Only if subnet changes - correlation works

[Shkiperon]

part of heplify-server.toml:

AlegIDs = ["X-CID","P-Charging-Vector,icid-value=\"?(.*?)(?:\"|;|$)","X-BroadWorks-Correlation-Info"]
CustomHeader = ["X-CustomerIP","X-Billing"]
SIPHeader = ["callid","callid_aleg","method","ruri_user","ruri_domain","from_user","from_domain","from_tag","to_user","to_domain","to_tag","via","contact_user"]

Info from hep_proto_1:

Second part of call 1:

{"dstIp": "172.16.XXX.YYY", "srcIp": "172.20.XXX.ZZZ", "dstPort": 5060, "srcPort": 5060, "protocol": 17, "captureId": "1250", "payloadType": 1, "timeSeconds": 1616065790, "timeUseconds": 546352, "correlation_id": "6BOktTxfU2", "protocolFamily": 2}

{"via": "SIP/2.0/UDP 172.20.XXX.ZZZ:5060;branch=z9hG4bK527e3776", "callid": "51fe0f540c112ea8440c8afa6efd2716@172.20.XXX.ZZZ:5060", "method": "INVITE", "to_tag": "", "to_user": "89XXXXXXXXX", "from_tag": "as54a3a2a9", "from_user": "83XXXXXXXXX", "ruri_user": "89XXXXXXXXX", "to_domain": "172.16.XXX.YYY", "callid_aleg": "", "from_domain": "172.20.XXX.ZZZ", "ruri_domain": "172.16.XXX.YYY", "contact_user": "83XXXXXXXXX"}

INVITE sip:89XXXXXXXXX@172.16.XXX.YYY SIP/2.0
Via: SIP/2.0/UDP 172.20.XXX.ZZZ:5060;branch=z9hG4bK527e3776
Max-Forwards: 70
From: "83XXXXXXXXX" <sip:83XXXXXXXXX@172.20.XXX.ZZZ>;tag=as54a3a2a9
To: <sip:89XXXXXXXXX@172.16.XXX.YYY>
Contact: <sip:83XXXXXXXXX@172.20.XXX.ZZZ:5060>
Call-ID: 51fe0f540c112ea8440c8afa6efd2716@172.20.XXX.ZZZ:5060
CSeq: 102 INVITE
User-Agent: cloudpbx
Date: Thu, 18 Mar 2021 11:09:50 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
X-CID: 6BOktTxfU2
Content-Type: application/sdp
Content-Length: 280

v=0
o=root 1394252179 1394252179 IN IP4 172.20.XXX.ZZZ
s=cloudpbx
c=IN IP4 172.20.XXX.ZZZ
t=0 0
m=audio 14330 RTP/AVP 8 0 101
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
a=maxptime:150
a=sendrecv

Second part of call 2:

{"dstIp": "10.0.BBB.CCC", "srcIp": "10.0.BBB.DDD", "dstPort": 5060, "srcPort": 5060, "protocol": 17, "captureId": "1009", "payloadType": 1, "timeSeconds": 1616064867, "timeUseconds": 83659, "correlation_id": "4ae23a6c6a3916b24a64c0914196e313@10.0.BBB.DDD:5060", "protocolFamily": 2}

{"via": "SIP/2.0/UDP 10.0.BBB.DDD:5060;branch=z9hG4bK4a3941a0", "callid": "4ae23a6c6a3916b24a64c0914196e313@10.0.BBB.DDD:5060", "method": "INVITE", "to_tag": "", "to_user": "AAAA%40example.local", "from_tag": "as43290134", "from_user": "AAAB", "ruri_user": "AAAA%40example.local", "to_domain": "10.0.BBB.CCC", "callid_aleg": "", "from_domain": "10.0.BBB.DDD", "ruri_domain": "10.0.BBB.CCC", "contact_user": "AAAB"}

"INVITE sip:AAAA%40example.local@10.0.BBB.CCC:5060 SIP/2.0
Via: SIP/2.0/UDP 10.0.BBB.DDD:5060;branch=z9hG4bK4a3941a0
Max-Forwards: 70
From: "AAAB" <sip:AAAB@10.0.BBB.DDD>;tag=as43290134
To: <sip:AAAA%40example.local@10.0.BBB.CCC:5060>
Contact: <sip:AAAB@10.0.BBB.DDD:5060>
Call-ID: 4ae23a6c6a3916b24a64c0914196e313@10.0.BBB.DDD:5060
CSeq: 102 INVITE
User-Agent: cloudpbx
Date: Thu, 18 Mar 2021 10:54:27 GMT
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE
Supported: replaces, timer
X-CID: 1rSEL7Oge~
Content-Type: application/sdp
Content-Length: 248

v=0
o=root 1216872015 1216872015 IN IP4 10.0.BBB.DDD
s=cloudpbx
c=IN IP4 10.0.BBB.DDD
t=0 0
m=audio 18198 RTP/AVP 8 101
a=rtpmap:8 PCMA/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=ptime:20
a=maxptime:150
a=sendrecv

As you can see in call 1 (which was external call) correlation_id = X-CID header, but in call 2 (which was internal call) correlation_id = callid. Another strange thing - in both cases X-CID isn't defined as callid_aleg (callid_aleg is empty).

I don't understand why heplify-server doesn't get correlation_id from X-CID SIP header in case of internal call. Is it a bug?

[lmangani]

Seems like you completely skipped a proper introduction with description of what you're doing there, your setup, versions, agents and expectations, etc. Agents can inject correlation as well. Assume people on the other side know nothing about your setup.

[Shkiperon]

Hello. Sorry, this is my setup: Asterisk with heplify-agent on one machine + OpenSIPS as mid_registrar with HEP monitoring by OpenSIPS module + two sip-clients that registered on Asterisk through the OpenSIPS server. Asterisk is SIP-gateway to the VoIP provider.

I'm trying to visualize correlation of calls in homer-app. In homer_data database (PostgreSQL) I see some troubles, that makes impossible completion of my task (in some cases correlation_id based on X-CID SIP header, that defined in heplify-server.toml in array AlegIDs, but in other cases correlation_id based on call_id).

[Shkiperon]

172.16.XXX.YYY - external IP of VoIP provider's server on separated VLAN 172.20.XXX.ZZZ - external IP of Asterisk on separated VLAN 10.0.BBB.CCC - internal IP of OpenSIPS 10.0.BBB.DDD - internal IP of Asterisk

[Shkiperon]

Heplif-Server:

# heplify-server -version
VERSION: heplify-server 1.32

On Asterisk server:

# asterisk -rx 'core show version'
Asterisk 13.29.2
# heplify -version
heplify 1.57

On OpenSIPS server:

# opensips -V
version: opensips 3.1.1 (x86_64/linux)

Modules that used in OpenSIPS configuration for HEP monitoring: proto_hep, proto_tcp and tracer (HEP packets sends to heplify-server via UDP transport).

[Shkiperon]

@lmangani you wrote that "Agents can inject correlation as well.". Does it mean that adding X-CID SIP header via dialplan function in Asterisk is wrong way?

[lmangani]

Not necessarily. So which element is producing the faulty correlation here? In either case, could you try adding this parameter to your heplify-server config? ForceALegID to confirm if this is related?

        } else if config.Setting.ForceALegID && h.SIP.XCallID != "" {
        h.CID = h.SIP.XCallID
    }

[Shkiperon]

I added this line:

ForceALegID = true

After making call i checked the database - correlation_id and callid in B-part of call is the same in internal call. If make an external call (from sip client to external number) correlation works fine. So the ForceALegID = true doesn't make any effect to the result in homer_data database.