colima icon indicating copy to clipboard operation
colima copied to clipboard

Published 20 hours ago verified publisher icon abiosoft

UDP packets on port 5060 not reaching container with LIMA_SSH_PORT_FORWARDER=false

Open yvanitou-amical opened this issue 8 months ago • 2 comments

Description

I’m trying to use SIP (UDP port 5060) inside a container running in Colima on macOS.
Despite setting LIMA_SSH_PORT_FORWARDER=false to enable the gRPC port forwarder (which should support UDP), packets on port 5060 are never received inside the container.

This makes SIP registration and traffic impossible.

Confirmed with tcpdump: the packets arrive on the host interface, but do not reach the container.

Version

colima version 0.8.1 git commit: 96598cc5b64e5e9e1e64891642b91edc8ac49d16 limactl version 1.0.7

Operating System

  • [ ] macOS Intel <= 13 (Ventura)
  • [ ] macOS Intel >= 14 (Sonoma)
  • [ ] Apple Silicon <= 13 (Ventura)
  • [x] Apple Silicon >= 14 (Sonoma)
  • [ ] Linux

Output of colima status

{ "display_name": "colima", "driver": "macOS Virtualization.Framework", "arch": "aarch64", "runtime": "docker", "mount_type": "sshfs", "ip_address": "", "docker_socket": "unix:///Users/yvanitou/.colima/default/docker.sock", "kubernetes": false, "cpu": 2, "memory": 2147483648, "disk": 107374182400 }

Reproduction Steps

  1. Delete existing Colima VM: colima delete
  2. Start Colima with gRPC port forwarder:
    LIMA_SSH_PORT_FORWARDER=false colima start
  3. Run a SIP server exposing UDP port 5060 (e.g., Asterisk or Kamailio)
  4. Send a SIP REGISTER packet from another device to host_ip:5060
  5. Use tcpdump to observe traffic in container → no packet received

Expected behaviour

UDP packets on port 5060 should be forwarded correctly to the container when using the gRPC port forwarder (LIMA_SSH_PORT_FORWARDER=false), enabling SIP registration and communication.

Additional context

Confirmed on host with:

$ sudo tcpdump -i any -n udp port 5060

19:12:38.792776 IP 10.0.0.163.26767 > 10.0.0.244.5060: SIP: REGISTER sip:10.0.0.244 SIP/2.0
19:12:42.740312 IP 10.0.0.163.26767 > 10.0.0.244.5060: SIP: REGISTER sip:10.0.0.244 SIP/2.0

→ Packets are visible on the host, but not in the container.

Container started with: docker run -d --network=host my-sip-image

Also tested with --network=bridge, no difference.

macOS 15.3.2 (Sequoia), Apple Silicon (arm64).

yvanitou-amical avatar Mar 25 '25 23:03 yvanitou-amical

I am suffering from this same issue, albeit not with port 5060 exactly. It seems that colima still does not support UDP port forwarding, even though that lima flag should enable it. You can verify this is the case by setting up a container with a single UDP port forwarded and trying to use netcat to send and receive UDP messages on that port.

I have found that UDP packets are received through the VM's IP address, however, so that might enable a workaround.

jadebenn avatar Mar 29 '25 16:03 jadebenn

Looks like this line has to be removed

https://github.com/abiosoft/colima/blob/9d0de69a37f437e75110b7a85c4c9012f4fa99c1/environment/vm/lima/lima.go#L35

AkihiroSuda avatar Apr 30 '25 23:04 AkihiroSuda