Klaus-
On 23.12.2009 20:21, Jeff Brower wrote:
Daniel-
I haven't used such scenario so far and not a
big linux network routing
expert here, so the command you use for bridging do not help me too much.
When I need to bridge two network then I use rtpproxy in bridging mode,
like the example I pointed in a previous email, and all run fine.
Thanks for your reply Daniel. Our concern with using rtpproxy for bridging is that we
may end up with less call
capacity. We don't want to touch in user space packets that don't need
decryption and transcoding -- we want to let
them through to the other network using Linux bridging and the 2 NICs.
Why using rtpproxy at all for unencrypted calls? Just let them through
directly to Asterisk.
Yes, we're doing that now, using Linux bridging (2 NICs).
IF you do not want RTP directly to Asterisk, but need
kernel-based
forwarding, you could use mediaproxy2 (kernel-based) for RTP and
rtpproxy for SRTP.
Ok thanks for that suggestion. At call capacity increases, we may move encryption and
transcoding to an accelerator
card... rtpproxy is a good UDP/RTP place to interface with the card.
-Jeff
>> On 12/22/09 10:40 PM, Vikram Ragukumar wrote:
>>> Daniel,
>>>
>>> Please find below a corrected Dataflow diagram.
>>>
>>> -----------------
>>> |SIP Caller's |
>>> |Encrypted SIP |
>>> |(Port9090) + |
>>> |UDP |
>>> |(Port10000-20000)|
>>> -----------------
>>> |
>>> |Public IP
>>> ---|-----------------------
>>> | --|---- ------- | Public IP
>>> || NIC1 |<------>| NIC2 | | -----------
>>> || eth0 | bridge | eth1 |->-| Asterisk |
>>> | --|----- --|--|- | |CentOS v5.4|
>>> | v port 9090 | | | | Server 2 |
>>> | --|--------------- | | | -----------
>>> ||Libnetfilter_queue|| | |
>>> | -|----|----------- | | |
>>> | | | | | |
>>> | | -|-------- | | |
>>> | | |Decryption| ^ ^ |
>>> | | -|-------- | | |
>>> | v v port 5060 | | |
>>> | | -|------ | | |
>>> | | |Kamailio|--->- | |
>>> | | -------- | |
>>> | | | |
>>> | |UDPports | |
>>> | -|-- -------- | |
>>> ||srtp|->--|rtpproxy|->- |
>>> | ---- -------- |
>>> | Server 1,CentOS v5.4 |
>>> ---------------------------
>>>
>>> Thanks and Regards,
>>> Vikram.
>>>
>>> Vikram Ragukumar wrote:
>>>> Daniel,
>>>>
>>>> Thanks once again for your reply. I present below a more detailed
>>>> system description. The first ASCII sketch depicts the setup we have
>>>> in our lab here and the second ASCII sketch depicts the dataflow we
>>>> are working towards.
>>>>
>>>> System setup:
>>>> -------------
>>>>
>>>> ------------
>>>> | Internet |
>>>> ------------
>>>> |
>>>> |
>>>> ------|------------------------
>>>> | | CentOS v5.4 |
>>>> | ---|---- -------- |
>>>> | | NIC1 |<------>| NIC2 | |<- Server 1
>>>> | | eth0 | bridge | eth1 | |
>>>> | -------- ----|--- |
>>>> | Rtpproxy,Kamailio | |
>>>> -------------------------|-----
>>>> |
>>>> |<- Cross over cable
>>>> |
>>>> -----------
>>>> |CentOS v5.4|
>>>> | Asterisk |<- Server 2
>>>> -----------
>>>>
>>>> Dataflow:
>>>> ---------
>>>>
>>>> ------------------
>>>> |SIP Caller's |
>>>> |Encrypted SIP |
>>>> |(Port9090) + |
>>>> |UDP |
>>>> |(Port10000-20000)|
>>>> -----------------
>>>> |
>>>> |Public IP
>>>> ---|-----------------------
>>>> | --|---- ------- | Public IP
>>>> || NIC1 |<------>| NIC2 | | -----------
>>>> || eth0 | bridge | eth1 |->-| Asterisk |
>>>> | --|----- --|--|- | |CentOS v5.4|
>>>> | v port 9090 | | | | Server 2 |
>>>> | --|--------------- | | | -----------
>>>> ||Libnetfilter_queue|| | |
>>>> | --|--------------- | | |
>>>> | v | | |
>>>> | --|------- | | |
>>>> ||Decryption| ^ ^ |
>>>> | -|------|-- | | |
>>>> | | v port 5060| | |
>>>> | | ---|---- | | |
>>>> | | |Kamailio|--->- | |
>>>> | v -------- | |
>>>> | | | |
>>>> | |UDPports | |
>>>> | -|-- -------- | |
>>>> ||srtp|->--|rtpproxy|->- |
>>>> | ---- -------- |
>>>> | Server 1,CentOS v5.4 |
>>>> ---------------------------
>>>>
>>>> Questions:
>>>> ----------
>>>> 1) Is it common practice to implement "Decryption" and
"srtp" as
>>>> shown in the dataflow diagram? If not, what is a more appropriate
>>>> place to implement them ?
>>>> 2) Once deployed, will such as system be capable of handling several
>>>> hundreds or thousands of calls ?
>>>>
>>>> Wish you all a Merry Christmas and a Happy New Year.
>>>>
>>>> Thanks and Regards,
>>>> Vikram.
>>>>
>>>> PS : Here is the script used to setup the bridge between eth0 and eth1
>>>>
>>>> brctl addbr br0
>>>> brctl stp br0 on
>>>> brctl addif br0 eth0
>>>> brctl addif br0 eth1
>>>> ifdown eth0 1>/dev/null 2>&1
>>>> ifdown eth1 1>/dev/null 2>&1
>>>> ifconfig eth0 0.0.0.0 up
>>>> ifconfig eth1 0.0.0.0 up
>>>> ifconfig br0 64.221.148.221 netmask 255.255.255.224 up
>>>> route add default gw 64.221.148.220
>>>> for file in br0 eth0 eth1
>>>> do
>>>> echo "1"> /proc/sys/net/ipv4/conf/${file}/proxy_arp
>>>> echo "1"> /proc/sys/net/ipv4/conf/${file}/forwarding
>>>> done;
>>>> echo "1"> /proc/sys/net/ipv4/ip_forward
>>>>
>>>>
>>>> Daniel-Constantin Mierla wrote:
>>>>>
>>>>>
>>>>> On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
>>>>>> Daniel,
>>>>>>
>>>>>> Thank you for your reply. Let me briefly explain what i am
trying
>>>>>> to achieve over here.
>>>>>>
>>>>>> _____ eth0 _____ eth1 ______
>>>>>> |_____|------|_____|--------|______| Internet
>>>>>> Server1 Server2
>>>>>> 2 NIC's 1 NIC
>>>>>> (Public IP)
>>>>>>
>>>>>> I show above a sketch of the desired setup.
>>>>>>
>>>>>> Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's
installed.
>>>>>> Server2 - Runs Asterisk. It must be assigned a Public IP.
>>>>>>
>>>>>> I need to use rtpproxy to intercept data being sent to Server 2,
>>>>>> process them and let them continue along their original path.
Are
>>>>>> there any references you can point me to, that show how to use
>>>>>> rtpproxy to achieve this bridging? Does the connection between
eth1
>>>>>> of Server1 and eth0 of Server2 have to made using a crossover
cable ?
>>>>>
>>>>> probably your diagram is not displayed properly by the email client,
>>>>> since I do not really get what you wanted to draw.
>>>>>
>>>>> However, in the kamailio server, if you have two network interfaces,
>>>>> run kamailio to listen on both and rtpproxy in bridging mode between
>>>>> them. Then rtpproxy will get packets coming on eth0 and send onver
>>>>> eth1 and viceversa. I gave you the path in the source three where
>>>>> you find an example to start with (in my previous email).
>>>>>
>>>>> Cheers,
>>>>> Daniel
>>>>>
>>>>>
>>>>>
>>>>>>
>>>>>> Daniel-Constantin Mierla wrote:
>>>>>>> Hello,
>>>>>>>
>>>>>>> On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
>>>>>>>> Hello All,
>>>>>>>>
>>>>>>>> I am trying to setup a test scenario, where i have
Kamailio and
>>>>>>>> rtpproxy running on one CentOS box (Server1) and i have
Asterisk
>>>>>>>> running on another CentOS box (Server2). Server1 has 2
NIC's eth0
>>>>>>>> and eth1 that are both assigned Public IP's. There is
a
>>>>>>>> transparent bridge br0 connecting eth0 and eth1 which
also has
>>>>>>>> its own Public IP. Finally eth0 on Server2 also has a
Public IP.
>>>>>>>>
>>>>>>>> Server2 must be assigned a Public IP.
>>>>>>>>
>>>>>>>> My goal is to modify rtpproxy so that i can intercept
packets
>>>>>>>> traveling to Server2, process them and let them resume
along
>>>>>>>> their original path.
>>>>>>>> I would like to know if there is another way of setting
this up
>>>>>>>> so that i dont use as many Public IP's ?
>>>>>>>> Do any of you see a problem with this setup, things that
may not
>>>>>>>> work eventually, or any other concerns ?
>>>>>>>>
>>>>>>> rtpproxy can do bridging of two interfaces -- see the example
cfg:
>>>>>>>
>>>>>>> modules/nathelper/examples/alg.cfg
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Daniel