[Serusers] rtpproxy for private networks without NAT and way outside

Gregory Sandul gregorysandul at yahoo.com
Mon Nov 24 16:52:35 CET 2003 

Thanks Jan.
Let me clarify question.
>From my experince:
RTP proxy listens on all the IP-s all NIC's  -I've
checked it.
netstat -an will give the following output
0.0.0.0:35001 - the 35001 is port where rtpproxy
listens.
As far as I understand, from documentation of
rtpproxy, rtpproxy will wait for first packets on port
from both sides and then forward all the packets
between 2 points. 
Assume I have 2 NIC's on SER with ip
10.0.0.17 and 201.0.14.24
Phones IP-s 10.0.0.197 and 201.0.14.16
Rtpproxy will bind table 
10.0.0.197:8000 <---> 0.0.0.0:35001 
201.0.14.16:8000 <---> 0.0.0.0:35001
and then, when it will receive packet from
10.0.0.197:8000 on port 35001 it will forward it to
201.0.14.16:8000 from port 35001, and the same in
other direction. The routing decisions will make OS,
not rtpproxy it mean that Server will forward all
packets from NIC with ip 10.0.0.17 to 10.0.0.197 and
from NIC with IP 201.0.14.24 to 201.0.14.16.
In such a case I do not need any NAT and way outside.

The question is if it's possible to modify SDP message
after forcing rtpproxy to point outside phone to
public IP address and inside phones to private IP
address.
In other words 
Phone with IP 10.0.0.197 must receive SDP
c=IN IP 10.0.0.17 
Phone with IP 201.0.14.16
c=IN IP 201.0.14.24

Without any modifications of SDP body: 
Phone with IP 10.0.0.197 now receives 
c=IN IP 201.0.14.24
Phone with IP 201.0.14.16 receives
c=IN IP 10.0.0.17

May be I'm wrong? If so - where?

Regards, 
Greg.


--- Jan Janak <jan at iptel.org> wrote:
> OK, the next step will be loading nathelper module
> and calling its
> functions. An example configuration can be found in
> sip_router/etc/nathelper.cfg
> 
> Basically, what you need to do is decide whether a
> message is targeted
> inside your network or outside.
> 
> If it is suppose to go outside then you should call
> force_rtp_proxy()
> and t_on_reply("1"); The first will rewrite IP in
> the SDP with IP
> address of your RTP proxy (must be running on the
> same machine as ser).
> The 2nd function will call onreply_route[1] block
> when a 200 OK comes to
> rewrite SDP in 200 OK:
> 
> onreply_route[1] {
>     force_rtp_proxy();
> }
> 
> But to make this work, your RTP proxy must be
> listening on the public IP
> (to make it reachable from outside), that means your
> internal clients
> must be able to reach the public IP as well.
> 
>   Jan.
> 
> On 24-11 02:58, Gregory Sandul wrote:
> > Thanks you Jan, and thanks to Klaus.
> > I've used in my config
> > mhomed=yes.
> > Now SIP signaling messages work fine.
> > But in the SDP body RTP IP address is not fixed,
> > probably I need to use textopts.so module to fix
> SDP?
> > 
> > Regards,
> > Greg.
> > 
> > --- Jan Janak <jan at iptel.org> wrote:
> > > First of all I would recommend you to split your
> > > setup in two parts and
> > > test them separately. First of all make
> signalling
> > > work (ignore
> > > the contents of SDP) and make sure that you are
> able
> > > to send INVITE and
> > > receive responses either to local phones or
> > > phones/proxies in the public
> > > internet.
> > > 
> > > For that you will have to enable mhomed=yes and
> make
> > > sure that you are
> > > record routing all messages that go outside.
> > > 
> > > You need to make sure that Via and Record-Route
> of
> > > outgoing messages contain thepublic IP (mhomed
> > > should take care of it) of your server.
> > > 
> > > Speak up once you have signalling working and we
> can
> > > continue with RTP
> > > proxy setup.
> > > 
> > >   Jan.
> > > 
> > > On 24-11 00:21, Gregory Sandul wrote:
> > > > Hi.
> > > > Assume I have phones in private network
> > > 10.0.0.0/24.
> > > > There is no NAT server in this network, no
> default
> > > > gateway, no way to outside world (except SER).
> The
> > > > only server phones "know" about is SER. 
> > > > SER has 2 NIC's one in 10.0.0.0/24 network ip
> > > > 10.0.0.17 and other in "real" word
> 201.0.X.X/24.
> > > There
> > > > are some phones (or may be SIP servers) in
> "real"
> > > > world. 
> > > > I want to force rtpproxy for outside world and
> do
> > > not
> > > > for private networks.
> > > > 
> > > > I made some test and it fails.
> > > > If I contact from private network to outside
> world
> > > the
> > > > Via message contains private SER ip 10.0.0.17
> and
> > > > phone which I need to contact does not know
> how to
> > > > contact SER. Also contact in SDP message
> contains
> > > > private ser IP 10.0.0.17 because I have forced
> > > > rtpproxy.
> > > > 
> > > > As I understand, it it necessary to modify SDP
> and
> > > SIP
> > > > messages (contact and Via) in a config script
> > > while
> > > > processing requestst after forcing rtpproxy. 
> > > > Is it possible? 
> > > > May be I missed something, but I have not
> founded
> > > such
> > > > functions.
> > > > 
> > > > Regards,
> > > > Greg.
> > > > 
> > > > 
> > > > __________________________________
> > > > Do you Yahoo!?
> > > > Free Pop-Up Blocker - Get it now
> > > > http://companion.yahoo.com/
> > > > 
> > > >
> _______________________________________________
> > > > Serusers mailing list
> > > > serusers at lists.iptel.org
> > > >
> http://lists.iptel.org/mailman/listinfo/serusers
> > 
> > 
> > __________________________________
> > Do you Yahoo!?
> > Free Pop-Up Blocker - Get it now
> > http://companion.yahoo.com/
> > 
> > _______________________________________________
> > Serusers mailing list
> > serusers at lists.iptel.org
> > http://lists.iptel.org/mailman/listinfo/serusers


__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/

More information about the sr-users mailing list