On 09/05/2011 08:07 PM, Sarat C. Vemuri wrote:
How do I remove the "public IP" entry from the route set before forwarding the reply to Internal UAC?
You don't -- at least, not in a protocol-compliant way. You can, of course, do remove_hf("Route"); if you want to, but with effects that are ultimately rather undesirable, I think.
One strategy I've used for dealing with this in the past, nasty as it is, is to:
1. Create a loopback interface on the proxy with the address of its public IP.
2. Set static routes for that public IP from all the "internal" servers on the private LAN pointing to the proxy.
3. Bind Kamailio to that loopback interface only, enable IP forwarding, and define the "real" interface addresses as alias=es.
4. DNAT all incoming traffic on the "real" interfaces, in the PREROUTING table, to have the destination IP of the public IP of the proxy (the loopback interface).
Works for rtpproxy too, but of course, relies on ugly NAT and limits you to what the conntrack facility can reasonably handle.