[Kamailio-Users] Transparent bridge mode
Daniel-Constantin Mierla
miconda at gmail.com
Wed Dec 23 10:56:58 CET 2009
Hello,
I haven't used such scenario so far and not a big linux network routing
expert here, so the command you use for bridging do not help me too much.
When I need to bridge two network then I use rtpproxy in bridging mode,
like the example I pointed in a previous email, and all run fine.
Cheers,
Daniel
On 12/22/09 10:40 PM, Vikram Ragukumar wrote:
> Daniel,
>
> Please find below a corrected Dataflow diagram.
>
> -----------------
> |SIP Caller's |
> |Encrypted SIP |
> |(Port9090) + |
> |UDP |
> |(Port10000-20000)|
> -----------------
> |
> |Public IP
> ---|-----------------------
> | --|---- ------- | Public IP
> || NIC1 |<------>| NIC2 | | -----------
> || eth0 | bridge | eth1 |->-| Asterisk |
> | --|----- --|--|- | |CentOS v5.4|
> | v port 9090 | | | | Server 2 |
> | --|--------------- | | | -----------
> ||Libnetfilter_queue|| | |
> | -|----|----------- | | |
> | | | | | |
> | | -|-------- | | |
> | | |Decryption| ^ ^ |
> | | -|-------- | | |
> | v v port 5060 | | |
> | | -|------ | | |
> | | |Kamailio|--->- | |
> | | -------- | |
> | | | |
> | |UDPports | |
> | -|-- -------- | |
> ||srtp|->--|rtpproxy|->- |
> | ---- -------- |
> | Server 1,CentOS v5.4 |
> ---------------------------
>
> Thanks and Regards,
> Vikram.
>
> Vikram Ragukumar wrote:
>> Daniel,
>>
>> Thanks once again for your reply. I present below a more detailed
>> system description. The first ASCII sketch depicts the setup we have
>> in our lab here and the second ASCII sketch depicts the dataflow we
>> are working towards.
>>
>> System setup:
>> -------------
>>
>> ------------
>> | Internet |
>> ------------
>> |
>> |
>> ------|------------------------
>> | | CentOS v5.4 |
>> | ---|---- -------- |
>> | | NIC1 |<------>| NIC2 | | <- Server 1
>> | | eth0 | bridge | eth1 | |
>> | -------- ----|--- |
>> | Rtpproxy,Kamailio | |
>> -------------------------|-----
>> |
>> |<- Cross over cable
>> |
>> -----------
>> |CentOS v5.4|
>> | Asterisk | <- Server 2
>> -----------
>>
>> Dataflow:
>> ---------
>>
>> ------------------
>> |SIP Caller's |
>> |Encrypted SIP |
>> |(Port9090) + |
>> |UDP |
>> |(Port10000-20000)|
>> -----------------
>> |
>> |Public IP
>> ---|-----------------------
>> | --|---- ------- | Public IP
>> || NIC1 |<------>| NIC2 | | -----------
>> || eth0 | bridge | eth1 |->-| Asterisk |
>> | --|----- --|--|- | |CentOS v5.4|
>> | v port 9090 | | | | Server 2 |
>> | --|--------------- | | | -----------
>> ||Libnetfilter_queue|| | |
>> | --|--------------- | | |
>> | v | | |
>> | --|------- | | |
>> ||Decryption| ^ ^ |
>> | -|------|-- | | |
>> | | v port 5060| | |
>> | | ---|---- | | |
>> | | |Kamailio|--->- | |
>> | v -------- | |
>> | | | |
>> | |UDPports | |
>> | -|-- -------- | |
>> ||srtp|->--|rtpproxy|->- |
>> | ---- -------- |
>> | Server 1,CentOS v5.4 |
>> ---------------------------
>>
>> Questions:
>> ----------
>> 1) Is it common practice to implement "Decryption" and "srtp" as
>> shown in the dataflow diagram? If not, what is a more appropriate
>> place to implement them ?
>> 2) Once deployed, will such as system be capable of handling several
>> hundreds or thousands of calls ?
>>
>> Wish you all a Merry Christmas and a Happy New Year.
>>
>> Thanks and Regards,
>> Vikram.
>>
>> PS : Here is the script used to setup the bridge between eth0 and eth1
>>
>> brctl addbr br0
>> brctl stp br0 on
>> brctl addif br0 eth0
>> brctl addif br0 eth1
>> ifdown eth0 1>/dev/null 2>&1
>> ifdown eth1 1>/dev/null 2>&1
>> ifconfig eth0 0.0.0.0 up
>> ifconfig eth1 0.0.0.0 up
>> ifconfig br0 64.221.148.221 netmask 255.255.255.224 up
>> route add default gw 64.221.148.220
>> for file in br0 eth0 eth1
>> do
>> echo "1" > /proc/sys/net/ipv4/conf/${file}/proxy_arp
>> echo "1" > /proc/sys/net/ipv4/conf/${file}/forwarding
>> done;
>> echo "1" > /proc/sys/net/ipv4/ip_forward
>>
>>
>> Daniel-Constantin Mierla wrote:
>>>
>>>
>>> On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
>>>> Daniel,
>>>>
>>>> Thank you for your reply. Let me briefly explain what i am trying
>>>> to achieve over here.
>>>>
>>>> _____ eth0 _____ eth1 ______
>>>> |_____|------|_____|--------|______| Internet
>>>> Server1 Server2
>>>> 2 NIC's 1 NIC
>>>> (Public IP)
>>>>
>>>> I show above a sketch of the desired setup.
>>>>
>>>> Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed.
>>>> Server2 - Runs Asterisk. It must be assigned a Public IP.
>>>>
>>>> I need to use rtpproxy to intercept data being sent to Server 2,
>>>> process them and let them continue along their original path. Are
>>>> there any references you can point me to, that show how to use
>>>> rtpproxy to achieve this bridging? Does the connection between eth1
>>>> of Server1 and eth0 of Server2 have to made using a crossover cable ?
>>>
>>> probably your diagram is not displayed properly by the email client,
>>> since I do not really get what you wanted to draw.
>>>
>>> However, in the kamailio server, if you have two network interfaces,
>>> run kamailio to listen on both and rtpproxy in bridging mode between
>>> them. Then rtpproxy will get packets coming on eth0 and send onver
>>> eth1 and viceversa. I gave you the path in the source three where
>>> you find an example to start with (in my previous email).
>>>
>>> Cheers,
>>> Daniel
>>>
>>>
>>>
>>>>
>>>> Daniel-Constantin Mierla wrote:
>>>>> Hello,
>>>>>
>>>>> On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
>>>>>> Hello All,
>>>>>>
>>>>>> I am trying to setup a test scenario, where i have Kamailio and
>>>>>> rtpproxy running on one CentOS box (Server1) and i have Asterisk
>>>>>> running on another CentOS box (Server2). Server1 has 2 NIC's eth0
>>>>>> and eth1 that are both assigned Public IP's. There is a
>>>>>> transparent bridge br0 connecting eth0 and eth1 which also has
>>>>>> its own Public IP. Finally eth0 on Server2 also has a Public IP.
>>>>>>
>>>>>> Server2 must be assigned a Public IP.
>>>>>>
>>>>>> My goal is to modify rtpproxy so that i can intercept packets
>>>>>> traveling to Server2, process them and let them resume along
>>>>>> their original path.
>>>>>> I would like to know if there is another way of setting this up
>>>>>> so that i dont use as many Public IP's ?
>>>>>> Do any of you see a problem with this setup, things that may not
>>>>>> work eventually, or any other concerns ?
>>>>>>
>>>>> rtpproxy can do bridging of two interfaces -- see the example cfg:
>>>>>
>>>>> modules/nathelper/examples/alg.cfg
>>>>>
>>>>> Cheers,
>>>>> Daniel
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Kamailio (OpenSER) - Users mailing list
>>>> Users at lists.kamailio.org
>>>> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
>>>> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
>>>>
>>>
>>
>>
>
--
Daniel-Constantin Mierla
* http://www.asipto.com/
More information about the sr-users
mailing list