 local_net = 10.1.2.0/24 [transport-udp-tun1] type = transport protocol = udp bind = 10.3.2.20:5060 external_media_address = 10.3.2.20 external_signaling_address = 10.3.2.20 external_signaling_port = 5060 allow_reload = yes tos = cs3 cos = 3 local_net = 10.3.2.0/24 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ; WAN1 and traffic to PBX-A / PBX-B [transport-udp] type = transport protocol = udp bind = 10.13.13.38:5060 external_media_address = XX.YY.171.40 external_signaling_address = XX.YY.171.40 external_signaling_port = 5060 allow_reload = yes tos = cs3 cos = 3 local_net = 192.168.181.0/24 local_net = 10.13.13.0/24 [transport-tcp] type = transport protocol = tcp bind = 10.13.13.38:5060 external_media_address = XX.YY.171.40 external_signaling_address = XX.YY.171.40 external_signaling_port = 5060 allow_reload = yes tos = cs3 cos = 3 local_net = 192.168.181.0/24 [transport-tcp-tls] type = transport protocol = tls bind = 10.13.13.38:5061 external_media_address = XX.YY.171.40 external_signaling_address = XX.YY.171.40 external_signaling_port = 5060 allow_reload = yes tos = cs3 cos = 3 local_net = 192.168.181.0/24 local_net = 10.13.13.0/24 cert_file = /etc/asterisk/keys/asterisk.crt priv_key_file = /etc/asterisk/keys/asterisk.key method = sslv23 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; ;; WAN2 [transport-udp-wan2] type = transport protocol = udp bind = 10.13.13.39:5060 external_media_address = ZZ.QQ.5.40 external_signaling_address = ZZ.QQ.5.40 external_signaling_port = 5060 allow_reload = yes tos = cs3 cos = 3 local_net = 192.168.181.0/24 [transport-tcp-wan2] type = transport protocol = tcp bind = 10.13.13.39:5060 external_media_address = XX.YY.171.40 external_signaling_address = XX.YY.171.40 external_signaling_port = 5060 allow_reload = yes tos = cs3 cos = 3 local_net = 192.168.181.0/24 [transport-tcp-wan2-tls] type = transport protocol = tls bind = 10.13.13.39:5061 external_media_address = ZZ.QQ.5.40 external_signaling_address = ZZ.QQ.5.40 external_signaling_port = 5060 allow_reload = yes tos = cs3 cos = 3 local_net = 192.168.181.0/24 cert_file = /etc/asterisk/keys/asterisk.crt priv_key_file = /etc/asterisk/keys/asterisk.key method = sslv23 -------------------------------- pjsip_wizard.conf - Via psql extconfig -------------------------------- 21005 | type | wizard 21005 | accepts_registrations | yes 21005 | accepts_auth | yes 21005 | aor/max_contacts | 4 21005 | aor/remove_existing | yes 21005 | endpoint/context | cos_internal+local+ld 21005 | endpoint/callerid | <21005> 21005 | endpoint/aggregate_mwi | yes 21005 | endpoint/mailboxes | 21005@internal 21005 | endpoint/set_var | __ExtenMailBox=21005@internal 21005 | endpoint/set_var | __Tenant=default 21005 | endpoint/set_var | __DeviceType=Exten 21005 | endpoint/set_var | __DeviceTenantName=default 21005 | endpoint/set_var | __ExtenDevice=SIP/21005 21005 | endpoint/set_var | __ExtenDeviceName=21005 21005 | endpoint/set_var | __ExtenPhoneNum=21005 21005 | endpoint/set_var | __ExtenPhoneGroup=internal 21005 | endpoint/ice_support | no 21005 | inbound_auth/username | 21005 21005 | inbound_auth/password | correcthorsebatterystaple 21005 | outbound_auth/username | 21005 21005 | outbound_auth/password | correcthorsebatterystaple 21005 | aor/qualify_frequency | 60 21005 | aor/qualify_timeout | 2000 21005 | endpoint/allow | ulaw,alaw,adpcm,gsm 21005 | endpoint/allow_subscribe | yes 21005 | endpoint/direct_media | no 21005 | endpoint/disallow | g723,slin,ilbc,lpc10,g729,speex,g726aal2,g722 21005 | endpoint/force_rport | yes 21005 | endpoint/log_subscription_error | no 21005 | endpoint/rewrite_contact | yes 21005 | endpoint/rtp_symmetric | yes 21005 | endpoint/rtp_timeout | 60 21005 | endpoint/rtp_timeout_hold | 60 21005 | endpoint/send_pai | yes 21005 | endpoint/send_rpid | yes 21005 | endpoint/subscribe_context | blf 21005 | endpoint/trust_id_inbound | no 21005 | endpoint/trust_id_outbound | yes -------------------------------- {noformat} Notes: Setting transport=transport-udp will 'work' and pjsip can successfully send SIP OPTIONS to this endpoint/contact, but if say the endpoint initiates a call to Asterisk via transport-udp-tun0, obviously asterisk will respond on the wrong transport and things will not work. Generic setting of having NO transport= will allow INVITEs to process from this endpoint to Asterisk properly and two way audio is successful and all that good stuff. But asterisk cannot 'reach' the endpoint, because now it considers it down -------------------------------- The situation: {noformat} [2020-12-07 16:26:06.157] VERBOSE[19882] res_pjsip_registrar.c: Added contact 'sip:21005@AA.BB.184.42:56567;ob;x-ast-orig-host=192.168.125.103:56567' to AOR '21005' with expiration of 60 seconds [2020-12-07 17:12:19.060] ERROR[3674] res_pjsip.c: Error 171060 'Unsupported transport (PJSIP_EUNSUPTRANSPORT)' sending OPTIONS request to endpoint 21005 {noformat} NOTIFY doesn't work either.... here's the core debug level 9 {noformat} [2020-12-07 21:53:09.056] DEBUG[3674] res_pjsip_registrar.c: Refreshed contact 'sip:21005@AA.BB.184.42:56567;ob;x-ast-orig-host=192.168.125.103:56567' on AOR '21005' with new expiration of 60 seconds [2020-12-07 21:53:09.056] DEBUG[3674] netsock2.c: Splitting 'AA.BB.184.42' into... [2020-12-07 21:53:09.056] DEBUG[3674] netsock2.c: ...host 'AA.BB.184.42' and port ''. [2020-12-07 21:53:09.056] DEBUG[3674] res_pjsip_nat.c: Re-wrote Contact URI port to 5060 [2020-12-07 21:53:09.056] DEBUG[3674] res_pjsip_nat.c: Restoring contact 38.94.171.40:5060 to 192.168.125.103:56567 [2020-12-07 21:53:09.056] DEBUG[25739] res_pjsip_mwi.c: Sending unsolicited MWI NOTIFY to endpoint 21005, new messages: 0, old messages: 0 [2020-12-07 21:53:09.059] DEBUG[25739] config.c: extract double from [3.0] in [-inf, inf] gives [3.000000](0) [2020-12-07 21:53:09.059] DEBUG[25739] config.c: extract uint from [0] in [0, 4294967295] gives [0](0) [2020-12-07 21:53:09.059] DEBUG[25739] config.c: extract double from [2000.000000] in [-inf, inf] gives [2000.000000](0) [2020-12-07 21:53:09.059] DEBUG[25739] config.c: extract uint from [56567] in [0, 4294967295] gives [56567](0) [2020-12-07 21:53:09.059] DEBUG[25739] config.c: extract uint from [60] in [0, 86400] gives [60](0) [2020-12-07 21:53:09.059] DEBUG[25739] res_pjsip.c: 0x7f27ac03d400: Wrapper created [2020-12-07 21:53:09.059] DEBUG[25739] res_pjsip/pjsip_resolver.c: Performing SIP DNS resolution of target 'AA.BB.184.42' [2020-12-07 21:53:09.059] DEBUG[25739] res_pjsip/pjsip_resolver.c: Transport type for target 'AA.BB.184.42' is 'UDP transport' [2020-12-07 21:53:09.059] DEBUG[25739] res_pjsip/pjsip_resolver.c: Target 'AA.BB.184.42' is an IP address, skipping resolution [2020-12-07 21:53:09.059] DEBUG[25739] res_pjsip.c: 0x7f27ac03d400: PJSIP tsx response received [2020-12-07 21:53:09.059] DEBUG[25739] res_pjsip.c: 0x7f27ac03d400: Callbacks executed [2020-12-07 21:53:09.059] ERROR[25739] res_pjsip.c: Error 171060 'Unsupported transport (PJSIP_EUNSUPTRANSPORT)' sending NOTIFY request to endpoint 21005 [2020-12-07 21:53:09.059] DEBUG[25739] res_pjsip.c: 0x7f27ac03d400: wrapper destroyed {noformat} | ||
Comments: | By: Asterisk Team (asteriskteam) 2020-12-07 20:55:39.073-0600 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. Please note that log messages and other files should not be sent to the Sangoma Asterisk Team unless explicitly asked for. All files should be placed on this issue in a sanitized fashion as needed. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. Please note that once your issue enters an open state it has been accepted. As Asterisk is an open source project there is no guarantee or timeframe on when your issue will be looked into. If you need expedient resolution you will need to find and pay a suitable developer. Asking for an update on your issue will not yield any progress on it and will not result in a response. All updates are posted to the issue when they occur. Please note that by submitting data, code, or documentation to Sangoma through JIRA, you accept the Terms of Use present at [https://www.asterisk.org/terms-of-use/|https://www.asterisk.org/terms-of-use/]. By: Joshua C. Colp (jcolp) 2020-12-09 04:17:32.378-0600 If you add a transport which is bound to 0.0.0.0 does this alter the behavior? By: Mark Murawski (kobaz) 2020-12-09 08:38:50.808-0600 Having a transport explicitly bound do 0.0.0.0 will conflict, and prevent all the other transports from binding. If I *only* have a transport bound to 0.0.0.0, then yes, SIP OPTIONS can send correctly and all that, but then external media and external signalling is all wrong of course. By: Mark Murawski (kobaz) 2020-12-09 11:03:06.439-0600 It's almost like transports need to be not specifically bound to ip/port, but have one transport and then have like interface options Proposed Design PseudoCFG Example: [transport-udp] type=transport bind=0.0.0.0:5060 [transport-udp] type=transport_rule transport=transport-udp <-- link to the above transport interface=1.2.3.4:5060 <-- handle traffic to/from 1.2.3.4:5060 differently... endpoint can optionally set transport_rule=transport-udp external_media_address = XX.YY.171.40 external_signaling_address = XX.YY.171.40 external_signaling_port = 5060 other_rule=.... This accomplishes multiple things here... one, simplify the network level and have one bind for 5060 If an endpoint wants to register a contact over the internet via 1.2.3.4:5060... apply the above rules for communication with that endpoint/contact without needing an new stack bound Ie: set up a rule so that if an endpoint contact is contacting us on 1.2.3.4:5060, as shown above... use different external_* settings without having to bind another transport By: Joshua C. Colp (jcolp) 2020-12-09 11:06:16.121-0600 That's jumping to premature ideas without a true understanding of the underlying issue here. By: Mark Murawski (kobaz) 2020-12-09 11:07:16.257-0600 I agree it might not fix my issue, but I think it's a good idea to not require binds for differing transport rules. Which should be split off into its own issue. By: Joshua C. Colp (jcolp) 2020-12-09 11:09:44.197-0600 We don't currently accept feature requests on the issue tracker, which such a thing would be. By: Joshua C. Colp (jcolp) 2020-12-09 11:57:37.652-0600 If you remove the *wan2 entries does a transport get selected? By: Mark Murawski (kobaz) 2020-12-09 21:45:05.857-0600 With WAN2 completely removed. I get a different error, all else being equal: [2020-12-09 22:36:57.757] ERROR[24546]: res_pjsip.c:4361 endpt_send_request: Error 120022 'Invalid argument' sending OPTIONS request to endpoint 21005 This endpoint/contact is coming in via tun0 transport Same thing occurs when coming in via tun1 Same things occurs when coming in via wan1 (transport-udp) By: Joshua C. Colp (jcolp) 2020-12-10 10:15:34.165-0600 Do you have only tunnel interfaces for the transports? I was attempting to reproduce using strictly IP aliases on a single interface, and it did not occur. By: Mark Murawski (kobaz) 2020-12-10 10:30:55.618-0600 Hi Josh, The transports are all the ones listed in the original report. When you asked to disable wan2, and the problem still persists. I had the following transports: transport-udp-lo transport-udp-tun0 transport-udp-tun1 transport-udp transport-tcp transport-tcp-tls By: Mark Murawski (kobaz) 2020-12-10 10:32:55.015-0600 I have physical interfaces for the transports and some aliased. Here you go: You could simulate with multiple nic's on a vm to replication my setup eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.13.13.38 netmask 255.255.255.0 broadcast 10.13.13.255 inet6 fe80::250:56ff:fe98:d2b1 prefixlen 64 scopeid 0x20<link> ether 00:50:56:98:d2:b1 txqueuelen 1000 (Ethernet) RX packets 186100996 bytes 137264107722 (127.8 GiB) RX errors 0 dropped 11913 overruns 0 frame 0 TX packets 130909291 bytes 178101476954 (165.8 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.13.13.39 netmask 255.0.0.0 broadcast 10.255.255.255 ether 00:50:56:98:d2:b1 txqueuelen 1000 (Ethernet) lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 1770465537 bytes 650315372471 (605.6 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1770465537 bytes 650315372471 (605.6 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 10.1.2.20 netmask 255.255.255.255 destination 10.1.2.18 inet6 fe80::b02a:ead8:6201:a8fb prefixlen 64 scopeid 0x20<link> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC) RX packets 39711456 bytes 2097223819 (1.9 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 79349830 bytes 110789017750 (103.1 GiB) TX errors 0 dropped 9696 overruns 0 carrier 0 collisions 0 tun1: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 10.3.2.20 netmask 255.255.255.255 destination 10.3.2.19 inet6 fe80::766:a7cb:ae9b:801b prefixlen 64 scopeid 0x20<link> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC) RX packets 1271856 bytes 418111602 (398.7 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1135856 bytes 411590761 (392.5 MiB) TX errors 0 dropped 6 overruns 0 carrier 0 collisions 0 tun2: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 10.20.1.1 netmask 255.255.255.255 destination 10.20.1.2 inet6 fe80::ee4e:ab41:32d:7796 prefixlen 64 scopeid 0x20<link> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC) RX packets 31097351 bytes 43433594166 (40.4 GiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6679661 bytes 351878934 (335.5 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 From the outside world, we have WAN1 -> DNAT 10.13.13.38 and WAN2 -> DNAT 10.13.13.39 By: Mark Murawski (kobaz) 2020-12-31 12:44:04.610-0600 Hi Josh, Curious if there's been any headway in figuring out why a transport isn't available when one isn't explicitly specified in this scenario? By: Joshua C. Colp (jcolp) 2020-12-31 13:14:56.573-0600 There is noone actively working on this issue. If that changes then the assignee will be set, and said individual will post any update or comments here if they have any. By: Mark Murawski (kobaz) 2021-01-04 21:09:45.939-0600 With the main issue being that Asterisk is not utilizing the same transport that thee request came in on.... I've been experimenting with symmetric_transport = yes to no avail... the documentation seems to indicate that this is exactly the situation the setting is designed to handle: symmetric_transport When a request from a dynamic contact comes in on a transport with this option set to 'yes', the transport name will be saved and used for subsequent outgoing requests like OPTIONS, NOTIFY and INVITE. It seems to address some issues related to transport, but it does not seem to affect the RTP engine's source address however. By: Mark Murawski (kobaz) 2021-03-13 07:59:29.719-0600 I'm not sure what the difference is here, but I'm unable to reproduce the behavior in 16.16.1. This can be closed. By: Ilya Demyanov (Turbid) 2022-12-16 02:49:36.256-0600 I encountered a similar problem on Asterisk 20.0.1 - the response to INVITE comes from the correct transport, but on OPTIONS - from the wrong one. https://community.asterisk.org/t/wrong-transport-selection-to-reply-to-options/95046/5 |