Hello Jiri,
Of course, I meant the non-paranoic meaning, that is forcing the subsequent requests to go through the proxy.
The question is related to the FCP module I'm trying to complete. In order to close the previously opened ports, the module needs to see BYE and CANCEL messages. When adding record-routing header from a natted proxy, this address must be changed to a public one whenever the message is for the public Internet. Is my understanding correct? My other concern with Record Routing is whether this translation for the request involves translating the RR field back to the one of the natted proxy, when the response hits the proxy.
Regards,
Jaime
Jiri Kuthan jiri@iptel.org on 21/03/2003 17:28:48
To: Jaime GILL/EN/HTLUK@HTLUK serusers@lists.iptel.org cc:
Subject: Re: [Serusers] Routing all SIP traffic through the proxy
At 12:29 PM 3/21/2003, jaime.gill@orange.co.uk wrote:
Hi,
Not sure if someone has asked this before. Is there any way to route all SIP messages through SER without using record_route()?
Jaime
I'm not sure what it means "all SIP messages". In a paranoid understanding, that would include interception of iptel.org messages by someone else.
In general, there are two options: setting an outbound proxy in phones and forcing subsequent requests hit a proxy through rr-ing.
-Jiri
******************************************************************************* Important. Confidentiality: This communication is intended for the above-named person and may be confidential and/or legally privileged. Any opinions expressed in this communication are not necessarily those of the company. If it has come to you in error you must take no action based on it, nor must you copy or show it to anyone; please delete/destroy and inform the sender immediately.
Monitoring/Viruses Orange may monitor all incoming and outgoing emails in line with current legislation. Although we have taken steps to ensure that this email and attachments are free from any virus, we advise that in keeping with good computing practice the recipient should ensure they are actually virus free.
Orange PCS Limited is a subsidiary of Orange SA and is registered in England No 2178917, with its address at St James Court, Great Park Road, Almondsbury Park, Bradley Stoke, Bristol BS32 4QJ. *******************************************************************************
Jaime,
On 24-03 13:20, jaime.gill@orange.co.uk wrote:
Hello Jiri,
Of course, I meant the non-paranoic meaning, that is forcing the subsequent requests to go through the proxy.
The question is related to the FCP module I'm trying to complete. In order to close the previously opened ports, the module needs to see BYE and CANCEL messages. When adding record-routing header from a natted proxy, this address must be changed to a public one whenever the message is for the public Internet. Is my understanding correct?
Yes, your understanding is correct, but we will solve the problem in a different way. Instead of modifying record-route headers, it is possible to insert two of them, one with internal IP address and the other with public IP address.
Suppose that callee is in the public internet and caller in private network. The caller sends an INVITE, the INVITE will reach your proxy and it will insert rr with private IP address and after that another rr with public IP address of your NAT.
When the caller wants to send a BYE, it will use the rr with public IP of your NAT box. Your proxy will detect that there are 2 route headers and remove both of them.
Callee sending BYE will reverse the order of all record-route header fields and therefore it will use record-route with private IP address - the message will hit your proxy directly. Again, the proxy detects presence of 2 route fields and will remove both of them.
My other concern with Record Routing is whether this translation for the request involves translating the RR field back to the one of the natted proxy, when the response hits the proxy.
Don't worry about Record-Routes, I am currently working on the trick described above so you will get this feature for free with the new release.
Jan.
-
jaime.gill@orange.co.uk -
Jan Janak