[Kamailio-Users] Transparent bridge mode

Daniel-Constantin Mierla miconda at gmail.com
Wed Dec 23 10:56:58 CET 2009


Hello,

I haven't used such scenario so far and not a big linux network routing 
expert here, so the command you use for bridging do not help me too much.

When I need to bridge two network then I use rtpproxy in bridging mode, 
like the example I pointed in a previous email, and all run fine.

Cheers,
Daniel


On 12/22/09 10:40 PM, Vikram Ragukumar wrote:
> Daniel,
>
> Please find below a corrected Dataflow diagram.
>
>  -----------------
> |SIP Caller's     |
> |Encrypted SIP    |
> |(Port9090)  +    |
> |UDP              |
> |(Port10000-20000)|
>  -----------------
>     |
>     |Public IP
>  ---|-----------------------
> | --|----          -------  |  Public IP
> ||  NIC1 |<------>| NIC2  | |  -----------
> ||  eth0 | bridge | eth1  |->-| Asterisk  |
> | --|-----         --|--|-  | |CentOS v5.4|
> |   v port 9090      |  |   | | Server 2  |
> | --|--------------- |  |   |  -----------
> ||Libnetfilter_queue||  |   |
> | -|----|----------- |  |   |
> |  |    |            |  |   |
> |  |   -|--------    |  |   |
> |  |  |Decryption|   ^  ^   |
> |  |   -|--------    |  |   |
> |  v    v port 5060  |  |   |
> |  |   -|------      |  |   |
> |  |  |Kamailio|--->-   |   |
> |  |   --------         |   |
> |  |                    |   |
> |  |UDPports            |   |
> | -|--      --------    |   |
> ||srtp|->--|rtpproxy|->-    |
> | ----      --------        |
> |   Server 1,CentOS v5.4    |
>  ---------------------------
>
> Thanks and Regards,
> Vikram.
>
> Vikram Ragukumar wrote:
>> Daniel,
>>
>> Thanks once again for your reply. I present below a more detailed 
>> system description. The first ASCII sketch depicts the setup we have 
>> in our lab here and the second ASCII sketch depicts the dataflow we 
>> are working towards.
>>
>> System setup:
>> -------------
>>
>>  ------------
>> |  Internet  |
>>  ------------
>>        |
>>        |
>>  ------|------------------------
>> |      |  CentOS v5.4           |
>> |   ---|----          --------  |
>> |  |  NIC1  |<------>|  NIC2  | | <- Server 1
>> |  |  eth0  | bridge |  eth1  | |
>> |   --------          ----|---  |
>> |       Rtpproxy,Kamailio |     |
>>  -------------------------|-----
>>                           |
>>                           |<- Cross over cable
>>                           |
>>                     -----------
>>                    |CentOS v5.4|
>>                    | Asterisk  | <- Server 2
>>                     -----------
>>
>> Dataflow:
>> ---------
>>
>> ------------------
>> |SIP Caller's     |
>> |Encrypted SIP    |
>> |(Port9090)  +    |
>> |UDP              |
>> |(Port10000-20000)|
>>  -----------------
>>     |
>>     |Public IP
>>  ---|-----------------------
>> | --|----          -------  |  Public IP
>> ||  NIC1 |<------>| NIC2  | |  -----------
>> ||  eth0 | bridge | eth1  |->-| Asterisk  |
>> | --|-----         --|--|-  | |CentOS v5.4|
>> |   v port 9090      |  |   | | Server 2  |
>> | --|--------------- |  |   |  -----------
>> ||Libnetfilter_queue||  |   |
>> | --|--------------- |  |   |
>> |   v                |  |   |
>> | --|-------         |  |   |
>> ||Decryption|        ^  ^   |
>> | -|------|--        |  |   |
>> |  |      v port 5060|  |   |
>> |  |   ---|----      |  |   |
>> |  |  |Kamailio|--->-   |   |
>> |  v   --------         |   |
>> |  |                    |   |
>> |  |UDPports            |   |
>> | -|--      --------    |   |
>> ||srtp|->--|rtpproxy|->-    |
>> | ----      --------        |
>> |   Server 1,CentOS v5.4    |
>>  ---------------------------
>>
>> Questions:
>> ----------
>> 1) Is it common practice to implement "Decryption" and "srtp" as 
>> shown in the dataflow diagram? If not, what is a more appropriate 
>> place to implement them ?
>> 2) Once deployed, will such as system be capable of handling several 
>> hundreds or thousands of calls ?
>>
>> Wish you all a Merry Christmas and a Happy New Year.
>>
>> Thanks and Regards,
>> Vikram.
>>
>> PS : Here is the script used to setup the bridge between eth0 and eth1
>>
>> brctl addbr br0
>> brctl stp br0 on
>> brctl addif br0 eth0
>> brctl addif br0 eth1
>> ifdown eth0 1>/dev/null 2>&1
>> ifdown eth1 1>/dev/null 2>&1
>> ifconfig eth0 0.0.0.0 up
>> ifconfig eth1 0.0.0.0 up
>> ifconfig br0 64.221.148.221 netmask 255.255.255.224 up
>> route add default gw 64.221.148.220
>> for file in br0 eth0 eth1
>> do
>> echo "1" > /proc/sys/net/ipv4/conf/${file}/proxy_arp
>> echo "1" > /proc/sys/net/ipv4/conf/${file}/forwarding
>> done;
>> echo "1" > /proc/sys/net/ipv4/ip_forward
>>
>>
>> Daniel-Constantin Mierla wrote:
>>>
>>>
>>> On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
>>>> Daniel,
>>>>
>>>> Thank you for your reply. Let me briefly explain what i am trying 
>>>> to achieve over here.
>>>>
>>>> _____  eth0  _____    eth1   ______
>>>> |_____|------|_____|--------|______|    Internet        
>>>> Server1            Server2
>>>>                    2 NIC's             1 NIC
>>>>                                            (Public IP)
>>>>
>>>> I show above a sketch of the desired setup.
>>>>
>>>> Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed.
>>>> Server2 - Runs Asterisk. It must be assigned a Public IP.
>>>>
>>>> I need to use rtpproxy to intercept data being sent to Server 2, 
>>>> process them and let them continue along their original path. Are 
>>>> there any references you can point me to, that show how to use 
>>>> rtpproxy to achieve this bridging? Does the connection between eth1 
>>>> of Server1 and eth0 of Server2 have to made using a crossover cable ?
>>>
>>> probably your diagram is not displayed properly by the email client, 
>>> since I do not really get what you wanted to draw.
>>>
>>> However, in the kamailio server, if you have two network interfaces, 
>>> run kamailio to listen on both and rtpproxy in bridging mode between 
>>> them. Then rtpproxy will get packets coming on eth0 and send onver 
>>> eth1 and viceversa. I gave you the path in the source three where 
>>> you find an example to start with (in my previous email).
>>>
>>> Cheers,
>>> Daniel
>>>
>>>
>>>
>>>>
>>>> Daniel-Constantin Mierla wrote:
>>>>> Hello,
>>>>>
>>>>> On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
>>>>>> Hello All,
>>>>>>
>>>>>> I am trying to setup a test scenario, where i have Kamailio and 
>>>>>> rtpproxy running on one CentOS box (Server1) and i have Asterisk 
>>>>>> running on another CentOS box (Server2). Server1 has 2 NIC's eth0 
>>>>>> and eth1 that are both assigned Public IP's. There is a 
>>>>>> transparent bridge br0 connecting eth0 and eth1 which also has 
>>>>>> its own Public IP. Finally eth0 on Server2 also has a Public IP.
>>>>>>
>>>>>> Server2 must be assigned a Public IP.
>>>>>>
>>>>>> My goal is to modify rtpproxy so that i can intercept packets 
>>>>>> traveling to Server2, process them and let them resume along 
>>>>>> their original path.
>>>>>> I would like to know if there is another way of setting this up 
>>>>>> so that i dont use as many Public IP's ?
>>>>>> Do any of you see a problem with this setup, things that may not 
>>>>>> work eventually, or any other concerns ?
>>>>>>
>>>>> rtpproxy can do bridging of two interfaces -- see the example cfg:
>>>>>
>>>>> modules/nathelper/examples/alg.cfg
>>>>>
>>>>> Cheers,
>>>>> Daniel
>>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Kamailio (OpenSER) - Users mailing list
>>>> Users at lists.kamailio.org
>>>> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
>>>> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
>>>>
>>>
>>
>>
>

-- 
Daniel-Constantin Mierla
* http://www.asipto.com/




More information about the Users mailing list