Im trying to implement Keep alive to maintain communication with nated clients. Enabling it in the terminals
We eliminate OPTIONS natpings setbflag(7); We want to eliminate setbflag(6); because when this is setted openser send 4 bytes packages to maintain the communication with nated clients. But if we do that we have problems using mediaproxy.
Can you help me with this issue?
I hope to have explained correctly.
Ariadne L. Ramos Solís
Depto. Ingeniería
Aprovisionamiento y Señalización VoIP
Galaxy Communications Corp.
Tel. 2000117
e-mail mailto:aramos@clarocom.com aramos@clarocom.com
P BE CARBON CONSCIOUS. PLEASE CONSIDER OUR ENVIRONMENT BEFORE PRINTING THIS E-MAIL
If you are going to 'ping' the server you could deactivate the udp ping by setting natping_interval to 0. http://www.kamailio.org/docs/modules/1.5.x/nathelper.html#id2453019
Nevertheless, I would keep it active, and set ping_nated_only to 1, so you just ping clients which are known to be behind NAT.
El Martes, 9 de Junio de 2009, Saúl Ibarra escribió:
Nevertheless, I would keep it active, and set ping_nated_only to 1, so you just ping clients which are known to be behind NAT.
The only problem with it is when a fuc**ng SIP ALG enabled router takes place. It will modify the request so it'll look as coming from public IP (NAT cannot be detected in Kamailio), but most of these infernal routers don't mantain the keepalive so the input traffic is closed after UDP "connection" expires in the router.
Iñaki Baz Castillo wrote:
El Martes, 9 de Junio de 2009, Saúl Ibarra escribió:
Nevertheless, I would keep it active, and set ping_nated_only to 1, so you just ping clients which are known to be behind NAT.
The only problem with it is when a fuc**ng SIP ALG enabled router takes place. It will modify the request so it'll look as coming from public IP (NAT cannot be detected in Kamailio), but most of these infernal routers don't mantain the keepalive so the input traffic is closed after UDP "connection" expires in the router.
Yep. Infernal - well said!
El Martes, 9 de Junio de 2009, Alex Balashov escribió:
Iñaki Baz Castillo wrote:
El Martes, 9 de Junio de 2009, Saúl Ibarra escribió:
Nevertheless, I would keep it active, and set ping_nated_only to 1, so you just ping clients which are known to be behind NAT.
The only problem with it is when a fuc**ng SIP ALG enabled router takes place. It will modify the request so it'll look as coming from public IP (NAT cannot be detected in Kamailio), but most of these infernal routers don't mantain the keepalive so the input traffic is closed after UDP "connection" expires in the router.
Yep. Infernal - well said!
This is my personal battle against SIP ALG routers: http://www.voip-info.org/wiki/view/Routers+SIP+ALG
Please, feel free to add any useful information about infernal routers with SIP ALG enabled.
Thanks a lot :)
Iñaki Baz Castillo napsal(a):
El Martes, 9 de Junio de 2009, Alex Balashov escribió:
Iñaki Baz Castillo wrote:
El Martes, 9 de Junio de 2009, Saúl Ibarra escribió:
Nevertheless, I would keep it active, and set ping_nated_only to 1, so you just ping clients which are known to be behind NAT.
The only problem with it is when a fuc**ng SIP ALG enabled router takes place. It will modify the request so it'll look as coming from public IP (NAT cannot be detected in Kamailio), but most of these infernal routers don't mantain the keepalive so the input traffic is closed after UDP "connection" expires in the router.
Yep. Infernal - well said!
This is my personal battle against SIP ALG routers: http://www.voip-info.org/wiki/view/Routers+SIP+ALG
Please, feel free to add any useful information about infernal routers with SIP ALG enabled.
Thanks a lot :)
SIP ALG routers are big pain, at least for me :-)
What I'm trying to do is automagically detect users behind such a stupid routers (analyzing INVITEs and REGISTERs in sip-dump) and automatically send them e-mails aksing to disable SIP ALG. Just my 2c...
Best regards,
kokoska.rokosoka
El Miércoles, 10 de Junio de 2009, kokoska rokoska escribió:
SIP ALG routers are big pain, at least for me :-)
What I'm trying to do is automagically detect users behind such a stupid routers (analyzing INVITEs and REGISTERs in sip-dump) and automatically send them e-mails aksing to disable SIP ALG. Just my 2c...
I plan to build a small software (hopefully running on Linux and Windows) which will connect with my server in order to detect if there is a SIP ALG router in the path.
I just need some spare time :)
Iñaki Baz Castillo napsal(a):
El Miércoles, 10 de Junio de 2009, kokoska rokoska escribió:
SIP ALG routers are big pain, at least for me :-)
What I'm trying to do is automagically detect users behind such a stupid routers (analyzing INVITEs and REGISTERs in sip-dump) and automatically send them e-mails aksing to disable SIP ALG. Just my 2c...
I plan to build a small software (hopefully running on Linux and Windows) which will connect with my server in order to detect if there is a SIP ALG router in the path.
I just need some spare time :)
Sounds interesting :-)
If you think I can help you (at least with testing 'cos I'm not good programmer), drop me an e-mail...
Best regards,
kokoska.rokoska
El Jueves, 11 de Junio de 2009, kokoska rokoska escribió:
Iñaki Baz Castillo napsal(a):
El Miércoles, 10 de Junio de 2009, kokoska rokoska escribió:
SIP ALG routers are big pain, at least for me :-)
What I'm trying to do is automagically detect users behind such a stupid routers (analyzing INVITEs and REGISTERs in sip-dump) and automatically send them e-mails aksing to disable SIP ALG. Just my 2c...
I plan to build a small software (hopefully running on Linux and Windows) which will connect with my server in order to detect if there is a SIP ALG router in the path.
I just need some spare time :)
Sounds interesting :-)
If you think I can help you (at least with testing 'cos I'm not good programmer), drop me an e-mail...
Sure, when I've it ready I'll announce it here so you can test it :) Thanks.
Hello,
On 06/10/2009 11:20 AM, kokoska rokoska wrote:
Iñaki Baz Castillo napsal(a):
El Martes, 9 de Junio de 2009, Alex Balashov escribió:
Iñaki Baz Castillo wrote:
El Martes, 9 de Junio de 2009, Saúl Ibarra escribió:
Nevertheless, I would keep it active, and set ping_nated_only to 1, so you just ping clients which are known to be behind NAT.
The only problem with it is when a fuc**ng SIP ALG enabled router takes place. It will modify the request so it'll look as coming from public IP (NAT cannot be detected in Kamailio), but most of these infernal routers don't mantain the keepalive so the input traffic is closed after UDP "connection" expires in the router.
Yep. Infernal - well said!
This is my personal battle against SIP ALG routers: http://www.voip-info.org/wiki/view/Routers+SIP+ALG
Please, feel free to add any useful information about infernal routers with SIP ALG enabled.
Thanks a lot :)
SIP ALG routers are big pain, at least for me :-)
What I'm trying to do is automagically detect users behind such a stupid routers (analyzing INVITEs and REGISTERs in sip-dump) and automatically send them e-mails aksing to disable SIP ALG. Just my 2c...
some do not offer any such option, even I googled a lot some time ago, I couldn't get a solution for a siemens gigaset se36. If someone knows, would be great.
However, it was easy to trick by listening on 5062 with kamailio and pointing my phones to use that dst port. I haven't tried with tcp, another option that should be tried with those algs.
Cheers, Daniel
On 06/11/2009 01:51 PM, Daniel-Constantin Mierla wrote:
Hello,
On 06/10/2009 11:20 AM, kokoska rokoska wrote:
Iñaki Baz Castillo napsal(a):
El Martes, 9 de Junio de 2009, Alex Balashov escribió:
Iñaki Baz Castillo wrote:
El Martes, 9 de Junio de 2009, Saúl Ibarra escribió:
Nevertheless, I would keep it active, and set ping_nated_only to 1, so you just ping clients which are known to be behind NAT.
The only problem with it is when a fuc**ng SIP ALG enabled router takes place. It will modify the request so it'll look as coming from public IP (NAT cannot be detected in Kamailio), but most of these infernal routers don't mantain the keepalive so the input traffic is closed after UDP "connection" expires in the router.
Yep. Infernal - well said!
This is my personal battle against SIP ALG routers: http://www.voip-info.org/wiki/view/Routers+SIP+ALG
Please, feel free to add any useful information about infernal routers with SIP ALG enabled.
Thanks a lot :)
SIP ALG routers are big pain, at least for me :-)
What I'm trying to do is automagically detect users behind such a stupid routers (analyzing INVITEs and REGISTERs in sip-dump) and automatically send them e-mails aksing to disable SIP ALG. Just my 2c...
some do not offer any such option, even I googled a lot some time ago, I couldn't get a solution for a siemens gigaset se36
errata: gigaset se361 ...
Daniel
. If someone knows, would be great.
However, it was easy to trick by listening on 5062 with kamailio and pointing my phones to use that dst port. I haven't tried with tcp, another option that should be tried with those algs.
Cheers, Daniel
El Jueves, 11 de Junio de 2009, Daniel-Constantin Mierla escribió:
I haven't tried with tcp, another option that should be tried with those algs.
I've seen some Cisco routers doing ALG for SIP TCP (port 5060 or whatever port you configure in the Cisci for it). :(
Iñaki Baz Castillo napsal(a):
El Jueves, 11 de Junio de 2009, Daniel-Constantin Mierla escribió:
I haven't tried with tcp, another option that should be tried with those algs.
I've seen some Cisco routers doing ALG for SIP TCP (port 5060 or whatever port you configure in the Cisci for it). :(
Yes, at least CISCO ASA and CISCO PIX...
Best regards,
kokoska.rokoska
On 06/11/2009 02:18 PM, kokoska rokoska wrote:
Iñaki Baz Castillo napsal(a):
El Jueves, 11 de Junio de 2009, Daniel-Constantin Mierla escribió:
I haven't tried with tcp, another option that should be tried with those algs.
I've seen some Cisco routers doing ALG for SIP TCP (port 5060 or whatever port you configure in the Cisci for it). :(
Yes, at least CISCO ASA and CISCO PIX...
these are super master ALGs :-) ...
usually these are the steps I try when facing algs: - if no option to disable alg in router, set a second port in kamailio - if above fails and phone can do tcp, try it - if above fails and phone can do tls, try it - if above fails drop the alg router :-), use it as press-papier, buy a cheaper one that didn't waste resources for such crap
Cheers, Daniel
The only problem with it is when a fuc**ng SIP ALG enabled router takes place. It will modify the request so it'll look as coming from public IP (NAT cannot be detected in Kamailio), but most of these infernal routers don't mantain the keepalive so the input traffic is closed after UDP "connection" expires in the router.
Oh, I forgot to take that into account! Thanks for the pointer! :)
-
Alex Balashov -
Ariadne Ramos -
Daniel-Constantin Mierla -
Iñaki Baz Castillo -
kokoska rokoska -
Saúl Ibarra