[OpenSER-Users] SER problem with NAT

satish patel satish_patel_2000_2000 at yahoo.com
Wed Dec 26 15:08:50 CET 2007


Dear all

                  I have installed SER with multidomain support and it is working fine i have host 2 domain abc.com and example.com now i dont have any NAT between server and client 

                 But now i have few more client. they are behind NAT so i have find nathelper help and configure with mediaproxy now what happend when i test this configuration in my demo setup 

[192.168.1.2_SIP_Client]------------[SER + Mediaproxy + nathaper]------[192.168.1.3_SIP_Client]

MY server IP address is 192.168.1.1   

everyone in same subnet no NAT between them 

ser configuration with NAT + Mediaproxy and mediaproxy running on same machine..

When i trying to register Xlite on server i got error 483 Too many Hops why is there any domain related problem or something else when i remove name server in /etc/resolve.conf i got Timeout error 

My --------- ser.cfg

# $Id: nat-mediaproxy.cfg 51 2006-01-31 13:28:04Z /CN=Paul Hazlett/emailAddress=paul at onsip.org $
debug=7
fork=yes
log_stderror=yes

listen=192.168.104.20           # INSERT YOUR IP ADDRESS HERE
port=5060
children=4

dns=yes
rev_dns=no
fifo="/tmp/ser_fifo"
fifo_db_url="mysql://root:tulip@localhost/ser"

loadmodule "/usr/local/lib/ser/modules/mysql.so"
loadmodule "/usr/local/lib/ser/modules/sl.so"
loadmodule "/usr/local/lib/ser/modules/tm.so"
loadmodule "/usr/local/lib/ser/modules/rr.so"
loadmodule "/usr/local/lib/ser/modules/maxfwd.so"
loadmodule "/usr/local/lib/ser/modules/usrloc.so"
loadmodule "/usr/local/lib/ser/modules/registrar.so"
loadmodule "/usr/local/lib/ser/modules/auth.so"
loadmodule "/usr/local/lib/ser/modules/auth_db.so"
loadmodule "/usr/local/lib/ser/modules/uri.so"
loadmodule "/usr/local/lib/ser/modules/uri_db.so"
loadmodule "/usr/local/lib/ser/modules/domain.so"
loadmodule "/usr/local/lib/ser/modules/mediaproxy.so"
loadmodule "/usr/local/lib/ser/modules/nathelper.so"
loadmodule "/usr/local/lib/ser/modules/textops.so"

modparam("auth_db|domain|uri_db|usrloc", "db_url", "mysql://root:tulip@localhost/ser")
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")

modparam("nathelper", "rtpproxy_disable", 1)
modparam("nathelper", "natping_interval", 0)

modparam("mediaproxy","natping_interval", 30)
modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy.sock")
modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients")
modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients")

modparam("usrloc", "db_mode", 2)
modparam("domain", "domain_table", "domain")
modparam("domain", "domain_col", "domain")

modparam("usrloc|registrar|auth_db|avpops|group", "use_domain", 1)


modparam("registrar", "nat_flag", 6)

modparam("rr", "enable_full_lr", 1)

route {

        # -----------------------------------------------------------------
        # Sanity Check Section
        # -----------------------------------------------------------------
        if (!mf_process_maxfwd_header("10")) {
                sl_send_reply("483", "Too Many Hops");
                break;
        };

        if (msg:len > max_len) {
                sl_send_reply("513", "Message Overflow");
                break;
        };

        # -----------------------------------------------------------------
        # Record Route Section
        # -----------------------------------------------------------------
        if (method=="INVITE" && client_nat_test("3")) {
                # INSERT YOUR IP ADDRESS HERE
                record_route_preset("192.168.104.20:5060;nat=yes");
        } else if (method!="REGISTER") {
                record_route();
        };

        # -----------------------------------------------------------------
        # Call Tear Down Section
        # -----------------------------------------------------------------
        if (method=="BYE" || method=="CANCEL") {
                end_media_session();
        };

        # -----------------------------------------------------------------
        # Loose Route Section
        # -----------------------------------------------------------------
        if (loose_route()) {

                if ((method=="INVITE" || method=="REFER") && !has_totag()) {
                        sl_send_reply("403", "Forbidden");
                        break;
                };

                if (method=="INVITE") {

                        if (!proxy_authorize("","subscriber")) {
                                proxy_challenge("","0");
                                break;
                        } else if (!check_from()) {
                                sl_send_reply("403", "Use From=ID");
                                break;
                        };
                        consume_credentials();

                        if (client_nat_test("3") || search("^Route:.*;nat=yes")) {
                                setflag(6);
                                use_media_proxy();
                        };
                };

                route(1);
                break;
        };

        # -----------------------------------------------------------------
        # Call Type Processing Section
        # -----------------------------------------------------------------
        if (uri!=myself) {
                route(4);
                route(1);
                break;
        };

        if (method=="ACK") {
                route(1);
                break;
        } else if (method=="CANCEL") {
                route(1);
                break;
        } else if (method=="INVITE") {
                route(3);
                break;
        } else if (is_from_local()) {
        if (method=="REGISTER") {
                route(2);
                break;
        };
        };
        lookup("aliases");
        if (uri!=myself) {
                route(4);
                route(1);
                break;
        };

        if (!lookup("location")) {
                sl_send_reply("404", "User Not Found");
                break;
        };

        route(1);
}

route[1] {

        # -----------------------------------------------------------------
        # Default Message Handler
        # -----------------------------------------------------------------

        t_on_reply("1");

        if (!t_relay()) {

                if (method=="INVITE" || method=="ACK") {
                        end_media_session();
                };

                sl_reply_error();
        };
}

# REGISTER Message Handling
# -------------------------
route[2] {
        sl_send_reply("100", "Trying");
        if (!search("^Contact:[ ] *\*") && client_nat_test("7")) {
                setflag(6);
                fix_nated_register();
                force_rport();
        };
        if (!www_authorize("","subscriber")) {
                www_challenge("","0");
                break;
        };
        if (!check_to()) {
                sl_send_reply("401", "Unauthorized");
                break;
        };
        consume_credentials();
        if (!save("location")) {
                sl_reply_error();
        };
}


route[3] {

        # -----------------------------------------------------------------
        # INVITE Message Handler
        # -----------------------------------------------------------------

        if (client_nat_test("3")) {
                setflag(7);
                force_rport();
                fix_nated_contact();
        };

        if (!proxy_authorize("","subscriber")) {
                proxy_challenge("","0");
                break;
        } else if (!check_from()) {
                sl_send_reply("403", "Use From=ID");
                break;
        };

        consume_credentials();

        lookup("aliases");
        if (uri!=myself) {
                route(4);
                route(1);
                break;
        };

        if (!lookup("location")) {
                sl_send_reply("404", "User Not Found");
                break;
        };

        route(4);
        route(1);
}

route[4] {

        # -----------------------------------------------------------------
        # NAT Traversal Section
        # -----------------------------------------------------------------

        if (isflagset(6) || isflagset(7)) {
                if (!isflagset(8)) {
                        setflag(8);
                        use_media_proxy();
                };
        };
}

onreply_route[1] {

        if ((isflagset(6) || isflagset(7)) && (status=~"(180)|(183)|2[0-9][0-9]")) {

                if (!search("^Content-Length:[ ]*0")) {
                        use_media_proxy();
                };
        };

        if (client_nat_test("1")) {
                fix_nated_contact();
        };
}



----PGP Signature--

Satish Patel
mobile:- +91-9818875535

http://www.linuxbug.org
       
---------------------------------
Be a better friend, newshound, and know-it-all with Yahoo! Mobile.  Try it now.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20071226/c1f31c15/attachment.htm>


More information about the sr-users mailing list