14 Sep
2004
14 Sep
'04
3:14 a.m.
SER is simply a proxy - it does not handle media in the same way that
asterisk does. When you have both clients registered with SER, once the
initial call set up has been completed, no further traffic runs through
SER. Search this list for explanations as to why RTP traffic doesn't
really run through NAT without a helping hand.
If you want to be able to make calls without any special client/NAT
router settings, check out RTPproxy/NAThelper and Mediaproxy - they do
the RTP proxy bit that Asterisk has built in.
Hope this helps.
Dave
-----Original Message-----
From: serusers-bounces(a)iptel.org [mailto:serusers-bounces@lists.iptel.org] On
Behalf Of Morten Kuehl
Sent: 13 September 2004 22:35
To: serusers(a)lists.iptel.org
Subject: [Serusers] NAT with SER and ASTERISK, strange behaviour
Hi folks,
I just spent the evening with trying to find a logical solution to a NAT
problem but I had no success. I decided therefore to go to bed and let
the
more intelligent guys have a guess ;):
I do have the following setup:
Cisco 7960G with public IP
Xlite behind router with NAT
Ser server with a public ip
Asterisk with a public ip
Xlite finds out that it is behind a symetric firewall while starting and
sends the external ip of the nat device in its sip messages.
I want to call the xlite client behind NAT from the Cisco phone. It
works
when the cisco phone and the xlite client are registered with the
asterisk
server. I have set nat=yes and canreinvite=no in the account settings
for
the xlite client in the sip.conf of the asterisk server. The Cisco phone
has a normal account. I had a look at the sip messages and as
configured,
the Asterisk server works as a rtp proxy for the media stream. Audio
works
in both ways.
When I use ser and register both clients with ser and start a call,
audio
works only outbound from xlite to the cisco phone but not inbound from
the
cisco phone to xlite through the nat device.
I digged the sip messages several times and did not see any big
difference
between the two sip conversations, besides having the asterisk as an rtp
proxy in the middle in the first attempt. Neither did I see an approach
of
asterisk to make xlite pinhole the nat device as describe for example in
the sip cookbook.
Unfortunately I am stuck at this stage and cannot find a logical
explanation for the described behaviour. If anyone can give me a hint or
needs further information to assist, please let me know!
Cheers
Morten
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
14 Sep
14 Sep
5:49 a.m.
New subject: [Serusers] NAT with SER and ASTERISK, strange behaviour
Hi,
I am aware of the difference between media and signalling as well as the
way an rtp proxy works. But still do I think that this is a different
case:
When using asterisk, xlite does symetric rtp streams aka. sends from port
8000 and listens on port 8000. The port is therefore open on nat and udp
pakets can travel through the nat with the correct public ip in the sip
messages.
When I do have the setup with ser and the sip messages look the same, aka.
xlite says "I am listening on 8000 on public ip" and send via 8000 to the
cisco phone which says "I am listening on port x on my ip". So there
should be no need for an rtp proxy as the rtp stream from xlite is
symetric and the nat port is open. But still there is no incoming audio. I
can understand that with clients like MS messenger there is a need to
rewrite the sdp and sip messages.
So where is the problem in my szenario, what little magic does asterisk do
that I do not see in the sip messages???
Cheers
Morten
SER is simply a proxy - it does not handle media in
the same way that
asterisk does. When you have both clients registered with SER, once the
initial call set up has been completed, no further traffic runs through
SER. Search this list for explanations as to why RTP traffic doesn't
really run through NAT without a helping hand.
If you want to be able to make calls without any special client/NAT
router settings, check out RTPproxy/NAThelper and Mediaproxy - they do
the RTP proxy bit that Asterisk has built in.
Hope this helps.
Dave
15 Sep
15 Sep
8:09 p.m.
New subject: [Serusers] NAT with SER and ASTERISK, strange behaviour
Now, symmetric rtp only means your ua will send and receive rtp packets on
the same port, 8000 in your case. It does not automatically means that the
NAT device will open port 8000 for incoming packets, unless you have port
forwarding in place. Mostly importantly, your NAT device does not necessary
use port 8000 to map your port 8000 for outgoing. It can be something else,
say 60000.
For the Cisco side, it will see rtp stream coming from <ua1 pub ip:60000>.
From the SDP it received previously, it will send rtp
stream back to <ua1
pub ip:8000>. Now, unless you have port forwarding in
place, your NAT device
will drop the packets as the "hole" is not opened.
Both Asterisk and rtpproxy do this by sending the packet back to where it
receive from, that is <ua1 pub ip:60000>, and ignoring the SDP. Asterisk
does this automatically and you have to instruct SER and rtpproxy to do that
manually.
Hope it answer your question.
Zeus
-----Original Message-----
From: serusers-bounces(a)lists.iptel.org
[mailto:serusers-bounces@lists.iptel.org] On Behalf Of Morten Kuehl
Sent: Tuesday, 14 September 2004 7:50 PM
To: serusers(a)lists.iptel.org
Subject: RE: [Serusers] NAT with SER and ASTERISK, strange behaviour
Hi,
I am aware of the difference between media and signalling as
well as the way an rtp proxy works. But still do I think that
this is a different
case:
When using asterisk, xlite does symetric rtp streams aka.
sends from port 8000 and listens on port 8000. The port is
therefore open on nat and udp pakets can travel through the
nat with the correct public ip in the sip messages. When I do
have the setup with ser and the sip messages look the same,
aka. xlite says "I am listening on 8000 on public ip" and
send via 8000 to the cisco phone which says "I am listening
on port x on my ip". So there should be no need for an rtp
proxy as the rtp stream from xlite is symetric and the nat
port is open. But still there is no incoming audio. I can
understand that with clients like MS messenger there is a
need to rewrite the sdp and sip messages.
So where is the problem in my szenario, what little magic
does asterisk do that I do not see in the sip messages???
Cheers
Morten
SER is simply a proxy - it does not handle media
in the
same way that
asterisk does. When you have both clients
registered with
SER, once
the initial call set up has been completed, no
further traffic runs
through SER. Search this list for explanations as to why
RTP traffic
doesn't really run through NAT without a
helping hand.
If you want to be able to make calls without any special client/NAT
router settings, check out RTPproxy/NAThelper and
Mediaproxy - they do
the RTP proxy bit that Asterisk has built in.
Hope this helps.
Dave
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
7232
days inactive
7234
days old
2 comments
3 participants
participants (3)
-
Dave Bath -
Morten Kuehl -
Zeus Ng