When i call to trunk -> internal number and hangup from SIP client it doesn't disconnect the line. It seems that BYE is sent to wrong trunk or it is authorized with wrong username.
[2015-02-16 15:51:01] NOTICE[3053]: chan_sip.c:22109 handle_response: Failed to authenticate on BYE to ';tag=SDdu8i501-snl_004195XX18_NSN_CLIENT'
On first trunk it works but on the second it doesn't, this is my conf:
First Trunk:
type=peer
qualify=yes
nat=yes
username=XXXXXXX
host=bX.sXXXXXl.net
secret=XXXXXXXXXX
fromuser=XXXXXXX
fromdomain=XXXXXXX
dtmfmode=info
disallow=all
context=from-internal
canreinvite=yes
canredirect=yes
allow=alaw&ulaw
insecure=very
Second Trunk:
type=peer
qualify=yes
nat=yes
username=XXXXXXX
host=bX.sXXXXXl.net
secret=XXXXXXXXXX
fromuser=XXXXXXX
fromdomain=XXXXXXX
dtmfmode=info
disallow=all
context=from-internal
canreinvite=yes
canredirect=yes
allow=alaw&ulaw
insecure=very
tcpdump of one call:
root@lix ~ # tcpdump -nqt -s 0 -A -i eth0 port 5060
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 1189
E.......y..wP_..T.........".INVITE sip:[email protected]:5060 SIP/2.0
Via: SIP/2.0/UDP 80.XX.XXX.149:5060;branch=z9hG4bKmrqmnl00a8ohig4vr6g0.1
To: <sip:[email protected]:29040>
From: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 1235 INVITE
Contact: <sip:[email protected]:5060;eplid=188.XX.XXX.241:5060;elid=188.XX.XXX.241:5060;evlid=pbx-core:1591;transport=udp>
Accept-Language: en;q=0.0
Allow: REGISTER, INVITE, ACK, BYE, CANCEL, NOTIFY, REFER, UPDATE, PRACK
P-Asserted-Identity: <sip:[email protected];user=phone>
Supported: timer
Session-Expires: 360;refresher=uac
Min-SE: 360
Date: Mon, 16 Feb 2015 15:04:52 GMT
Max-Forwards: 67
Content-Type: application/sdp
Content-Length: 363
v=0
o=hiQ9200 4244020150116160452 1181089808 IN IP4 80.95.239.157
s=Phone Call via hiQ9200 SIPCA
c=IN IP4 80.95.239.157
t=0 0
m=audio 54246 RTP/AVP 18 8 0 100
a=rtpmap:18 G729/8000
a=fmtp:18 annexb=no
a=rtpmap:8 PCMA/8000
a=fmtp:8 vad=no
a=rtpmap:0 PCMU/8000
a=fmtp:0 vad=no
a=rtpmap:100 telephone-event/8000
a=fmtp:100 0-15
a=sendrecv
a=ptime:20
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 625
E.......y...P_..T........y..ACK sip:[email protected]:5060 SIP/2.0
Via: SIP/2.0/UDP 80.XX.XXX.149:5060;branch=z9hG4bKtb9h0300c8i1ngckd6g0.1
To: <sip:[email protected]:29040>;tag=as4bbef921
From: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 1235 ACK
Contact: <sip:[email protected]:5060;eplid=188.XX.XXX.241:5060;elid=188.XX.XXX.241:5060;evlid=pbx-core:1591;transport=udp>
Allow: REGISTER, INVITE, ACK, BYE, CANCEL, NOTIFY, REFER
Date: Mon, 16 Feb 2015 15:04:55 GMT
Max-Forwards: 67
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 509
E.......y...P_..T........./(SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK77f199c4;rport=49375
From: <sip:[email protected]:29040>;tag=as4bbef921
To: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 102 BYE
WWW-Authenticate: Digest realm="bt.xxxxxxxx.net", nonce="774148580-b3756059388ed16573d45f15fb506022", algorithm=MD5, qop="auth"
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 509
E.......y...P_..T......... 3SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK5a06c3e1;rport=49375
From: <sip:[email protected]:29040>;tag=as4bbef921
To: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 103 BYE
WWW-Authenticate: Digest realm="bt.xxxxxxxx.net", nonce="774148580-b3756059388ed16573d45f15fb506022", algorithm=MD5, qop="auth"
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 509
E.......y...P_..T......... 3SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK5a06c3e1;rport=49375
From: <sip:[email protected]:29040>;tag=as4bbef921
To: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 103 BYE
WWW-Authenticate: Digest realm="bt.xxxxxxxx.net", nonce="774148580-b3756059388ed16573d45f15fb506022", algorithm=MD5, qop="auth"
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 509
[email protected]/2.0 401 Unauthorized
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK61805162;rport=49375
From: <sip:[email protected]:29040>;tag=as4bbef921
To: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 104 BYE
WWW-Authenticate: Digest realm="bt.xxxxxxxx.net", nonce="774148580-b3756059388ed16573d45f15fb506022", algorithm=MD5, qop="auth"
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 509
[email protected]/2.0 401 Unauthorized
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK61805162;rport=49375
From: <sip:[email protected]:29040>;tag=as4bbef921
To: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 104 BYE
WWW-Authenticate: Digest realm="bt.xxxxxxxx.net", nonce="774148580-b3756059388ed16573d45f15fb506022", algorithm=MD5, qop="auth"
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 509
[email protected]/2.0 401 Unauthorized
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK61805162;rport=49375
From: <sip:[email protected]:29040>;tag=as4bbef921
To: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 104 BYE
WWW-Authenticate: Digest realm="bt.xxxxxxxx.net", nonce="774148580-b3756059388ed16573d45f15fb506022", algorithm=MD5, qop="auth"
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 509
E.......y...P_..T..........^SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK3cbc6149;rport=49375
From: <sip:[email protected]:29040>;tag=as4bbef921
To: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 105 BYE
WWW-Authenticate: Digest realm="bt.xxxxxxxx.net", nonce="774148580-b3756059388ed16573d45f15fb506022", algorithm=MD5, qop="auth"
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 509
E.......y...P_..T..........^SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK3cbc6149;rport=49375
From: <sip:[email protected]:29040>;tag=as4bbef921
To: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 105 BYE
WWW-Authenticate: Digest realm="bt.xxxxxxxx.net", nonce="774148580-b3756059388ed16573d45f15fb506022", algorithm=MD5, qop="auth"
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 509
E.......y...P_..T..........^SIP/2.0 401 Unauthorized
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK3cbc6149;rport=49375
From: <sip:[email protected]:29040>;tag=as4bbef921
To: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 105 BYE
WWW-Authenticate: Digest realm="bt.xxxxxxxx.net", nonce="774148580-b3756059388ed16573d45f15fb506022", algorithm=MD5, qop="auth"
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 363
E.......y...P_..T........s.xSIP/2.0 200 OK
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK07349552;rport=49375
From: <sip:[email protected]>;tag=as3d51a72f
To: <sip:[email protected]>;tag=aprq1squpq0-2pase510000s7
Call-ID: [email protected]
CSeq: 126 REGISTER
Contact: <sip:[email protected]:5060>;expires=60
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 394
E.......y...P_..T..........wSIP/2.0 200 OK
Via: SIP/2.0/UDP 84.XXX.XXX.192:5060;received=146.212.15.165;branch=z9hG4bK4b188443;rport=49375
From: <sip:[email protected]>;tag=as2c8ec8f0
To: <sip:[email protected]>;tag=SD7tiv999-
Call-ID: [email protected]
CSeq: 126 REGISTER
Contact: <sip:[email protected]:5060>;expires=60;audio
Supported: outbound
Content-Length: 0
IP 80.XX.XXX.149.5060 > 84.XXX.XXX.192.5060: UDP, length 531
E../....y.. P_..T..........HBYE sip:[email protected]:5060 SIP/2.0
Via: SIP/2.0/UDP 80.XX.XXX.149:5060;branch=z9hG4bKtb9h0300c8i1ngckd6g0cd00080a3.1
To: <sip:[email protected]:29040>;tag=as4bbef921
From: <sip:[email protected];user=phone;CPC=Ordinary>;tag=SDtl8c501-snl_0041961844_NSN_CLIENT
Call-ID: SDtl8c501-794b0bfaea6e05f8b7ab019950a6b3c5-06a1450
CSeq: 1236 BYE
Accept-Language: en;q=0.0
Allow: REGISTER, INVITE, ACK, BYE, CANCEL, NOTIFY, REFER
Date: Mon, 16 Feb 2015 15:05:08 GMT
Max-Forwards: 67
Content-Length: 0
BYE message authentification is not very hardly used extension(actually it not needed, becuase BYE always have session id and ip/port same as before).
There was no such feature in asterisk, becuase on that time almost no softswitches or devices have that implemented.
After some moment BYE auth was added to asterisk chan_sip as patch. But since there was no support for needed structure cross-reference in architecture,it have been developed as lookup in peer list(default auth procedure used).
Auth procedure for asterisk is: asterisk select first section with same ip/port combination. So it select first trunk
You have no way fix that without major chan_sip rewrite. You can try use modern version with pjsip if that vital.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments