If the UAs are sitting behind the same NAT then the nathelper module may help you (but that is not the intention of the module). But you should give up the idea to use the external RTP proxy IMHO. It simply does not make much sence to route the traffic of the two UAs through the internet when the can talk to each other directly in the same LAN (i mean only the RTP part not the signaling part).
Regards Nils
On Monday 02 February 2004 02:44, Eric C. Snowdeal III wrote:
i've been getting my sea legs with SER and am having trouble getting rtpproxy to nathelper to work correctly with my setup. since everything works fine if i test the scenario with a freeworld dialup account, i'm assuming that my problems are solely due to the vastness of my ignorance on how to configure SER correctly.
i have three x-lite clients [ one is running on windows 2000 not sure of the build number, but it's the latest download from the website; the other two clients are both build 1101 on mac 10.2.3. SER running on a rh9 box on a public IP with rtpproxy. i installed ser-0.8.12-0.i386.rpm which i downloaded from the ftp server. the x-lite clients are sitting behind a linksys befw11s4 nat router.
i can run SER without nathelper/rtpproxy and make and receive calls to clients outside the my network. however, things fall apart quickly when i try to run more than one client behind the nat [ lost audio, timeouts etc] which i presume is what nathelper is supposed to deal with. if try to run to use nathelper, i can't make a call from a one client to another client behind the lan. the calls won't go through - they simply timeout.
i downloaded and compiled rtpproxy which i obtained from the portaone website and simply started it from the command line. i can't figure out how to get any debugging messages from rtpproxy, but i can see that the process exists and /var/run/rtpproxy.sock is created.
i altered ser.cfg using the template i found in the ser-0.8.12_src tarball [ /modules/nathelper/nathelper.cfg ]. see my config below [1]. i understand that things have changed quite a bit in the CVS head, but i tried to compile and install the latest CVS version, but i ran into a host of config errors using the nathelper.cfg supplied, so i decided to backtrack, gather my wits, and stick with the released version.
the x-lite clients appear to register appropriately with the server [2 - public ip addresses have been changed to protect the innocent]. to my untrained eye, these messages look the same as what i see when i test things using freeworld dialup accounts and i can make a call to another client on the same lan segment - i.e. the internal IP addresses are being sent. the location database also shows that the internal IP addresses are being used [3], but i don't know if this is what i want or not. oh. i'm also using my.public.box - a FQDN - as in the x-lite fields where it asks for "Domain/Realm", "SIP Proxy" and "Out Bound Proxy".
so anyone care to grab me by the lapels and point out what i'm obviously doing wrong :-)
[1] # # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $ # # simple quick-start config script #
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd) #fork=yes #log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode debug=7 fork=no log_stderror=yes */
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) rev_dns=no # (cmd. line: -R) #port=5060 #children=4 fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database #loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/nathelper.so"
loadmodule "/usr/lib/ser/modules/sl.so" loadmodule "/usr/lib/ser/modules/tm.so" loadmodule "/usr/lib/ser/modules/rr.so" loadmodule "/usr/lib/ser/modules/maxfwd.so" loadmodule "/usr/lib/ser/modules/usrloc.so" loadmodule "/usr/lib/ser/modules/registrar.so"
# Uncomment this if you want digest authentication # mysql.so must be loaded ! #loadmodule "/usr/lib/ser/modules/auth.so" #loadmodule "/usr/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database # for persistent storage and comment the previous line #modparam("usrloc", "db_mode", 2)
# -- auth params -- # Uncomment if you are using auth module # #modparam("auth_db", "calculate_ha1", yes) # # If you set "calculate_ha1" parameter to yes (which true in this config), # uncomment also the following parameter) # #modparam("auth_db", "password_column", "password")
# -- rr params -- # add value to ;lr param to make some broken UAs happy modparam("rr", "enable_full_lr", 1)
alias="my.public.box"
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); break; }; if ( msg:len > max_len ) { sl_send_reply("513", "Message too big"); break; }; # compulsory processing of Route header fields and adding RR loose_route(); /* registration (uses rewritten contacts) */ if (method=="REGISTER") { save("location"); break; }; if (method=="INVITE") { record_route(); if (isflagset(1)) { # ATA ? fix_nated_sdp("3"); }; /* set up reply processing */ t_on_reply("1"); }; if (method == "INVITE" || method == "CANCEL") { if (!lookup("location")) { sl_send_reply("404", "Not Found"); break; }; }; /* set up reply processing and forward statefuly */ t_relay();}
# all incoming replies for t_onrepli-ed transactions enter here onreply_route[1] { if (status=~"2[0-9][0-9]") fix_nated_contact(); fix_nated_sdp("3"); }
[2]
Established SIP protocol listen on: 192.168.1.100:5060
Discovered Restricted Cone NAT Firewall
SIP: 192.168.1.100:5060 RTP: 192.168.1.100:8000 NAT: my.router.public.ip
PROXY#0: ser.public.ip:5060
OUTBOUND-PROXY#0: ser.public.ip:5060
SEND >> ser.public.ip:5060 REGISTER sip:my.public.box SIP/2.0 Via: SIP/2.0/UDP 192.168.1.100:5060;rport;branch=z9hG4bK9DF27D98551C11D882E3000393B930BA From: snowdeal sip:123@my.public.box To: snowdeal sip:123@my.public.box Contact: "snowdeal" sip:123@192.168.1.100:5060 Call-ID: 9DA51D06551C11D882E3000393B930BA@my.public.box CSeq: 56648 REGISTER Expires: 1800 Max-Forwards: 70 User-Agent: X-Lite build 1101 Content-Length: 0
RECEIVE << ser.public.ip:5060 SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.100:5060;rport=5060;branch=z9hG4bK9DF27D98551C11D882E3000393B930B A;received=my.router.public.ip From: snowdeal sip:123@my.public.box To: snowdeal sip:123@my.public.box;tag=b27e1a1d33761e85846fc98f5f3a7e58.3894 Call-ID: 9DA51D06551C11D882E3000393B930BA@my.public.box CSeq: 56648 REGISTER Contact: sip:123@192.168.1.100:5060;q=0.00;expires=1800 Server: Sip EXpress router (0.8.12 (i386/linux)) Content-Length: 0 Warning: 392 ser.public.ip:5060 "Noisy feedback tells: pid=21653 req_src_ip=my.router.public.ip req_src_port=5060 in_uri=sip:my.public.box out_uri=sip:my.public.box via_cnt==1"
Established SIP protocol listen on: 192.168.1.101:5060
Discovered Restricted Cone NAT Firewall
SIP: 192.168.1.101:5060 RTP: 192.168.1.101:8000 NAT: my.router.public.ip
PROXY#0: 69.55.224.151:5060
OUTBOUND-PROXY#0: 69.55.224.151:5060
SEND >> ser.public.ip:5060 REGISTER sip:my.public.box SIP/2.0 Via: SIP/2.0/UDP 192.168.1.101:5060;rport;branch=z9hG4bKAC7BFFFD551C11D8B317000A957BC13A From: kristine sip:456@my.public.box To: kristine sip:456@my.public.box Contact: "kristine" sip:456@192.168.1.101:5060 Call-ID: AC7B8E18551C11D8B317000A957BC13A@my.public.box CSeq: 55034 REGISTER Expires: 1800 Max-Forwards: 70 User-Agent: X-Lite build 1101 Content-Length: 0
RECEIVE << ser.public.ip:5060 SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.101:5060;rport=15060;branch=z9hG4bKAC7BFFFD551C11D8B317000A957BC1 3A;received=my.router.public.ip From: kristine sip:456@my.public.box To: kristine sip:456@my.public.box;tag=b27e1a1d33761e85846fc98f5f3a7e58.b0ef Call-ID: AC7B8E18551C11D8B317000A957BC13A@my.public.box CSeq: 55034 REGISTER Contact: sip:456@192.168.1.101:5060;q=0.00;expires=1800 Server: Sip EXpress router (0.8.12 (i386/linux)) Content-Length: 0 Warning: 392 ser.public.ip:5060 "Noisy feedback tells: pid=21658 req_src_ip=my.router.public.ip req_src_port=15060 in_uri=sip:my.public.box out_uri=sip:my.public.box via_cnt==1
[3]
===Domain list=== ---Domain--- name : 'location' size : 512 table: 0x402d60d8 d_ll { n : 2 first: 0x402d80e0 last : 0x402d81c8 }
...Record(0x402d80e0)... domain: 'location' aor : '123'
domain : 'location' aor : '123' Contact: 'sip:123@192.168.1.100:5060' Expires: 583 q : 0.00 Call-ID: '9DA51D06551C11D882E3000393B930BA@my.public.box' CSeq : 56648 replic : 0 State : CS_NEW Flags : 0 next : (nil) prev : (nil) ~~~/Contact~~~~ .../Record... ...Record(0x402d81c8)... domain: 'location' aor : '456' ~~~Contact(0x402d8208)~~~ domain : 'location' aor : '456' Contact: 'sip:456@192.168.1.101:5060' Expires: 614 q : 0.00 Call-ID: 'AC7B8E18551C11D8B317000A957BC13A@my.public.box' CSeq : 55034 replic : 0 State : CS_NEW Flags : 0 next : (nil) prev : (nil) ~~~/Contact~~~~ .../Record... ---/Domain--- ===/Domain list=== _______________________________________________ Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers