12 Dec
2003
12 Dec
'03
8:49 p.m.
Hello List,
I am trying to get SER + nathelper working with multiple RTP proxies on the route (please
read the mail appended below on the problem I am trying to solve and how am trying to
solve it). I spent sometime understanding the internals of SER - but it will be great if
anyone can help me with the following problem -
My test settings is -
UA1 ---- NAT ---- SER/RTP1 ----- SER/RTP2 ------- UA2
I am forcing rtpproxy on SER2 also.
In file nathelper.c, I added a test case in force_rtp_proxy_f(..) to check if the SIP/SDP
packet was sent by a device behind NAT. I use the SER received_test(msg) to do this check
(which is basically a msg->via1->host == msg->rcv.src_ip test). I try setting up
a call from UA1 to UA2. When SER1 receives the SIP/SDP packet from UA1, the received_test
correctly detects that UA1 is behind NAT. But when UA2 sends back an OK with its SDP data
(which SER2 modifies before sending it to SER1), a received_test (in SER1) on this SIP/SDP
message returns positive (isn't via1 added by SER2? and via2 the one added by UA1?).
I will appreciate any help on this. Is there any better way to do this? I am not doing a
check on contact header since fix_nated_contact may have already been called (save reason
for not checking the SDP contact information).
Sorry I am unable to add any debugging information - as I am writing from home.
Regards,
Dhiraj
Network Security Specialist,
BT Exact
-----Original Message-----
From: dhiraj.2.bhuyan(a)bt.com [mailto:dhiraj.2.bhuyan@bt.com]
Sent: Friday, December 12, 2003 6:39 PM
To: jiri(a)iptel.org; sobomax(a)portaone.com
Cc: serusers(a)lists.iptel.org
Subject: [Serusers] nat + multiple RTP proxy
Greetings list,
I spent some time looking into the rtpproxy and nathelper
code. Currently, nathelper + rtpproxy will work ONLY if there
is "one" RTP proxy on the path. In a scenario like -
UA1 ---- NAT ---- SER/RTP1 ----- SER/RTP2 ---- NAT --- UA2
where UA1 and UA2 are subscribed to two different SERs and
are also behind NAT, RTP proxy 1 never forwards the RTP
traffic from UA1 to RTP proxy 2 (because of the way it is
designed) since RTP1 is waiting for at least one RTP packet
from RTP proxy 2 and vice versa - hence the deadlock.
This can be fixed if the RTP proxy waits for one UDP packet
from the device behind NAT, but does not wait for any packets
from the device it thinks is not behind NAT before forwarding
it the RTP traffic (coming from the other end). Thus in the
above scenario, RTP 1 waits for at least one packet from UA1
- but does not wait for any packet from RTP2.
I am writing a patch for nathelper and rtpproxy to add this
functionality (should be available by next week). Anyone -
any thoughts on this?
Dhiraj Bhuyan
Network Security Specialist,
BT Exact Business Assurance Solutions
Tel: +44 1473 643932
Mob: +44 7962 012145
Email: dhiraj.2.bhuyan(a)bt.com
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers