[Serusers] nathelper doesn't ping registered users

Jiri Kuthan jiri at iptel.org
Tue Nov 27 20:51:07 CET 2007 

I'm kind of finding this conversation a bit confusing -- what is cl in this
context actually good for?

I mean the "boundary proxy" (what is it actually good for?) can have
shadow usrloc (it is presumably in the path anyhow?) if natping shall
be sent from there.

sip-based natping can be run from the "inside proxy" as well, very much
as any other SIP request. That causes heavier traffic but also increases
the success chance (for example behind my firewall and with my SIP phone,
non-SIP pings does not help because client doesn't send enough outbound
traffic)

Just wild guesses -- I'm not really understanding the specifics of this
proxy chain.

-jiri

At 15:13 27/11/2007, Tomasz Zieleniewski wrote:
>unfortunatelly it is not available
>any chance to have it for ser 2.0??
>
>regards
>tomasz
>
>On Nov 27, 2007 2:51 PM, Greger V. Teigre <greger at teigre.com> wrote:
>>
>>  usrloc-cl is a cacheless version of usrloc module, i.e. nothing is stored
>> in memory. I believe Martin Hoffmann took over maintenance of it, but I'm
>> not sure about the status on 2.0.0.  If your edge proxy uses usrloc-cl
>> instead of usrloc, it will pull locations to ping from the DB instead of
>> from memory.
>>
>>
>>  g-)
>>
>>  Tomasz Zieleniewski wrote:
>>  what is usrloc-cl??
>> What do you mean by that and how can I do that?
>>
>> -tomasz
>>
>> On Nov 27, 2007 8:58 AM, Greger V. Teigre <greger at teigre.com> wrote:
>>
>>
>>  You use usrloc-cl?
>>  If not, unless you replicate, the non-REGISTER handling server will not
>> have the usrloc in memory.
>>  g-)
>>
>>
>>
>>  Tomasz Zieleniewski wrote:
>>  Hi Jiri,
>>
>> On Nov 25, 2007 10:08 PM, Jiri Kuthan <jiri at iptel.org> wrote:
>>
>>
>>  At 10:56 25/11/2007, Tomasz Zieleniewski wrote:
>>
>>
>>  Hi,
>>
>> I don't have those lines because I have a registrar on seperate SIP Proxy.
>> This proxy here is the boundary one, but they both use the same database
>> and have access to location table common.
>>
>>  Well, I'm not sure I'm getting the context of this configuration so I don't
>> feel certain with providing some hints (in particular two proxy serveer
>> in a series both using usrloc seems unusual to me). A hand-waving estimate
>> is you need to configure the "boundary proxy" to change all natted clients
>> to form "as seen by the network" and the "actual proxy" to send pings to
>> all contacts.
>>
>>
>>  Boundary proxy uses usrloc only for the purpose of pinging the natted
>> users.
>> Nathelper module requires usrloc. Because all reuqest travels 'boundary
>> proxy'
>> before entering network the 'boundary proxy' must ping users to keep
>> my nat bindings
>> right. they are both on seperate machines.
>>
>>  -tomek
>>
>>
>>  -jiri
>>
>>
>>
>>
>>
>>  -tomasz
>>
>> On Nov 25, 2007 10:40 AM, Jiri Kuthan <jiri at iptel.org> wrote:
>>
>>
>>  Hi Tomasz,
>>
>> well it could be that reusing an existing config and commiting than your
>> specific
>> changes to it would save you quite some laborous exercises rather than
>> writing
>> it from scratch....
>> http://cvs.berlios.de/cgi-bin/viewcvs.cgi/ser/sip_router/etc/ser-oob.cfg?rev=1.1.2.1&content-type=text/plain
>>
>> The lines in question are (out of which I think you are missing the
>> registrar params)
>>
>>
>>  FLAG_NAT : 3, # the UAC is behind a NAT
>>
>> ...
>> # identify natted contacts using a flag
>> modparam("registrar", "load_nat_flag", "FLAG_NAT")
>> modparam("registrar", "save_nat_flag", "FLAG_NAT")
>> ...
>> modparam("rr", "cookie_filter", "(account|uac_nat)")
>> ...
>> modparam("nathelper", "ping_nated_only", 1 )
>> # if this option is not set, simple 4-bytes ping is sent
>> modparam("nathelper", "natping_method", "OPTIONS" )
>> #temporary statefull natping test (only in future versions)
>> #modparam("nathelper", "natping_stateful", 1)
>> ...
>>
>>  setflag(FLAG_NAT);
>>
>>
>> -jiri
>>
>>
>> At 22:20 24/11/2007, Tomasz Zieleniewski wrote:
>>
>>
>>  I'm sorry for the CC
>> here is my config:
>>
>> debug=3 # debug level (cmd line: -dddddddddd)
>> memdbg=5
>> memlog=5
>> log_facility=LOG_LOCAL0
>> fork=yes
>> log_stderror=no
>> check_via=yes # (cmd. line: -v)
>> dns=no # (cmd. line: -r)
>> rev_dns=no # (cmd. line: -R)
>> port=5060
>> tls_port_no=5061
>> children=4
>> user=ser
>> group=ser
>> mhomed=yes
>> disable_tcp=no
>> tcp_accept_aliases=yes
>> enable_tls=no
>> sip_warning=0
>> reply_to_via=no
>> alias="voip.touk.pl"
>>
>> dns_retr_time=1
>> dns_retr_no=1
>> dns_servers_no=1
>> dns_use_search_list=no
>> dns_try_ipv6=no
>> # dns cache & failover
>> use_dns_cache=on
>> use_dns_failover=on
>> # dns_cache_flags=0
>> dns_cache_negative_ttl=300
>> dns_cache_min_ttl=60
>> dns_cache_max_ttl=86400 # 1 day
>> dns_cache_mem=2048 # 2 MB
>> dns_cache_gc_interval=60
>>
>> tcp_connection_lifetime=3600
>> tcp_max_connections=2048
>> tcp_connect_timeout=1
>>
>> loadmodule ...
>> ....
>>
>> # specify the path to you database here
>> modparam("acc_db|auth_db|avp_db|domain|gflags|usrloc|uri_db|speeddial|msilo|lcr",
>> "db_url", "mysql://ser:ser@localhost/ser")
>>
>> # -- usrloc params --
>> modparam("usrloc", "db_mode", 1)
>>
>> # -- registrar params --
>> modparam("registrar", "default_expires", 300)
>> modparam("registrar", "min_expires", 60)
>> modparam("registrar", "max_expires", 300)
>> modparam("registrar", "append_branches", 1)
>> modparam("registrar", "received_param", "rcv")
>> modparam("registrar", "max_contacts", 2)
>>
>> # -- auth params --
>> modparam("auth_db", "calculate_ha1", yes)
>> modparam("auth_db", "password_column", "password")
>>
>> # -- rr params --
>> modparam("rr", "enable_full_lr", 1)
>> modparam("rr", "cookie_filter", "uac_nat")
>> modparam("rr", "cookie_secret", "secret")
>> modparam("rr", "user_part_avp", "route_user")
>> modparam("rr", "next_route_avp", "route_next")
>>
>> # -- gflags params --
>> modparam("gflags", "load_global_attrs", 1)
>>
>> # -- domain params --
>> modparam("domain", "load_domain_attrs", 1)
>>
>> # -- ctl params --
>> modparam("ctl", "binrpc", "unixs:/tmp/ser-bsp_ctl")
>> modparam("ctl", "fifo", "fifo:/tmp/ser-bsp_fifo")
>> # modparam("ctl", "binrpc", "tcp:localhost:2046")
>> modparam("ctl", "mode", 0777)
>>
>> # -- tm params --
>> modparam("tm", "restart_fr_on_each_reply", 1)
>>
>> # -- auth_radius params --
>> modparam("auth_radius", "radius_config",
>> "/usr/local/etc/radiusclient-ng/radiusclient.conf")
>> modparam("auth_radius", "service_type", 15)
>>
>> # -- options params --
>> modparam("options", "accept", "*/*")
>> modparam("options", "accept_encoding", "")
>> modparam("options", "accept_language", "en")
>>
>> # -- ratelimit params --
>> modparam("ratelimit","timer_interval", 10)
>> modparam("ratelimit","invite_limit", 100)
>> modparam("ratelimit","register_limit", 100)
>> modparam("ratelimit","subscribe_limit", 100)
>>
>> # -- xmlrpc params --
>> modparam("xmlrpc", "route","RPC")
>>
>> # -- nathelper params --
>> modparam("nathelper", "natping_interval", 20)
>> modparam("nathelper", "ping_nated_only", 0)
>> modparam("nathelper", "rtpproxy_disable", 1)
>> modparam("nathelper", "tcpping_crlf", 1)
>>
>> # -- tls params --
>> modparam("tls", "config", "/home/ser/ser/ca/tls-bsp.cfg")
>> modparam("tls", "tls_force_run", 0)
>> modparam("tls", "tls_log",3)
>> modparam("tls", "handshake_timeout", 10)
>> modparam("tls", "send_timeout", 10)
>> modparam("tls", "tls_disable_compression", 0)
>> #modparam("tls", "private_key", "/etc/certs/key.pem")
>> #modparam("tls", "certificate", "/etc/certs/cert.pem")
>> #modparam("tls", "ca_list", "/etc/certs/ca_list.pem")
>> #modparam("tls", "require_certificate", 0)
>> #modparam("tls", "verify_certificate", 1)
>> #modparam("tls", "tls_method", "TLSv1")
>>
>> route{
>> ...
>> }
>>
>> On Nov 24, 2007 9:35 PM, Atle Samuelsen <clona at cyberhouse.no> wrote:
>>
>>
>>  Hi,
>>
>> Always CC the list.
>>
>> then I dont know.. post your full config so people can see if they see
>> something
>> -A
>>
>> * Tomasz Zieleniewski <tzieleniewski at gmail.com> [071124 20:38]:
>>
>>
>>
>>  Hi,
>>
>> I had that parameter set to 0, but still no udp packets...
>>
>> On Nov 24, 2007 6:43 PM, Atle Samuelsen <clona at cyberhouse.no> wrote:
>>
>>
>>  * Tomasz Zieleniewski <tzieleniewski at gmail.com> [071124 16:50]:
>>
>>
>>
>>  HI,
>>
>> I have the following nathelper settings:
>> modparam("nathelper", "natping_interval", 20)
>> modparam("nathelper", "ping_nated_only", 1)
>> modparam("nathelper", "rtpproxy_disable", 1)
>> modparam("nathelper", "tcpping_crlf", 1)
>>
>> But i cant see any udp packets being sent to registered users.
>> Please point me what did I miss.
>>
>>  Hi,
>>
>> without seeing any more of your config, I'm guessing that you do not set
>> the natflag, so if you change ping_nated_only to 0, I think you will see
>> some udp packets.
>>
>> - Atle
>> (shot in the whild world of sip)
>>
>>
>>
>>
>>  Best
>> Tomasz
>> _______________________________________________
>> Serusers mailing list
>> Serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>  _______________________________________________
>> Serusers mailing list
>> Serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>
>> --
>> Jiri Kuthan http://iptel.org/~jiri/
>>
>>
>>
>>  _______________________________________________
>> Serusers mailing list
>> Serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>
>> --
>> Jiri Kuthan http://iptel.org/~jiri/
>>
>>
>>
>>  _______________________________________________
>> Serusers mailing list
>> Serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>
>>
>>
>>
>>  _______________________________________________
>> Serusers mailing list
>> Serusers at lists.iptel.org
>> http://lists.iptel.org/mailman/listinfo/serusers
>>
>>
>>
>>



--
Jiri Kuthan            http://iptel.org/~jiri/

More information about the sr-users mailing list