i've been getting my sea legs with SER and am having trouble getting
rtpproxy to nathelper to work correctly with my setup. since everything
works fine if i test the scenario with a freeworld dialup account, i'm
assuming that my problems are solely due to the vastness of my ignorance
on how to configure SER correctly.
i have three x-lite clients [ one is running on windows 2000 not sure of
the build number, but it's the latest download from the website; the
other two clients are both build 1101 on mac 10.2.3. SER running on a
rh9 box on a public IP with rtpproxy. i installed ser-0.8.12-0.i386.rpm
which i downloaded from the ftp server. the x-lite clients are sitting
behind a linksys befw11s4 nat router.
i can run SER without nathelper/rtpproxy and make and receive calls to
clients outside the my network. however, things fall apart quickly when
i try to run more than one client behind the nat [ lost audio, timeouts
etc] which i presume is what nathelper is supposed to deal with. if try
to run to use nathelper, i can't make a call from a one client to
another client behind the lan. the calls won't go through - they simply
timeout.
i downloaded and compiled rtpproxy which i obtained from the portaone
website and simply started it from the command line. i can't figure out
how to get any debugging messages from rtpproxy, but i can see that the
process exists and /var/run/rtpproxy.sock is created.
i altered ser.cfg using the template i found in the ser-0.8.12_src
tarball [ /modules/nathelper/nathelper.cfg ]. see my config below [1].
i understand that things have changed quite a bit in the CVS head, but
i tried to compile and install the latest CVS version, but i ran into a
host of config errors using the nathelper.cfg supplied, so i decided to
backtrack, gather my wits, and stick with the released version.
the x-lite clients appear to register appropriately with the server [2 -
public ip addresses have been changed to protect the innocent]. to my
untrained eye, these messages look the same as what i see when i test
things using freeworld dialup accounts and i can make a call to another
client on the same lan segment - i.e. the internal IP addresses are
being sent. the location database also shows that the internal IP
addresses are being used [3], but i don't know if this is what i want or
not. oh. i'm also using my.public.box - a FQDN - as in the x-lite
fields where it asks for "Domain/Realm", "SIP Proxy" and "Out
Bound Proxy".
so anyone care to grab me by the lapels and point out what i'm obviously
doing wrong :-)
[1]
#
# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
#loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/nathelper.so"
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
#loadmodule "/usr/lib/ser/modules/auth.so"
#loadmodule "/usr/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
#modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
#modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
alias="my.public.box"
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if ( msg:len > max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# compulsory processing of Route header fields and adding RR
loose_route();
/* registration (uses rewritten contacts) */
if (method=="REGISTER") {
save("location");
break;
};
if (method=="INVITE") {
record_route();
if (isflagset(1)) { # ATA ?
fix_nated_sdp("3");
};
/* set up reply processing */
t_on_reply("1");
};
if (method == "INVITE" || method == "CANCEL") {
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
/* set up reply processing and forward statefuly */
t_relay();
}
# all incoming replies for t_onrepli-ed transactions enter here
onreply_route[1] {
if (status=~"2[0-9][0-9]")
fix_nated_contact();
fix_nated_sdp("3");
}
[2]
Established SIP protocol listen on: 192.168.1.100:5060
Discovered Restricted Cone NAT Firewall
SIP: 192.168.1.100:5060
RTP: 192.168.1.100:8000
NAT: my.router.public.ip
PROXY#0: ser.public.ip:5060
OUTBOUND-PROXY#0: ser.public.ip:5060
SEND >> ser.public.ip:5060
REGISTER sip:my.public.box SIP/2.0
Via: SIP/2.0/UDP
192.168.1.100:5060;rport;branch=z9hG4bK9DF27D98551C11D882E3000393B930BA
From: snowdeal <sip:123@my.public.box>
To: snowdeal <sip:123@my.public.box>
Contact: "snowdeal" <sip:123@192.168.1.100:5060>
Call-ID: 9DA51D06551C11D882E3000393B930BA(a)my.public.box
CSeq: 56648 REGISTER
Expires: 1800
Max-Forwards: 70
User-Agent: X-Lite build 1101
Content-Length: 0
RECEIVE << ser.public.ip:5060
SIP/2.0 200 OK
Via: SIP/2.0/UDP
192.168.1.100:5060;rport=5060;branch=z9hG4bK9DF27D98551C11D882E3000393B930BA;received=my.router.public.ip
From: snowdeal <sip:123@my.public.box>
To: snowdeal
<sip:123@my.public.box>;tag=b27e1a1d33761e85846fc98f5f3a7e58.3894
Call-ID: 9DA51D06551C11D882E3000393B930BA(a)my.public.box
CSeq: 56648 REGISTER
Contact: <sip:123@192.168.1.100:5060>;q=0.00;expires=1800
Server: Sip EXpress router (0.8.12 (i386/linux))
Content-Length: 0
Warning: 392 ser.public.ip:5060 "Noisy feedback tells: pid=21653
req_src_ip=my.router.public.ip req_src_port=5060
in_uri=sip:my.public.box out_uri=sip:my.public.box via_cnt==1"
----------
Established SIP protocol listen on: 192.168.1.101:5060
Discovered Restricted Cone NAT Firewall
SIP: 192.168.1.101:5060
RTP: 192.168.1.101:8000
NAT: my.router.public.ip
PROXY#0: 69.55.224.151:5060
OUTBOUND-PROXY#0: 69.55.224.151:5060
SEND >> ser.public.ip:5060
REGISTER sip:my.public.box SIP/2.0
Via: SIP/2.0/UDP
192.168.1.101:5060;rport;branch=z9hG4bKAC7BFFFD551C11D8B317000A957BC13A
From: kristine <sip:456@my.public.box>
To: kristine <sip:456@my.public.box>
Contact: "kristine" <sip:456@192.168.1.101:5060>
Call-ID: AC7B8E18551C11D8B317000A957BC13A(a)my.public.box
CSeq: 55034 REGISTER
Expires: 1800
Max-Forwards: 70
User-Agent: X-Lite build 1101
Content-Length: 0
RECEIVE << ser.public.ip:5060
SIP/2.0 200 OK
Via: SIP/2.0/UDP
192.168.1.101:5060;rport=15060;branch=z9hG4bKAC7BFFFD551C11D8B317000A957BC13A;received=my.router.public.ip
From: kristine <sip:456@my.public.box>
To: kristine
<sip:456@my.public.box>;tag=b27e1a1d33761e85846fc98f5f3a7e58.b0ef
Call-ID: AC7B8E18551C11D8B317000A957BC13A(a)my.public.box
CSeq: 55034 REGISTER
Contact: <sip:456@192.168.1.101:5060>;q=0.00;expires=1800
Server: Sip EXpress router (0.8.12 (i386/linux))
Content-Length: 0
Warning: 392 ser.public.ip:5060 "Noisy feedback tells: pid=21658
req_src_ip=my.router.public.ip req_src_port=15060
in_uri=sip:my.public.box out_uri=sip:my.public.box via_cnt==1
[3]
===Domain list===
---Domain---
name : 'location'
size : 512
table: 0x402d60d8
d_ll {
n : 2
first: 0x402d80e0
last : 0x402d81c8
}
...Record(0x402d80e0)...
domain: 'location'
aor : '123'
~~~Contact(0x402d8120)~~~
domain : 'location'
aor : '123'
Contact: 'sip:123@192.168.1.100:5060'
Expires: 583
q : 0.00
Call-ID: '9DA51D06551C11D882E3000393B930BA(a)my.public.box'
CSeq : 56648
replic : 0
State : CS_NEW
Flags : 0
next : (nil)
prev : (nil)
~~~/Contact~~~~
.../Record...
...Record(0x402d81c8)...
domain: 'location'
aor : '456'
~~~Contact(0x402d8208)~~~
domain : 'location'
aor : '456'
Contact: 'sip:456@192.168.1.101:5060'
Expires: 614
q : 0.00
Call-ID: 'AC7B8E18551C11D8B317000A957BC13A(a)my.public.box'
CSeq : 55034
replic : 0
State : CS_NEW
Flags : 0
next : (nil)
prev : (nil)
~~~/Contact~~~~
.../Record...
---/Domain---
===/Domain list===