[SR-Users] Kamailio behind NAT - best practice
Klaus Darilion
klaus.mailinglists at pernau.at
Fri Jan 11 09:42:28 CET 2013
Am 11.01.2013 02:12, schrieb Richard Brady:
> Hi Klaus
>
> Thanks for posting the working solution.
>
> You are right that mhomed=1 won't help if the sockets both have same
> IP address.
That's true.
> Though I think if you used it with two different IPs and the correct
> routing tables on the OS then it would work.
I have not tried it, but I think it depends on the actual setup.
If both IP addresses are in the same subnet, then it might work if Linux
uses the "local" IP address for local calls and the "external" IP
address for external call (i think this can be done with having the
local as eth0 and the external as eth0.1 and specyfing the default
gateway for eth0.1 instead for eth0.)
If the two IP addresses are in different subnets, then mhomed=1 should
indeed work and the force_send_socket() calls could be removed.
regards
Klaus
>
> In any case your solution is a good one.
>
> Richard
>
> On 7 January 2013 15:45, Klaus Darilion <klaus.mailinglists at pernau.at
> <mailto:klaus.mailinglists at pernau.at>> wrote:
>
> Hi all!
>
>
> On 04.01.2013 18:57, Ovidiu Sas wrote:
>
> Hello Klauss,
>
> I use record_route_preset for this kind of scenarios:
> http://kamailio.org/docs/modules/3.3.x/modules_k/rr.html#id2550086
> That was the main reason that I enhanced record_route_preset
> with the
> second parameter (see the Note on string2).
>
> I haven't tried your idea with two sockets. Let us know if
> it's working.
> If you need to use the same port on the internal and external
> interface, you could add a new IP to the host and listen on two
> sockets on the same port and force the socket when sending a
> request
> out.
> listen=udp:10.10.0.2
> listen=udp:10.10.0.3 advertise pu.bl.ic.ip
>
>
> I did some basic tests (incoming, outgoing, on/off-hold). The
> service provider's SIP trunk was an Asterisk with NAT traversal
> disabled. Kamailio was NATed 1:1 to the public IP address
> (exclusively, without port translation). I tested Kamailio only
> doing near-end NAT-traversal (taking care of its own NAT).
>
> I used two IP addresses for the two sockets, but I must works also
> with a single IP address and different ports.
>
> Conclusion: works :-)
>
> Following is the setup how I tested it (if you need to add far-end
> NAT traversal (SIP clients behind another NAT) then it will more
> complex).
>
> regards
> Klaus
>
>
> # Service Provider for SIP Trunk: 5.5.5.5
> # public IP address of Kamailio/rtpproxy: 3.3.3.3
> # rtpproxy binds to 10.10.0.3
> listen=udp:10.10.0.2
> listen=udp:10.10.0.3 advertise 3.3.3.3:5060 <http://3.3.3.3:5060>
> mhomed=0
>
> route[RELAY] {
> if (src_ip == 5.5.5.5) {
> force_send_socket("10.10.0.2");
> rtpproxy_manage("","10.10.0.3");
> } else {
> force_send_socket("10.10.0.3");
> rtpproxy_manage("","3.3.3.3");
> }
> ...
> t_relay();
> }
>
>
> onreply_route {
> if (src_ip == 5.5.5.5) {
> force_send_socket("10.10.0.2");
> rtpproxy_manage("","10.10.0.3");
> } else {
> force_send_socket("10.10.0.3");
> rtpproxy_manage("","3.3.3.3");
>
> }
> }
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing
> list
> sr-users at lists.sip-router.org <mailto:sr-users at lists.sip-router.org>
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
>
>
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20130111/e14549fb/attachment.htm>
More information about the sr-users
mailing list