Good to know that your issue is resolved. I see you're applying only one rtpproxy command, possibly your's only need incoming calls from carrier. Also in BYE you need to use unforce_rtpproxy function to release ports.

Same solution can have many solutions; I'll share how mine works, for the sake of finding any expert advise to do it better way.

Carrier ------[fiber]------ Kamailio ---------[lan]---------{LoadBalanced Freeswitch Servers}

Carrier IP is IP-AUTHENTICATED, add the ip in the address table, use permission module.
FreeSwitch IP(s) are added in the dispatcher table, use dispatcher module. 

Then RTPProxy is engaged in NATMANAGE Route

route[NATMANAGE] {
#!ifdef WITH_NAT
if (is_request()) {
if(has_totag()) {
if(check_route_param("nat=yes")) {
setbflag(FLB_NATB);
}
}
}
if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB)))
return;

if(ds_is_from_list()){          #Put outgoing condition here i.e From internal side to external IPs.
                rtpproxy_manage("ei");  #the sequence of flags depends on how rtpproxy started 1.1.1.1/2.2.2.2 or 2.2.2.2/1.1.1.1
}else{                          #Usually inverse of the above condition i.e From outside world to internal
rtpproxy_manage("ie");  # You can use any other flasg as well, cawrie
  }

if (is_request()) {
if (!has_totag()) {
add_rr_param(";nat=yes");
}
}
if (is_reply()) {
if(isbflagset(FLB_NATB)) {
fix_nated_contact();
}
}
#!endif
return;
}


From your main route for a particular flow if you want rtpproxy to be forced all you need to do is set the flag: FLT_NATS 

Example: 

Incoming IP Authenticated carrier always need to engage rtpproxy since it will end up in the LAN MediaServer pool.

#!ifdef WITH_IPAUTH
if((!is_method("REGISTER")) && allow_source_address())
{
xlog("L_INFO", "[$fU@$si:$sp][$ru]{$rm} ---- ROUTE AUTH:: Source IP Allowed for Inbound SIP/PSTN Carrier ----\n");
setflag(FLT_NATS);
return;
}
#!endif

I hope this either help alot of other ppl or get me some better advise on how to improve.


Best Regards,
Sammy
Blog: http://saevolgo.blogspot.com




On Thu, Aug 13, 2015 at 10:10 AM, Grant Bagdasarian <gb@cm.nl> wrote:

It’s working!

Thank you very much!!

 

From: sr-users [mailto:sr-users-bounces@lists.sip-router.org] On Behalf Of Waite, Hugh
Sent: Thursday, August 13, 2015 4:02 PM
To: Kamailio (SER) - Users Mailing List <sr-users@lists.sip-router.org>


Subject: Re: [SR-Users] need help with RTPProxy in bridged mode

 

Hi,

If the media is coming from a different IP address than the signalling, you may need to use the ‘r’ flag to force the address in the SDP to be trusted.

You should also use the same flags in the same order, in the on-reply route. (This is all in http://kamailio.org/docs/modules/4.3.x/modules/rtpproxy.html#idp15555616)

rtpproxy_manage(“eir”);

 

In the withindlg route, you don’t need to specify the ei/ie direction, but you will need to pass the ‘r’ flag.

 

Regards,

Hugh

 

From: sr-users [mailto:sr-users-bounces@lists.sip-router.org] On Behalf Of Grant Bagdasarian
Sent: 13 August 2015 14:50
To: SIP Router - Kamailio (OpenSER) and SIP Express Router (SER) - Users Mailing List
Subject: Re: [SR-Users] need help with RTPProxy in bridged mode

 

Hello,

 

Yeah, I also noticed I forgot the / . Now the SDP c parameter is set correctly, but the audio from private to public isn’t relayed by rtpproxy.

 

I ran a tcp dump on both interfaces (private and public), and it showed me RTP is being received from Freeswitch and also from our carrier, but nothing is passed between the two interfaces by rtpproxy. Any ideas?

 

Below a slim version of my config:

 

Request_route {

 

                if (is_method("INVITE")) {

                               record_route();

                               if (has_body("application/sdp")) {

                                               rtpproxy_offer("ei");

                               }

                }

 

}

onreply_route[MANAGE_REPLY] {

                if (has_body("application/sdp")) {

                               rtpproxy_answer("ie");

                }

}

 

route[WITHINDLG] {

                if (!has_totag()) return;

                if (loose_route()) {

                               if(is_method("BYE")) {

                                               rtpproxy_manage();

                               }

                               route(RELAY);

                               exit;

                }

}

 

From: sr-users [mailto:sr-users-bounces@lists.sip-router.org] On Behalf Of SamyGo
Sent: Thursday, August 13, 2015 3:26 PM
To: SIP Router - Kamailio (OpenSER) and SIP Express Router (SER) - Users Mailing List <sr-users@lists.sip-router.org>
Subject: Re: [SR-Users] need help with RTPProxy in bridged mode

 

Hi,
Try starting rtpprpxy with a / in between the two IP addresses.
For example -l 1.1.1.1/2.2.2.2
Besides that it depends where you are placing your rtpproxy function.

BR,
Sammy

On Aug 13, 2015 8:36 AM, "Grant Bagdasarian" <gb@cm.nl> wrote:

Hello,

 

I’m using RTPproxy for the first time in bridged mode and I can’t get kamailio/rtpproxy to rewrite the c parameter to the correct public ip address of kamailio.

 

The setup is as following:

 

Carrier ------[fiber]------ Kamailio ---------[lan]--------- Freeswitch

 

Kamailio is listening on two interfaces:

1)      Private: 172.0.0.1

2)      Public: 192.168.0.1 (since we have a dedicated fiber with our carrier, this is its public address)

 

Freeswitch is listening on:

1)      172.0.0.2

 

Carrier is on:

1)      10.0.0.1

 

I’ve started an rtpproxy instance on the Kamailio box using:

rtpproxy -s udp:127.0.0.1:7721 -u rtpproxy rtpproxy -p /var/run/rtpproxy/rtpproxy.pid -l 192.168.0.1 172.0.0.1

 

I’ve played around with rtpproxy_manage() and the various flags (ie, ei), but I can’t get kamailio to set the correct public IP when the 200 OK has to be sent back to the carrier.

It always sets it to its private address, instead of its public address.

 

I’m using Kamailio 4.2 with sippy/rtpproxy 2.0.

 

Could someone please point me into the right direction?

 

Thanks!

 

Grant

 


_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users


This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you for understanding.


_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users