[Serusers] TCP endpoints behind NAT
Andrei Pelinescu-Onciul
pelinescu-onciul at fokus.fraunhofer.de
Mon May 24 09:56:25 CEST 2004
On May 22, 2004 at 19:34, Martin Rusnak <mafo at cyberspace.sk> wrote:
> Hello
>
> I have following use case:
>
> Endpoint1 <------> NAT <------> SER <------> NAT <------> Endpoint2
> 10.0.0.10 TCP TCP 192.168.0.4
>
First of all try to use UDP. NAT traversal works with UDP. Nobody really
tested it with TCP. Theoretically you could get it working with unstable
ser, special options and a well behaved UA (one that will always reuse
the tcp connections and will keep the nat bindings open).
> Both enpoints are behind a NAT, connected via TCP transport to SER.
> The problem is that no message can be routed between them. It looks
> like SER connot find open tcp connection. Here are the error
> messages copied from the log:
Yes, ser cannot find an open tcp connection and tries to open a new one.
To get arround this you should force tcp aliases and use a very high
timeout for the tcp connections (if a connection is not used, ser will
close it after some time):
- use tcp_accept_aliases=yes in your ser.cfg if you have compliant UAs
(I think only kphone knows about them)
- use force_tcp_alias(); if your UAs don't know about tcp alias.
- edit tcp_conn.h and change TCP_CON_TIMEOUT and TCP_CON_SEND_TIMEOUT
to a very high value
Andrei
More information about the sr-users
mailing list