[OpenSIPS-Users] OpenSIPS behind Static NAT (Amazon EC2)

Daniel Goepp dan at goepp.net
Tue Apr 27 23:37:02 CEST 2010 

I have three OpenSIPS boxes running on Amazon EC2, and all working great
(other than a couple issues I believe are related more to what I'm trying to
do).  I had to do a number of things to get it working, first is:

advertised_address="your public ip"

I recommend using elastic IPs

I then put record_route_preset in the INVITE section of the has_totag block
in the config and in this block:

        if (!is_method("REGISTER|MESSAGE")) {
                record_route_preset("public ip address");
        }

I then use rtpproxy_offer and rtpproxy_answer in my route 1 blocks.  Along
with fix_nated_contact() if devices are registering from behind NAT (but
that would be true of any install, not specific to EC2).

And then the trick, we had to patch rtpproxy to allow an -A parameter which
is the advertise address (public IP).  I submitted this to the developers,
but I don't know if they updated the publicly available source yet.

Now to be clear, we do not pass through to a backend system like Asterisk
yet (but are working on integrating with FreeSWITCH shortly).  Our lines are
registering directly to OpenSIPS.

-dg


On Tue, Apr 27, 2010 at 1:47 PM, Brett Nemeroff <brett at nemeroff.com> wrote:

> Hello Brendan,
> I'm doing a test of OpenSIPs in EC2 as well.. All is working with the
> exception of ACK received for 500 type errors which are being retransmitted.
> Error logs seem to indicate that the dialog should have been destroyed and
> I'm not sure why I'm getting the retrans. I posted this question a few weeks
> ago..
>
> I didn't try record_route_preset, but I did try "advertised_address", which
> may help.
>
> I'll let you know if I get a resolution on my side.
>
> On Tue, Apr 27, 2010 at 3:39 PM, Brendan Sterne <brendan at callvine.com>wrote:
>
>> Greetings,
>>
>> I am experimenting with using OpenSIPS in Amazon EC2 to distribute
>> calls to Asterisk instances (also running in Amazon EC2).  The
>> challenge is that servers on Amazon EC2 have private IPs to
>> communicate with each other, but different public IPs when accessed
>> from without EC2.   Basically Amazon has a Static NAT setup that does
>> IP translation (but not port translation).  Amazon provides a public
>> DNS name that resolves to the public host IP outside of Amazon EC2,
>> and to the private host IP inside of Amazon EC2.
>>
>> I know that it is not recommended to use OpenSIPS behind a NAT, but
>> I'm curious if I can make this work.  Right now I'm focusing on
>> inbound calls, SIP call control only (I will use nathelper / rtpproxy
>> as necessary to help with media later).
>>
>> Here's the scenario for the invite:
>> Soft Phone   -------> EC2 Firewall ----->  OpenSIPS  -----> Asterisk
>>
>> The INVITE,100,200 works fine - I have opensips redirect to the
>> Asterisk using
>>       rewritehostport(<asterisk_dns_name>);
>> And I use record_route_preset() to record the Public DNS in the
>> route.  This will create a Route Set that will work both ways (from
>> the Soft Phone, and from the Asterisk).
>>      record_route_preset(<opensips_dns_name>)
>>
>> The problem I'm having is with the ACK.  It is being routed from the
>> Soft Phone to the OpenSIPS via it's Amazon DNS name (
>> ec2-204-236-245-16.compute-1.amazonaws.com
>> ), but the OpenSIPS isn't recognizing the name as a local alias.  I
>> have alias set:  alias="ec2-204-236-245-16.compute-1.amazonaws.com:
>> 5060", but the opensips log shows "Topmost URI is NOT myself" (you can
>> see more below).  I have attached my config, logs, and a sip trace.
>>
>> Any suggestions are appreciated.
>>
>>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.opensips.org/pipermail/users/attachments/20100427/8521dbc3/attachment.htm

More information about the Users mailing list