Hello Although my question it's not related to Kamailio directly, but i think someone could help in this strange behavior
in our tests, we have some clients under private networks, where the provider of those networks implements CGNAT (NAT444) for it's customers to reach internet (Client Private IP) --->(Home router: Private to Private NAT)--->(FW with CGNAT)---------------------------->(Kamailio Proxy Public IP)
Registration is performing fine, but making calls from this client had strange problem as follow:
Client -------------INVITE--------------> Proxy Proxy -------------Trying---------------->Client Proxy--------------INVITE---------> Called Party
The called party should send Ringing msg, but the massage get lost somewhere and didn't reach to the Proxy. Although all the IP's in sip massages are public i tried with STUN/TURN and NAThelper module solutions, but didn't help
is there any way to slove CGNAT with SIP in Kamailio?
Thanks in Advance
Can you send the INVITE that proxy sends to called party?
On Sun, Aug 26, 2018 at 02:05 Amar Tinawi amar.tinawi@gmail.com wrote:
Also, if the client is not behind CGNAT do you get the Ringing from called party?
Is called party the same in both cases?
On Sun, Aug 26, 2018 at 09:54 Joel Serrano joel@textplus.com wrote:
Thanks Joel For reply
when any user (Not Nated or behind Normal NAT) is trying to reach a client behind CGNAT, the INVITE delivered and the client is start to ringing, but when answering, the answer is not delivered to the proxy, so not delivered to the calling client result to the call started in the CGNATED client and still in establishing in the calling one.
The call is established successfully when the CGNATED send the INVITE to Not Nated client and two way audio.
CGNATED to CGNATED not working as well .
On Sun, Aug 26, 2018 at 7:57 PM Joel Serrano joel@textplus.com wrote:
It would definitely be useful to see sip traces of the different scenarios to try and find what the problem is.
Can you give some details of what your setup looks like? Is kamailio acting as a signaling proxy only or is it also handling RTP with rtpengine/rtpproxy?
On Sun, Aug 26, 2018 at 13:30 Amar Tinawi amar.tinawi@gmail.com wrote:
it's Kamailio for signaling with RTPengine for media (also the RTP engine has public IP)
any call to reach the user behind the CGNAT will fail because of the 200 OK msg not reaching the Proxy somehow (i checked, the massage is generated in the client) and any call initiated by the CGNAT client succeeded
would you please check the attached many thanks
On Mon, Aug 27, 2018 at 6:00 AM Joel Serrano joel@textplus.com wrote:
Hi Amar,
I had a quick look and I see a lot of via/route headers, I will look properly later today, can you give me some details on what IP is what in those traces for when I check them later?
Also, are you using a kamailio config based on vanilla config (specially regarding NAT handling and Contact/SDP updates/rewrites)?
On Sun, Aug 26, 2018 at 11:39 PM, Amar Tinawi amar.tinawi@gmail.com wrote:
Hi Joel
the Via's and Record routes is due to IMS structure, but it doesn't affect the concept as i test it with a normal sip Proxy
Proxy IP : 94.252.181.93 : 5050 RTP Engine : 94.252.181.49 I-cscf : 10.192.129.134 s-cscf :10.192.129.134
Actually i'm using what Mr Carsten introduce for IMS
On Mon, Aug 27, 2018 at 8:33 PM Joel Serrano joel@textplus.com wrote:
Hi,
it's seems not related to CGNAT, but more due to a misconfiguration on the Proxy-CSCF. It should evaluate the "alias" in the R-URI in order to send it to the proper address.
Thanks, Carsten --
Carsten Bock CEO (Geschäftsführer)
ng-voice GmbH Millerntorplatz 1 20359 Hamburg / Germany
http://www.ng-voice.com mailto:carsten@ng-voice.com
Office +49 40 5247593-40 Fax +49 40 5247593-99
Sitz der Gesellschaft: Hamburg Registergericht: Amtsgericht Hamburg, HRB 120189 Geschäftsführer: Carsten Bock Ust-ID: DE279344284
Hier finden Sie unsere handelsrechtlichen Pflichtangaben: http://www.ng-voice.com/imprint/
Am Di., 28. Aug. 2018 um 13:19 Uhr schrieb Amar Tinawi amar.tinawi@gmail.com:
Hello Carsten :) Thanks for your reply
Actually, we remove the alias from sip massages for a reason, which was a bug in the client generating wrong ip in the alias in BYE msgs in Video Calls only, and even before removing the alias part this problem existed.
under this specific kind of networks, INVITE msg reaches the client, but the co-responding RINGING msg and msgs follows from the client not reaching the P-CSCF at all for that reason we suspect of a NAT problem.
other networks working Fine without the alias
On Tue, Aug 28, 2018 at 2:47 PM Carsten Bock carsten@ng-voice.com wrote:
Just to share knowledge and close this case
the problem was due to the size value of this packet which is 1514 byte and it wasn't fragmented well, or never fragmented
reducing the mtu value of the wan device (home router) solve the case which led to the necessary of reducing sip packet size
those two tutorials help alot : Thanks Alex Balashov http://www.evaristesys.com/blog/sip-udp-fragmentation-and-kamailio-the-sip-h... https://200ok.info/2017/03/31/sip-and-fragments/
Thanks All
You are very welcome! Glad it helped someone.
-- Sent from mobile. Apologies for brevity and errors.
-----Original Message----- From: Amar Tinawi amar.tinawi@gmail.com To: "Kamailio (SER) - Users Mailing List" sr-users@lists.kamailio.org Sent: Thu, 06 Sep 2018 3:55 PM Subject: Re: [SR-Users] Kamailio with CGNAT
Just to share knowledge and close this case
the problem was due to the size value of this packet which is 1514 byte and it wasn't fragmented well, or never fragmented
reducing the mtu value of the wan device (home router) solve the case which led to the necessary of reducing sip packet size
those two tutorials help alot : Thanks Alex Balashov http://www.evaristesys.com/blog/sip-udp-fragmentation-and-kamailio-the-sip-h... https://200ok.info/2017/03/31/sip-and-fragments/
Thanks All
-
Alex Balashov -
Amar Tinawi -
Carsten Bock -
Joel Serrano