[SR-Users] SIP UA's behind same NAT
Daniel-Constantin Mierla
miconda at gmail.com
Mon Dec 20 21:36:10 CET 2010
Destination uri (for $dd) is set after lookup("location"). If you use
default config, route[NAT] is executed before.
Cheers,
Daniel
On 12/20/10 2:48 PM, Deon Vermeulen wrote:
> Thanks again.
>
> So then my config should look something like:
>
>
> # Caller NAT detection route
> route[NAT] {
> #!ifdef WITH_NAT
> force_rport();
> if (nat_uac_test("19")) {
> if (method=="REGISTER") {
> fix_nated_register();
> } else {
> fix_nated_contact();
> }
> setflag(FLT_NATS);
>
> # If both clients are behind nat we can check to see if
> they are behind the same
> # external IP and optimize the media path to go
> directly between them
> else if ( $si==$dd || $si==rd) {
> xlog("L_INFO", "Detected Two Clients
> Behind the Same NAT - Disabling RTPproxy");
>
> # Do not use rtpproxy as the clients
> seem to be behind the same NAT
> resetflag(FLT_NATS);
> resetflag(FLT_NATB);
> }
> }
> }
> #!endif
> return;
> }
>
> # RTPProxy control
> route[RTPPROXY] {
> #!ifdef WITH_NAT
> if (is_method("BYE")) {
> unforce_rtp_proxy();
> } else if (is_method("INVITE")){
> force_rtp_proxy();
> }
> if (!has_totag()) add_rr_param(";nat=yes");
> #!endif
> return;
> }
>
>
> Rgds
> Deon
>
>
>
> On Dec 20, 2010, at 3:37 PM, Daniel-Constantin Mierla wrote:
>
>> Hello,
>>
>> that's a hint for a very old version, where cfg file language didn't
>> had support for variables and avpops module was used for comparison
>> (as you could see, $dd is stored in an avp and them compared with src
>> ip -- no longer need for such workaround, just do if($si==$dd) ...).
>>
>> You have to plug the when you force usage of rtp proxy, so you skip
>> it in such cases.
>>
>> Cheers,
>> Daniel
>>
>> On 12/20/10 2:32 PM, Deon Vermeulen wrote:
>>> Hi Daniel
>>>
>>> Thank you so much for your feedback.
>>>
>>> I came upon the below post, but I'm unable to find the example
>>> Norman posted.
>>> http://www.mail-archive.com/users@openser.org/msg01932.html
>>>
>>> In short the end solution is:
>>>
>>> # If both clients are behind nat we can check to see if they are
>>> behind the same
>>> # external IP and optimize the media path to go directly between them
>>> else if ( isflagset(2) and isflagset(3) )
>>> {
>>> log(1, "Both Clients are behind NAT");
>>>
>>> # Store the destination domain into an AVP
>>> avp_printf("i:450", "$dd");
>>>
>>> if ( avp_check("i:450", "eq/$src_ip/g") )
>>> {
>>> xlog("L_INFO", "Detected Two Clients Behind the Same
>>> NAT - Disabling Mediaproxy");
>>>
>>> # Do not use mediaproxy as the clients seem to be
>>> behind the same NAT
>>> resetflag(2);
>>> resetflag(3);
>>> }
>>>
>>> }
>>>
>>>
>>>
>>> I haven't tested yet, but would I be right in saying my config
>>> should look something like:
>>>
>>>
>>> ####### Routing Logic ########
>>>
>>>
>>> # Main SIP request routing logic
>>> # - processing of any incoming SIP request starts with this route
>>> route {
>>>
>>> # per request initial checks
>>> route(REQINIT);
>>>
>>> # NAT detection
>>> route(NAT);
>>>
>>>
>>>
>>>
>>> # Caller NAT detection route
>>> route[NAT] {
>>> #!ifdef WITH_NAT
>>> force_rport();
>>> if (nat_uac_test("19")) {
>>> if (method=="REGISTER") {
>>> fix_nated_register();
>>> } else {
>>> fix_nated_contact();
>>> }
>>> setflag(FLT_NATS);
>>>
>>> # If both clients are behind nat we can check to see
>>> if they are behind the same
>>> # external IP and optimize the media path to go
>>> directly between them
>>> else if ( isflagset(FLT_NATS) and isflagset(FLT_NATB) ) {
>>> log(1, "Both Clients are behind NAT");
>>>
>>> # Store the destination domain into an AVP
>>> avp_printf("i:450", "$dd");
>>>
>>> if ( avp_check("i:450",
>>> "eq/$src_ip/g") ) {
>>>
>>> xlog("L_INFO", "Detected Two Clients Behind the Same NAT -
>>> Disabling RTPproxy");
>>>
>>> # Do not use rtpproxy as the clients
>>> seem to be behind the same NAT
>>>
>>> resetflag(FLT_NATS);
>>>
>>> resetflag(FLT_NATB);
>>> }
>>> }
>>> }
>>> #!endif
>>> return;
>>> }
>>>
>>> # RTPProxy control
>>> route[RTPPROXY] {
>>> #!ifdef WITH_NAT
>>> if (is_method("BYE")) {
>>> unforce_rtp_proxy();
>>> } else if (is_method("INVITE")){
>>> force_rtp_proxy();
>>> }
>>> if (!has_totag()) add_rr_param(";nat=yes");
>>> #!endif
>>> return;
>>> }
>>>
>>>
>>> Rgds
>>> Deon
>>>
>>>
>>> On Dec 20, 2010, at 2:41 PM, Daniel-Constantin Mierla wrote:
>>>
>>>> Hello,
>>>>
>>>> On 12/20/10 11:25 AM, Deon Vermeulen wrote:
>>>>> Hi List
>>>>>
>>>>> Can someone please help me?
>>>>>
>>>>> I need to implement PBX Services for a customer that has 10 IP
>>>>> Phones at his Main site and then 20 IP Phones located over 5 Branches.
>>>>>
>>>>> My goal is to have RTP go end to end and not proxied.
>>>>>
>>>>> I had a look at the below link and tried it, but with no luck.
>>>>>
>>>>> http://kamailio.org/dokuwiki/doku.php/examples:caller-callee-behind-same-nat
>>>>>
>>>>> Here is a partial output of my kamailio.cfg file if someone would
>>>>> be so kind to help me.
>>>>>
>>>>>
>>>>> #!ifdef WITH_NAT
>>>>> # ----- rtpproxy params -----
>>>>> modparam("rtpproxy", "rtpproxy_sock", "udp:localhost:7722")
>>>>>
>>>>> # ----- nathelper params -----
>>>>> modparam("nathelper", "natping_interval", 30)
>>>>> modparam("nathelper", "ping_nated_only", 1)
>>>>> modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
>>>>> modparam("nathelper", "sipping_from", "sip:pinger at x.x.x.x")
>>>>>
>>>>> # params needed for NAT traversal in other modules
>>>>> modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
>>>>> modparam("usrloc", "nat_bflag", FLB_NATB)
>>>>> #!endif
>>>>>
>>>>>
>>>>>
>>>>> ####### Routing Logic ########
>>>>>
>>>>>
>>>>> # Main SIP request routing logic
>>>>> # - processing of any incoming SIP request starts with this route
>>>>> route {
>>>>>
>>>>> # per request initial checks
>>>>> route(REQINIT);
>>>>>
>>>>> # NAT detection
>>>>> route(NAT);
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> # Caller NAT detection route
>>>>> route[NAT] {
>>>>> #!ifdef WITH_NAT
>>>>> force_rport();
>>>>> if (nat_uac_test("19")) {
>>>>> if (method=="REGISTER") {
>>>>> fix_nated_register();
>>>>> } else {
>>>>> fix_nated_contact();
>>>>> }
>>>>> setflag(FLT_NATS);
>>>
>>>
>>>>> }
>>>>> #!endif
>>>>> return;
>>>>> }
>>>>>
>>>>> # RTPProxy control
>>>>> route[RTPPROXY] {
>>>>> #!ifdef WITH_NAT
>>>>> if (is_method("BYE")) {
>>>>> unforce_rtp_proxy();
>>>>> } else if (is_method("INVITE")){
>>>>> force_rtp_proxy();
>>>>> }
>>>>> if (!has_totag()) add_rr_param(";nat=yes");
>>>>> #!endif
>>>>> return;
>>>>> }
>>>>>
>>>>>
>>>> what you have to do is to check if the source is natted and
>>>> $si==$dd, then callee and caller are behind same nat (if there is
>>>> one level of nat), so you don't force rtpproxy usage.
>>>>
>>>> Cheers,
>>>> Daniel
>>>>
>>>> --
>>>> Daniel-Constantin Mierla
>>>> Kamailio (OpenSER) Advanced Training
>>>> Jan 24-26, 2011, Irvine, CA, USA
>>>> http://www.asipto.com <http://www.asipto.com/>
>>>>
>>>
>>
>> --
>> Daniel-Constantin Mierla
>> Kamailio (OpenSER) Advanced Training
>> Jan 24-26, 2011, Irvine, CA, USA
>> http://www.asipto.com
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
Kamailio (OpenSER) Advanced Training
Jan 24-26, 2011, Irvine, CA, USA
http://www.asipto.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20101220/65cedc39/attachment-0001.htm>
More information about the sr-users
mailing list