[SR-Users] Kamailio NAT traversal

Fri Aug 17 18:34:57 CEST 2012

On my set-up, I forward incoming dids to freeswitch for handling, and then forward requests from registered users to another.

There's a great tutorial from Daniel/asipto that should be a very good guide:

http://kb.asipto.com/freeswitch:kamailio-3.1.x-freeswitch-1.0.6d-sbc

With best regards,

Fred
http://qxork.com

On Aug 17, 2012, at 12:29 PM, Spencer Thomason wrote:

> Hi Sammy and Fred,
> 
> Basically I'm building a hosted PBX platform using a muti domain FreeSWITCH setup.  Freeswitch and Kamailio are on a public IP.  Previously all endpoints registered to Freeswitch directly which works great.  For scalability purposes, my thought was to use Kamailio in front of Freeswitch to handle the grunt work of far end NAT traversal and using rtpproxy for media proxy.  Here's where things get a bit complicated.  I don't have a way to handle auth directly from Kamailio in this particular setup as the application's db schema will not map to what I need to do multi-domain auth in Kamailio.  So I'm blindly forwarding everything not originating from Freeswitch to Freeswitch and dealing with auth there.  
> 
> Since the client endpoints are behind NAT, this gets interesting :-).  I need to ping all NATed endpoints to keep the connection open.  I can't just forward the REGISTER and let Freeswitch ping the devices because it can't get to them as they opened a pinhole to Kamailio.  I also need presence to work, and all presence is handled by Freeswitch as well.  So my thought is this:
> 
> Let Kamailo ping the endpoints.  This obviously requires a registration.  Since Freeswitch is the only piece with credentials, save every REGISTER and remove the ones that fail in a failure route.  I check for a not empty $au before saving and remove the ones that fail.  I'm using usrloc in memory only mode so I'm not sure about the extra load this would create.
> 
> I need to store the REGISTERs in both Kamailio and Freeswitch.  I rewrite the Contact before forwarding to Freeswitch so that it sends INVITEs back to Kamailio which can get to the endpoints.  I can't use Path as I need the domain in the RURI.
> 
> I forward SUBSCRIBEs to Freeswitch with the Contact rewritten to point to the registered user in Kamailio.  Freeswitch then sends NOTIFYs to Kamailio which can get to the endpoints.
> 
> I'm completely open to input on how I might improve this setup or flaws in my logic but it at least works :-)
> 
> Thanks,
> Spencer
> 
> 
> 
> On Aug 17, 2012, at 8:04 AM, SamyGo wrote:
> 
>> Hi,
>> 
>> You kind of sound a little different here. Are you saying that the REGISTRATIONs will be handled by Freeswitch but store the registration Data in Kamailio "location" table !? 
>> 
>> Just go through the Kamailio blog by-Miconda or kb.asipto.com specially the one on integrating the Asterisk Realtime with kamailio, In that articular configuration file Kamailio Forwards/relays the Registration attempts to the Media-Server (FreeSwitch in your case). 
>> 
>> That will get your NAT thing handled atleast. Next thing is , if I'm right about your requirement, saving of Authenticated users in the Kamailio locations table and I'm not very sure about how to do this.
>> 
>> 
>> BR
>> Sammy
>> 
>> 
>> On Fri, Aug 17, 2012 at 1:59 AM, Spencer Thomason <spencer at 5ninesolutions.com> wrote:
>> Hello,
>> I'd like to use Kamailio in from of FreeSWITCH to handle NAT traversal.  Is there a way I can allow freeswitch to handle all auth but store the registration in usrloc as I need to send an options ping to the endpoints?
>> 
>> My thought is something like this:
>> 
>> natted endpoint -> kamailio -> freeswitch
>> If the response is 200OK, save the registration.
>> 
>> Thanks,
>> Spencer