If the UAs are sitting behind the same NAT then the nathelper module may help
you (but that is not the intention of the module). But you should give up the
idea to use the external RTP proxy IMHO. It simply does not make much sence
to route the traffic of the two UAs through the internet when the can talk to
each other directly in the same LAN (i mean only the RTP part not the
signaling part).
Regards
Nils
On Monday 02 February 2004 02:44, Eric C. Snowdeal III wrote:
i've been getting my sea legs with SER and am
having trouble getting
rtpproxy to nathelper to work correctly with my setup. since everything
works fine if i test the scenario with a freeworld dialup account, i'm
assuming that my problems are solely due to the vastness of my ignorance
on how to configure SER correctly.
i have three x-lite clients [ one is running on windows 2000 not sure of
the build number, but it's the latest download from the website; the
other two clients are both build 1101 on mac 10.2.3. SER running on a
rh9 box on a public IP with rtpproxy. i installed ser-0.8.12-0.i386.rpm
which i downloaded from the ftp server. the x-lite clients are sitting
behind a linksys befw11s4 nat router.
i can run SER without nathelper/rtpproxy and make and receive calls to
clients outside the my network. however, things fall apart quickly when
i try to run more than one client behind the nat [ lost audio, timeouts
etc] which i presume is what nathelper is supposed to deal with. if try
to run to use nathelper, i can't make a call from a one client to
another client behind the lan. the calls won't go through - they simply
timeout.
i downloaded and compiled rtpproxy which i obtained from the portaone
website and simply started it from the command line. i can't figure out
how to get any debugging messages from rtpproxy, but i can see that the
process exists and /var/run/rtpproxy.sock is created.
i altered ser.cfg using the template i found in the ser-0.8.12_src
tarball [ /modules/nathelper/nathelper.cfg ]. see my config below [1].
i understand that things have changed quite a bit in the CVS head, but
i tried to compile and install the latest CVS version, but i ran into a
host of config errors using the nathelper.cfg supplied, so i decided to
backtrack, gather my wits, and stick with the released version.
the x-lite clients appear to register appropriately with the server [2 -
public ip addresses have been changed to protect the innocent]. to my
untrained eye, these messages look the same as what i see when i test
things using freeworld dialup accounts and i can make a call to another
client on the same lan segment - i.e. the internal IP addresses are
being sent. the location database also shows that the internal IP
addresses are being used [3], but i don't know if this is what i want or
not. oh. i'm also using my.public.box - a FQDN - as in the x-lite
fields where it asks for "Domain/Realm", "SIP Proxy" and "Out
Bound Proxy".
so anyone care to grab me by the lapels and point out what i'm obviously
doing wrong :-)
[1]
#
# $Id: ser.cfg,v 1.21.4.1 2003/11/10 15:35:15 andrei Exp $
#
# simple quick-start config script
#
# ----------- global configuration parameters ------------------------
#debug=3 # debug level (cmd line: -dddddddddd)
#fork=yes
#log_stderror=no # (cmd line: -E)
/* Uncomment these lines to enter debugging mode
debug=7
fork=no
log_stderror=yes
*/
check_via=no # (cmd. line: -v)
dns=no # (cmd. line: -r)
rev_dns=no # (cmd. line: -R)
#port=5060
#children=4
fifo="/tmp/ser_fifo"
# ------------------ module loading ----------------------------------
# Uncomment this if you want to use SQL database
#loadmodule "/usr/lib/ser/modules/mysql.so"
loadmodule "/usr/lib/ser/modules/nathelper.so"
loadmodule "/usr/lib/ser/modules/sl.so"
loadmodule "/usr/lib/ser/modules/tm.so"
loadmodule "/usr/lib/ser/modules/rr.so"
loadmodule "/usr/lib/ser/modules/maxfwd.so"
loadmodule "/usr/lib/ser/modules/usrloc.so"
loadmodule "/usr/lib/ser/modules/registrar.so"
# Uncomment this if you want digest authentication
# mysql.so must be loaded !
#loadmodule "/usr/lib/ser/modules/auth.so"
#loadmodule "/usr/lib/ser/modules/auth_db.so"
# ----------------- setting module-specific parameters ---------------
# -- usrloc params --
modparam("usrloc", "db_mode", 0)
# Uncomment this if you want to use SQL database
# for persistent storage and comment the previous line
#modparam("usrloc", "db_mode", 2)
# -- auth params --
# Uncomment if you are using auth module
#
#modparam("auth_db", "calculate_ha1", yes)
#
# If you set "calculate_ha1" parameter to yes (which true in this config),
# uncomment also the following parameter)
#
#modparam("auth_db", "password_column", "password")
# -- rr params --
# add value to ;lr param to make some broken UAs happy
modparam("rr", "enable_full_lr", 1)
alias="my.public.box"
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with
# max_forwards==0, or excessively long requests
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
break;
};
if ( msg:len > max_len ) {
sl_send_reply("513", "Message too big");
break;
};
# compulsory processing of Route header fields and adding RR
loose_route();
/* registration (uses rewritten contacts) */
if (method=="REGISTER") {
save("location");
break;
};
if (method=="INVITE") {
record_route();
if (isflagset(1)) { # ATA ?
fix_nated_sdp("3");
};
/* set up reply processing */
t_on_reply("1");
};
if (method == "INVITE" || method == "CANCEL") {
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
break;
};
};
/* set up reply processing and forward statefuly */
t_relay();
}
# all incoming replies for t_onrepli-ed transactions enter here
onreply_route[1] {
if (status=~"2[0-9][0-9]")
fix_nated_contact();
fix_nated_sdp("3");
}
[2]
Established SIP protocol listen on: 192.168.1.100:5060
Discovered Restricted Cone NAT Firewall
SIP: 192.168.1.100:5060
RTP: 192.168.1.100:8000
NAT: my.router.public.ip
PROXY#0: ser.public.ip:5060
OUTBOUND-PROXY#0: ser.public.ip:5060
SEND >> ser.public.ip:5060
REGISTER sip:my.public.box SIP/2.0
Via: SIP/2.0/UDP
192.168.1.100:5060;rport;branch=z9hG4bK9DF27D98551C11D882E3000393B930BA
From: snowdeal <sip:123@my.public.box>
To: snowdeal <sip:123@my.public.box>
Contact: "snowdeal" <sip:123@192.168.1.100:5060>
Call-ID: 9DA51D06551C11D882E3000393B930BA(a)my.public.box
CSeq: 56648 REGISTER
Expires: 1800
Max-Forwards: 70
User-Agent: X-Lite build 1101
Content-Length: 0
RECEIVE << ser.public.ip:5060
SIP/2.0 200 OK
Via: SIP/2.0/UDP
192.168.1.100:5060;rport=5060;branch=z9hG4bK9DF27D98551C11D882E3000393B930B
A;received=my.router.public.ip From: snowdeal <sip:123@my.public.box>
To: snowdeal
<sip:123@my.public.box>;tag=b27e1a1d33761e85846fc98f5f3a7e58.3894
Call-ID: 9DA51D06551C11D882E3000393B930BA(a)my.public.box
CSeq: 56648 REGISTER
Contact: <sip:123@192.168.1.100:5060>;q=0.00;expires=1800
Server: Sip EXpress router (0.8.12 (i386/linux))
Content-Length: 0
Warning: 392 ser.public.ip:5060 "Noisy feedback tells: pid=21653
req_src_ip=my.router.public.ip req_src_port=5060
in_uri=sip:my.public.box out_uri=sip:my.public.box via_cnt==1"
----------
Established SIP protocol listen on: 192.168.1.101:5060
Discovered Restricted Cone NAT Firewall
SIP: 192.168.1.101:5060
RTP: 192.168.1.101:8000
NAT: my.router.public.ip
PROXY#0: 69.55.224.151:5060
OUTBOUND-PROXY#0: 69.55.224.151:5060
SEND >> ser.public.ip:5060
REGISTER sip:my.public.box SIP/2.0
Via: SIP/2.0/UDP
192.168.1.101:5060;rport;branch=z9hG4bKAC7BFFFD551C11D8B317000A957BC13A
From: kristine <sip:456@my.public.box>
To: kristine <sip:456@my.public.box>
Contact: "kristine" <sip:456@192.168.1.101:5060>
Call-ID: AC7B8E18551C11D8B317000A957BC13A(a)my.public.box
CSeq: 55034 REGISTER
Expires: 1800
Max-Forwards: 70
User-Agent: X-Lite build 1101
Content-Length: 0
RECEIVE << ser.public.ip:5060
SIP/2.0 200 OK
Via: SIP/2.0/UDP
192.168.1.101:5060;rport=15060;branch=z9hG4bKAC7BFFFD551C11D8B317000A957BC1
3A;received=my.router.public.ip From: kristine <sip:456@my.public.box>
To: kristine
<sip:456@my.public.box>;tag=b27e1a1d33761e85846fc98f5f3a7e58.b0ef
Call-ID: AC7B8E18551C11D8B317000A957BC13A(a)my.public.box
CSeq: 55034 REGISTER
Contact: <sip:456@192.168.1.101:5060>;q=0.00;expires=1800
Server: Sip EXpress router (0.8.12 (i386/linux))
Content-Length: 0
Warning: 392 ser.public.ip:5060 "Noisy feedback tells: pid=21658
req_src_ip=my.router.public.ip req_src_port=15060
in_uri=sip:my.public.box out_uri=sip:my.public.box via_cnt==1
[3]
===Domain list===
---Domain---
name : 'location'
size : 512
table: 0x402d60d8
d_ll {
n : 2
first: 0x402d80e0
last : 0x402d81c8
}
...Record(0x402d80e0)...
domain: 'location'
aor : '123'
~~~Contact(0x402d8120)~~~
domain : 'location'
aor : '123'
Contact: 'sip:123@192.168.1.100:5060'
Expires: 583
q : 0.00
Call-ID: '9DA51D06551C11D882E3000393B930BA(a)my.public.box'
CSeq : 56648
replic : 0
State : CS_NEW
Flags : 0
next : (nil)
prev : (nil)
~~~/Contact~~~~
.../Record...
...Record(0x402d81c8)...
domain: 'location'
aor : '456'
~~~Contact(0x402d8208)~~~
domain : 'location'
aor : '456'
Contact: 'sip:456@192.168.1.101:5060'
Expires: 614
q : 0.00
Call-ID: 'AC7B8E18551C11D8B317000A957BC13A(a)my.public.box'
CSeq : 55034
replic : 0
State : CS_NEW
Flags : 0
next : (nil)
prev : (nil)
~~~/Contact~~~~
.../Record...
---/Domain---
===/Domain list===
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers