28 Feb
2019
28 Feb
'19
4:18 p.m.
El mar., 26 de feb. de 2019 a la(s) 17:53, Alex Balashov (
abalashov(a)evaristesys.com) escribió:
I third that. NAT by definition adds complications and
overhead, even if
i agree with! i currently have a confusion: as i pointed here:
https://lists.kamailio.org/pipermail/sr-users/2019-February/104862.html
i have kamailio+rtpproxy/rtpengine and asterisk in realtime mode
but if i not bind the asterisk ports agains the public ip there's its no
sound..
i mean, i want only let rtpproxy/rtpengine (whatever of two no both) only
agains public ip
is nowadays to deploy Kamailio in NAT-only
environments such as AWS.
i cannot find some info about deploy agains AWS flavored OS,
where the public ip are kind of NAT.. and cannot take as real interface ...
some help with that are appreciated!
On Tue, Feb 26, 2019 at 01:47:36PM -0800, Joel Serrano wrote:
I second that. And to add to Henning's
suggestion...
We recently tested that same setup, and we found one "thing": Using
advertise, you will need a second port (listen transport:ip:port) to talk
to internal servers that require you to *keep* the private IP. Otherwise
all outgoing request from that kamailio will have the IP replaced by
whatever the advertise says and that can mess up your internal routing.
Not an issue, as I said you can configure a second port, but just
something
to know depending on what your setup is gong to
look like.
Good luck!
Joel.
On Tue, Feb 26, 2019 at 1:28 PM Henning Westerholt <hw(a)kamailio.org>
wrote:
> Am Dienstag, 26. Februar 2019, 06:09:08 CET schrieb Pintu Lohar:
> > Which one among the below option is highly recommended for setting up
> > Kamailio (for production)
> > 1. Kamailio behind NAT *or*
> > 2. Setting up Kamailio using public IP?
> >
> > are there any disadvantages if we setup Kamailio behind NAT and use
> > advertise option in listen parameters?
> >
> > We have tested both the options, and both the options work great for
us(
> a.
> > Kamailio behind NAT with advertising in listen parameters b.Kamailio
> setup
> > with public IP). So wondering which one is best and highly
recommended?
> >
> > Some extra info :
> > 1. We use TLS
> > 2. Using coturn for media
>
> Hello Pintu,
>
> generally speaking, if you have the choice between a network setup with
> NAT
> and without NAT (everything else equal) - my recommendation would to
> choose
> the one without NAT. It will be easier to debug in case of problems on
> your
> side or the client side.
>
> Best regards,
>
> Henning
>
> --
> Henning Westerholt - https://skalatan.de/blog/
> Kamailio services - https://skalatan.de/services
> Kamailio security assessment - https://skalatan.de/de/assessment
>
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> _______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
--
Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free)
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
_______________________________________________
Kamailio (SER) - Users Mailing List
sr-users(a)lists.kamailio.org
https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users