<div dir="ltr"><div dir="ltr">On Tue, Jan 5, 2021 at 11:02 AM Mark Murawski <<a href="mailto:markm-lists@intellasoft.net">markm-lists@intellasoft.net</a>> wrote:</div><div dir="ltr"><br></div><div><snip></div><div dir="ltr"><br></div><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
I then have the following call<br>
<br>
INVITE<br>
(Call is attached)<br>
<br>
Packet from: ZZ.75.184.42<br>
Packet To: -> YY.9.5.40 (Ie: WAN2), Then firewall DNATs to<br>
<a href="http://10.13.13.39:5061" rel="noreferrer" target="_blank">10.13.13.39:5061</a>, and asterisk gets the call<br>
<br>
Use Case:<br>
Now... in order for this dual-wan to operate correctly... say WAN1 is <br>
down. Asterisk needs to be able to send RTP traffic (not just SIP <br>
Signalling) using the correct rtp bind, associated to the correct return <br>
transport and external_media_address<br>
<br>
My expectation here is that since Asterisk knows it's using <br>
transport-tcp-wan2-tls, and it has set the correct media source in the <br>
SDP to YY.9.5.40, that the RDP engine would then send media from <br>
10.13.13.39. But it does not....<br></blockquote><div><br></div><div>In previous times it may have, but to support modern DNS methods with IPv4 and IPv6 by default it currently binds to the wildcard. This allows it to failover between IPv4 and IPv6 easily. The API could be better extended to potentially allow it to recreate the entire RTP instance for the transition but that hasn't been done and doesn't exist.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
During the above call, the outgoing RTP looks like this from tcpdump:<br>
08:52:13.234702 IP 10.13.13.38.16384 > ZZ.75.184.42.7078: UDP, length 182<br></blockquote><div><br></div><div><snip></div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
<br>
Here we check if the transport is explicitly bound, and if so, we use <br>
it.... now if I do explicitly set the transport to <br>
transport-tcp-wan2-tls instead of leaving it unset, then RTP is sourced <br>
from the correct address.<br>
<br>
But this is a dynamic contact which could be talking to asterisk either <br>
on the 'WAN1' transports or the 'WAN2' transports.<br>
<br>
Given that SIP OPTIONS and such will go back to the correct transport, <br>
given the transport configuration above, it seems logical we should also <br>
be able to send RTP using the associated transport settings as well.<br>
<br>
So the issue here is that in res_pjsip_sdp_rtp.c, create_rtp(). I don't <br>
see a way to find the associated endpoint/contact... it's all pointing <br>
to null at this time.<br></blockquote><div><br></div><div>There is no such information in there. I don't recall when exactly the RTP instance is created, but you may be able to examine the INVITE session on the session and the dialog to get the underlying SIP URI that is being targeted or has been received from, and then from that try to determine the underlying transport that would be used to determine the IP address to bind RTP to.</div><div> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
Am I in the right place? Is there a further down the line place to <br>
handle rtp source, or is there a way to pull up the dynamically stored <br>
AST_SIP_X_AST_TXP here?<br>
<br>
Also... speaking of AST_SIP_X_AST_TXP, it doesn't appear to be set in <br>
all situations either. Looking at core debug, logging and hits to <br>
'res_pjsip/pjsip_message_filter.c: Set transport', result in absolutely <br>
no usage of any of the -tls transports when OPTIONS come in from this <br>
peer, or any peer using tls.<br>
<br>
Examples:<br>
[2021-01-04 23:57:41.328] DEBUG[16309] res_pjsip/pjsip_message_filter.c: <br>
Set transport 'transport-udp' on OPTIONS from <a href="http://192.168.181.5:5060" rel="noreferrer" target="_blank">192.168.181.5:5060</a><br>
[2021-01-04 23:57:41.927] DEBUG[16309] res_pjsip/pjsip_message_filter.c: <br>
Set transport 'transport-udp' on OPTIONS from <a href="http://192.168.181.5:5060" rel="noreferrer" target="_blank">192.168.181.5:5060</a><br>
<br>
But, that's it... when getting OPTIONS over TLS, this is not tracked<br></blockquote></div><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div style="font-family:tahoma,sans-serif"><div><font color="#073763">Joshua C. Colp</font></div><div><font color="#073763">Asterisk Technical Lead</font></div><div><font color="#073763">Sangoma Technologies</font></div><div><font color="#073763">Check us out at <a href="http://www.sangoma.com/" target="_blank">www.sangoma.com</a> and <a href="http://www.asterisk.org/" target="_blank">www.asterisk.org</a></font></div></div></div></div></div></div></div></div></div></div></div></div>