Dear all
I have a bit confusen about server and nat its stupid question but i want to clear it wil your suggestions..
I am going to impliment SER for my customers with domain base authentication. Now if my client behind the NAT then how my RTP make connection between two IP phone
[SER] / \ / \ / \ [A] [B]
In this case RTP between [A] to [B] right
But when both [A] and [B] behind the same NAT router then what about RTP what is the path ???
What is the pass of RTP between [A] and [B] in this case
[SER] | | | [NAT] / \ / \ [A] [B]
$ cat ~/satish/url.txt
http://www.linuxbug.org _____________________________________________________________________________________________________
--------------------------------- Now you can chat without downloading messenger. Click here to know how.
http://download.dns-hosting.info/MediaProxy/NATtraversal-BestPractices.pdf reads can help it to understand.
Regards, Gonzalo.
Dear all
I have a bit confusen about server and nat its stupidquestion but i want to clear it wil your suggestions..
I am going to impliment SER for my customers with domain base authentication. Now if my client behind the NAT then how my RTP make connection between two IP phone
[SER] / \ / \ / \ [A] [B]In this case RTP between [A] to [B] right
But when both [A] and [B] behind the same NAT router then what about RTP what is the path ???
What is the pass of RTP between [A] and [B] in this case
[SER] | | | [NAT] / \ / \ [A] [B]$ cat ~/satish/url.txt
http://www.linuxbug.org _____________________________________________________________________________________________________
Now you can chat without downloading messenger. Click here to know how._______________________________________________ Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Dear Gonzalo
Thanx to send it me URL . I have SER setup on public IP ( without NAT) and my client or IP phone behind the single NAT router but i want to know how my RTP goes to IP phone to IP phone means both SIP phone behind the same NAT so RTP should be between both SIP device means SER not come in media path .
How to i test it my RTP channel up between both end point not SER intermediater means i want stateless SER model
I am sending my configuration can you explain me is it correct ???
debug=6 fork=yes log_stderror=yes listen=xxx.xxx.xxx.xxx # INSERT YOUR IP ADDRESS HERE port=5060 children=4 dns=no rev_dns=no fifo="/tmp/ser_fifo" fifo_db_url="mysql://ser:heslo@localhost/ser" loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" loadmodule "/usr/local/lib/ser/modules/uri.so" loadmodule "/usr/local/lib/ser/modules/uri_db.so" loadmodule "/usr/local/lib/ser/modules/domain.so" loadmodule "/usr/local/lib/ser/modules/mediaproxy.so" loadmodule "/usr/local/lib/ser/modules/nathelper.so" loadmodule "/usr/local/lib/ser/modules/textops.so" loadmodule "/usr/local/lib/ser/modules/xlog.so" modparam("auth_db|domain|uri_db|usrloc", "db_url", "mysql://ser:heslo@localhost/ser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password") modparam("nathelper", "rtpproxy_disable", 1) modparam("nathelper", "natping_interval", 0) modparam("mediaproxy","natping_interval", 30) modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy.sock") #modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients") #modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients") modparam("usrloc", "db_mode", 2) modparam("domain", "domain_table", "domain") modparam("domain", "domain_col", "domain") modparam("usrloc|registrar|auth_db|avpops|group", "use_domain", 1) modparam("uri_db", "use_domain", 1) modparam("uri_db", "use_uri_table", 1) modparam("registrar", "nat_flag", 6) modparam("rr", "enable_full_lr", 1) route { # ----------------------------------------------------------------- # Sanity Check Section # ----------------------------------------------------------------- if (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many Hops"); break; }; if (msg:len > max_len) { sl_send_reply("513", "Message Overflow"); break; }; # ----------------------------------------------------------------- # Record Route Section # ----------------------------------------------------------------- xlog("L_NOTICE","$rm from $si at $Tf\n"); if (method=="INVITE" && client_nat_test("3")) { # INSERT YOUR IP ADDRESS HERE record_route_preset("xxx.xxx.xx.xxx:5060;nat=yes"); } else if (method!="REGISTER") { record_route(); }; # ----------------------------------------------------------------- # Call Tear Down Section # ----------------------------------------------------------------- if (method=="BYE" || method=="CANCEL") { end_media_session(); }; # ----------------------------------------------------------------- # Loose Route Section # ----------------------------------------------------------------- if (loose_route()) { if ((method=="INVITE" || method=="REFER") && !has_totag()) { sl_send_reply("403", "Forbidden"); break; }; if (method=="INVITE") { if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); break; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); break; }; consume_credentials(); if (client_nat_test("3") || search("^Route:.*;nat=yes")) { setflag(6); use_media_proxy(); }; }; route(1); break; }; # ----------------------------------------------------------------- # Call Type Processing Section # ----------------------------------------------------------------- if (uri==myself) { route(4); route(1); break; }; if (method=="ACK") { route(1); break; } else if (method=="CANCEL") { route(1); break; } else if (method=="INVITE") { route(3); break;
} else if (method=="REGISTER") { route(2); break;
}; lookup("aliases"); if (uri==myself) { route(4); route(1); break; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); break; }; route(1); } route[1] { # ----------------------------------------------------------------- # Default Message Handler # ----------------------------------------------------------------- t_on_reply("1"); if (!t_relay()) { if (method=="INVITE" || method=="ACK") { end_media_session(); }; sl_reply_error(); }; } # REGISTER Message Handling # ------------------------- route[2] { sl_send_reply("100", "Trying"); if (!search("^Contact:[ ] **") && client_nat_test("7")) { setflag(6); fix_nated_register(); force_rport(); }; if (!www_authorize("","subscriber")) { www_challenge("","0"); break; }; if (!check_to()) { sl_send_reply("401", "Unauthorized"); break; }; consume_credentials(); if (!save("location")) { sl_reply_error(); }; } route[3] { # ----------------------------------------------------------------- # INVITE Message Handler # ----------------------------------------------------------------- if (client_nat_test("3")) { setflag(7); force_rport(); fix_nated_contact(); }; if (!proxy_authorize("","subscriber")) { xlog("L_NOTICE","Unable to verify the credentials\n"); proxy_challenge("","0"); break; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); break; }; consume_credentials();
lookup("aliases"); if (uri==myself) { route(4); route(1); break; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); break; }; route(4); route(1); } route[4] { # ----------------------------------------------------------------- # NAT Traversal Section # ----------------------------------------------------------------- if (isflagset(6) || isflagset(7)) { if (!isflagset(8)) { setflag(8); use_media_proxy(); }; }; } onreply_route[1] { if ((isflagset(6) || isflagset(7)) && (status=~"(180)|(183)|2[0-9][0-9]")) { if (!search("^Content-Length:[ ]*0")) { use_media_proxy(); }; }; if (client_nat_test("1")) { fix_nated_contact(); }; }
"Gonzalo J. Sambucaro" gonzalo.sambucaro@mslc.com.ar wrote: http://download.dns-hosting.info/MediaProxy/NATtraversal-BestPractices.pdf reads can help it to understand.
Regards, Gonzalo.
Dear all
I have a bit confusen about server and nat its stupidquestion but i want to clear it wil your suggestions..
I am going to impliment SER for my customers with domain base authentication. Now if my client behind the NAT then how my RTP make connection between two IP phone
[SER] / \ / \ / \ [A] [B]In this case RTP between [A] to [B] right
But when both [A] and [B] behind the same NAT router then what about RTP what is the path ???
What is the pass of RTP between [A] and [B] in this case
[SER] | | | [NAT] / \ / \ [A] [B]$ cat ~/satish/url.txt
http://www.linuxbug.org _____________________________________________________________________________________________________
Now you can chat without downloading messenger. Click here to know how._______________________________________________ Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
Satish, the RTP/RTCP ideal traffic is:
SIP PHONE A <--> NAT A <--> SIP PHONE B (public IP)
this flow is obtained using NAT Traversal solutions (for example mediaproxy).
SIP PHONE A <--> NAT A <--> MEDIA PROXY (public IP) <--> SIP PHONE B (public IP)
without NAT Traversal solutions the traffic is:
SIP PHONE A --> NAT A --> SIP PHONE B (public IP) SIP PHONE A x------------ SIP PHONE B (public IP)
SIP PHONE B listen to SIP PHONE A but it send RTP/RTCPs to SIP PHONE A (private IP) and this is the problem, SIP PHONE A does not listen SIP PHONE B.
I hope that clearly it is explained.
Regards, Gonzalo.
Dear Gonzalo
Thanx to send it me URL . I have SER setup on public IP (without NAT) and my client or IP phone behind the single NAT router but i want to know how my RTP goes to IP phone to IP phone means both SIP phone behind the same NAT so RTP should be between both SIP device means SER not come in media path .
How to i test it my RTP channel up between both end point not SER intermediater means i want stateless SER model
I am sending my configuration can you explain me is it correct ???
debug=6 fork=yes log_stderror=yes listen=xxx.xxx.xxx.xxx # INSERT YOUR IP ADDRESS HERE port=5060 children=4 dns=no rev_dns=no fifo="/tmp/ser_fifo" fifo_db_url="mysql://ser:heslo@localhost/ser" loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" loadmodule "/usr/local/lib/ser/modules/uri.so" loadmodule "/usr/local/lib/ser/modules/uri_db.so" loadmodule "/usr/local/lib/ser/modules/domain.so" loadmodule "/usr/local/lib/ser/modules/mediaproxy.so" loadmodule "/usr/local/lib/ser/modules/nathelper.so" loadmodule "/usr/local/lib/ser/modules/textops.so" loadmodule "/usr/local/lib/ser/modules/xlog.so" modparam("auth_db|domain|uri_db|usrloc", "db_url", "mysql://ser:heslo@localhost/ser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password") modparam("nathelper", "rtpproxy_disable", 1) modparam("nathelper", "natping_interval", 0) modparam("mediaproxy","natping_interval", 30) modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy.sock") #modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients") #modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients") modparam("usrloc", "db_mode", 2) modparam("domain", "domain_table", "domain") modparam("domain", "domain_col", "domain") modparam("usrloc|registrar|auth_db|avpops|group", "use_domain", 1) modparam("uri_db", "use_domain", 1) modparam("uri_db", "use_uri_table", 1) modparam("registrar", "nat_flag", 6) modparam("rr", "enable_full_lr", 1) route { #
# Sanity Check Section #
if (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many Hops"); break; }; if (msg:len > max_len) { sl_send_reply("513", "Message Overflow"); break; }; #
# Record Route Section #
xlog("L_NOTICE","$rm from $si at $Tf\n"); if (method=="INVITE" && client_nat_test("3")) { # INSERT YOUR IP ADDRESS HERE record_route_preset("xxx.xxx.xx.xxx:5060;nat=yes"); } else if (method!="REGISTER") { record_route(); }; #
# Call Tear Down Section #
if (method=="BYE" || method=="CANCEL") { end_media_session(); }; #
# Loose Route Section #
if (loose_route()) { if ((method=="INVITE" || method=="REFER") &&!has_totag()) { sl_send_reply("403", "Forbidden"); break; }; if (method=="INVITE") { if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); break; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); break; }; consume_credentials(); if (client_nat_test("3") || search("^Route:.*;nat=yes")) { setflag(6); use_media_proxy(); }; }; route(1); break; }; #
# Call Type Processing Section #
if (uri==myself) { route(4); route(1); break; }; if (method=="ACK") { route(1); break; } else if (method=="CANCEL") { route(1); break; } else if (method=="INVITE") { route(3); break; } else if (method=="REGISTER") { route(2); break; }; lookup("aliases"); if (uri==myself) { route(4); route(1); break; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); break; }; route(1);} route[1] { #
# Default Message Handler #
t_on_reply("1"); if (!t_relay()) { if (method=="INVITE" || method=="ACK") { end_media_session(); }; sl_reply_error(); };} # REGISTER Message Handling # ------------------------- route[2] { sl_send_reply("100", "Trying"); if (!search("^Contact:[ ] **") && client_nat_test("7")) { setflag(6); fix_nated_register(); force_rport(); }; if (!www_authorize("","subscriber")) { www_challenge("","0"); break; }; if (!check_to()) { sl_send_reply("401", "Unauthorized"); break; }; consume_credentials(); if (!save("location")) { sl_reply_error(); }; } route[3] { #
# INVITE Message Handler #
if (client_nat_test("3")) { setflag(7); force_rport(); fix_nated_contact(); }; if (!proxy_authorize("","subscriber")) { xlog("L_NOTICE","Unable to verify the credentials\n"); proxy_challenge("","0"); break; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); break; }; consume_credentials(); lookup("aliases"); if (uri==myself) { route(4); route(1); break; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); break; }; route(4); route(1);} route[4] { #
# NAT Traversal Section #
if (isflagset(6) || isflagset(7)) { if (!isflagset(8)) { setflag(8); use_media_proxy(); }; };} onreply_route[1] { if ((isflagset(6) || isflagset(7)) && (status=~"(180)|(183)|2[0-9][0-9]")) { if (!search("^Content-Length:[ ]*0")) { use_media_proxy(); }; }; if (client_nat_test("1")) { fix_nated_contact(); }; }
"Gonzalo J. Sambucaro" gonzalo.sambucaro@mslc.com.ar wrote: http://download.dns-hosting.info/MediaProxy/NATtraversal-BestPractices.pdf reads can help it to understand.
Regards, Gonzalo.
Dear all
I have a bit confusen about server and nat its stupidquestion but i want to clear it wil your suggestions..
I am going to impliment SER for my customers with domain base authentication. Now if my client behind the NAT then how my RTP make connection between two IP phone
[SER] / \ / \ / \ [A] [B]In this case RTP between [A] to [B] right
But when both [A] and [B] behind the same NAT router then what about RTP what is the path ???
What is the pass of RTP between [A] and [B] in this case
[SER] | | | [NAT] / \ / \ [A] [B]$ cat ~/satish/url.txt
http://www.linuxbug.org _____________________________________________________________________________________________________
Now you can chat without downloading messenger. Click here to know how._______________________________________________ Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
-- Gonzalo J. Sambucaro Ingeniería de Software Tel: +54-341-4230504 MSLC gonzalo.sambucaro@mslc.com.ar www.mslc.com.ar Ocampo y Esmeralda - Vivero de Empresas de Base Tecnológica Ciudad Universitaria Rosario UNR, CCT CONICET Rosario - Santa Fé - Argentina
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
$ cat ~/satish/url.txt
http://www.linuxbug.org _____________________________________________________________________________________________________
Now you can chat without downloading messenger. Click here to know how.
-
Gonzalo J. Sambucaro -
satish patel