I noticed this issue a couple of times, but haven’t had time to investigate further until today.
After some time of operation, Asterisk misbehaves, although no indication of failure is triggered, other than external peers cannot call in. The call is cancelled early in connection establishment with SIP/2.0 403 Forbidden
, while the peers appear to be functional (sip show peers gives OK status on all lines). Neither sip reload
nor dialplan reload
fixes the problem, only restarting the Asterisk process does.
The SIP debug trace of a failed attempt is as follows:
-> INVITE from trunk provider
<- SIP/2.0 403 Forbidden
The SIP debug trace after Asterisk’s restart:
-> INVITE from trunk provider
<- SIP/2.0 100 Trying
Comparing the traces show no essential difference, but these lines are missing in the misbehaving case:
[Sep 23 10:58:36] Looking for xxxxxxxx [SIP trunk user id] in inbound [inbound trunk context] (domain xx.xx.xx.xx [external ip address])
[Sep 23 10:58:36] sip_route_dump: route/path hop: <sip:213.167.161.5;lr=on;ftag=as29aebd46;did=4ae.cc95deb1>
[Sep 23 10:58:36] sip_route_dump: route/path hop: <sip:213.167.162.8;lr=on;ftag=as29aebd46;vsf=AAAAABsFDgMABgIDBwcCcFgmBxUGA0cUS2Rl;cctrl=4ae.d31682c4>
So it looks, like Asterisk is loosing the association of inbound calls to the external sip provider, that neither sip reload
nor dialplan reload
can restore, only restarting Asterisk does.
Some excepts of my sip.conf:
[general]
allowguest = no
srvlookup = yes
transport = udp
nat = force_rport,comedia
directmedia = no
externhost = external-dns-name
autodomain = yes
domain = siptrunk-provider
domain = siptrunk-provider-alt-name
allowexternaldomains = no
; register main trunk
register => main-inbound:xxx
; register test trunk
register => test-inbound:yyy
; HFO inbound template
[hfo_in](!)
context = inbound
type = peer
deny = 0.0.0.0/0.0.0.0
permit = 213.167.161.0/26
permit = 213.167.162.0/26
directmedia = no
insecure = port,invite
qualify = yes
qualifyfreq = 60 ; probe far end peer every 60 seconds (default: 2 seconds)
[hfo_in1](hfo_in)
host = 213.167.161.5
[hfo_in2](hfo_in)
host = 213.167.162.5
Needless to say, that this state is rather disturbing, given, that it takes a caller, who knows other ways to contact us and is willing to notice us on this misbehavior.
Asterisk is working reliable for days, but suddenly it reaches this state.
Any hints, how to debug this any further is much appreciated.
Thanks,
Pete