[Home]

Summary:ASTERISK-02323: [not an asterisk bug] Malformed 401 Message from SER with bindaddr=0.0.0.0 and asterisk coneccted to two local networks
Reporter:Sergio Serrano (srsergio)Labels:
Date Opened:2004-09-02 09:25:57Date Closed:2011-06-07 14:04:52
Priority:MajorRegression?No
Status:Closed/CompleteComponents:Core/General
Versions:Frequency of
Occurrence
Related
Issues:
Environment:Attachments:
Description:If you have asterisk connected to two local networks(192.168.20.0 and 172.28.240.12) and you put general parameter bindaddr to 0.0.0.0 you receives a malformed 401 Unauthorized message from SIP Provider.

****** ADDITIONAL INFORMATION ******

I have ADSL router in 192.168.20.0 network and If I put binaddr=192.168.20.10, I can't register SIP clients in 172.28.240.0 network, but I can register with SIP Provider. If I put bindaddr=0.0.0.0 I can register SIP clients in 172.28.240.0 network but I can't register asterisk in SIP Provider because I obtain next 401 Message:

Session Initiation Protocol
Status line: SIP/2.0 401 Unauthorized
 Message Header
 Via: SIP/2.0/UDP 192.168.20.10:5060;branch=z9hG4bK72806c74
 From: <sip:3400001792@voztele.com>;tag=as4353d0cd
 To: <sip:3400001792@voztele.com>;tag=84448f3c7053227cca70775302748de3.3c5f
 Call-ID: 333ab105721da3172443a8582d1d5ae9@192.168.20.10eq: 102 REGISTER
 WWW-Authenticate: Digest realm="voztele.com", nonce="4135bac578da90c10dae8b2bc4dc3fb33baa15a0"
 Server: Sip EXpress router (0.8.12-tcp_nonb (i386/linux))
       Content-Length: 0

when I put bindaddr=192.168.20.10 I obtain 401 Message:

Session Initiation Protocol
Status line: SIP/2.0 401 Unauthorized
 Message Header
 Via: SIP/2.0/UDP 192.168.20.10:5060;branch=z9hG4bK72806c74
 From: <sip:3400001792@voztele.com>;tag=as4353d0cd
 To: <sip:3400001792@voztele.com>;tag=84448f3c7053227cca70775302748de3.3c5f
 Call-ID: 333ab105721da3172443a8582d1d5ae9@192.168.20.10
 CSeq: 102 REGISTER
 WWW-Authenticate: Digest realm="voztele.com", nonce="4135bac578da90c10dae8b2bc4dc3fb33baa15a0"
 Server: Sip EXpress router (0.8.12-tcp_nonb (i386/linux))
       Content-Length: 0

and then I resend a REGISTER command with authoritation parameters.

The problem is when I put bindaddr=0.0.0.0 I received malformed packet.
Comments:By: Mark Spencer (markster) 2004-09-02 09:30:20

Can you explain to me how a malformed response from the other side constitutes an Asterisk bug?
By: Sergio Serrano (srsergio) 2004-09-02 09:39:50

In the other side 401 Message is OK. And If I put bindaddr=192.168.20.10 Asterisk read an OK message , but If you change bindaddr to 0.0.0.0, then asterisk read malformed message. I think that problem is in asterisk. Don't think so?
By: Mark Spencer (markster) 2004-09-02 10:04:31

Perhaps I'm misunderstanding what's going on.

If you have Asterisk set to bindaddr=0.0.0.0, is the message itself (e.g. according to ethereal) invalid or is Asterisk reading the message and dropping the CSeq as appears to be the case in your above example?  I'm finding it extremely hard to believe that Asterisk would drop one header out of the packet coming back...
By: Sergio Serrano (srsergio) 2004-09-02 10:22:54

Sorry, with next configuration

[general]
port=5060
context=default
bindaddr=192.168.20.10
srvlookup=yes
pedantic=no
tos=lowdelay
maxexpirey=3600
realm=mediabit
defaultexpirey=1200
notifymimetype=text
disallow=all
allow=alaw
localnet=172.28.240.0/255.255.240.0
localnet=192.168.20.0/255.255.255.0



register=>3400001792:XXXXX@voztele.com

[3400001792]
type=peer
username=3400001792
fromuser=3400001792
fromdomain=voztele.com
host=voztele.com
auth=plaintext
secret=XXXXX
nat=no
canreinvite=no
reinvite=no
dtmfmode=rfc2833
context=default

I obtain next 401 Message:


Frame 44 (508 on wire, 508 captured)
   Arrival Time: Sep  2, 2004 17:13:50.417067000
   Time delta from previous packet: 0.049320000 seconds
   Time relative to first packet: 3.054150000 seconds
   Frame Number: 44
   Packet Length: 508 bytes
   Capture Length: 508 bytes
Ethernet II
   Destination: 00:02:44:7f:d4:f0 (SURECOM_7f:d4:f0)
   Source: 00:a0:c5:6a:05:a6 (ZYXEL_6a:05:a6)
   Type: IP (0x0800)
Internet Protocol, Src Addr: proxy.voztele.com (193.22.119.20), Dst Addr: CAC-Av7 (192.168.20.10)
   Version: 4
   Header length: 20 bytes
   Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)    
       0000 00.. = Differentiated Services Codepoint: Default (0x00)
       .... ..0. = ECN-Capable Transport (ECT): 0
       .... ...0 = ECN-CE: 0
   Total Length: 494
   Identification: 0x0000
   Flags: 0x04
       .1.. = Don't fragment: Set
       ..0. = More fragments: Not set
   Fragment offset: 0
   Time to live: 49
   Protocol: UDP (0x11)
   Header checksum: 0x3b22 (correct)
   Source: proxy.voztele.com (193.22.119.20)
   Destination: CAC-Av7 (192.168.20.10)      
User Datagram Protocol, Src Port: 5060 (5060), Dst Port: 5060 (5060)
   Source port: 5060 (5060)
   Destination port: 5060 (5060)
   Length: 474
   Checksum: 0x991c (correct)      
Session Initiation Protocol        
   Status line: SIP/2.0 401 Unauthorized
   Message Header              
       Via: SIP/2.0/UDP 192.168.20.10:5060;branch=z9hG4bK51d23c6d
       From: <sip:3400001792@voztele.com>;tag=as59bb1ed7
       To: <sip:3400001792@voztele.com>;tag=84448f3c7053227cca70775302748de3.a518
       Call-ID: 17f6b4db2cffcd1f758028ab584b8501@192.168.20.10
       CSeq: 102 REGISTER    
       WWW-Authenticate: Digest realm="voztele.com", nonce="41373a0547e54f68f34ec59ff48344296391ee99"
       Server: Sip EXpress router (0.8.12-tcp_nonb (i386/linux))
       Content-Length: 0


and with sip show registry I obtain:

CAC-Av7*CLI> sip show registry
Host                            Username       Refresh State              
voztele.com:5060                3400001792        1185 Registered          


With next configuration:

[general]
port=5060
context=default
bindaddr=0.0.0.0
srvlookup=yes
pedantic=no
tos=lowdelay
maxexpirey=3600
realm=mediabit
defaultexpirey=1200
notifymimetype=text
disallow=all
allow=alaw
localnet=172.28.240.0/255.255.240.0
localnet=192.168.20.0/255.255.255.0



register=>3400001792:XXXXX@voztele.com

[3400001792]
type=peer
username=3400001792
fromuser=3400001792
fromdomain=voztele.com
host=voztele.com
auth=plaintext
secret=XXXXX
nat=no
canreinvite=no
reinvite=no
dtmfmode=rfc2833
context=default

I obtain next 401 Message:

Frame 23 (504 on wire, 504 captured)
   Arrival Time: Sep  2, 2004 17:18:51.614440000
   Time delta from previous packet: 0.093153000 seconds
   Time relative to first packet: 4.284996000 seconds
   Frame Number: 23
   Packet Length: 504 bytes
   Capture Length: 504 bytes
Ethernet II
   Destination: 00:02:44:7f:d4:f0 (CAC-Av7)          
   Source: 00:a0:c5:6a:05:a6 (ZYXEL_6a:05:a6)
   Type: IP (0x0800)
Internet Protocol, Src Addr: proxy.voztele.com (193.22.119.20), Dst Addr: CAC-Av7 (192.168.20.10)
   Version: 4
   Header length: 20 bytes
   Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
       0000 00.. = Differentiated Services Codepoint: Default (0x00)
       .... ..0. = ECN-Capable Transport (ECT): 0
       .... ...0 = ECN-CE: 0
   Total Length: 490
   Identification: 0x0000
   Flags: 0x04
       .1.. = Don't fragment: Set    
       ..0. = More fragments: Not set
   Fragment offset: 0
   Time to live: 49
   Protocol: UDP (0x11)
   Header checksum: 0x3b26 (correct)
   Source: proxy.voztele.com (193.22.119.20)
   Destination: CAC-Av7 (192.168.20.10)    
User Datagram Protocol, Src Port: 5060 (5060), Dst Port: 5060 (5060)
   Source port: 5060 (5060)
   Destination port: 5060 (5060)
   Length: 470
   Checksum: 0xa881 (correct)
Session Initiation Protocol
   Status line: SIP/2.0 401 Unauthorized
   Message Header
       Via: SIP/2.0/UDP 192.168.20.10:5060;branch=z9hG4bK209c11e3
       From: <sip:3400001792@voztele.com>;tag=as1e6569a3
       To: <sip:3400001792@voztele.com>;tag=84448f3c7053227cca70775302748de3.1995
       Call-ID: 2614f7e161718881392cc0f81a391897@192.168.20.10eq: 102 REGISTER
       WWW-Authenticate: Digest realm="voztele.com", nonce="41373b32c046ec16e8c546f6aa976f1621a631f9"
       Server: Sip EXpress router (0.8.12-tcp_nonb (i386/linux))
       Content-Length: 0


and sip show registry shows the next:

CAC-Av7*CLI> sip show registry
Host                            Username       Refresh State              
voztele.com:5060                3400001792        1200 Request Sent

and at last shows:
Host                            Username       Refresh State              
voztele.com:5060                3400001792        1200 Unregistered


I hope this explain any more the problem.
By: Mark Spencer (markster) 2004-09-02 14:43:56

Okay, so as I suspected, *on the wire* the answer is coming back without a CSeq and is thus invalid.  

Regardless of what we might be able to do with Asterisk to mitigate the problem, *clearly* this violates SIP spec, and the invalid message is definitely a result of the other end.
By: Sergio Serrano (srsergio) 2004-09-02 18:14:10

Hi, if you see CSeq is in previous line
Call-ID: 2614f7e161718881392cc0f81a391897@192.168.20.10eq: 102 REGISTER

My question is why it is possible? What differences are between bindaddr=0.0.0.0 and bindaddr=192.168.20.10?
I don't understand why all is OK with bindaddr=192.168.20.10 adn not with bindaddr=0.0.0.0


regards
By: Mark Spencer (markster) 2004-09-02 18:50:04

The difference on the wire would likely be the source address (see bug ASTERISK-2322358) but that doesn't excuse the response coming back corrupted from the other end.  Is it possible this is some sort of NAT issue?
By: Mark Spencer (markster) 2004-09-03 20:28:24

I can't see any way in which this bug could be an Asterisk bug, however it is probably valuable to add a link to bug ASTERISK-2326 since presumably it would work around your problem.