[OpenSIPS-Users] 2 UAs behind same NAT Device
Deon Vermeulen
vermeulen.deon at gmail.com
Tue Nov 2 19:11:17 CET 2010
Hi Kennard
Thanks for the ideas.
I really appreciate it.
I got the config as an example from the Building Telephony systems
with OpenSER.
I choose the OpenSER implementation as it describes the implenetation
of MediaProxy.
Reason for choosing MediaProxy is because I am very, very interested
in getting the ICE feature.
I thought best to first get this config working before playing around
with the ICE configuration.
Could you be so kind and perhaps show me where I should call up
route(6)?
I use fully qualified domain names (i.e domaina.com) for the domain.
At the moment I specify the proxy with the IP of my Server as I
haven't setup the DNS records yet.
I really appreciate your feedback and assistance.
Regards
Deon
On 02 Nov 2010, at 5:08 PM, Kennard White wrote:
> Hi Deon,
>
> Some ideas:
> 1. Capture the SIP traffic and see if media proxy is being invoked
> in the request and/or response (look for your P-hint messages), and
> the IP addresses.
> 2. Add xlog messages when you invoke mediarelay to confirm that they
> are getting called.
> 3. You're comparing $dd (which is a domain) to $si (which is an IP
> address). I don't think this will work in the general case, but
> maybe you're using IP addresses as your domains?
> 4. I don't see the code that invokes route(6) -- I assume that is in
> a branch_route not the request route?
>
> Good luck,
> Kennard
>
> On Tue, Nov 2, 2010 at 5:25 AM, Deon Vermeulen <vermeulen.deon at gmail.com
> > wrote:
> Hi List
>
> I'm trying to setup NAT to NOT use MediaProxy when it detects that 2
> devices are behind the same NAT Device, but rather have coms go
> directly between them.
> At the moment I can dial between the 2 phones and answer the call.
> The callee phone says "Call Established" upon answer, but the caller
> phone still says "trying/connecting".
> I am sure this has something to do with my configuration, but I have
> "NO IDEA" where to start looking.
> The phones are setup to use their local IPs with no other STUN, ICE,
> or "proxy like" configurations.
> Below is a snipped from my opensips.cfg with the NAT configs and would
> really appreciate any help to get this working.
>
> modparam("rr", "enable_full_lr", 1)
> modparam("registrar", "received_avp", "$avp(i:42)")
> modparam("usrloc", "db_mode", 2)
> modparam("usrloc", "nat_bflag", 6)
> modparam("domain", "db_mode", 1) # Use caching
> modparam("auth_db|usrloc|uri|avpops", "use_domain", 1)
> modparam("auth_db|alias_db|domain|uri|uri_db|usrloc|permissions|
> siptrace|group|avpops|presence", "db_url", "mysql://
> opensips:opensipsrw at localhost/opensips")
> modparam("nathelper", "natping_interval", 10)
> modparam("nathelper", "received_avp", "$avp(i:42)")
> modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy-
> dispatcher.sock")
> modparam("mediaproxy", "mediaproxy_timeout", 500)
> modparam("mi_datagram", "socket_name", "/var/run/opensips/
> opensips.sock")
> modparam("mi_datagram", "children_count", 4)
>
>
> # ------------------------- request routing logic
> ------------------- #
>
> route{
>
> #
> # -- 1 -- Request Validation
> #
> if (!mf_process_maxfwd_header("10")) {
> sl_send_reply("483","Too Many Hops");
> exit;
> }
>
> if (msg:len >= 2048 ) {
> sl_send_reply("513", "Message too big");
> exit;
> }
>
> #
> # -- 2 -- Routing Preprocessing
> #
> ## Record-route all except Register
> ## Mark packets with nat=yes
> ## This mark will be used to identify the request in the loose
> ## route section
> if(!is_method("REGISTER")){
> if(nat_uac_test("19")){
> record_route(";nat=yes");
> } else {
> record_route();
> }
> }
>
> ##Loose_route packets
> if (has_totag()) {
> #sequential request withing a dialog should
> # take the path determined by record-routing
> if (loose_route()) {
> #Check authentication of re-invites
> if(method=="INVITE") {
> if (!proxy_authorize("","subscriber")) {
> proxy_challenge("","1");
> exit;
> } else if (!db_check_from()) {
> sl_send_reply("403", "Forbidden, use From=ID");
> exit;
> }
> }
> ## BYE and CANCEL message handling
> if(method=="BYE" || method=="CANCEL") {
> end_media_session();
> }
> ##Detect requests in the dialog behind NAT and flag with 6
> if(nat_uac_test("19") || search("^Route:.*;nat=yes")){
> append_hf("P-hint: LR|fixcontact,setflag6, mediaproxy
> \r\n");
> fix_contact();
> setbflag(6);
> use_media_proxy();
> }
> route(1);
> } else {
> sl_send_reply("404","Not here");
> }
> exit;
> }
>
> #CANCEL processing
> if (is_method("CANCEL")) {
> if (t_check_trans()) {
> end_media_session();
> t_relay();
> }
> exit;
> }
>
> t_check_trans();
>
> #
> # -- 3 -- Determine Request Target
> #
> if (method=="REGISTER") {
> route(2);
> } else {
> route(3);
> }
> }
>
>
> route[1] {
> #
> # -- 4 -- Forward request to target
> #
> # Forward statefully
> t_on_reply("1");
> t_on_failure("1");
> if (!t_relay()) {
> sl_reply_error();
> }
> exit;
> }
>
> route[2] {
> ## Register request handler
> if (is_uri_host_local()) {
> if (!www_authorize("", "subscriber")) {
> www_challenge("", "1");
> exit;
> }
>
> if (!db_check_to()) {
> sl_send_reply("403", "Forbidden");
> exit;
> }
>
> # Test to see if Caller is behind NAT
> if(!search("^Contact:[ ]*\*") && client_nat_test("7")) {
> setbflag(6);
> fix_nated_register();
> force_rport();
> }
> save("location");
> exit;
>
> } else {
> sl_send_reply("403", "Forbidden");
> }
> }
>
>
> route[3] {
> ## Requests handler
> if (is_from_local()){
> # From an internal domain -> check the credentials and the
> FROM
> #if(!allow_trusted()){
> if (!proxy_authorize("","subscriber")) {
> proxy_challenge("","0");
> exit;
> } else if(!db_check_from()) {
> sl_send_reply("403", "Forbidden, use From=ID");
> exit;
> }
>
> if (client_nat_test("3")) {
> append_hf("P-hint: route(3)|
> setflag7,forcerport,fix_contact\r\n");
> setbflag(7);
> force_rport();
> fix_contact();
> }
>
> ..............
>
> route[6] {
> #
> # -- NAT Traversal handling --
> #
> # Route[6] is the routing block responsible for activating the
> MediaProxy, whenever
> # the caller or callee is behind NAT (flags 6 or 7 respectively).
> if (isbflagset(6) || isbflagset(7)) {
> if ( $dd == $si ) {
> xlog("L_INFO", "Both users behind same NAT, so we
> dont use MediaProxy\n");
> resetbflag(6); # Unset NAT flag general.
> resetbflag(7); # Unset NAT flag general.
> } else
> append_hf("P-hint: Route[6]: mediaproxy \r\n");
> use_media_proxy();
> }
> }
>
> .............
>
> onreply_route[1] {
> #
> #-- On-replay block routing --
> #
> if (client_nat_test("1")) {
> append_hf("P-hint: Onreply-route - fixcontact \r\n");
> fix_contact();
> }
>
> if ((isbflagset(6) || isbflagset(7)) && (status=~"(180)|(183)|
> 2[0-9][0-9]")) {
> if (search("^Content-Type:[ ]*application/sdp")) {
> append_hf("P-hint: onreply_route|usemediaproxy \r\n");
> use_media_proxy();
> }
> }
> exit;
> }
>
>
> Thanks again for helping. Really appreciate it.
>
> Regards
> Deon
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
More information about the Users
mailing list