5 Jun
2007
5 Jun
'07
5:12 p.m.
Hi!
I'm experiencing problems using openser and rtpproxy on a multihomed box
(IP addresses are 137.208.89.45 and 137.208.89.65).
The client (firewalled) contacts the server via the first IP address
(137.208.89.45) but rtpproxy sometimes uses it's second IP
(137.208.89.65) in the "c=" SDP-information. (See below.)
However it _sends_ RTP packets from the _first_ IP address. Those
packets will never pass through the firewall, of course, since the
clients outgoing RTP traffic is sent to another IP address than the
incoming traffic is hitting the firewall from.
Is there a way to tell rtpproxy to use the same IP-address both for the
c= SDP header and as source address?
-------------------- 8< --------------------
##
T 2007/06/05 15:57:36.041537 137.208.89.45:5060 -> 137.208.90.164:3099 [AP]
SIP/2.0 183 Session Progress.
Via: SIP/2.0/TCP
137.208.90.164:56136;branch=z9hG4bK-d87543-a107a77a6311422d-1--d87543-;rport=3099.
From: "Alexander Bergolth"<sip:30001@wu-wien.ac.at>;tag=5b6d7b31.
To: "996050"<sip:996050@wu-wien.ac.at>;tag=as2e40807f.
Call-ID: MTVjYzlhMDdjMjAwODExZDEyNzk5M2IwN2UxNjhlYTc..
CSeq: 2 INVITE.
User-Agent: Asterisk PBX.
Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY.
Supported: replaces.
Contact: <sip:996050@137.208.89.135>.
Content-Type: application/sdp.
Content-Length: 283.
.
v=0.
o=root 6978 6978 IN IP4 137.208.89.135.
s=session.
c=IN IP4 137.208.89.65.
t=0 0.
m=audio 35064 RTP/AVP 0 8 101.
a=rtpmap:0 PCMU/8000.
a=rtpmap:8 PCMA/8000.
a=rtpmap:101 telephone-event/8000.
a=fmtp:101 0-16.
a=silenceSupp:off - - - -.
a=ptime:20.
a=sendrecv.
a=nortpproxy:yes.
-------------------- 8< --------------------
-------------------- 8< --------------------
15:57:35.814136 IP 137.208.90.164.3099 > 137.208.89.45.5060: P
4236850032:4236851080(1048) ack 224540451 win 64256
15:57:35.814147 IP 137.208.89.45.5060 > 137.208.90.164.3099: . ack 1048
win 2003
15:57:35.814351 IP 137.208.89.45.5060 > 137.208.90.164.3099: P
1:550(549) ack 1048 win 2003
15:57:35.814430 IP 137.208.89.45.5060 > 137.208.90.164.3099: P
550:1264(714) ack 1048 win 2003
15:57:35.814850 IP 137.208.90.164.3099 > 137.208.89.45.5060: . ack 1264
win 64177
15:57:35.915829 IP 137.208.90.164.3099 > 137.208.89.45.5060: P
1048:1418(370) ack 1264 win 64177
15:57:35.955948 IP 137.208.89.45.5060 > 137.208.90.164.3099: . ack 1418
win 2003
15:57:36.017309 IP 137.208.90.164.3099 > 137.208.89.45.5060: P
1418:2672(1254) ack 1264 win 64177
15:57:36.017320 IP 137.208.89.45.5060 > 137.208.90.164.3099: . ack 2672
win 2003
15:57:36.017397 IP 137.208.89.45.5060 > 137.208.90.164.3099: P
1264:1813(549) ack 2672 win 2003
15:57:36.018604 IP 137.208.89.45.5060 > 137.208.90.164.3099: P
1813:2388(575) ack 2672 win 2003
15:57:36.019170 IP 137.208.90.164.3099 > 137.208.89.45.5060: . ack 2388
win 64256
15:57:36.041454 IP 137.208.89.45.35064 > 137.208.90.164.10676: UDP,
length 172
15:57:36.041537 IP 137.208.89.45.5060 > 137.208.90.164.3099: P
2388:3200(812) ack 2672 win 2003
15:57:36.046899 IP 137.208.90.164.10677 > 137.208.89.65.35065: UDP,
length 132
15:57:36.061155 IP 137.208.89.45.35064 > 137.208.90.164.10676: UDP,
length 172
15:57:36.080128 IP 137.208.90.164.10676 > 137.208.89.65.35064: UDP,
length 172
15:57:36.081157 IP 137.208.89.45.35064 > 137.208.90.164.10676: UDP,
length 172
[...]
-------------------- 8< --------------------
Thanks in advance,
--leo
P.S.: I'm using openser-1.2 and rtpproxy-cvs20070222.
--
e-mail ::: Alexander.Bergolth (at) wu-wien.ac.at
fax ::: +43-1-31336-906050
location ::: Computer Center | Vienna University of Economics | Austria
6 Jun
6 Jun
8:29 p.m.
Alexander Bergolth wrote:
Hi!
I'm experiencing problems using openser and rtpproxy on a multihomed box
(IP addresses are 137.208.89.45 and 137.208.89.65).
The client (firewalled) contacts the server via the first IP address
(137.208.89.45) but rtpproxy sometimes uses it's second IP
(137.208.89.65) in the "c=" SDP-information. (See below.)
However it _sends_ RTP packets from the _first_ IP address. Those
packets will never pass through the firewall, of course, since the
clients outgoing RTP traffic is sent to another IP address than the
incoming traffic is hitting the firewall from.
Is there a way to tell rtpproxy to use the same IP-address both for the
c= SDP header and as source address?
I guess you need the bridge mode of rtp proxy. Take a look at the "flags":
http://openser.org/docs/modules/devel/nathelper#AEN296
klaus
10:35 p.m.
On 06/06/2007 07:29 PM, Klaus Darilion wrote:
Alexander Bergolth wrote:
Yes, I did already read it but I still didn't get the clue yet. :(
In my configuration, there is no internal and external net, both IP
addresses are in the same subnet using public IP addresses.
What I'd like to achieve:
The openser/rtpproxy server has some IP addresses and receives and sends
SIP traffic on all of those interfaces.
rtpproxy should simply use that local IP address for its RTP connection
to the client from which the SIP traffic from the client came in.
I've tried to use force_rtp_proxy("", "$Ri") but that leads to
the
SDP-line "c=$Ri". Maybe the nathelper-module doesn't support
pseudo-variables?
Cheers,
--leo
--
e-mail ::: Alexander.Bergolth (at) wu-wien.ac.at
fax ::: +43-1-31336-906050
location ::: Computer Center | Vienna University of Economics | Austria
I'm experiencing problems using openser and
rtpproxy on a multihomed box
(IP addresses are 137.208.89.45 and 137.208.89.65).
The client (firewalled) contacts the server via the first IP address
(137.208.89.45) but rtpproxy sometimes uses it's second IP
(137.208.89.65) in the "c=" SDP-information. (See below.)
However it _sends_ RTP packets from the _first_ IP address. Those
packets will never pass through the firewall, of course, since the
clients outgoing RTP traffic is sent to another IP address than the
incoming traffic is hitting the firewall from.
Is there a way to tell rtpproxy to use the same IP-address both for the
c= SDP header and as source address?
I guess you need the bridge mode of rtp proxy. Take a look at the "flags":
http://openser.org/docs/modules/devel/nathelper#AEN296 
10:43 p.m.
Hi Alex,
It all depends on your routing table. The OS will choose the src IP
for you unless you force it.
If you receive RTP traffic on one interface and want to send it from
the other one, then you need to run rtpproxy in bridge mode,
otherwise, you can run two rtpproxy in parallel (use -l to specify the
interface) and use openser 1.3 (the trunk version) to choose between
the two rtpproxy servers.
BTW, why do you want to run openSER/rtpproxy in this scenario?
Regards,
Ovidiu Sas
On 6/6/07, Alexander 'Leo' Bergolth <leo(a)strike.wu-wien.ac.at> wrote:
On 06/06/2007 07:29 PM, Klaus Darilion wrote:
Alexander Bergolth wrote:
Yes, I did already read it but I still didn't get the clue yet. :(
In my configuration, there is no internal and external net, both IP
addresses are in the same subnet using public IP addresses.
What I'd like to achieve:
The openser/rtpproxy server has some IP addresses and receives and sends
SIP traffic on all of those interfaces.
rtpproxy should simply use that local IP address for its RTP connection
to the client from which the SIP traffic from the client came in.
I've tried to use force_rtp_proxy("", "$Ri") but that leads to
the
SDP-line "c=$Ri". Maybe the nathelper-module doesn't support
pseudo-variables?
Cheers,
--leo
--
e-mail ::: Alexander.Bergolth (at) wu-wien.ac.at
fax ::: +43-1-31336-906050
location ::: Computer Center | Vienna University of Economics | Austria
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users
I'm experiencing problems using openser and
rtpproxy on a multihomed box
(IP addresses are 137.208.89.45 and 137.208.89.65).
The client (firewalled) contacts the server via the first IP address
(137.208.89.45) but rtpproxy sometimes uses it's second IP
(137.208.89.65) in the "c=" SDP-information. (See below.)
However it _sends_ RTP packets from the _first_ IP address. Those
packets will never pass through the firewall, of course, since the
clients outgoing RTP traffic is sent to another IP address than the
incoming traffic is hitting the firewall from.
Is there a way to tell rtpproxy to use the same IP-address both for the
c= SDP header and as source address?
I guess you need the bridge mode of rtp proxy. Take a look at the "flags":
http://openser.org/docs/modules/devel/nathelper#AEN296
11:01 p.m.
On 06/06/2007 09:43 PM, Ovidiu Sas wrote:
It all depends on your routing table. The OS will
choose the src IP
for you unless you force it.
Yes, I guess I should set the preferred source address via the "src"
option to ip route.
Right now, I don't specify the preferred source address and it did use
the first IP for sending RTP traffic for some month now.
But since yesterday (no reboot or routing table change involved) it used
the second IP for sending which is bad because the incoming traffic is
destined to the first address.
If you receive RTP traffic on one interface and want
to send it from
the other one, then you need to run rtpproxy in bridge mode,
otherwise, you can run two rtpproxy in parallel (use -l to specify the
interface) and use openser 1.3 (the trunk version) to choose between
the two rtpproxy servers.
I don't think this will be necessary, thanks.
BTW, why do you want to run openSER/rtpproxy in this
scenario?
It just happened by accident. ;)
The server has two IP addresses in the same subnet for administrative
reasons but the SRV records for SIP are only pointing to one address. So
I can easily set the preferred source address for outgoing traffic with
ip route change default via <gw> dev eth0 src <ip_a>
... to this address.
Thanks,
--leo
On 6/6/07, Alexander 'Leo' Bergolth
<leo(a)strike.wu-wien.ac.at> wrote:
> On 06/06/2007 07:29 PM, Klaus Darilion wrote:
> > Alexander Bergolth wrote:
> >> I'm experiencing problems using openser and rtpproxy on a
> multihomed box
> >> (IP addresses are 137.208.89.45 and 137.208.89.65).
> >>
> >> The client (firewalled) contacts the server via the first IP address
> >> (137.208.89.45) but rtpproxy sometimes uses it's second IP
> >> (137.208.89.65) in the "c=" SDP-information. (See below.)
> >> However it _sends_ RTP packets from the _first_ IP address. Those
> >> packets will never pass through the firewall, of course, since the
> >> clients outgoing RTP traffic is sent to another IP address than the
> >> incoming traffic is hitting the firewall from.
> >>
> >> Is there a way to tell rtpproxy to use the same IP-address both for
> the
> >> c= SDP header and as source address?
> >
> > I guess you need the bridge mode of rtp proxy. Take a look at the
> "flags":
> > http://openser.org/docs/modules/devel/nathelper#AEN296
>
> Yes, I did already read it but I still didn't get the clue yet. :(
>
> In my configuration, there is no internal and external net, both IP
> addresses are in the same subnet using public IP addresses.
>
> What I'd like to achieve:
> The openser/rtpproxy server has some IP addresses and receives and sends
> SIP traffic on all of those interfaces.
> rtpproxy should simply use that local IP address for its RTP connection
> to the client from which the SIP traffic from the client came in.
>
> I've tried to use force_rtp_proxy("", "$Ri") but that leads
to the
> SDP-line "c=$Ri". Maybe the nathelper-module doesn't support
> pseudo-variables?
>
> Cheers,
> --leo
> --
> e-mail ::: Alexander.Bergolth (at) wu-wien.ac.at
> fax ::: +43-1-31336-906050
> location ::: Computer Center | Vienna University of Economics | Austria
>
>
> _______________________________________________
> Users mailing list
> Users(a)openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>
--
e-mail ::: Alexander.Bergolth (at) wu-wien.ac.at
fax ::: +43-1-31336-906050
location ::: Computer Center | Vienna University of Economics | Austria
6380
days inactive
6381
days old
4 comments
4 participants
participants (4)
-
Alexander 'Leo' Bergolth -
Alexander Bergolth
-
Klaus Darilion -
Ovidiu Sas