[Kamailio-Users] Transparent bridge mode
Vikram Ragukumar
vragukumar at signalogic.com
Tue Dec 22 22:40:06 CET 2009
Daniel,
Please find below a corrected Dataflow diagram.
-----------------
|SIP Caller's |
|Encrypted SIP |
|(Port9090) + |
|UDP |
|(Port10000-20000)|
-----------------
|
|Public IP
---|-----------------------
| --|---- ------- | Public IP
|| NIC1 |<------>| NIC2 | | -----------
|| eth0 | bridge | eth1 |->-| Asterisk |
| --|----- --|--|- | |CentOS v5.4|
| v port 9090 | | | | Server 2 |
| --|--------------- | | | -----------
||Libnetfilter_queue|| | |
| -|----|----------- | | |
| | | | | |
| | -|-------- | | |
| | |Decryption| ^ ^ |
| | -|-------- | | |
| v v port 5060 | | |
| | -|------ | | |
| | |Kamailio|--->- | |
| | -------- | |
| | | |
| |UDPports | |
| -|-- -------- | |
||srtp|->--|rtpproxy|->- |
| ---- -------- |
| Server 1,CentOS v5.4 |
---------------------------
Thanks and Regards,
Vikram.
Vikram Ragukumar wrote:
> Daniel,
>
> Thanks once again for your reply. I present below a more detailed system
> description. The first ASCII sketch depicts the setup we have in our lab
> here and the second ASCII sketch depicts the dataflow we are working
> towards.
>
> System setup:
> -------------
>
> ------------
> | Internet |
> ------------
> |
> |
> ------|------------------------
> | | CentOS v5.4 |
> | ---|---- -------- |
> | | NIC1 |<------>| NIC2 | | <- Server 1
> | | eth0 | bridge | eth1 | |
> | -------- ----|--- |
> | Rtpproxy,Kamailio | |
> -------------------------|-----
> |
> |<- Cross over cable
> |
> -----------
> |CentOS v5.4|
> | Asterisk | <- Server 2
> -----------
>
> Dataflow:
> ---------
>
> ------------------
> |SIP Caller's |
> |Encrypted SIP |
> |(Port9090) + |
> |UDP |
> |(Port10000-20000)|
> -----------------
> |
> |Public IP
> ---|-----------------------
> | --|---- ------- | Public IP
> || NIC1 |<------>| NIC2 | | -----------
> || eth0 | bridge | eth1 |->-| Asterisk |
> | --|----- --|--|- | |CentOS v5.4|
> | v port 9090 | | | | Server 2 |
> | --|--------------- | | | -----------
> ||Libnetfilter_queue|| | |
> | --|--------------- | | |
> | v | | |
> | --|------- | | |
> ||Decryption| ^ ^ |
> | -|------|-- | | |
> | | v port 5060| | |
> | | ---|---- | | |
> | | |Kamailio|--->- | |
> | v -------- | |
> | | | |
> | |UDPports | |
> | -|-- -------- | |
> ||srtp|->--|rtpproxy|->- |
> | ---- -------- |
> | Server 1,CentOS v5.4 |
> ---------------------------
>
> Questions:
> ----------
> 1) Is it common practice to implement "Decryption" and "srtp" as shown
> in the dataflow diagram? If not, what is a more appropriate place to
> implement them ?
> 2) Once deployed, will such as system be capable of handling several
> hundreds or thousands of calls ?
>
> Wish you all a Merry Christmas and a Happy New Year.
>
> Thanks and Regards,
> Vikram.
>
> PS : Here is the script used to setup the bridge between eth0 and eth1
>
> brctl addbr br0
> brctl stp br0 on
> brctl addif br0 eth0
> brctl addif br0 eth1
> ifdown eth0 1>/dev/null 2>&1
> ifdown eth1 1>/dev/null 2>&1
> ifconfig eth0 0.0.0.0 up
> ifconfig eth1 0.0.0.0 up
> ifconfig br0 64.221.148.221 netmask 255.255.255.224 up
> route add default gw 64.221.148.220
> for file in br0 eth0 eth1
> do
> echo "1" > /proc/sys/net/ipv4/conf/${file}/proxy_arp
> echo "1" > /proc/sys/net/ipv4/conf/${file}/forwarding
> done;
> echo "1" > /proc/sys/net/ipv4/ip_forward
>
>
> Daniel-Constantin Mierla wrote:
>>
>>
>> On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
>>> Daniel,
>>>
>>> Thank you for your reply. Let me briefly explain what i am trying to
>>> achieve over here.
>>>
>>> _____ eth0 _____ eth1 ______
>>> |_____|------|_____|--------|______| Internet
>>> Server1 Server2
>>> 2 NIC's 1 NIC
>>> (Public IP)
>>>
>>> I show above a sketch of the desired setup.
>>>
>>> Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed.
>>> Server2 - Runs Asterisk. It must be assigned a Public IP.
>>>
>>> I need to use rtpproxy to intercept data being sent to Server 2,
>>> process them and let them continue along their original path. Are
>>> there any references you can point me to, that show how to use
>>> rtpproxy to achieve this bridging? Does the connection between eth1
>>> of Server1 and eth0 of Server2 have to made using a crossover cable ?
>>
>> probably your diagram is not displayed properly by the email client,
>> since I do not really get what you wanted to draw.
>>
>> However, in the kamailio server, if you have two network interfaces,
>> run kamailio to listen on both and rtpproxy in bridging mode between
>> them. Then rtpproxy will get packets coming on eth0 and send onver
>> eth1 and viceversa. I gave you the path in the source three where you
>> find an example to start with (in my previous email).
>>
>> Cheers,
>> Daniel
>>
>>
>>
>>>
>>> Daniel-Constantin Mierla wrote:
>>>> Hello,
>>>>
>>>> On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
>>>>> Hello All,
>>>>>
>>>>> I am trying to setup a test scenario, where i have Kamailio and
>>>>> rtpproxy running on one CentOS box (Server1) and i have Asterisk
>>>>> running on another CentOS box (Server2). Server1 has 2 NIC's eth0
>>>>> and eth1 that are both assigned Public IP's. There is a transparent
>>>>> bridge br0 connecting eth0 and eth1 which also has its own Public
>>>>> IP. Finally eth0 on Server2 also has a Public IP.
>>>>>
>>>>> Server2 must be assigned a Public IP.
>>>>>
>>>>> My goal is to modify rtpproxy so that i can intercept packets
>>>>> traveling to Server2, process them and let them resume along their
>>>>> original path.
>>>>> I would like to know if there is another way of setting this up so
>>>>> that i dont use as many Public IP's ?
>>>>> Do any of you see a problem with this setup, things that may not
>>>>> work eventually, or any other concerns ?
>>>>>
>>>> rtpproxy can do bridging of two interfaces -- see the example cfg:
>>>>
>>>> modules/nathelper/examples/alg.cfg
>>>>
>>>> Cheers,
>>>> Daniel
>>>>
>>>
>>>
>>> _______________________________________________
>>> Kamailio (OpenSER) - Users mailing list
>>> Users at lists.kamailio.org
>>> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
>>> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
>>>
>>
>
>
More information about the sr-users
mailing list