[asterisk-bugs] [JIRA] (ASTERISK-26922) chan_sip: tcpbind uses wrong source address

Ksenia (JIRA) noreply at issues.asterisk.org
Thu Apr 13 03:42:57 CDT 2017 

     [ https://issues.asterisk.org/jira/browse/ASTERISK-26922?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Ksenia updated ASTERISK-26922:
------------------------------

    Attachment: sip_debug.txt
                sip_conf.txt

Tested fast on Centos 7 and Asterisk 14.4.0 - same behavior.
Debugs were taken from Asterisk 13.1.0 Ubuntu 16.04.
Scenario (SIP config attached):
1) peer transport set to UDP. No need even to make a call, behavior can be seen even with OPTIONS: tcpdump shows 192.168.0.177 as a source IP address.
2) peer transport set to TCP. OPTIONS: tcpdump shows 192.168.0.172 as a source IP address for SYN packet.


> chan_sip: tcpbind uses wrong source address
> -------------------------------------------
>
>                 Key: ASTERISK-26922
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-26922
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/General
>    Affects Versions: 13.1.0
>         Environment: Ubuntu 16.04 
> 4.4.0-72-generic
>            Reporter: Ksenia
>            Assignee: Unassigned
>         Attachments: config_sip, ip_a, sip_conf.txt, sip_debug.txt
>
>
> I am running asterisk 13.1.0 on Ubuntu server 16.04. There are two IP addresses from the same subnet set on one interface, and bindaddr is set to the second on them in sip.conf and in iax.conf. 
> Incoming connections work as expected. However, for outgoing connections it seems that asterisk tells the kernel to use the specific "bind" address only in case of UDP usage (both SIP and IAX work like that). In case of outgoing TCP connections (SIP TCP and TLS) the first IP address from the interface is used. 
> In my understanding, normally 'bind' should not only tell on which address to listen, but also which source address to request for outgoing connections, but it works only for UDP connections for some reason.
> {code}
> netstat -nlp | egrep '506[01]'
> tcp        0      0 192.168.0.177:5061      0.0.0.0:*               LISTEN      13255/asterisk  
> udp        0      0 192.168.0.177:5060      0.0.0.0:*                           13255/asterisk
> {code}
> Source IP is set to the first IP address of the interface only when TCP is used. As I understand, the application (chan_sip in this case) should request kernel to use the specific source IP address (used in bind directive) for outgoing packets, however it seems to be done only for UDP. For outgoing packets on TCP/5061 I see the following:
> {code}
> IP 192.168.0.172.47596 > <mydestip>.5061: Flags [S], seq 2529313754, win 29200, options [mss 1460,sackOK,TS val 82765588 ecr 0,nop,wscale 7], length 0
> And with UDP as transport:
> IP 192.168.0.177.5060 > <mydestip>.5060: SIP: OPTIONS ....
> {code}
> I have also tried with the latest Asterisk built from sources with Ubuntu and Centos 7 - same behavior. I have also asked the community - they suggest I should report an issue.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list