[SR-Users] SIP UA's behind same NAT
Daniel-Constantin Mierla
miconda at gmail.com
Mon Dec 20 14:37:03 CET 2010
Hello,
that's a hint for a very old version, where cfg file language didn't had
support for variables and avpops module was used for comparison (as you
could see, $dd is stored in an avp and them compared with src ip -- no
longer need for such workaround, just do if($si==$dd) ...).
You have to plug the when you force usage of rtp proxy, so you skip it
in such cases.
Cheers,
Daniel
On 12/20/10 2:32 PM, Deon Vermeulen wrote:
> Hi Daniel
>
> Thank you so much for your feedback.
>
> I came upon the below post, but I'm unable to find the example Norman
> posted.
> http://www.mail-archive.com/users@openser.org/msg01932.html
>
> In short the end solution is:
>
> # If both clients are behind nat we can check to see if they are
> behind the same
> # external IP and optimize the media path to go directly between them
> else if ( isflagset(2) and isflagset(3) )
> {
> log(1, "Both Clients are behind NAT");
>
> # Store the destination domain into an AVP
> avp_printf("i:450", "$dd");
>
>
> if ( avp_check("i:450", "eq/$src_ip/g") )
> {
> xlog("L_INFO", "Detected Two Clients Behind the Same
> NAT - Disabling Mediaproxy");
>
>
> # Do not use mediaproxy as the clients seem to be
> behind the same NAT
> resetflag(2);
> resetflag(3);
> }
>
>
> }
>
>
>
> I haven't tested yet, but would I be right in saying my config should
> look something like:
>
>
> ####### Routing Logic ########
>
>
> # Main SIP request routing logic
> # - processing of any incoming SIP request starts with this route
> route {
>
> # per request initial checks
> route(REQINIT);
>
> # NAT detection
> route(NAT);
>
>
>
>
> # Caller NAT detection route
> route[NAT] {
> #!ifdef WITH_NAT
> force_rport();
> if (nat_uac_test("19")) {
> if (method=="REGISTER") {
> fix_nated_register();
> } else {
> fix_nated_contact();
> }
> setflag(FLT_NATS);
>
> # If both clients are behind nat we can check to see if
> they are behind the same
> # external IP and optimize the media path to go
> directly between them
> else if ( isflagset(FLT_NATS) and isflagset(FLT_NATB) ) {
> log(1, "Both Clients are behind NAT");
>
> # Store the destination domain into an AVP
> avp_printf("i:450", "$dd");
>
> if ( avp_check("i:450",
> "eq/$src_ip/g") ) {
>
> xlog("L_INFO", "Detected Two Clients Behind the Same NAT - Disabling
> RTPproxy");
>
> # Do not use rtpproxy as the clients
> seem to be behind the same NAT
>
> resetflag(FLT_NATS);
>
> resetflag(FLT_NATB);
> }
> }
> }
> #!endif
> return;
> }
>
> # RTPProxy control
> route[RTPPROXY] {
> #!ifdef WITH_NAT
> if (is_method("BYE")) {
> unforce_rtp_proxy();
> } else if (is_method("INVITE")){
> force_rtp_proxy();
> }
> if (!has_totag()) add_rr_param(";nat=yes");
> #!endif
> return;
> }
>
>
> Rgds
> Deon
>
>
> On Dec 20, 2010, at 2:41 PM, Daniel-Constantin Mierla wrote:
>
>> Hello,
>>
>> On 12/20/10 11:25 AM, Deon Vermeulen wrote:
>>> Hi List
>>>
>>> Can someone please help me?
>>>
>>> I need to implement PBX Services for a customer that has 10 IP
>>> Phones at his Main site and then 20 IP Phones located over 5 Branches.
>>>
>>> My goal is to have RTP go end to end and not proxied.
>>>
>>> I had a look at the below link and tried it, but with no luck.
>>>
>>> http://kamailio.org/dokuwiki/doku.php/examples:caller-callee-behind-same-nat
>>>
>>> Here is a partial output of my kamailio.cfg file if someone would be
>>> so kind to help me.
>>>
>>>
>>> #!ifdef WITH_NAT
>>> # ----- rtpproxy params -----
>>> modparam("rtpproxy", "rtpproxy_sock", "udp:localhost:7722")
>>>
>>> # ----- nathelper params -----
>>> modparam("nathelper", "natping_interval", 30)
>>> modparam("nathelper", "ping_nated_only", 1)
>>> modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
>>> modparam("nathelper", "sipping_from", "sip:pinger at x.x.x.x")
>>>
>>> # params needed for NAT traversal in other modules
>>> modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
>>> modparam("usrloc", "nat_bflag", FLB_NATB)
>>> #!endif
>>>
>>>
>>>
>>> ####### Routing Logic ########
>>>
>>>
>>> # Main SIP request routing logic
>>> # - processing of any incoming SIP request starts with this route
>>> route {
>>>
>>> # per request initial checks
>>> route(REQINIT);
>>>
>>> # NAT detection
>>> route(NAT);
>>>
>>>
>>>
>>>
>>> # Caller NAT detection route
>>> route[NAT] {
>>> #!ifdef WITH_NAT
>>> force_rport();
>>> if (nat_uac_test("19")) {
>>> if (method=="REGISTER") {
>>> fix_nated_register();
>>> } else {
>>> fix_nated_contact();
>>> }
>>> setflag(FLT_NATS);
>
>
>>> }
>>> #!endif
>>> return;
>>> }
>>>
>>> # RTPProxy control
>>> route[RTPPROXY] {
>>> #!ifdef WITH_NAT
>>> if (is_method("BYE")) {
>>> unforce_rtp_proxy();
>>> } else if (is_method("INVITE")){
>>> force_rtp_proxy();
>>> }
>>> if (!has_totag()) add_rr_param(";nat=yes");
>>> #!endif
>>> return;
>>> }
>>>
>>>
>> what you have to do is to check if the source is natted and $si==$dd,
>> then callee and caller are behind same nat (if there is one level of
>> nat), so you don't force rtpproxy usage.
>>
>> Cheers,
>> Daniel
>>
>> --
>> Daniel-Constantin Mierla
>> Kamailio (OpenSER) Advanced Training
>> Jan 24-26, 2011, Irvine, CA, USA
>> http://www.asipto.com
>>
>
--
Daniel-Constantin Mierla
Kamailio (OpenSER) Advanced Training
Jan 24-26, 2011, Irvine, CA, USA
http://www.asipto.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20101220/d5fd1076/attachment-0001.htm>
More information about the sr-users
mailing list