OPTIONS being sent over UDP to TLS port after pjsip reload

onyb · July 27, 2021, 9:08am

Hello!

I am running into an issue where Asterisk is trying to send OPTIONS over UDP, but to the endpoints TLS port, after doing “pjsip reload”. The endpoint is configured to use TLS transport and it works as expected before the reload.

I have recreated the issue on fresh installation of Asterisk 18.4.0 with sample configuration apart from pjsip.conf.

The issue seems to happen when “pjsip reload” also outputs the following warning:
WARNING[168955]: res_pjsip/config_transport.c:739 transport_apply: Transport ‘transport-tls’ is not fully reloadable, not reloading: protocol, bind, TLS, TCP, ToS, or CoS options.

I have found 2 ways to avoid the above warning. Either remove the “#exec” line at the top of pjsip.conf, or remove “local_net”, “external_media_address” and “external_signaling_address” from transport-tls. (pjsip.conf is pasted below)

The script is needed in our production environment to load configuration-values from our database. But in this recreation of the problem the script only contains a line that prints a comment.

OPTIONS request after reload
<— Transmitting SIP request (452 bytes) to UDP:trunkip:5061 —>
OPTIONS sip:my. trunk. com:5061 SIP/2.0
Via: SIP/2.0/UDP :6060;rport;branch=z9hG4bKPjf67af586-00b9-4262-b08e-32bb98e3b5f
From: sip:static-ip-trunk-46@externip;tag=b92966a2-aabf-409e-83fb-fdc6f59b288
To: <sip:my. trunk. com>
Contact: sip:static-ip-trunk-46@externip:6060
Call-ID: 95ef384c-a0e6-4388-b917-ec01b76d33f
CSeq: 54383 OPTIONS
Max-Forwards: 70
User-Agent: test pbx
Content-Length: 0

pjsip.conf
#exec /usr/local/bin/test-script-perl.pl

[system]
type=system
timer_t1=500

[global]
type=global
endpoint_identifier_order=username,ip,anonymous
user_agent=test pbx

[transport-udp]
type=transport
protocol=udp
bind=0.0.0.0:6060

[transport-tcp]
type=transport
protocol=tcp
bind=0.0.0.0:6060

[transport-tls]
type=transport
protocol=tls
local_net=192.168.0.0/16
external_media_address=
external_signaling_address=
bind=0.0.0.0:6061
cert_file=/etc/pki/tls/certs/20220101.crt
priv_key_file=/etc/pki/tls/private/20220101.key
method=tlsv1_2

[static-ip-trunk-46]
type=endpoint
transport=transport-tls
aors=static-ip-trunk-46
context=trunk-context
disallow=all
allow=alaw
allow=ulaw

[static-ip-trunk-46]
type=aor
contact=sip:my. trunk. com:5061
default_expiration=600
qualify_timeout=2.000
qualify_frequency=20

jcolp · July 27, 2021, 9:09am

Upgrade to 18.5.1, as it is fixed there.

onyb · July 27, 2021, 9:26am

I will upgrade to 18.5.1 then. Thank you!

system · August 26, 2021, 9:26am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.