Wrong source port (udp) while on host network

Expected behavior

Outgoing port is the same as the selected by the application

Actual behavior

Docker seems to select a random source port ignoring the network-host setting.

Additional Information

Steps to reproduce the behavior

  1. Install kamailio
  2. Receive an INVITE on one port and forward it on a different port.

The actual port going out is NOT the one selected by the application.

I don’t really know anything about kamailio, but you shared very little information to help you. At the moment it seems to me you have a problem with a software that uses Docker. Mabe it should be asked on a Kamailio support channel: https://www.kamailio.org/w/support/

Thanks for replying @rimelek !

Kamailio is a sip proxy. The pod is running in hostNetwork: true mod:

  containers:
  - image: myimage
    imagePullPolicy: Always
    name: sip-proxy
    resources: {}
    securityContext:
      privileged: true
    terminationMessagePath: /dev/termination-log
    terminationMessagePolicy: File
    volumeMounts:
    - mountPath: /var/run/secrets/kubernetes.io/serviceaccount
      name: kube-api-access-84tdr
      readOnly: true
  dnsPolicy: ClusterFirstWithHostNet
  enableServiceLinks: true
  hostNetwork: true
  imagePullSecrets:
  - name: regcred
  nodeName: ip-10-1-2-36.ec2.internal
  nodeSelector:
    application: proxy
  preemptionPolicy: PreemptLowerPriority
  priority: 0
  restartPolicy: Always
  schedulerName: default-scheduler
  securityContext: {}
  serviceAccount: default
  serviceAccountName: default
  terminationGracePeriodSeconds: 30

I’m positive is selecting the socket properly, is there any setting in the network/container side regarding using random on outbound? BTW the image does NOT exposes the 5160 port, but i understand that doesn’t matter if i’m running it in hostNetwork mode?

Thanks again!

The code you shared seems to be a Kubernetes manifest. This is a Docker community support forum. Container images have standard format so you can download an image from Docker Hub and run it in Kubernetes, but that is still Kubernetes which has its own forum.

Regardless of what you use, host network means there is no network isolation so whatever listens in the container it will listen directly on the host’s IP addresses on a port and protocol that the application in the container is configured to use.

Hello,

Yes that’s correct, it’s kubernetes, I’ll ask there.

But yeah it should be using the interface with no isolation…

Thanks

David