[SR-Users] Help with rewriting headers for NAT manually
Chad
ccolumbu at hotmail.com
Sat Jan 15 15:48:24 CET 2022
Ovidiu,
Thank you for your response.
I have done that, in addition to the linux ip_nonlocal_bind I have also set the Kamailio ip_free_bind=1 and it does not
work.
Here are my relevant config lines:
listen=LISTEN_UDP_PRIVATE advertise MY_PUBLIC_IP:5060
listen=LISTEN_UDP_PUBLIC
mhomed=1
ip_free_bind=1
In my /etc/sysctl.conf I have (yes I applied it with sysctl -p, and I have been using it for a long time and have
rebooted as well):
net.ipv4.ip_nonlocal_bind=1
--
^C
On 1/15/22 4:55 AM, Ovidiu Sas wrote:
> Hello Chad,
>
> You can add a listen directive to your config for the virtual IPs
> (both public and private) and then you don't need to manually modify
> any headers or use force_send_socket().
> You need to enable non local IP binding so kamailio can start on the
> server that doesn't have the virtual IP:
> echo 1 > /proc/sys/net/ipv4/ip_nonlocal_bind
> To make the change permanent, edit your sysctl.conf file and enable it there:
> net/ipv4/ip_nonlocal_bind = 1
>
> Regards
> Ovidiu Sas
>
>
> On Sat, Jan 15, 2022 at 4:16 AM Chad <ccolumbu at hotmail.com> wrote:
>>
>> We are looking for some help (possibly a paid consultant) to help us with our Kamailio setup.
>> To keep this as short as possible: we use Kamailio as a NAT proxy to bridge our external IP and our private IP asterisk
>> servers (via dispatcher).
>> However both the external IP and the internal IP that the Kamailio server uses are virtual IPs created by keepalived.
>> Because of that neither mhomed nor fix_nated_contact work, and we use force_send_socket to direct the traffic.
>> We run linux Debian 10 for the OS.
>> Also we do not use a DB at all, everything is done with local config files.
>>
>> The problem is that when traffic goes out the Contact header has a private IP in it, like:
>> Contact: <sip:##########@10.10.10.###]:5060>
>>
>> There are 2 possible solutions to this:
>> 1. Make changes to linux, keepalived and/or Kamailio so that Kamailio recognize the virtual IPs so that mhomed and
>> fix_nated_contact work as usual.
>>
>> 2. Create a manual header rewrite system.
>>
>> If solution #2:
>> What we need to do is create a way to rewrite the contact header to the external IP on the way out, and on the way back
>> rewrite it back to the internal server that the call is already connected to.
>>
>> Not sure if we will need to store those paths on the server or if we can do some kind of cheat with another persistant
>> header like P-Preferred-Identity or P-Asserted-Identity (i.e. store the internal IP in the name field or something).
>>
>> If anyone out there know of a way to do this or wants to give it a try please reach out to me.
>>
>> Thank you all for your time.
>>
>> --
>> ^C
>> Chad
>>
>> __________________________________________________________
>> Kamailio - Users Mailing List - Non Commercial Discussions
>> * sr-users at lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to the sender!
>> Edit mailing list options or unsubscribe:
>> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
>
>
> --
> VoIP Embedded, Inc.
> http://www.voipembedded.com
>
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
> * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to the sender!
> Edit mailing list options or unsubscribe:
> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
More information about the sr-users
mailing list