9 Sep
2014
9 Sep
'14
11:05 a.m.
i would like to return to rtpengine trust-address flag. README says:
trust-address - flags that IP address in SDP should be trusted. Without
this flag, the RTP proxy ignores address in the SDP and uses source
address of the SIP message as media address which is passed to the RTP
proxy.
the first part makes sense, i.e., if the flag is present, then ip
address in the sdp is trusted.
the second part does not make sense to me and neither does "received
from" key of request passed to rtpengine.
rtpengine doc tells about "received from":
Contains a list of exactly two elements. The first element denotes the
address family and the second element is the SIP message's source
address itself. The address family can be one of IP4 or IP6. Used if
neither the trust address flag nor the media address key is present.
there is at least two reasons why it does not make sense to pass source
ip address of sip request to rtpengine:
1) the proxy that is calling rtpengine_offer() may not be the first hop
proxy of the sip ua.
2) even when sip proxy is the first hop, sip ua may not use the same ip
address for sip signaling and rtp media
so what is the reason for the existence of "received from" key? is
there anything lost if the key is removed? if not, then lets get rid of
it in order to simplify things and to avoid confusion.
-- juha
9 Sep
9 Sep
3:33 p.m.
On 09/09/14 04:05, Juha Heinanen wrote:
...
so what is the reason for the existence of
"received from" key? is
there anything lost if the key is removed? if not, then lets get rid of
it in order to simplify things and to avoid confusion.
The reason is that this is what the original rtpproxy module does (see
'r' flag):
http://kamailio.org/docs/modules/4.0.x/modules/rtpproxy.html#idp15365280
I agree with your objections in that trusting the SDP address should
probably be the default, but I see no reason to remove functionality
that some people may find useful. There's at least one case where
trusting the SDP address can be problematic (packet forwarding loops).
The best way of action would probably be to create a new flag with the
opposite effect and then transition over to that one.
cheers
3:47 p.m.
Richard Fuchs writes:
I agree with your objections in that trusting the SDP
address should
probably be the default, but I see no reason to remove functionality
that some people may find useful. There's at least one case where
trusting the SDP address can be problematic (packet forwarding loops).
The best way of action would probably be to create a new flag with the
opposite effect and then transition over to that one.
It is OK to have trust-address flag. What I doubt is what is the point
in sending source IP address of SIP request to rtpengine if
trust-address is not present, because that address may have nothing to
do with rtp media.
-- Juha
3:52 p.m.
On 09/09/14 08:47, Juha Heinanen wrote:
Richard Fuchs writes:
Same as the address in the SDP may have nothing to do with the RTP
media. It gives people an option. Nothing wrong with that.
cheers
I agree with your objections in that trusting the
SDP address should
probably be the default, but I see no reason to remove functionality
that some people may find useful. There's at least one case where
trusting the SDP address can be problematic (packet forwarding loops).
The best way of action would probably be to create a new flag with the
opposite effect and then transition over to that one.
It is OK to have trust-address flag. What I doubt is what is the point
in sending source IP address of SIP request to rtpengine if
trust-address is not present, because that address may have nothing to
do with rtp media.
4:04 p.m.
Richard Fuchs writes:
What I'm afraid is that rtpengine somehow relies on source IP address
passed to it for its operation, because there is no way for me to
prohibit that address to be passed to rtpengine if I have not used
trust-address flag.
What is it that rtpengine does with received from address when
trust-address is not used?
-- Juha
It is OK to
have trust-address flag. What I doubt is what is the point
in sending source IP address of SIP request to rtpengine if
trust-address is not present, because that address may have nothing to
do with rtp media.
Same as the address in the SDP may have nothing to do with the RTP
media. It gives people an option. Nothing wrong with that.
4:14 p.m.
On 09/09/14 09:04, Juha Heinanen wrote:
Richard Fuchs writes:
What I'm afraid is that rtpengine somehow relies on source IP address
passed to it for its operation, because there is no way for me to
prohibit that address to be passed to rtpengine if I have not used
trust-address flag.
What is it that rtpengine does with received from address when
trust-address is not used?
Nothing at all.
cheers
It is OK
to have trust-address flag. What I doubt is what is the point
in sending source IP address of SIP request to rtpengine if
trust-address is not present, because that address may have nothing to
do with rtp media.
Same as the address in the SDP may have nothing to do with the RTP
media. It gives people an option. Nothing wrong with that.
3728
days inactive
3728
days old
6 comments
2 participants
participants (2)
-
Juha Heinanen -
Richard Fuchs