Hi there,
unfortunately I am personally not a complete IT geek, I am more in to Pro Audio. Anyway, I have to maintain a SIP Server for high quality Audio transmission with special UA's. Also we use Software UA's running as Apps (Luci Live) on mobile devices such as I Phones and I pads which are by nature situated in mobile networks. Due to "lack of IP address issues" most providers use private ranges separated by CGNAT from the real Internet. This causes a lot of trouble. In some cases stun server entries on the clients helps, in other cases don't! But these days I read in announcement of a german company (Mayah Communications), which is in the ProAudio biz since decades, that they offer a SIP Service where no stun is recommended whether the clients are behind NAT or not. After I acknowledged that IT business is not witchcraft (almost :-) ) , I thought that there might exist a solution for my Kamailio SIP server to make it work like the "Mayah" Sip Server.
What settings have to be done that Kamailio uses IP Header Information for SIP signalling instead of the content of SIP packages themselves. Without stun you find the Local Address in the SIP packages, and with Stun the external Address but mostly with the wrong portnumber, but in the IP header you'll find the correct IP:port. I already read a lot of the Kamailio documentation but due to the fact that I am not too deep in IT I am not sure if I got it all. If someone could give me a useful hint on that, that would make my day. Hope this description is unterstandable.
Nice Regards
Gerhard Pinter
Hello,
Kamailio can help with NAT traversal -- there are couple of options, one of the most common deployments is using nathelper and rtpengine (or rtpproxy).
A similar solution is provided in the default kamailio.cfg, just look at WITH_NAT ifdefs to figure out the related parts:
- https://github.com/kamailio/kamailio/blob/master/etc/kamailio.cfg
Cheers, Daniel
On 07.05.18 12:22, Pinter, Gerd. wrote:
Hi there,
unfortunately I am personally not a complete IT geek, I am more in to Pro Audio. Anyway, I have to maintain a SIP Server for high quality Audio transmission with special UA's. Also we use Software UA's running as Apps (Luci Live) on mobile devices such as I Phones and I pads which are by nature situated in mobile networks. Due to "lack of IP address issues" most providers use private ranges separated by CGNAT from the real Internet. This causes a lot of trouble. In some cases stun server entries on the clients helps, in other cases don't! But these days I read in announcement of a german company (Mayah Communications), which is in the ProAudio biz since decades, that they offer a SIP Service where no stun is recommended whether the clients are behind NAT or not. After I acknowledged that IT business is not witchcraft (almost :-) ) , I thought that there might exist a solution for my Kamailio SIP server to make it work like the "Mayah" Sip Server.
What settings have to be done that Kamailio uses IP Header Information for SIP signalling instead of the content of SIP packages themselves. Without stun you find the Local Address in the SIP packages, and with Stun the external Address but mostly with the wrong portnumber, but in the IP header you'll find the correct IP:port. I already read a lot of the Kamailio documentation but due to the fact that I am not too deep in IT I am not sure if I got it all. If someone could give me a useful hint on that, that would make my day. Hope this description is unterstandable.
Nice Regards
Gerhard Pinter
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hi Won't RTP Proxy cause al lot of traffic? We only have 155mbit for all IT traffic, and our Sip Server also have to manage connections outbound our house, where I thought it might be better let those clients do the payload by peer to peer connection. If I got it right this traffic would flow thru our Sip server with RTP Proxy enabled. Thanks a lot
Best Regards Gerd
-----Ursprüngliche Nachricht----- Von: Daniel-Constantin Mierla miconda@gmail.com Gesendet: Montag, 7. Mai 2018 12:34 An: Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org; Pinter, Gerd. G.Pinter@radionrw.de Betreff: Re: [SR-Users] Connecting UAs behind Firewall/CgNat with Kamailio without using a Stun Server
Hello,
Kamailio can help with NAT traversal -- there are couple of options, one of the most common deployments is using nathelper and rtpengine (or rtpproxy).
A similar solution is provided in the default kamailio.cfg, just look at WITH_NAT ifdefs to figure out the related parts:
- https://github.com/kamailio/kamailio/blob/master/etc/kamailio.cfg
Cheers, Daniel
On 07.05.18 12:22, Pinter, Gerd. wrote:
Hi there,
unfortunately I am personally not a complete IT geek, I am more in to Pro Audio. Anyway, I have to maintain a SIP Server for high quality Audio transmission with special UA's. Also we use Software UA's running as Apps (Luci Live) on mobile devices such as I Phones and I pads which are by nature situated in mobile networks. Due to "lack of IP address issues" most providers use private ranges separated by CGNAT from the real Internet. This causes a lot of trouble. In some cases stun server entries on the clients helps, in other cases don't! But these days I read in announcement of a german company (Mayah Communications), which is in the ProAudio biz since decades, that they offer a SIP Service where no stun is recommended whether the clients are behind NAT or not. After I acknowledged that IT business is not witchcraft (almost :-) ) , I thought that there might exist a solution for my Kamailio SIP server to make it work like the "Mayah" Sip Server.
What settings have to be done that Kamailio uses IP Header Information for SIP signalling instead of the content of SIP packages themselves. Without stun you find the Local Address in the SIP packages, and with Stun the external Address but mostly with the wrong portnumber, but in the IP header you'll find the correct IP:port. I already read a lot of the Kamailio documentation but due to the fact that I am not too deep in IT I am not sure if I got it all. If someone could give me a useful hint on that, that would make my day. Hope this description is unterstandable.
Nice Regards
Gerhard Pinter
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - May 14-16, 2018 - www.kamailioworld.com
Am Montag, 7. Mai 2018, 13:11:50 CEST schrieb Pinter, Gerd.:
Hi Won't RTP Proxy cause al lot of traffic? We only have 155mbit for all IT traffic, and our Sip Server also have to manage connections outbound our house, where I thought it might be better let those clients do the payload by peer to peer connection. If I got it right this traffic would flow thru our Sip server with RTP Proxy enabled. Thanks a lot
Hello Gerd,
you understood it correctly, indeed using rtpengine/rtpproxy would mean routing additionally your RTP traffic to your network. Depending on the number of sessions and the used codec it may work perfectly, only with some QoS tuning or not at all. You can estimate the bandwith, there are also some calculators online.
Best regards,
Henning Westerholt
Hello Henning, hello Community
we are using high quality Codecs with bitrates up to 1500Kbit (PCM), but usually 128kbit (Mpeg1 Layer3 or AAC-LD). 128 is Not too much, but I want to be on the save side and therefore I prefer solution without Proxy. By the way I am audio engineer at a german commercial radio broadcast network and we try to establish our own "ISDN replacement-SIP Network" for reporting from events like Soccer Games, Karneval, Rock Concerts, Political Party Summits, Lawsuits... whatever. I want to keep frontend as simple as it gets for the reporter. Anyway, people told me that the SIP Server of "Mayah Communications" is working without the need of stun or other Client side gadgets, but I am also told that this Mayah server works without Proxy functions. That Company won't tell me their settings of course, but if possible I'd like to have this feature for our SIP Server. At the moment I have still vast problems with connectivity from Devices that are logged on via Vodafone Mobile Network. Even Stun does not work. I guess that CGNAT of Vodafone (All of the Devices I have tested within Vodafone allocate IP Addresses in private range!) opens different Ports for different outbound connections which is the case if I use a 3rd party Stun Server. I have read a lot about this issue these days and there is solution, but I am not too deep into scripting an how to edit the kamailio.cfg. For example, I tried to start Kamailio with Stun, but if I tried to use the built in Stun, I've got error messages on the Client and also in the logfile of the SIP Server (incomplete header of Stun message) Anyone can help, please?
Best regards Gerd
Von: Henning Westerholt hw@kamailio.org Gesendet: Montag, 7. Mai 2018 20:56 An: sr-users@lists.kamailio.org Cc: Pinter, Gerd. G.Pinter@radionrw.de Betreff: Re: [SR-Users] Connecting UAs behind Firewall/CgNat with Kamailio without using a Stun Server
Am Montag, 7. Mai 2018, 13:11:50 CEST schrieb Pinter, Gerd.:
Hi Won't RTP Proxy cause al lot of traffic? We only have 155mbit for all IT traffic, and our Sip Server also have to manage connections outbound our house, where I thought it might be better let those clients do the payload by peer to peer connection. If I got it right this traffic would flow thru our Sip server with RTP Proxy enabled. Thanks a lot
Hello Gerd, you understood it correctly, indeed using rtpengine/rtpproxy would mean routing additionally your RTP traffic to your network. Depending on the number of sessions and the used codec it may work perfectly, only with some QoS tuning or not at all. You can estimate the bandwith, there are also some calculators online. Best regards, Henning Westerholt
Hi Gerd,
have you seen Olle's Project from 2017 about RadioBroadcasting?
https://www.kamailio.org/w/2017/11/oss-iris-broadcast-project-launched/
Best Regards Markus
On Tue, May 8, 2018 at 8:29 AM, Pinter, Gerd. G.Pinter@radionrw.de wrote:
Hello Henning, hello Community
we are using high quality Codecs with bitrates up to 1500Kbit (PCM), but usually 128kbit (Mpeg1 Layer3 or AAC-LD). 128 is Not too much, but I want to be on the save side and therefore I prefer solution without Proxy. By the way I am audio engineer at a german commercial radio broadcast network and we try to establish our own "ISDN replacement-SIP Network" for reporting from events like Soccer Games, Karneval, Rock Concerts, Political Party Summits, Lawsuits... whatever. I want to keep frontend as simple as it gets for the reporter. Anyway, people told me that the SIP Server of "Mayah Communications" is working without the need of stun or other Client side gadgets, but I am also told that this Mayah server works without Proxy functions. That Company won't tell me their settings of course, but if possible I'd like to have this feature for our SIP Server. At the moment I have still vast problems with connectivity from Devices that are logged on via Vodafone Mobile Network. Even Stun does not work. I guess that CGNAT of Vodafone (All of the Devices I have tested within Vodafone allocate IP Addresses in private range!) opens different Ports for different outbound connections which is the case if I use a 3rd party Stun Server. I have read a lot about this issue these days and there is solution, but I am not too deep into scripting an how to edit the kamailio.cfg. For example, I tried to start Kamailio with Stun, but if I tried to use the built in Stun, I've got error messages on the Client and also in the logfile of the SIP Server (incomplete header of Stun message) Anyone can help, please?
Best regards Gerd
Von: Henning Westerholt hw@kamailio.org Gesendet: Montag, 7. Mai 2018 20:56 An: sr-users@lists.kamailio.org Cc: Pinter, Gerd. G.Pinter@radionrw.de Betreff: Re: [SR-Users] Connecting UAs behind Firewall/CgNat with Kamailio without using a Stun Server
Am Montag, 7. Mai 2018, 13:11:50 CEST schrieb Pinter, Gerd.:
Hi Won't RTP Proxy cause al lot of traffic? We only have 155mbit for all IT traffic, and our Sip Server also have to manage connections outbound our house, where I thought it might be better let those clients do the
payload
by peer to peer connection. If I got it right this traffic would flow
thru
our Sip server with RTP Proxy enabled. Thanks a lot
Hello Gerd,
you understood it correctly, indeed using rtpengine/rtpproxy would mean routing additionally your RTP traffic to your network. Depending on the number of sessions and the used codec it may work perfectly, only with some QoS tuning or not at all. You can estimate the bandwith, there are also some calculators online.
Best regards,
Henning Westerholt
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hello,
just to add the link to the video of the presentation on this topic done by Olle at the Kamailio World Conference 2017:
- https://www.youtube.com/watch?v=50TFZWlhsP4
Cheers, Daniel
On 08.05.18 08:40, Markus Monka wrote:
Hi Gerd,
have you seen Olle's Project from 2017 about RadioBroadcasting?
https://www.kamailio.org/w/2017/11/oss-iris-broadcast-project-launched/
Best Regards Markus
On Tue, May 8, 2018 at 8:29 AM, Pinter, Gerd. <G.Pinter@radionrw.de mailto:G.Pinter@radionrw.de> wrote:
Hello Henning, hello Community we are using high quality Codecs with bitrates up to 1500Kbit (PCM), but usually 128kbit (Mpeg1 Layer3 or AAC-LD). 128 is Not too much, but I want to be on the save side and therefore I prefer solution without Proxy. By the way I am audio engineer at a german commercial radio broadcast network and we try to establish our own "ISDN replacement-SIP Network" for reporting from events like Soccer Games, Karneval, Rock Concerts, Political Party Summits, Lawsuits... whatever. I want to keep frontend as simple as it gets for the reporter. Anyway, people told me that the SIP Server of "Mayah Communications" is working without the need of stun or other Client side gadgets, but I am also told that this Mayah server works without Proxy functions. That Company won't tell me their settings of course, but if possible I'd like to have this feature for our SIP Server. At the moment I have still vast problems with connectivity from Devices that are logged on via Vodafone Mobile Network. Even Stun does not work. I guess that CGNAT of Vodafone (All of the Devices I have tested within Vodafone allocate IP Addresses in private range!) opens different Ports for different outbound connections which is the case if I use a 3rd party Stun Server. I have read a lot about this issue these days and there is solution, but I am not too deep into scripting an how to edit the kamailio.cfg. For example, I tried to start Kamailio with Stun, but if I tried to use the built in Stun, I've got error messages on the Client and also in the logfile of the SIP Server (incomplete header of Stun message) Anyone can help, please? Best regards Gerd Von: Henning Westerholt <hw@kamailio.org <mailto:hw@kamailio.org>> Gesendet: Montag, 7. Mai 2018 20:56 An: sr-users@lists.kamailio.org <mailto:sr-users@lists.kamailio.org> Cc: Pinter, Gerd. <G.Pinter@radionrw.de <mailto:G.Pinter@radionrw.de>> Betreff: Re: [SR-Users] Connecting UAs behind Firewall/CgNat with Kamailio without using a Stun Server Am Montag, 7. Mai 2018, 13:11:50 CEST schrieb Pinter, Gerd.: > Hi > Won't RTP Proxy cause al lot of traffic? We only have 155mbit for all IT > traffic, and our Sip Server also have to manage connections outbound our > house, where I thought it might be better let those clients do the payload > by peer to peer connection. If I got it right this traffic would flow thru > our Sip server with RTP Proxy enabled. > Thanks a lot Hello Gerd, you understood it correctly, indeed using rtpengine/rtpproxy would mean routing additionally your RTP traffic to your network. Depending on the number of sessions and the used codec it may work perfectly, only with some QoS tuning or not at all. You can estimate the bandwith, there are also some calculators online. Best regards, Henning Westerholt _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org <mailto:sr-users@lists.kamailio.org> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>-- Dipl. Ing. Markus Monka - mmonka@sipgate.de mailto:mmonka@sipgate.de Telefon: +49 (0)211-63 55 55-23 Telefax: +49 (0)211-63 55 55-22
sipgate GmbH - Gladbacher Str. 74 - 40219 Düsseldorf HRB Düsseldorf 39841 - Geschäftsführer: Thilo Salmon, Tim Mois Steuernummer: 106/5724/7147, Umsatzsteuer-ID: DE219349391
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hello there,
thanks for all the good hints and links. Guidance here was very helpful. I configured our Kamailio SIP as Rttpproxy and everything works fine as I supposed. A special Applause to Alex Balashov for the Blog wich is very imformative on this issue. *Ticket closed* P.S. Thanks for all the fish, and never forget the towel
With nice regards Mit freundlichen Grüßen Gerhard Pinter Digital- Studiotechnik mailto:g.pinter@radionrw.de Tel: 0208-85 87-312 Fax: 0208-85 87-480
radio NRW GmbH Essener Str. 55 46047 Oberhausen
SITZ OBERHAUSEN Amtsgericht Duisburg Nr. HRB 12489
GESCHÄFTSFÜHRER Sven Thölen
AUFSICHTSRATSVORSITZENDER Hans-Jürgen Weske
Von: sr-users sr-users-bounces@lists.kamailio.org Im Auftrag von Daniel-Constantin Mierla Gesendet: Dienstag, 8. Mai 2018 09:02 An: Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org Betreff: Re: [SR-Users] Connecting UAs behind Firewall/CgNat with Kamailio without using a Stun Server
Hello, just to add the link to the video of the presentation on this topic done by Olle at the Kamailio World Conference 2017: - https://www.youtube.com/watch?v=50TFZWlhsP4 Cheers, Daniel On 08.05.18 08:40, Markus Monka wrote: Hi Gerd,
have you seen Olle's Project from 2017 about RadioBroadcasting?
https://www.kamailio.org/w/2017/11/oss-iris-broadcast-project-launched/
Best Regards Markus
On Tue, May 8, 2018 at 8:29 AM, Pinter, Gerd. mailto:G.Pinter@radionrw.de wrote: Hello Henning, hello Community
we are using high quality Codecs with bitrates up to 1500Kbit (PCM), but usually 128kbit (Mpeg1 Layer3 or AAC-LD). 128 is Not too much, but I want to be on the save side and therefore I prefer solution without Proxy. By the way I am audio engineer at a german commercial radio broadcast network and we try to establish our own "ISDN replacement-SIP Network" for reporting from events like Soccer Games, Karneval, Rock Concerts, Political Party Summits, Lawsuits... whatever. I want to keep frontend as simple as it gets for the reporter. Anyway, people told me that the SIP Server of "Mayah Communications" is working without the need of stun or other Client side gadgets, but I am also told that this Mayah server works without Proxy functions. That Company won't tell me their settings of course, but if possible I'd like to have this feature for our SIP Server. At the moment I have still vast problems with connectivity from Devices that are logged on via Vodafone Mobile Network. Even Stun does not work. I guess that CGNAT of Vodafone (All of the Devices I have tested within Vodafone allocate IP Addresses in private range!) opens different Ports for different outbound connections which is the case if I use a 3rd party Stun Server. I have read a lot about this issue these days and there is solution, but I am not too deep into scripting an how to edit the kamailio.cfg. For example, I tried to start Kamailio with Stun, but if I tried to use the built in Stun, I've got error messages on the Client and also in the logfile of the SIP Server (incomplete header of Stun message) Anyone can help, please?
Best regards Gerd
Von: Henning Westerholt mailto:hw@kamailio.org Gesendet: Montag, 7. Mai 2018 20:56 An: mailto:sr-users@lists.kamailio.org Cc: Pinter, Gerd. mailto:G.Pinter@radionrw.de Betreff: Re: [SR-Users] Connecting UAs behind Firewall/CgNat with Kamailio without using a Stun Server Am Montag, 7. Mai 2018, 13:11:50 CEST schrieb Pinter, Gerd.:
Hi Won't RTP Proxy cause al lot of traffic? We only have 155mbit for all IT traffic, and our Sip Server also have to manage connections outbound our house, where I thought it might be better let those clients do the payload by peer to peer connection. If I got it right this traffic would flow thru our Sip server with RTP Proxy enabled. Thanks a lot
Hello Gerd, you understood it correctly, indeed using rtpengine/rtpproxy would mean routing additionally your RTP traffic to your network. Depending on the number of sessions and the used codec it may work perfectly, only with some QoS tuning or not at all. You can estimate the bandwith, there are also some calculators online. Best regards, Henning Westerholt _______________________________________________ Kamailio (SER) - Users Mailing List mailto:sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hello,
there is no way of going through symmetric NAT without a media stream relay on a public ip address.
The media relay system can be:
1) server side relay controlled by sip server, like rtpengine or rtpproxy 2) dedicated SBC boxes put between end device and sip server, like Oracle (former ACME) SBC 3) TURN servers, which is concept similar to rtpengine/rtpproxy, but it is the end device interacting directly with it (sip server does not interact with the TURN server), so the end device must support TURN protocol
If you do not control the end device or the end device doesn't support TURN, then the solution has to be 1) or 2). The 2) can be expensive and adds additional ongoing operations costs.
Note that you can put rtpproxy/rtpengine on a different system than kamailio. Also, there can be many of them, with kamailio doing sort of load balancing to distribute calls across all available rtpproxy/rtpengine instance.
The is an alternative by creating a VPN between end devices and core infrastructure, so everyone is in the network. However, all packets, including the RTP/media streams are relayed by the VPN server, so you still get the traffic in the core network.
Cheers, Daniel
On 08.05.18 08:29, Pinter, Gerd. wrote:
Hello Henning, hello Community
we are using high quality Codecs with bitrates up to 1500Kbit (PCM), but usually 128kbit (Mpeg1 Layer3 or AAC-LD). 128 is Not too much, but I want to be on the save side and therefore I prefer solution without Proxy. By the way I am audio engineer at a german commercial radio broadcast network and we try to establish our own "ISDN replacement-SIP Network" for reporting from events like Soccer Games, Karneval, Rock Concerts, Political Party Summits, Lawsuits... whatever. I want to keep frontend as simple as it gets for the reporter. Anyway, people told me that the SIP Server of "Mayah Communications" is working without the need of stun or other Client side gadgets, but I am also told that this Mayah server works without Proxy functions. That Company won't tell me their settings of course, but if possible I'd like to have this feature for our SIP Server. At the moment I have still vast problems with connectivity from Devices that are logged on via Vodafone Mobile Network. Even Stun does not work. I guess that CGNAT of Vodafone (All of the Devices I have tested within Vodafone allocate IP Addresses in private range!) opens different Ports for different outbound connections which is the case if I use a 3rd party Stun Server. I have read a lot about this issue these days and there is solution, but I am not too deep into scripting an how to edit the kamailio.cfg. For example, I tried to start Kamailio with Stun, but if I tried to use the built in Stun, I've got error messages on the Client and also in the logfile of the SIP Server (incomplete header of Stun message) Anyone can help, please?
Best regards Gerd
Von: Henning Westerholt hw@kamailio.org Gesendet: Montag, 7. Mai 2018 20:56 An: sr-users@lists.kamailio.org Cc: Pinter, Gerd. G.Pinter@radionrw.de Betreff: Re: [SR-Users] Connecting UAs behind Firewall/CgNat with Kamailio without using a Stun Server
Am Montag, 7. Mai 2018, 13:11:50 CEST schrieb Pinter, Gerd.:
Hi Won't RTP Proxy cause al lot of traffic? We only have 155mbit for all IT traffic, and our Sip Server also have to manage connections outbound our house, where I thought it might be better let those clients do the payload by peer to peer connection. If I got it right this traffic would flow thru our Sip server with RTP Proxy enabled. Thanks a lot
Hello Gerd, you understood it correctly, indeed using rtpengine/rtpproxy would mean routing additionally your RTP traffic to your network. Depending on the number of sessions and the used codec it may work perfectly, only with some QoS tuning or not at all. You can estimate the bandwith, there are also some calculators online. Best regards, Henning Westerholt
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Henning Westerholt -
Markus Monka -
Pinter, Gerd.