vicidial.org

Hello,

I have a question on NetBorder installation. I can't seem to get it working. I've been back and forth with Sangoma tech support for the past month and they are telling me that the CPD proxy is not getting any RTP audio packets.

My setup:
Vicidial -> CPD -> Outside Carrier

Sangoma tech support said there could be a NAT problem..So I created an internal SIP server to rule that out.
Vicidial -> CPD -> Internal SIP server

If I point my host back to vicidial (Vicidial -> CPD -> Vicidial) I get RTP audio on the CPD, BUT the call doesn't route correctly as Vicidial is viewing this as an incoming call. I don't think that's how it's supposed to be setup anyways.

Sangoma said my setup files and Vicidial carrier settings are 100% correct. I have made sure that there isn't any firewall blocking RTP on the proxy server, which is running on Windows Server 2003 RC2. Running Netborder 2.0.3.

I have gone to the extent of Wireshark packet captures on vicidial, netborder server and SIP server and everything appears good to Sangoma, except for the fact that the proxy isn't getting RTP audio stream.

1) Has anyone else had this problem? If so, how was it resolved?
2) Would anyone care to take a look at my config files & logs (including up to packet captures on all systems) to double check everything? I did not post it all here as it's very lengthy.

I'd very much like to purchase 100 channels on this, but I can't do that until I know it works. If the troubleshooting support is only available for a charge, I just need a guarantee that it will be resolved as the manufacture did not do that.

Thanks!

Please post your carrier entry from the Vicidial server, the corresponding entry on your internal sip server, and the contents of your call-analyzer-engine.properties file and the cal-analyzer-service.properties files. Also please list the IP addresses for the three servers. I will also need to see a sip trace of an out going phone call. You can either set SIP debuging on for the carrier entry, or use ngrep-sip (should be installed if you used Vicibox for the installation). To do so in Asterisk use this command:

Code: Select all

sip set debug peer PEERNAME

where PEERNAME is the name of the peer. To do so with ngrep-sip you can use either of these:

Code: Select all

ngrep-sip IPADDRESS

Code: Select all

ngrep-sip PHONENUMBER

where IPADDRESS is the IP address of the CPD server and PHONENUMBER is the phone number you are attempting to dial.

Also are you using the Windows or the Linux version of the CPD and have you made certain that the firewall on that server is completely turned off?

Hi Michael,

Thank you for offering your assistance!

Carrier entry:

Code: Select all

[TESTCPD]
host=172.24.98.13
username=paraxip
secret=paraxip
disallow=all
allow=ulaw
type=peer
insecure=very
outboundproxy=172.24.98.86


Internal Asterisk SIP server account entry:

Code: Select all

[paraxip]
;canreinvite=no
type=peer                       ; Friends place calls and receive calls
context=vicidial                ; Context for incoming calls from this user
secret=paraxip
host=dynamic                    ; This peer register with us
dtmfmode=rfc2833                ; Choices are inband, rfc2833, or info
username=paraxip                ; Username to use in INVITE until peer registers
                                ; Normally you do NOT need to set this parameter
disallow=all
allow=ulaw                     ; dtmfmode=inband only works with ulaw or alaw!
;progressinband=no              ; Polycom phones don't work properly with "neve$


call-analyzer-engine.properties:

Code: Select all

# Sangoma Netborder Engine for Call Analyzer configuration file

# Do not use leading zeros in IP address numbers when using dot notation or they
#   will be interpreted as octal numbers
netborder.sip.userAgent.IPAddress=INADDR_ANY:5063/udp

# Primary IP address must be set if multiple IP addresses are available on host
# Do not use leading zeros in numbers or they will be interpreted as octal numbers
netborder.net.primaryIPAddress=172.24.98.86

netborder.cpa.runtime.model.country=usa

# Adjust to the number of logical CPUs on the system minus 1
# For a Dual core processor this should be equal to 1
netborder.cpa.runtime.numThreads=3

# Which port range to use for RTP & RTCP transport (should be greater than
# twice the number of maximum simultaneous calls allowed).
netborder.media.rtp.udpPortRange=19000:22000

# recorder settings
netborder.cpa.runtime.recordAudio=true
netborder.recorder.outputDirectory=logs/call-logs
netborder.recorder.outputDirectory.dateTime=true

# Set to true to use a=sendrecv in initial SDP offer instead of default a=recvonly
netborder.cpa.runtime.sendrecvSDPOffer=false

# Ordered list of codecs that will be offered for the first phase of the call (where Answering machine detection is performed)
#
# Only the two variants of G.711 (mu-law: "ulaw" and A-law: "alaw") are supported, so the valid combinations are:
#
# ulaw,alaw (Default)
# alaw,ulaw
# ulaw
# alaw
#
netborder.rtp.encodingList=ulaw,alaw


################################################################################
# Internal parameters

netborder.LicenseFile=config/call-analyzer-license.txt

netborder.cpa.package.filename=data/cpa-package.dat

netborder.media.toneDB.dir=data/tone-db
netborder.media.toneDB.schemaFile=tone-set.rng

 

# Deactivate CPU monitoring
netborder.system.cpu.monitor.monitoringPeriodInMs=0

# Use the pychecker module to check for Python errors (messages output to stdout)
netborder.python.useChecker=false

# NetBorder application class
netborder.sip.ua.python.appClass=cpa.Engine

# Name of the media engine to use
netborder.sip.mediaLibName=netborder-cpa

# Use to generate a dump file if the program crashed
netborder.infra.coreDump.writeOnCrash=true
netborder.infra.coreDump.writeOnCrash.path=logs/call-analyzer-engine.dmp

# Shutdown
netborder.killTimeoutSec=40
netborder.exitTimeoutSec=45

# END - Internal parameters
################################################################################



call-analyzer-service.properties:

Code: Select all

# Paraxip Netborder Call Analyzer Service configuration file

# Do not use leading zeros in IP address numbers when using dot notation or
# they will be interpreted as octal numbers
netborder.sip.userAgent.IPAddress=INADDR_ANY:5060/udp

# Primary IP address must be set if multiple IP addresses are available on host
# Do not use leading zeros in numbers or they will be interpreted as octal numbers
netborder.net.primaryIPAddress=172.24.98.86

# NetBorder application class
# Call Analysis performed on callee when cpd=on present in request URL
# Possible values:
#   cpa.CallAnalyzerAsOutboundProxy
#   cpa.CallAnalyzerGenesysOCS
netborder.sip.ua.python.appClass=cpa.CallAnalyzerAsOutboundProxy



################################################################################
# Internal parameters

# Port used for Web Service OAM interface
netborder.oam.webServicePort=18082

# Deactivate CPU monitoring
netborder.system.cpu.monitor.monitoringPeriodInMs=0

# Use the pychecker module to check for Python errors (messages output to stdout)
netborder.python.useChecker=false

# Use to generate a dump file if the program crashed
netborder.infra.coreDump.writeOnCrash=true
netborder.infra.coreDump.writeOnCrash.path=logs/call-analyzer.dmp

# Shutdown
netborder.killTimeoutSec=40
netborder.exitTimeoutSec=45

# END - Internal parameters
################################################################################



IP address:
172.24.98.84 - Vicidial Asterisk
172.24.98.13 - Internal SIP server
172.24.98.86 - Netborder

SIP trace:

Code: Select all

vici-ast1:~ # ngrep-sip 6269171754
interface: any
filter: (ip) and ( port 5060 )
match: 6269171754
#####################################################################################################
U 2013/03/20 14:04:02.636885 172.24.98.84:5060 -> 172.24.98.86:5060
INVITE sip:991116269171754@172.24.98.13;cpd=on SIP/2.0
Via: SIP/2.0/UDP 172.24.98.84:5060;branch=z9hG4bK3bbd0d01;rport
From: "V3201404020000168264" <sip:9999999999@172.24.98.84>;tag=as037d77e7
To: <sip:991116269171754@172.24.98.13;cpd=on>
Contact: <sip:9999999999@172.24.98.84>
Call-ID: 6f27b4bd2787e2dc49b817900bbe8710@172.24.98.84
CSeq: 102 INVITE
User-Agent: Asterisk PBX
Max-Forwards: 70
Remote-Party-ID: "V3201404020000168264" <sip:9999999999@172.24.98.84>;privacy=off;screen=no
Date: Wed, 20 Mar 2013 19:04:02 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO
Supported: replaces
Content-Type: application/sdp
Content-Length: 211

v=0
o=root 1893 1893 IN IP4 172.24.98.84
s=session
c=IN IP4 172.24.98.84
t=0 0
m=audio 19198 RTP/AVP 0 101
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
a=sendrecv

#
U 2013/03/20 14:04:02.726119 172.24.98.86:5060 -> 172.24.98.84:5060
SIP/2.0 100 Trying
Via: SIP/2.0/UDP 172.24.98.84:5060;branch=z9hG4bK3bbd0d01;rport=5060
To: <sip:991116269171754@172.24.98.13;cpd=on>
From: "V3201404020000168264" <sip:9999999999@172.24.98.84>;tag=as037d77e7
Call-ID: 6f27b4bd2787e2dc49b817900bbe8710@172.24.98.84
CSeq: 102 INVITE
Content-Length: 0


###############
U 2013/03/20 14:04:05.975359 172.24.98.86:5060 -> 172.24.98.84:5060
SIP/2.0 183 Session Progress
Via: SIP/2.0/UDP 172.24.98.84:5060;branch=z9hG4bK3bbd0d01;rport=5060
Contact: <sip:NetBorder@172.24.98.86:5060>
To: <sip:991116269171754@172.24.98.13;cpd=on>;tag=b5569369
From: "V3201404020000168264"<sip:9999999999@172.24.98.84>;tag=as037d77e7
Call-ID: 6f27b4bd2787e2dc49b817900bbe8710@172.24.98.84
CSeq: 102 INVITE
Content-Length: 0


####################################################################################################
U 2013/03/20 14:04:50.975862 172.24.98.86:5060 -> 172.24.98.84:5060
SIP/2.0 408 Request Timeout
Via: SIP/2.0/UDP 172.24.98.84:5060;branch=z9hG4bK3bbd0d01;rport=5060
To: <sip:991116269171754@172.24.98.13;cpd=on>;tag=b5569369
From: "V3201404020000168264"<sip:9999999999@172.24.98.84>;tag=as037d77e7
Call-ID: 6f27b4bd2787e2dc49b817900bbe8710@172.24.98.84
CSeq: 102 INVITE
Content-Length: 0
CPD-Result: No-Answer
X-Netborder-Detailed-CPD-Result-v2-0: No-Answer
X-Netborder-Call-ID: 1363806242-312500-20924-68


#
U 2013/03/20 14:04:50.976270 172.24.98.84:5060 -> 172.24.98.86:5060
ACK sip:991116269171754@172.24.98.13;cpd=on SIP/2.0
Via: SIP/2.0/UDP 172.24.98.84:5060;branch=z9hG4bK3bbd0d01;rport
From: "V3201404020000168264" <sip:9999999999@172.24.98.84>;tag=as037d77e7
To: <sip:991116269171754@172.24.98.13;cpd=on>;tag=b5569369
Contact: <sip:9999999999@172.24.98.84>
Call-ID: 6f27b4bd2787e2dc49b817900bbe8710@172.24.98.84
CSeq: 102 ACK
User-Agent: Asterisk PBX
Max-Forwards: 70
Remote-Party-ID: "V3201404020000168264" <sip:9999999999@172.24.98.84>;privacy=off;screen=no
Content-Length: 0


Netborder is on Windows 2003 R2 and firewall is completely disabled.

I have tried to use our outside carrier's IP as the host with the same results. The number in the above example is a known disconnected number. I keep getting CPDNA as a status. I can manually connect (with soft sip phone) to both my provider or internal SIP server (with same credentials as above) and place an outbound call without issue. If I load my cell phone into calling, my cell phone does ring through the Netborder setup. The weird part is that it rings, I pick up and I get immediately disconnected. It then rings again (on the same vicidial record) and I can pick up and call pops on agent screen with full communication, but there still is no RTP getting to the CPD.

Thanks!!

And you are sure there is no firewall interfering at any stage of this call?

Hi William,

SIP Server: No firewall. IP tables clear.

Vicidial Asterisk: Firewall enabled by selecting the option to enable firewall during Vicibox install. All non-Neborder campaigns work fine connecting directly to carrier.

Just now, as a test, I disabled the firewall (which cleared IP tables) and the call result was the same. However, this is what IP tables look like from the vicibox install:

IPTABLES:

Code: Select all

vici-ast1:~ # iptables --list
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere             ctstate ESTABLISHED
ACCEPT     icmp --  anywhere             anywhere             ctstate RELATED
input_ext  all  --  anywhere             anywhere
LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-IN-ILL-TARGET "
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
LOG        all  --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-FWD-ILL-ROUTING "

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain forward_ext (0 references)
target     prot opt source               destination

Chain input_ext (1 references)
target     prot opt source               destination
DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast
ACCEPT     icmp --  anywhere             anywhere             icmp source-quench
ACCEPT     icmp --  anywhere             anywhere             icmp echo-request
reject_func  tcp  --  anywhere             anywhere             tcp dpt:ident ctstate NEW
LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp dpt:httpflags: FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-ACC-TCP "
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp dpt:httpflags: FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-ACC-TCP "
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:http
LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp dpt:httpsflags: FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-ACC-TCP "
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:https
LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcp dpt:sshflags: FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-ACC-TCP "
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:ssh
ACCEPT     udp  --  anywhere             anywhere             udp dpt:iax
ACCEPT     udp  --  anywhere             anywhere             udp dpt:sip
ACCEPT     udp  --  anywhere             anywhere             udp dpts:ndmp:dnp
ACCEPT     udp  --  anywhere             anywhere             udp dpt:http
ACCEPT     udp  --  anywhere             anywhere             udp dpt:https
DROP       all  --  anywhere             anywhere             PKTTYPE = multicast
DROP       all  --  anywhere             anywhere             PKTTYPE = broadcast
LOG        tcp  --  anywhere             anywhere             limit: avg 3/min burst 5 tcpflags: FIN,SYN,RST,ACK/SYN LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
LOG        icmp --  anywhere             anywhere             limit: avg 3/min burst 5 LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
LOG        udp  --  anywhere             anywhere             limit: avg 3/min burst 5 ctstate NEW LOG level warning tcp-options ip-options prefix "SFW2-INext-DROP-DEFLT "
DROP       all  --  anywhere             anywhere

Chain reject_func (1 references)
target     prot opt source               destination
REJECT     tcp  --  anywhere             anywhere             reject-with tcp-reset
REJECT     udp  --  anywhere             anywhere             reject-with icmp-port-unreachable
REJECT     all  --  anywhere             anywhere             reject-with icmp-proto-unreachable


Netborder CPD: Firewall off. See picture:


Thanks!!

I remember having a similar issue when i first installed both. It turned out that the RTP port used by asterisk, CPA and my carrier (in that case another asterisk box I had setup to use PRIs with CPA) were not all the same. Make sure that your asterisk box, your carrier and CPA all have the same RTP port settings.

And at that point wireshark or a derivative is helpful, plus logs from asterisk and netborder to see who drops the ball.

I just wanted to drop a quick note to let you know I finally figured this out.

My carrier was actually relaying RTP from another source (issuing a reinvite).

My final setup:

Vicidial <-> CPA <--Reinvites-> Internal SIP server <--Reinvites--> NAT w/ 5060 & 10000-20000 UPD forwarded to the Internal SIP server <-> Outside carrier and their relay host (which is the one that was sending RTP).

SIP seems to get tricky when you have NAT involved. It seems the only way to solve the issue was to get that internal SIP server setup correctly.

Thanks for your help.

Excellent postback. It would be brilliant if you posted the changes you made "to get that internal SIP server setup correctly."