[Serusers] rtpproxy/nathelper configuration issues. i think.

Andres andres at telesip.net
Mon Feb 2 03:39:22 CET 2004


My mistake then.  In any case you must  complete 2 things.  You must 
first set the flag...or else that part of the code does not get executed.

For example:
      if (search("User-Agent: Cisco ATA.*")) {
                setflag(1); # remember this is ATA
                force_rport();
                fix_nated_contact();
        };

and your on_reply must look something like this:

onreply_route[1] {
        if ((status=~"[12][0-9][0-9]"))
                fix_nated_contact();
                force_rtp_proxy();
}

It should work after that.

Eric C. Snowdeal III wrote:

> hmmm.  i replaced the INVITE in my original config with the one you 
> supplied and SER started fine:
>
> -----
>
> Feb  1 18:12:52 localhost ser: Listening on
> Feb  1 18:12:52 localhost ser:               127.0.0.1 [127.0.0.1]:5060
> Feb  1 18:12:52 localhost ser:               my.public.ip 
> [my.public.ip]:5060
> Feb  1 18:12:52 localhost ser: Aliases: localhost.localdomain:5060 
> localhost:5060 my.public.box:*
> Feb  1 18:12:52 localhost ser: ser startup succeeded
>
> -----
>
> clients register and get a "200 o.k." response.  i just realized that 
> i left out the send and receive message that i get when i try to call 
> a client on the same lan segment -  my.public.ip is the ip address of 
> the my.public.box on which ser is running:
>
> -----
>
> SEND >> my.public.ip:5060
> INVITE sip:456 at my.public.box SIP/2.0
> Via: SIP/2.0/UDP 
> 192.168.1.100:5060;rport;branch=z9hG4bK63D6D07A552611D8908A000393B930BA
> From: snowdeal <sip:123 at my.public.box>;tag=748430901
> To: <sip:456 at my.public.box>
> Contact: <sip:123 at 192.168.1.100:5060>
> Call-ID: 61C9E3CB-5526-11D8-908A-000393B930BA at 192.168.1.100
> CSeq: 59170 INVITE
> Max-Forwards: 70
> Content-Type: application/sdp
> User-Agent: X-Lite build 1101
> Content-Length: 296
>
> v=0
> o=123 584059347 584059347 IN IP4 192.168.1.100
> s=X-Lite
> c=IN IP4 192.168.1.100
> t=0 0
> m=audio 8000 RTP/AVP 0 8 3 98 97 101
> a=rtpmap:0 pcmu/8000
> a=rtpmap:8 pcma/8000
> a=rtpmap:3 gsm/8000
> a=rtpmap:98 iLBC/8000
> a=rtpmap:97 speex/8000
> a=rtpmap:101 telephone-event/8000
> a=fmtp:101 0-15
>
> RECEIVE << my.public.ip:5060
> SIP/2.0 100 trying -- your call is important to us
> Via: SIP/2.0/UDP 
> 192.168.1.100:5060;rport=5060;branch=z9hG4bK63D6D07A552611D8908A000393B930BA;received=my.router.public.ip 
>
> From: snowdeal <sip:123 at my.public.box>;tag=748430901
> To: <sip:456 at my.public.box>
> Call-ID: 61C9E3CB-5526-11D8-908A-000393B930BA at 192.168.1.100
> CSeq: 59170 INVITE
> Server: Sip EXpress router (0.8.12 (i386/linux))
> Content-Length: 0
> Warning: 392 my.public.ip:5060 "Noisy feedback tells:  pid=16985 
> req_src_ip=my.router.public.ip req_src_port=5060 
> in_uri=sip:456 at my.public.box out_uri=sip:456 at 192.168.1.101:5060 
> via_cnt==1"
>
> ----
>
> the rtpmap messages are new, so i guess that's progress.  that said, 
> should i ditch the released version and wade through the config errors 
> that i get when i compile the CVS head?  is there anything glaringly 
> obviously wrong with my current setup?
>
> thanks,
>
> - eric
>
>
> Andres wrote:
>
>> Eric,
>>
>> I don't think the release version has support for RTPProxy.  Change 
>> your config to this and I bet it won't start.
>>
>>        if (method=="INVITE") {
>>                record_route();
>>                if (isflagset(1)) { # ATA ?
>>                         force_rtp_proxy();
>>                };
>>                /* set up reply processing */
>>                t_on_reply("1");
>>        };
>>
>> Eric C. Snowdeal III wrote:
>>
>>> i've been getting my sea legs with SER and am having trouble getting 
>>> rtpproxy to nathelper to work correctly with my setup.  since 
>>> everything works fine if i test the scenario with a freeworld dialup 
>>> account, i'm assuming that my problems are solely due to the 
>>> vastness of my ignorance on how to configure SER correctly.
>>>
>>> i have three x-lite clients [ one is running on windows 2000 not 
>>> sure of the build number, but it's the latest download from the 
>>> website; the other two clients are both build 1101 on mac 10.2.3. 
>>> SER running on a rh9 box on a public IP with rtpproxy. i installed 
>>> ser-0.8.12-0.i386.rpm which i downloaded from the ftp server.  the 
>>> x-lite clients are sitting behind a linksys befw11s4 nat router.
>>>
>>> i can run SER without nathelper/rtpproxy and make and receive calls 
>>> to clients outside the my network.  however, things fall apart 
>>> quickly when i try to run more than one client behind the nat [ lost 
>>> audio, timeouts etc] which i presume is what nathelper is supposed 
>>> to deal with.  if try to run to use nathelper, i can't make a call 
>>> from a one client to another client behind the lan.  the calls won't 
>>> go through - they simply timeout.
>>>
>>> i downloaded and compiled rtpproxy which i obtained from the 
>>> portaone website and simply started it from the command line.  i 
>>> can't figure out how to get any debugging messages from rtpproxy, 
>>> but i can see that the process exists and /var/run/rtpproxy.sock is 
>>> created.
>>>
>>> i altered ser.cfg using the template i found in the ser-0.8.12_src 
>>> tarball [ /modules/nathelper/nathelper.cfg ].  see my config below 
>>> [1].  i understand that things have changed quite a bit in the CVS 
>>> head, but i tried to compile and install the latest CVS version, but 
>>> i ran into a host of config errors using the nathelper.cfg supplied, 
>>> so i decided to backtrack, gather my wits, and stick with the 
>>> released version.
>>>
>>> the x-lite clients appear to register appropriately with the server 
>>> [2 - public ip addresses have been changed to protect the 
>>> innocent].  to my untrained eye, these messages look the same as 
>>> what i see when i test things using freeworld dialup accounts and i 
>>> can make a call to another client on the same lan segment - i.e. the 
>>> internal IP addresses are being sent. the location database also 
>>> shows that the internal IP addresses are being used [3], but i don't 
>>> know if this is what i want or not.  oh.  i'm also using 
>>> my.public.box - a FQDN - as in the x-lite fields where it asks for 
>>> "Domain/Realm", "SIP Proxy" and "Out Bound Proxy".
>>>
>>> so anyone care to grab me by the lapels and point out what i'm 
>>> obviously doing wrong :-)
>>>
>>>
>>> [1]
>>> #
>>> # $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
>>> #
>>> # simple quick-start config script
>>> #
>>>
>>> # ----------- global configuration parameters ------------------------
>>>
>>> #debug=3         # debug level (cmd line: -dddddddddd)
>>> #fork=yes
>>> #log_stderror=no        # (cmd line: -E)
>>>
>>> /* Uncomment these lines to enter debugging mode
>>> debug=7
>>> fork=no
>>> log_stderror=yes
>>> */
>>>
>>> check_via=no    # (cmd. line: -v)
>>> dns=no           # (cmd. line: -r)
>>> rev_dns=no      # (cmd. line: -R)
>>> #port=5060
>>> #children=4
>>> fifo="/tmp/ser_fifo"
>>>
>>> # ------------------ module loading ----------------------------------
>>>
>>> # Uncomment this if you want to use SQL database
>>> #loadmodule "/usr/lib/ser/modules/mysql.so"
>>>
>>> loadmodule "/usr/lib/ser/modules/nathelper.so"
>>>
>>> loadmodule "/usr/lib/ser/modules/sl.so"
>>> loadmodule "/usr/lib/ser/modules/tm.so"
>>> loadmodule "/usr/lib/ser/modules/rr.so"
>>> loadmodule "/usr/lib/ser/modules/maxfwd.so"
>>> loadmodule "/usr/lib/ser/modules/usrloc.so"
>>> loadmodule "/usr/lib/ser/modules/registrar.so"
>>>
>>> # Uncomment this if you want digest authentication
>>> # mysql.so must be loaded !
>>> #loadmodule "/usr/lib/ser/modules/auth.so"
>>> #loadmodule "/usr/lib/ser/modules/auth_db.so"
>>>
>>> # ----------------- setting module-specific parameters ---------------
>>>
>>> # -- usrloc params --
>>>
>>> modparam("usrloc", "db_mode",   0)
>>>
>>> # Uncomment this if you want to use SQL database
>>> # for persistent storage and comment the previous line
>>> #modparam("usrloc", "db_mode", 2)
>>>
>>> # -- auth params --
>>> # Uncomment if you are using auth module
>>> #
>>> #modparam("auth_db", "calculate_ha1", yes)
>>> #
>>> # If you set "calculate_ha1" parameter to yes (which true in this 
>>> config),
>>> # uncomment also the following parameter)
>>> #
>>> #modparam("auth_db", "password_column", "password")
>>>
>>> # -- rr params --
>>> # add value to ;lr param to make some broken UAs happy
>>> modparam("rr", "enable_full_lr", 1)
>>>
>>> alias="my.public.box"
>>>
>>> # -------------------------  request routing logic -------------------
>>>
>>> # main routing logic
>>>
>>> route{
>>>
>>>         # initial sanity checks -- messages with
>>>         # max_forwards==0, or excessively long requests
>>>         if (!mf_process_maxfwd_header("10")) {
>>>                 sl_send_reply("483","Too Many Hops");
>>>                 break;
>>>         };
>>>         if ( msg:len > max_len ) {
>>>                 sl_send_reply("513", "Message too big");
>>>                 break;
>>>         };
>>>
>>>
>>>         # compulsory processing of Route header fields and adding RR
>>>         loose_route();
>>>
>>>         /* registration (uses rewritten contacts) */
>>>         if (method=="REGISTER") {
>>>                 save("location");
>>>                 break;
>>>         };
>>>
>>>         if (method=="INVITE") {
>>>                 record_route();
>>>                 if (isflagset(1)) { # ATA ?
>>>                         fix_nated_sdp("3");
>>>                 };
>>>                 /* set up reply processing */
>>>                 t_on_reply("1");
>>>         };
>>>
>>>         if (method == "INVITE" || method == "CANCEL") {
>>>                 if (!lookup("location")) {
>>>                         sl_send_reply("404", "Not Found");
>>>                         break;
>>>                 };
>>>         };
>>>
>>>         /* set up reply processing and forward statefuly */
>>>         t_relay();
>>> }
>>>
>>> # all incoming replies for t_onrepli-ed transactions enter here
>>> onreply_route[1] {
>>>         if (status=~"2[0-9][0-9]")
>>>                 fix_nated_contact();
>>>                 fix_nated_sdp("3");
>>> }
>>>
>>> [2]
>>>
>>> Established SIP protocol listen on: 192.168.1.100:5060
>>>
>>> Discovered Restricted Cone NAT Firewall
>>>
>>> SIP: 192.168.1.100:5060
>>> RTP: 192.168.1.100:8000
>>> NAT: my.router.public.ip
>>>
>>> PROXY#0: ser.public.ip:5060
>>>
>>> OUTBOUND-PROXY#0: ser.public.ip:5060
>>>
>>>
>>> SEND >> ser.public.ip:5060
>>> REGISTER sip:my.public.box SIP/2.0
>>> Via: SIP/2.0/UDP 
>>> 192.168.1.100:5060;rport;branch=z9hG4bK9DF27D98551C11D882E3000393B930BA
>>> From: snowdeal <sip:123 at my.public.box>
>>> To: snowdeal <sip:123 at my.public.box>
>>> Contact: "snowdeal" <sip:123 at 192.168.1.100:5060>
>>> Call-ID: 9DA51D06551C11D882E3000393B930BA at my.public.box
>>> CSeq: 56648 REGISTER
>>> Expires: 1800
>>> Max-Forwards: 70
>>> User-Agent: X-Lite build 1101
>>> Content-Length: 0
>>>
>>>
>>> RECEIVE << ser.public.ip:5060
>>> SIP/2.0 200 OK
>>> Via: SIP/2.0/UDP 
>>> 192.168.1.100:5060;rport=5060;branch=z9hG4bK9DF27D98551C11D882E3000393B930BA;received=my.router.public.ip 
>>>
>>> From: snowdeal <sip:123 at my.public.box>
>>> To: snowdeal 
>>> <sip:123 at my.public.box>;tag=b27e1a1d33761e85846fc98f5f3a7e58.3894
>>> Call-ID: 9DA51D06551C11D882E3000393B930BA at my.public.box
>>> CSeq: 56648 REGISTER
>>> Contact: <sip:123 at 192.168.1.100:5060>;q=0.00;expires=1800
>>> Server: Sip EXpress router (0.8.12 (i386/linux))
>>> Content-Length: 0
>>> Warning: 392 ser.public.ip:5060 "Noisy feedback tells:  pid=21653 
>>> req_src_ip=my.router.public.ip req_src_port=5060 
>>> in_uri=sip:my.public.box out_uri=sip:my.public.box via_cnt==1"
>>>
>>>
>>> ----------
>>>
>>>
>>> Established SIP protocol listen on: 192.168.1.101:5060
>>>
>>> Discovered Restricted Cone NAT Firewall
>>>
>>> SIP: 192.168.1.101:5060
>>> RTP: 192.168.1.101:8000
>>> NAT: my.router.public.ip
>>>
>>> PROXY#0: 69.55.224.151:5060
>>>
>>> OUTBOUND-PROXY#0: 69.55.224.151:5060
>>>
>>>
>>> SEND >> ser.public.ip:5060
>>> REGISTER sip:my.public.box SIP/2.0
>>> Via: SIP/2.0/UDP 
>>> 192.168.1.101:5060;rport;branch=z9hG4bKAC7BFFFD551C11D8B317000A957BC13A
>>> From: kristine <sip:456 at my.public.box>
>>> To: kristine <sip:456 at my.public.box>
>>> Contact: "kristine" <sip:456 at 192.168.1.101:5060>
>>> Call-ID: AC7B8E18551C11D8B317000A957BC13A at my.public.box
>>> CSeq: 55034 REGISTER
>>> Expires: 1800
>>> Max-Forwards: 70
>>> User-Agent: X-Lite build 1101
>>> Content-Length: 0
>>>
>>>
>>> RECEIVE << ser.public.ip:5060
>>> SIP/2.0 200 OK
>>> Via: SIP/2.0/UDP 
>>> 192.168.1.101:5060;rport=15060;branch=z9hG4bKAC7BFFFD551C11D8B317000A957BC13A;received=my.router.public.ip 
>>>
>>> From: kristine <sip:456 at my.public.box>
>>> To: kristine 
>>> <sip:456 at my.public.box>;tag=b27e1a1d33761e85846fc98f5f3a7e58.b0ef
>>> Call-ID: AC7B8E18551C11D8B317000A957BC13A at my.public.box
>>> CSeq: 55034 REGISTER
>>> Contact: <sip:456 at 192.168.1.101:5060>;q=0.00;expires=1800
>>> Server: Sip EXpress router (0.8.12 (i386/linux))
>>> Content-Length: 0
>>> Warning: 392 ser.public.ip:5060 "Noisy feedback tells: pid=21658 
>>> req_src_ip=my.router.public.ip req_src_port=15060 
>>> in_uri=sip:my.public.box out_uri=sip:my.public.box via_cnt==1
>>>
>>> [3]
>>>
>>> ===Domain list===
>>> ---Domain---
>>> name : 'location'
>>> size : 512
>>> table: 0x402d60d8
>>> d_ll {
>>>     n    : 2
>>>     first: 0x402d80e0
>>>     last : 0x402d81c8
>>> }
>>>
>>> ...Record(0x402d80e0)...
>>> domain: 'location'
>>> aor   : '123'
>>> ~~~Contact(0x402d8120)~~~
>>> domain : 'location'
>>> aor    : '123'
>>> Contact: 'sip:123 at 192.168.1.100:5060'
>>> Expires: 583
>>> q      :       0.00
>>> Call-ID: '9DA51D06551C11D882E3000393B930BA at my.public.box'
>>> CSeq   : 56648
>>> replic : 0
>>> State  : CS_NEW
>>> Flags  : 0
>>> next   : (nil)
>>> prev   : (nil)
>>> ~~~/Contact~~~~
>>> .../Record...
>>> ...Record(0x402d81c8)...
>>> domain: 'location'
>>> aor   : '456'
>>> ~~~Contact(0x402d8208)~~~
>>> domain : 'location'
>>> aor    : '456'
>>> Contact: 'sip:456 at 192.168.1.101:5060'
>>> Expires: 614
>>> q      :       0.00
>>> Call-ID: 'AC7B8E18551C11D8B317000A957BC13A at my.public.box'
>>> CSeq   : 55034
>>> replic : 0
>>> State  : CS_NEW
>>> Flags  : 0
>>> next   : (nil)
>>> prev   : (nil)
>>> ~~~/Contact~~~~
>>> .../Record...
>>>
>>> ---/Domain---
>>> ===/Domain list===
>>>
>>> _______________________________________________
>>> Serusers mailing list
>>> serusers at lists.iptel.org
>>> http://lists.iptel.org/mailman/listinfo/serusers
>>>
>>
>>
>
> _______________________________________________
> Serusers mailing list
> serusers at lists.iptel.org
> http://lists.iptel.org/mailman/listinfo/serusers
>


-- 
Andres
Network Admin
http://www.telesip.net





More information about the sr-users mailing list