[Kamailio-Users] Transparent bridge mode

Vikram Ragukumar vragukumar at signalogic.com
Tue Dec 22 22:40:06 CET 2009


Daniel,

Please find below a corrected Dataflow diagram.

  -----------------
|SIP Caller's     |
|Encrypted SIP    |
|(Port9090)  +    |
|UDP              |
|(Port10000-20000)|
  -----------------
     |
     |Public IP
  ---|-----------------------
| --|----          -------  |  Public IP
||  NIC1 |<------>| NIC2  | |  -----------
||  eth0 | bridge | eth1  |->-| Asterisk  |
| --|-----         --|--|-  | |CentOS v5.4|
|   v port 9090      |  |   | | Server 2  |
| --|--------------- |  |   |  -----------
||Libnetfilter_queue||  |   |
| -|----|----------- |  |   |
|  |    |            |  |   |
|  |   -|--------    |  |   |
|  |  |Decryption|   ^  ^   |
|  |   -|--------    |  |   |
|  v    v port 5060  |  |   |
|  |   -|------      |  |   |
|  |  |Kamailio|--->-   |   |
|  |   --------         |   |
|  |                    |   |
|  |UDPports            |   |
| -|--      --------    |   |
||srtp|->--|rtpproxy|->-    |
| ----      --------        |
|   Server 1,CentOS v5.4    |
  ---------------------------

Thanks and Regards,
Vikram.

Vikram Ragukumar wrote:
> Daniel,
> 
> Thanks once again for your reply. I present below a more detailed system 
> description. The first ASCII sketch depicts the setup we have in our lab 
> here and the second ASCII sketch depicts the dataflow we are working 
> towards.
> 
> System setup:
> -------------
> 
>  ------------
> |  Internet  |
>  ------------
>        |
>        |
>  ------|------------------------
> |      |  CentOS v5.4           |
> |   ---|----          --------  |
> |  |  NIC1  |<------>|  NIC2  | | <- Server 1
> |  |  eth0  | bridge |  eth1  | |
> |   --------          ----|---  |
> |       Rtpproxy,Kamailio |     |
>  -------------------------|-----
>                           |
>                           |<- Cross over cable
>                           |
>                     -----------
>                    |CentOS v5.4|
>                    | Asterisk  |  <- Server 2
>                     -----------
> 
> Dataflow:
> ---------
> 
> ------------------
> |SIP Caller's     |
> |Encrypted SIP    |
> |(Port9090)  +    |
> |UDP              |
> |(Port10000-20000)|
>  -----------------
>     |
>     |Public IP
>  ---|-----------------------
> | --|----          -------  |  Public IP
> ||  NIC1 |<------>| NIC2  | |  -----------
> ||  eth0 | bridge | eth1  |->-| Asterisk  |
> | --|-----         --|--|-  | |CentOS v5.4|
> |   v port 9090      |  |   | | Server 2  |
> | --|--------------- |  |   |  -----------
> ||Libnetfilter_queue||  |   |
> | --|--------------- |  |   |
> |   v                |  |   |
> | --|-------         |  |   |
> ||Decryption|        ^  ^   |
> | -|------|--        |  |   |
> |  |      v port 5060|  |   |
> |  |   ---|----      |  |   |
> |  |  |Kamailio|--->-   |   |
> |  v   --------         |   |
> |  |                    |   |
> |  |UDPports            |   |
> | -|--      --------    |   |
> ||srtp|->--|rtpproxy|->-    |
> | ----      --------        |
> |   Server 1,CentOS v5.4    |
>  ---------------------------
> 
> Questions:
> ----------
> 1) Is it common practice to implement "Decryption" and "srtp" as shown 
> in the dataflow diagram? If not, what is a more appropriate place to 
> implement them ?
> 2) Once deployed, will such as system be capable of handling several 
> hundreds or thousands of calls ?
> 
> Wish you all a Merry Christmas and a Happy New Year.
> 
> Thanks and Regards,
> Vikram.
> 
> PS : Here is the script used to setup the bridge between eth0 and eth1
> 
> brctl addbr br0
> brctl stp br0 on
> brctl addif br0 eth0
> brctl addif br0 eth1
> ifdown eth0 1>/dev/null 2>&1
> ifdown eth1 1>/dev/null 2>&1
> ifconfig eth0 0.0.0.0 up
> ifconfig eth1 0.0.0.0 up
> ifconfig br0 64.221.148.221 netmask 255.255.255.224 up
> route add default gw 64.221.148.220
> for file in br0 eth0 eth1
> do
> echo "1" > /proc/sys/net/ipv4/conf/${file}/proxy_arp
> echo "1" > /proc/sys/net/ipv4/conf/${file}/forwarding
> done;
> echo "1" > /proc/sys/net/ipv4/ip_forward
> 
> 
> Daniel-Constantin Mierla wrote:
>>
>>
>> On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
>>> Daniel,
>>>
>>> Thank you for your reply. Let me briefly explain what i am trying to 
>>> achieve over here.
>>>
>>> _____  eth0  _____    eth1   ______
>>> |_____|------|_____|--------|______|    Internet        
>>> Server1            Server2
>>>                    2 NIC's             1 NIC
>>>                                            (Public IP)
>>>
>>> I show above a sketch of the desired setup.
>>>
>>> Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed.
>>> Server2 - Runs Asterisk. It must be assigned a Public IP.
>>>
>>> I need to use rtpproxy to intercept data being sent to Server 2, 
>>> process them and let them continue along their original path. Are 
>>> there any references you can point me to, that show how to use 
>>> rtpproxy to achieve this bridging? Does the connection between eth1 
>>> of Server1 and eth0 of Server2 have to made using a crossover cable ?
>>
>> probably your diagram is not displayed properly by the email client, 
>> since I do not really get what you wanted to draw.
>>
>> However, in the kamailio server, if you have two network interfaces, 
>> run kamailio to listen on both and rtpproxy in bridging mode between 
>> them. Then rtpproxy will get packets coming on eth0 and send onver 
>> eth1 and viceversa. I gave you the path in the source three where you 
>> find an example to start with (in my previous email).
>>
>> Cheers,
>> Daniel
>>
>>
>>
>>>
>>> Daniel-Constantin Mierla wrote:
>>>> Hello,
>>>>
>>>> On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
>>>>> Hello All,
>>>>>
>>>>> I am trying to setup a test scenario, where i have Kamailio and 
>>>>> rtpproxy running on one CentOS box (Server1) and i have Asterisk 
>>>>> running on another CentOS box (Server2). Server1 has 2 NIC's eth0 
>>>>> and eth1 that are both assigned Public IP's. There is a transparent 
>>>>> bridge br0 connecting eth0 and eth1 which also has its own Public 
>>>>> IP. Finally eth0 on Server2 also has a Public IP.
>>>>>
>>>>> Server2 must be assigned a Public IP.
>>>>>
>>>>> My goal is to modify rtpproxy so that i can intercept packets 
>>>>> traveling to Server2, process them and let them resume along their 
>>>>> original path.
>>>>> I would like to know if there is another way of setting this up so 
>>>>> that i dont use as many Public IP's ?
>>>>> Do any of you see a problem with this setup, things that may not 
>>>>> work eventually, or any other concerns ?
>>>>>
>>>> rtpproxy can do bridging of two interfaces -- see the example cfg:
>>>>
>>>> modules/nathelper/examples/alg.cfg
>>>>
>>>> Cheers,
>>>> Daniel
>>>>
>>>
>>>
>>> _______________________________________________
>>> Kamailio (OpenSER) - Users mailing list
>>> Users at lists.kamailio.org
>>> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
>>> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
>>>
>>
> 
> 




More information about the Users mailing list