[Kamailio-Users] Transparent bridge mode
Klaus Darilion
klaus.mailinglists at pernau.at
Wed Dec 23 21:12:34 CET 2009
On 23.12.2009 20:21, Jeff Brower wrote:
> Daniel-
>
>> I haven't used such scenario so far and not a big linux network routing
>> expert here, so the command you use for bridging do not help me too much.
>>
>> When I need to bridge two network then I use rtpproxy in bridging mode,
>> like the example I pointed in a previous email, and all run fine.
>
> Thanks for your reply Daniel. Our concern with using rtpproxy for bridging is that we may end up with less call
> capacity. We don't want to touch in user space packets that don't need decryption and transcoding -- we want to let
> them through to the other network using Linux bridging and the 2 NICs.
Why using rtpproxy at all for unencrypted calls? Just let them through
directly to Asterisk.
IF you do not want RTP directly to Asterisk, but need kernel-based
forwarding, you could use mediaproxy2 (kernel-based) for RTP and
rtpproxy for SRTP.
klaus
>
> -Jeff
>
>
>> On 12/22/09 10:40 PM, Vikram Ragukumar wrote:
>>> Daniel,
>>>
>>> Please find below a corrected Dataflow diagram.
>>>
>>> -----------------
>>> |SIP Caller's |
>>> |Encrypted SIP |
>>> |(Port9090) + |
>>> |UDP |
>>> |(Port10000-20000)|
>>> -----------------
>>> |
>>> |Public IP
>>> ---|-----------------------
>>> | --|---- ------- | Public IP
>>> || NIC1 |<------>| NIC2 | | -----------
>>> || eth0 | bridge | eth1 |->-| Asterisk |
>>> | --|----- --|--|- | |CentOS v5.4|
>>> | v port 9090 | | | | Server 2 |
>>> | --|--------------- | | | -----------
>>> ||Libnetfilter_queue|| | |
>>> | -|----|----------- | | |
>>> | | | | | |
>>> | | -|-------- | | |
>>> | | |Decryption| ^ ^ |
>>> | | -|-------- | | |
>>> | v v port 5060 | | |
>>> | | -|------ | | |
>>> | | |Kamailio|--->- | |
>>> | | -------- | |
>>> | | | |
>>> | |UDPports | |
>>> | -|-- -------- | |
>>> ||srtp|->--|rtpproxy|->- |
>>> | ---- -------- |
>>> | Server 1,CentOS v5.4 |
>>> ---------------------------
>>>
>>> Thanks and Regards,
>>> Vikram.
>>>
>>> Vikram Ragukumar wrote:
>>>> Daniel,
>>>>
>>>> Thanks once again for your reply. I present below a more detailed
>>>> system description. The first ASCII sketch depicts the setup we have
>>>> in our lab here and the second ASCII sketch depicts the dataflow we
>>>> are working towards.
>>>>
>>>> System setup:
>>>> -------------
>>>>
>>>> ------------
>>>> | Internet |
>>>> ------------
>>>> |
>>>> |
>>>> ------|------------------------
>>>> | | CentOS v5.4 |
>>>> | ---|---- -------- |
>>>> | | NIC1 |<------>| NIC2 | |<- Server 1
>>>> | | eth0 | bridge | eth1 | |
>>>> | -------- ----|--- |
>>>> | Rtpproxy,Kamailio | |
>>>> -------------------------|-----
>>>> |
>>>> |<- Cross over cable
>>>> |
>>>> -----------
>>>> |CentOS v5.4|
>>>> | Asterisk |<- Server 2
>>>> -----------
>>>>
>>>> Dataflow:
>>>> ---------
>>>>
>>>> ------------------
>>>> |SIP Caller's |
>>>> |Encrypted SIP |
>>>> |(Port9090) + |
>>>> |UDP |
>>>> |(Port10000-20000)|
>>>> -----------------
>>>> |
>>>> |Public IP
>>>> ---|-----------------------
>>>> | --|---- ------- | Public IP
>>>> || NIC1 |<------>| NIC2 | | -----------
>>>> || eth0 | bridge | eth1 |->-| Asterisk |
>>>> | --|----- --|--|- | |CentOS v5.4|
>>>> | v port 9090 | | | | Server 2 |
>>>> | --|--------------- | | | -----------
>>>> ||Libnetfilter_queue|| | |
>>>> | --|--------------- | | |
>>>> | v | | |
>>>> | --|------- | | |
>>>> ||Decryption| ^ ^ |
>>>> | -|------|-- | | |
>>>> | | v port 5060| | |
>>>> | | ---|---- | | |
>>>> | | |Kamailio|--->- | |
>>>> | v -------- | |
>>>> | | | |
>>>> | |UDPports | |
>>>> | -|-- -------- | |
>>>> ||srtp|->--|rtpproxy|->- |
>>>> | ---- -------- |
>>>> | Server 1,CentOS v5.4 |
>>>> ---------------------------
>>>>
>>>> Questions:
>>>> ----------
>>>> 1) Is it common practice to implement "Decryption" and "srtp" as
>>>> shown in the dataflow diagram? If not, what is a more appropriate
>>>> place to implement them ?
>>>> 2) Once deployed, will such as system be capable of handling several
>>>> hundreds or thousands of calls ?
>>>>
>>>> Wish you all a Merry Christmas and a Happy New Year.
>>>>
>>>> Thanks and Regards,
>>>> Vikram.
>>>>
>>>> PS : Here is the script used to setup the bridge between eth0 and eth1
>>>>
>>>> brctl addbr br0
>>>> brctl stp br0 on
>>>> brctl addif br0 eth0
>>>> brctl addif br0 eth1
>>>> ifdown eth0 1>/dev/null 2>&1
>>>> ifdown eth1 1>/dev/null 2>&1
>>>> ifconfig eth0 0.0.0.0 up
>>>> ifconfig eth1 0.0.0.0 up
>>>> ifconfig br0 64.221.148.221 netmask 255.255.255.224 up
>>>> route add default gw 64.221.148.220
>>>> for file in br0 eth0 eth1
>>>> do
>>>> echo "1"> /proc/sys/net/ipv4/conf/${file}/proxy_arp
>>>> echo "1"> /proc/sys/net/ipv4/conf/${file}/forwarding
>>>> done;
>>>> echo "1"> /proc/sys/net/ipv4/ip_forward
>>>>
>>>>
>>>> Daniel-Constantin Mierla wrote:
>>>>>
>>>>>
>>>>> On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
>>>>>> Daniel,
>>>>>>
>>>>>> Thank you for your reply. Let me briefly explain what i am trying
>>>>>> to achieve over here.
>>>>>>
>>>>>> _____ eth0 _____ eth1 ______
>>>>>> |_____|------|_____|--------|______| Internet
>>>>>> Server1 Server2
>>>>>> 2 NIC's 1 NIC
>>>>>> (Public IP)
>>>>>>
>>>>>> I show above a sketch of the desired setup.
>>>>>>
>>>>>> Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed.
>>>>>> Server2 - Runs Asterisk. It must be assigned a Public IP.
>>>>>>
>>>>>> I need to use rtpproxy to intercept data being sent to Server 2,
>>>>>> process them and let them continue along their original path. Are
>>>>>> there any references you can point me to, that show how to use
>>>>>> rtpproxy to achieve this bridging? Does the connection between eth1
>>>>>> of Server1 and eth0 of Server2 have to made using a crossover cable ?
>>>>>
>>>>> probably your diagram is not displayed properly by the email client,
>>>>> since I do not really get what you wanted to draw.
>>>>>
>>>>> However, in the kamailio server, if you have two network interfaces,
>>>>> run kamailio to listen on both and rtpproxy in bridging mode between
>>>>> them. Then rtpproxy will get packets coming on eth0 and send onver
>>>>> eth1 and viceversa. I gave you the path in the source three where
>>>>> you find an example to start with (in my previous email).
>>>>>
>>>>> Cheers,
>>>>> Daniel
>>>>>
>>>>>
>>>>>
>>>>>>
>>>>>> Daniel-Constantin Mierla wrote:
>>>>>>> Hello,
>>>>>>>
>>>>>>> On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
>>>>>>>> Hello All,
>>>>>>>>
>>>>>>>> I am trying to setup a test scenario, where i have Kamailio and
>>>>>>>> rtpproxy running on one CentOS box (Server1) and i have Asterisk
>>>>>>>> running on another CentOS box (Server2). Server1 has 2 NIC's eth0
>>>>>>>> and eth1 that are both assigned Public IP's. There is a
>>>>>>>> transparent bridge br0 connecting eth0 and eth1 which also has
>>>>>>>> its own Public IP. Finally eth0 on Server2 also has a Public IP.
>>>>>>>>
>>>>>>>> Server2 must be assigned a Public IP.
>>>>>>>>
>>>>>>>> My goal is to modify rtpproxy so that i can intercept packets
>>>>>>>> traveling to Server2, process them and let them resume along
>>>>>>>> their original path.
>>>>>>>> I would like to know if there is another way of setting this up
>>>>>>>> so that i dont use as many Public IP's ?
>>>>>>>> Do any of you see a problem with this setup, things that may not
>>>>>>>> work eventually, or any other concerns ?
>>>>>>>>
>>>>>>> rtpproxy can do bridging of two interfaces -- see the example cfg:
>>>>>>>
>>>>>>> modules/nathelper/examples/alg.cfg
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Daniel
>>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> Kamailio (OpenSER) - Users mailing list
>>>>>> Users at lists.kamailio.org
>>>>>> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
>>>>>> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
>>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>> --
>> Daniel-Constantin Mierla
>> * http://www.asipto.com/
>>
>>
>> _______________________________________________
>> Kamailio (OpenSER) - Users mailing list
>> Users at lists.kamailio.org
>> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
>> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
>>
>
>
> _______________________________________________
> Kamailio (OpenSER) - Users mailing list
> Users at lists.kamailio.org
> http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
> http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list