[SR-Users] Kamailio behind NAT - best practice

Richard Brady rnbrady at gmail.com
Mon Jan 7 02:20:30 CET 2013 

Hey Klaus

The way you described works for me (on EC2) and I think is a good solution.

Be sure to set mhomed=1 in your config.

Richard

On 4 January 2013 17:57, Ovidiu Sas <osas at voipembedded.com> wrote:

> Hello Klauss,
>
> I use record_route_preset for this kind of scenarios:
> http://kamailio.org/docs/modules/3.3.x/modules_k/rr.html#id2550086
> That was the main reason that I enhanced record_route_preset with the
> second parameter (see the Note on string2).
>
> I haven't tried your idea with two sockets.  Let us know if it's working.
> If you need to use the same port on the internal and external
> interface, you could add a new IP to the host and listen on two
> sockets on the same port and force the socket when sending a request
> out.
> listen=udp:10.10.0.2
> listen=udp:10.10.0.3 advertise pu.bl.ic.ip
>
>
> Regards,
> Ovidiu Sas
>
>
> --
> VoIP Embedded, Inc.
> http://www.voipembedded.com
>
> On Thu, Jan 3, 2013 at 5:11 AM, Klaus Darilion
> <klaus.mailinglists at pernau.at> wrote:
> > Hi!
> >
> > Up to now I could avoid Kamailio setups with Kamailio behind NAt. But
> this
> > time I have to deal with it. That's why I want to ask what others did as
> > best practice.
> >
> > The scenario is:
> >
> >
> > Asterisk 1----\       Kamailio+RTPPROXY
> >                \         |10.10.0.2
> > Asterisk n------\        |
> >                  --------|------------- FW --SIP-trunk--- ITSP
> > Freeswitch 1----/              10.10.0.1   public-IP
> >                /
> > Freeswitch n--/
> >            10.10.0.x
> >
> > Kamailio and rtpproxy have a private IP. Internal communication uses
> private
> > IPs, external communication uses a public IP which is NATed 1:1 to
> > Kamailio's IP address. No registrations, just forwarding of messages.
> >
> > Using the global "advertised_address" setting with the public IP does not
> > work, as there is also internal communication. Using
> > set_advertised_address() is also cumbersome.
> >
> > So it seems, the easiest solution would be to use 2 sockets on Kamailio,
> > e.g. port 5050 and port 5060. Then I could use the listen with dedicated
> > advertised addresses:
> > listen=udp:10.10.0.2:5050
> > listen=udp:10.10.0.2:5060 advertise pu.bl.ic.ip:5060
> >
> > If I understand it correctly, this should solve all issues with
> > Record-Routing and Via-headers.
> >
> > For RTP-Proxy it seems necessary to detect the direction of each message
> and
> > set the IP address in rtpproxy_manage("","ip.add.re.ss") manually.
> >
> > Thus, it seems straight forward - or do I miss something? Any comments
> and
> > practical experience?
> >
> > Thanks
> > Klaus
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130107/6a00b7a9/attachment.htm>

More information about the sr-users mailing list