[SR-Users] Client behind nat without stun and kamailio behind NAT
Sergiu Pojoga
pojogas at gmail.com
Fri Jul 8 18:59:04 CEST 2022
Can't tell what exactly is wrong with the whole logic of your script, most
likely a couple of things, without spending an entire day troubleshooting
it. Instead, can highlight a few things that may help:
1. do yourself a big favor and put Kamailio on a public IP or dst_nat
SIP to it, unless you plan on running a VoIP business off a home internet
or something
2. for REGISTER, if you final Registrar supports *PATH*, you don't need
to also *set_contact_alias()* on top of *add_path_received()*. You
either do one approach or the other.
3. Invites and others originating from the PBX, having the preset *Route*,
must simply be handled by *loose_route() *in combination with
*modparam("path",
"use_received", 1)*. All that convoluted *$du* manipulation that you are
doing trying to compile it from the Route header is totally unnecessary.
Keep trying, you aren't far from figuring it out.
Regards,
--Sergiu
On Fri, Jul 8, 2022 at 10:30 AM Алексей Якимкин <ayakimkin at gmail.com> wrote:
> Hello,
>
> I hope somebody could help me.
>
> This is my scheme.
> User-agent is behind NAT1. Kamailio and pbx are behind NAT2
> [Client ip-phone 192.168.89.213 without stun] - LAN1 - NAT1(46.0.0.30) -
> (internet) - (51.0.0.60)NAT2 - Local2 - (10.130.0.23:5060)kamailio(
> 10.130.0.23:5070) - pbx
>
> *Questions*:
> *1*. The VIA header (with 10.130.0.23 and 51.0.0.60) wasn't included in
> SIP packets. Why? For example 200OK reply. It came from pbx through
> kamailio. Which setting could break it?
>
> Session Initiation Protocol (200)
> Status-Line: SIP/2.0 200 OK
> Message Header
> Via: SIP/2.0/UDP 192.168.89.213:5060
> ;rport=9570;received=46.0.0.30;branch=z9hG4bK2480172053
> Record-Route: <sip:c172.19.19.111.8348.call.cgatepro;lr>
> Record-Route: <sip:172.19.19.111:5060;lr>
> Record-Route: <sip:10.130.0.23:5070
> ;r2=on;lr;ftag=4268683942;nat=yes>,<sip:51.0.0.60;r2=on;lr;ftag=4268683942;nat=yes>
> From: "Aleksey" <sip:a.yakimkin at mail.domain.ru:5060
> >;tag=4268683942
> To: <sip:2961 at mail.domain.ru:5060
> >;tag=A03E2397-404246-FA7543E4_jizmelr-582D
> Call-ID: 6_1903330087 at 192.168.89.213
> [Generated Call-ID: 6_1903330087 at 192.168.89.213]
> CSeq: 2 INVITE
> Contact: <sip:signode-404246-FA7543E4_jizmelr-582D at 172.19.19.111
> ;alias=51.0.0.60~5060~1>
> Supported: 100rel,timer,replaces,histinfo,precondition
> Allow:
> INVITE,BYE,CANCEL,ACK,OPTIONS,INFO,MESSAGE,PRACK,UPDATE,REFER
> Session-Expires: 1800;refresher=uas
> Content-Type: application/sdp
> Content-Length: 1170
> Message Body
>
>
> *2*. About Registrar, Path and $du.
> Phone set Register with headers:
> Via: SIP/2.0/UDP 192.168.89.213:5060;branch=z9hG4bK2691182696
> From: "Aleksey" <sip:a.yakimkin at mail.domain.ru:5060
> >;tag=3926879477
> To: "Aleksey" <sip:a.yakimkin at mail.domain.ru:5060>
> Contact: <sip:a.yakimkin at 192.168.89.213:5060>
> Kamailio respond
> Via: SIP/2.0/UDP 192.168.89.213:5060
> ;rport=9570;received=46.0.0.30;branch=z9hG4bK617463686
> Path: <sip:10.130.0.23:5070
> ;lr;received=46.0.0.30~9570~1;r2=on>,<sip:51.0.0.60;lr;received=46.0.0.30~9570~1;r2=on>
> From: "Aleksey" <sip:a.yakimkin at mail.domain.ru:5060
> >;tag=3926879477
> To: "Aleksey" <sip:a.yakimkin at mail.domain.ru:5060>;tag=194ED16D
> Contact: <sip:a.yakimkin at 192.168.89.213:5060>;expires=360
> Contact: <sip:2447 at 192.168.89.221:5060>;expires=247
> Contact: <sip:2447 at 192.168.9.16:5060>;expires=2116
>
> I try to make a call from pbx to ip phone.
> pbx inserts in Invite header Route: <sip:10.130.0.23:5070
> ;lr;received=46.0.0.30~9570~1;r2=on>
> But kamailio relayed Invite direct to 192.168.89.213. (There is network
> connectivity between ip-phone and kamailio through vpn). The code below
> helps me to solve my issue. I saw mail-list with similar trouble. But no
> setting could get kamailio to relay Invite to "Route-received" ip.
>
>
> $var(the_route) = $hdr(Route);
> $var(route0) = $(var(the_route){s.select,0,,});
> $var(new_host) =
> $(var(route0){param.value,received}{s.select,0,~});
> $var(new_port) =
> $(var(route0){param.value,received}{s.select,1,~});
> if (!strempty($var(new_host)) && !strempty($var(new_port)) ) {
> $du = "sip:" + $var(new_host) + ":" + $var(new_port);
> }
>
> *Kamailio settings:*
> I have such listeners
> listen=udp:10.130.0.23:5070 # to local network
> listen=udp:10.130.0.23:5060 advertise 51.0.0.60:5060 # to internet
>
> #MODULE SETTING
> #---
> # ----- jsonrpcs params -----
> modparam("jsonrpcs", "pretty_format", 1)
> /* set the path to RPC fifo control file */
> # modparam("jsonrpcs", "fifo_name", "/var/run/kamailio/kamailio_rpc.fifo")
> /* set the path to RPC unix socket control file */
> # modparam("jsonrpcs", "dgram_socket",
> "/var/run/kamailio/kamailio_rpc.sock")
>
> modparam("path", "use_received", 1)
> modparam("path", "enable_r2", 1)
> modparam("path", "received_format", 1)
>
> # ----- ctl params -----
> /* set the path to RPC unix socket control file */
> # modparam("ctl", "binrpc", "unix:/var/run/kamailio/kamailio_ctl")
>
> # ----- tm params -----
> # auto-discard branches from previous serial forking leg
> modparam("tm", "failure_reply_mode", 3)
> # default retransmission timeout: 30sec
> modparam("tm", "fr_timer", 30000)
> # default invite retransmission timeout after 1xx: 120sec
> modparam("tm", "fr_inv_timer", 120000)
> modparam("tm", "auto_inv_100_reason", "Trying")
>
> # ----- rr params -----
> # set next param to 1 to add value to ;lr param (helps with some UAs)
> modparam("rr", "enable_full_lr", 0)
> # do not append from tag to the RR (no need for this script)
> modparam("rr", "append_fromtag", 1)
> modparam("rr", "enable_double_rr", 2)
> modparam("rr", "force_send_socket", 1)
>
> # ----- registrar params -----
> modparam("registrar", "method_filtering", 1)
> /* uncomment the next line to disable parallel forking via location */
> # modparam("registrar", "append_branches", 0)
> /* uncomment the next line not to allow more than 10 contacts per AOR */
> # modparam("registrar", "max_contacts", 10)
> /* max value for expires of registrations */
> modparam("registrar", "max_expires", 3600)
> /* set it to 1 to enable GRUU */
> modparam("registrar", "gruu_enabled", 0)
>
> modparam("registrar", "use_path", 1)
> modparam("registrar", "path_use_received", 1)
> modparam("registrar", "path_mode", 0)
> #---
>
> For register I use this code
> route[REGISTRAR] {
> ...
> add_path_received();
> set_send_socket("udp:10.130.0.23:5070");
> route(DISPATCH);
> ...
> }
> route[RELAY] {
> ...
> if ($Ru eq "sip:10.130.0.23:5070") {
> $fs = "udp:10.130.0.23:5060";
> } else {
> $fs = "udp:10.130.0.23:5070";
> }
> ...
> }
> route[NATMANAGE] {
> #!ifdef WITH_NAT
> if (is_request()) {
> if(has_totag()) {
> if(check_route_param("nat=yes")) {
> setbflag(FLB_NATB);
> }
> }
> }
> if (!(isflagset(FLT_NATS) || isbflagset(FLB_NATB))) return;
>
> #send INVITE to IP:PROT from Route:...;received=
> $var(the_route) = $hdr(Route);
> $var(route0) = $(var(the_route){s.select,0,,});
> $var(new_host) =
> $(var(route0){param.value,received}{s.select,0,~});
> $var(new_port) =
> $(var(route0){param.value,received}{s.select,1,~});
> if (!strempty($var(new_host)) && !strempty($var(new_port)) ) {
> $du = "sip:" + $var(new_host) + ":" + $var(new_port);
> }
> if (client_nat_test("3")) {
>
> if(nat_uac_test("18")) {
> if ($Ru == "sip:10.130.0.23:5070") {
> rtpproxy_manage("co", "51.0.0.60"); #
> fix_nated_sdp
> } else {
> rtpproxy_manage("co");
> }
>
> if (is_method("REGISTER")) {
> #if ($Ru == "sip:10.130.0.23:5070") {
> # fix_nated_contact();
> #} else {
> # set_contact_alias();
> #}
> set_contact_alias();
> } else {
> if(is_first_hop()) {
> set_contact_alias();
> } else {
> add_contact_alias("51.0.0.60",
> "5060", "udp");
> #fix_nated_contact();
> }
> }
> } else {
> if ($Ru == "sip:10.130.0.23:5070") {
> rtpproxy_manage("cor", "51.0.0.60"); #
> fix_nated_sdp
> } else {
> rtpproxy_manage("cor");
> }
> }
> } else {
> rtpproxy_manage("co");
> }
> if (is_request()) {
> if (!has_totag()) {
> if(t_is_branch_route()) {
> add_rr_param(";nat=yes");
> #fix_contact();
> }
> }
> }
> if (is_reply()) {
> if(isbflagset(FLB_NATB)) {
> if(is_first_hop())
> set_contact_alias();
> #} else {
> #fix_contact();
> #}
> }
> }
> #!endif
> return;
> }
>
> Thank you.
>
> --
> Best regards,
> Alex
> __________________________________________________________
> Kamailio - Users Mailing List - Non Commercial Discussions
> * sr-users at lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
> * https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20220708/c1e21653/attachment.htm>
More information about the sr-users
mailing list