[Users] SER as loadbalancer and NAT

Klaus Darilion klaus.mailinglists at pernau.at
Wed Jan 11 12:15:42 CET 2006 

Hi Andreas!

Andreas Granig wrote:
> Hi,
> 
> A question to the NAT experts:
> 
> I wonder if there are known side effects if I use fix_nated_contact() in 
> combination with nat_flag in the registrar module instead of 
> fix_nated_register() to save NATed contacts?

I think the only limitation is, that the SIP client sees a modified URI 
in incoming INVITE requests and in the 200 Ok responses for the REGISTER 
messages. I guess most clients do not care, but AFAI remember there was 
a posting that a client did not accept the 200 Ok reponse with the 
modified contact.


> What I want to do is checking for NAT on a stateless SER acting as load 
> balancer, then forwarding it to a proxy in the LAN, like:
> 
>   # remove P-Nated-HF here if present...
>   if(method == REGISTER &&
>     !search("^Contact:[ ]*\*") &&
>     client_nat_test("7"))
>   {
>       fix_nated_contact();
>       append_hf("P-Nated: 1\r\n");
>       force_rport();
>   }
>   # forwarding to proxy using dispatcher module
> 
> And in the proxy:
> 
>   modparam("registrar", "nat_flag", 1)
>   # ...
>   if(method == REGISTER)
>   {
>     if(is_present_hf("P-Nated")) setflag(1);
>     save("location");
>   }
>   # ...
>   if(method == INVITE)
>   {
>     # a request for a local user...
>     lookup("location");
>     setdsturi("sip:<address of loadbalancer>");
>     t_relay();
>   }
> 

I you do not care about the "strict" clients, what about using 
fix_nated_contact in the load balancer and fix_nated_register in the 
proxy? Then, the requests should be automatically be routed to load 
balancer.

> Of course a mechanism has to be provided to let the loadbalancer or an 
> external application NAT-ping the address provided in the rewritten 
> contact.
> 
> As far as I have seen, the difference is that this approach would save 
> the NAT-adress of the contact in usrloc with an empty received-param, 
> while fix_nated_register() saves the private adress of the contact with 
> the NAT-adress in the received-param.
> 
> I would assume (not verified yet), that in the case of using 
> fix_nated_contact(), the NAT-address is set as r-uri after a lookup, 
> with an empty dst-uri, which will have to be set to the load balancer's 
> address to traverse the client-side NAT.
> 
> In case of using fix_nated_register(), I assume the r-uri is set to the 
> client's private address, and the received-address as dst-uri. 
> Traversing the client's NAT wouldn't be that easy in this case because 
> you would have to save the received-address somewhere in the message and 
> forward the request to the load-balancer, which in turn has to forward 
> it to the client's NAT address.

AFAIK this is correct.

regards
klaus


> So would this approach using fix_nated_contact() for REGISTERs make 
> sense for using a SER-based load balancer? Or are there any limitations 
> I haven't considered?
> 
> Thanks,
> Andy
> 
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
> 
>

More information about the sr-users mailing list