[SR-Users] SIP UA's behind same NAT
Deon Vermeulen
vermeulen.deon at gmail.com
Mon Dec 20 14:48:52 CET 2010
Thanks again.
So then my config should look something like:
# Caller NAT detection route
route[NAT] {
#!ifdef WITH_NAT
force_rport();
if (nat_uac_test("19")) {
if (method=="REGISTER") {
fix_nated_register();
} else {
fix_nated_contact();
}
setflag(FLT_NATS);
# If both clients are behind nat we can check to see if they are behind the same
# external IP and optimize the media path to go directly between them
else if ( $si==$dd || $si==rd) {
xlog("L_INFO", "Detected Two Clients Behind the Same NAT - Disabling RTPproxy");
# Do not use rtpproxy as the clients seem to be behind the same NAT
resetflag(FLT_NATS);
resetflag(FLT_NATB);
}
}
}
#!endif
return;
}
# RTPProxy control
route[RTPPROXY] {
#!ifdef WITH_NAT
if (is_method("BYE")) {
unforce_rtp_proxy();
} else if (is_method("INVITE")){
force_rtp_proxy();
}
if (!has_totag()) add_rr_param(";nat=yes");
#!endif
return;
}
Rgds
Deon
On Dec 20, 2010, at 3:37 PM, Daniel-Constantin Mierla wrote:
> Hello,
>
> that's a hint for a very old version, where cfg file language didn't had support for variables and avpops module was used for comparison (as you could see, $dd is stored in an avp and them compared with src ip -- no longer need for such workaround, just do if($si==$dd) ...).
>
> You have to plug the when you force usage of rtp proxy, so you skip it in such cases.
>
> Cheers,
> Daniel
>
> On 12/20/10 2:32 PM, Deon Vermeulen wrote:
>>
>> Hi Daniel
>>
>> Thank you so much for your feedback.
>>
>> I came upon the below post, but I'm unable to find the example Norman posted.
>> http://www.mail-archive.com/users@openser.org/msg01932.html
>>
>> In short the end solution is:
>>
>> # If both clients are behind nat we can check to see if they are behind the same
>> # external IP and optimize the media path to go directly between them
>> else if ( isflagset(2) and isflagset(3) )
>> {
>> log(1, "Both Clients are behind NAT");
>>
>> # Store the destination domain into an AVP
>> avp_printf("i:450", "$dd");
>>
>> if ( avp_check("i:450", "eq/$src_ip/g") )
>> {
>> xlog("L_INFO", "Detected Two Clients Behind the Same NAT - Disabling Mediaproxy");
>>
>> # Do not use mediaproxy as the clients seem to be behind the same NAT
>> resetflag(2);
>> resetflag(3);
>> }
>>
>> }
>>
>>
>>
>> I haven't tested yet, but would I be right in saying my config should look something like:
>>
>>
>> ####### Routing Logic ########
>>
>>
>> # Main SIP request routing logic
>> # - processing of any incoming SIP request starts with this route
>> route {
>>
>> # per request initial checks
>> route(REQINIT);
>>
>> # NAT detection
>> route(NAT);
>>
>>
>>
>>
>> # Caller NAT detection route
>> route[NAT] {
>> #!ifdef WITH_NAT
>> force_rport();
>> if (nat_uac_test("19")) {
>> if (method=="REGISTER") {
>> fix_nated_register();
>> } else {
>> fix_nated_contact();
>> }
>> setflag(FLT_NATS);
>>
>> # If both clients are behind nat we can check to see if they are behind the same
>> # external IP and optimize the media path to go directly between them
>> else if ( isflagset(FLT_NATS) and isflagset(FLT_NATB) ) {
>> log(1, "Both Clients are behind NAT");
>>
>> # Store the destination domain into an AVP
>> avp_printf("i:450", "$dd");
>>
>> if ( avp_check("i:450", "eq/$src_ip/g") ) {
>> xlog("L_INFO", "Detected Two Clients Behind the Same NAT - Disabling RTPproxy");
>>
>> # Do not use rtpproxy as the clients seem to be behind the same NAT
>> resetflag(FLT_NATS);
>> resetflag(FLT_NATB);
>> }
>> }
>> }
>> #!endif
>> return;
>> }
>>
>> # RTPProxy control
>> route[RTPPROXY] {
>> #!ifdef WITH_NAT
>> if (is_method("BYE")) {
>> unforce_rtp_proxy();
>> } else if (is_method("INVITE")){
>> force_rtp_proxy();
>> }
>> if (!has_totag()) add_rr_param(";nat=yes");
>> #!endif
>> return;
>> }
>>
>>
>> Rgds
>> Deon
>>
>>
>> On Dec 20, 2010, at 2:41 PM, Daniel-Constantin Mierla wrote:
>>
>>> Hello,
>>>
>>> On 12/20/10 11:25 AM, Deon Vermeulen wrote:
>>>> Hi List
>>>>
>>>> Can someone please help me?
>>>>
>>>> I need to implement PBX Services for a customer that has 10 IP Phones at his Main site and then 20 IP Phones located over 5 Branches.
>>>>
>>>> My goal is to have RTP go end to end and not proxied.
>>>>
>>>> I had a look at the below link and tried it, but with no luck.
>>>>
>>>> http://kamailio.org/dokuwiki/doku.php/examples:caller-callee-behind-same-nat
>>>>
>>>> Here is a partial output of my kamailio.cfg file if someone would be so kind to help me.
>>>>
>>>>
>>>> #!ifdef WITH_NAT
>>>> # ----- rtpproxy params -----
>>>> modparam("rtpproxy", "rtpproxy_sock", "udp:localhost:7722")
>>>>
>>>> # ----- nathelper params -----
>>>> modparam("nathelper", "natping_interval", 30)
>>>> modparam("nathelper", "ping_nated_only", 1)
>>>> modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
>>>> modparam("nathelper", "sipping_from", "sip:pinger at x.x.x.x")
>>>>
>>>> # params needed for NAT traversal in other modules
>>>> modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
>>>> modparam("usrloc", "nat_bflag", FLB_NATB)
>>>> #!endif
>>>>
>>>>
>>>>
>>>> ####### Routing Logic ########
>>>>
>>>>
>>>> # Main SIP request routing logic
>>>> # - processing of any incoming SIP request starts with this route
>>>> route {
>>>>
>>>> # per request initial checks
>>>> route(REQINIT);
>>>>
>>>> # NAT detection
>>>> route(NAT);
>>>>
>>>>
>>>>
>>>>
>>>> # Caller NAT detection route
>>>> route[NAT] {
>>>> #!ifdef WITH_NAT
>>>> force_rport();
>>>> if (nat_uac_test("19")) {
>>>> if (method=="REGISTER") {
>>>> fix_nated_register();
>>>> } else {
>>>> fix_nated_contact();
>>>> }
>>>> setflag(FLT_NATS);
>>
>>
>>>> }
>>>> #!endif
>>>> return;
>>>> }
>>>>
>>>> # RTPProxy control
>>>> route[RTPPROXY] {
>>>> #!ifdef WITH_NAT
>>>> if (is_method("BYE")) {
>>>> unforce_rtp_proxy();
>>>> } else if (is_method("INVITE")){
>>>> force_rtp_proxy();
>>>> }
>>>> if (!has_totag()) add_rr_param(";nat=yes");
>>>> #!endif
>>>> return;
>>>> }
>>>>
>>>>
>>> what you have to do is to check if the source is natted and $si==$dd, then callee and caller are behind same nat (if there is one level of nat), so you don't force rtpproxy usage.
>>>
>>> Cheers,
>>> Daniel
>>>
>>> --
>>> Daniel-Constantin Mierla
>>> Kamailio (OpenSER) Advanced Training
>>> Jan 24-26, 2011, Irvine, CA, USA
>>> http://www.asipto.com
>>>
>>
>
> --
> Daniel-Constantin Mierla
> Kamailio (OpenSER) Advanced Training
> Jan 24-26, 2011, Irvine, CA, USA
> http://www.asipto.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20101220/e0a750e4/attachment-0001.htm>
More information about the sr-users
mailing list