31 Mar
2008
31 Mar
'08
8:02 a.m.
Hi Mike!
Dealing with SIP ALGs is really PITA. Currently I do not use any NAT
tests at all but always do NAT traversal (except I know for sure that
the client is asymmetric).
Another useful approach is to open another socket on the SIP proxy with
non-standard port, as most SIP ALGs trigger on port 5060.
regards
klaus
Mike Fedyk schrieb:
Hi,
Some of our customers have been connecting behind NAT routers that mangle
the sip headers but don't keep the ports open. I've added checks on the
source port to catch this case. Has anyone done something similar or
better? It'd be nice if this could be added as a flag to nat_uac_test() if
it is a common test and there isn't already a better way.
Here is the code I've used to handle my registers. I need to do more
testing once I can get some of these routers in my lab to see how this
affects call processing, not just registering.
Mike
if (!search("^Contact:\ +\*") && nat_uac_test("7"))
{
xlog("L_INFO", "M=$rm RURI=$ru F=$fu IP=$si:$sp CS=$cs
route2: matched nat_uac_test7\n");
xlog("L_NOTICE", "M=$rm RURI=$ru F=$fu IP=$si:$sp CS=$cs
route2: setbflag(6)\n");
setbflag(6);
xlog("L_NOTICE", "M=$rm RURI=$ru F=$fu IP=$si:$sp CS=$cs
route2: fix_natted_register()\n");
fix_nated_register();
#xlog("L_INFO", "M=$rm RURI=$ru F=$fu IP=$si:$sp CS=$cs
route2: force_rport()\n");
#force_rport();
};
#Some NAT devices modify SIP headers to but do not keep the port
mappings open, also some UAs detect report the
#public IP address. In both cases we need nat ping. Exceptions for
default ports. These ports if used as
#source ports can be assumed to be at the very least port forwarded.
if (!isbflagset(6) && $sp != '5060' && $sp != '5061')
{
xlog("L_NOTICE", "M=$rm RURI=$ru F=$fu IP=$si:$sp CS=$cs
route2: matched !isbflagset(6) && ($sp != '5060' && $sp !=
'5061')\n");
setbflag(6);
};
_______________________________________________
Users mailing list
Users(a)lists.openser.org
http://lists.openser.org/cgi-bin/mailman/listinfo/users