[Serusers] [Newbie question] - NAT/port messed up
Thomas
thomasj at eworld.hu
Thu Nov 11 00:04:52 CET 2004
Hello!
I'm trying to make my 1st SIP-based system working. I use SER-0.8.14
on Linux Sarge. I have usually UAs behind NAT firewalls.
I found a case, when UAs are working very oddly, I can't call from one
of them, after sime time I can't reach one of them from outside, after
some time when I call one UA, the 2nd is answering (and the same time
when I call 2nd UA, the 2nd is answering).
I have 2 UAs [Grandstream BT100 & X-Lite v2.0] behind a linux NAT
firewall. Both UAs use the same STUN and SER server.
I did some tcpdumps and I found an interesting thing:
Internet Protocol, Src Addr: <FWPUBLICIP> (<FWPUBLICIP>), Dst Addr: <SERIP> (<SERIP>)
User Datagram Protocol, Src Port: 1024 (1024), Dst Port: 5060 (5060)
Session Initiation Protocol
Request-Line: REGISTER sip:<MYDOMAIN> SIP/2.0
Method: REGISTER
Resent Packet: True
Suspected resend of frame: 31
Message Header
Via: SIP/2.0/UDP <FWPUBLICIP>;branch=z9hG4bK0dbeeb499dbd416e
From: "M70" <sip:70@<MYDOMAIN>;user=phone>;tag=d4de3110a63ddb36
SIP Display info: "M70"
SIP from address: sip:70@<MYDOMAIN>
SIP tag: d4de3110a63ddb36
To: <sip:70@<MYDOMAIN>;user=phone>
SIP to address: sip:70@<MYDOMAIN>
Contact: *
Call-ID: 6ead5eb5744d407d@<IP PHONE LAN IP>
CSeq: 100 REGISTER
Expires: 0
User-Agent: Grandstream BT100 1.0.5.16
Max-Forwards: 70
Allow: INVITE,ACK,CANCEL,BYE,NOTIFY,REFER,OPTIONS,INFO,SUBSCRIBE
Content-Length: 0
Internet Protocol, Src Addr: <SERIP> (<SERIP>), Dst Addr: <FWPUBLICIP>77.150.18 (<FWPUBLICIP>)
User Datagram Protocol, Src Port: 5060 (5060), Dst Port: 5060 (5060)
Session Initiation Protocol
Status-Line: SIP/2.0 200 OK
Status-Code: 200
Resent Packet: False
Message Header
Via: SIP/2.0/UDP <FWPUBLICIP>;branch=z9hG4bK0dbeeb499dbd416e
From: "M70" <sip:70@<MYDOMAIN>;user=phone>;tag=d4de3110a63ddb36
SIP Display info: "M70"
SIP from address: sip:70@<MYDOMAIN>
SIP tag: d4de3110a63ddb36
To: <sip:70@<MYDOMAIN>;user=phone>;tag=9ed85684aa54afbffef0a2d40b9935f4.71f6
SIP to address: sip:70@<MYDOMAIN>
SIP tag: 9ed85684aa54afbffef0a2d40b9935f4.71f6
Call-ID: 6ead5eb5744d407d@<IP PHONE IP>
CSeq: 100 REGISTER
Server: Sip EXpress router (0.8.14 (i386/linux))
Content-Length: 0
Warning: 392 <SERIP>:5060 "Noisy feedback tells: pid=25451 req_src_ip=<FWPUBLICIP> req_src_port=1024 in_uri=sip:<MYDOMAIN> out_uri=sip:<MYDOMAIN> via_cnt==1"
What is interesting is that REGISTER message went out from port 1024
but 200 OK came to port 5060. Is this OK? I think here is some problem
and this can make the phones working oddly.
SER is configured with nathelper+rtpproxy.
...
if (nat_uac_test("3")) {
# Allow RR-ed requests, as these may indicate that
# a NAT-enabled proxy takes care of it; unless it is
# a REGISTER
if (method == "REGISTER" || ! search("^Record-Route:")) {
log("LOG: Someone trying to register from private IP, rewriting\n");
# This will work only for user agents that support symmetric
# communication. We tested quite many of them and majority is
# smart enough to be symmetric. In some phones it takes a configuration
# option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is
# called "symmetric media" and "symmetric signalling".
fix_nated_contact(); # Rewrite contact with source IP of signalling
if (method == "INVITE") {
fix_nated_sdp("1"); # Add direction=active to SDP
};
force_rport(); # Add rport parameter to topmost Via
setflag(6); # Mark as NATed
};
};
...
It is basically the sample nathelper configuration.
Could anybody give me a hint? If it is a well-known situation, please
point me to some other resources, I'm really a new-comer in SIP/SER.
Thank you in advance!
Kind regard,
Tamas J.
More information about the sr-users
mailing list