23 Jun
2011
23 Jun
'11
1:45 a.m.
2011/6/22 Klaus Darilion <klaus.mailinglists(a)pernau.at>at>:
Just a small survey: Are you still using NAT detection
checks? I prefer
to apply NAT traversal always (never trust the contact header) which of
course only works if all the clients are symmetric.
I would like to tell a recent issue I've suffered in my company:
- Kamailio with public IP and optional rtpproxy server.
- Two users behind same NAT.
- Both users use STUN so announce public IP:ports in headers and SDP.
- User A calls to B.
- Kamailio does not detect NAT (due to STUN) so doesn't apply
rtpproxy, neither when routes the call to user B.
- So user A sends RTP to the public IP of its NAT router, same as user B.
- In some routers this work, but in this case it does not properly
perform NAT port forwarding and there is no audio.
Solutions:
1) Remove STUN from clients (not always feasible).
2) Always use RtpProxy. Easier.
Thus - do you still see asymmetric SIP clients?
Yes, I've seen some Alcatel OXO using asymmetric SIP. A pain if you do
"force_rport".
Solution:
- Just perform "force_rport" if the client is detected as behind NAT
(note that assymetric SIP clients can ***NEVER*** run behind NAT).
--
Iñaki Baz Castillo
<ibc(a)aliax.net>