Hello All,
I am trying to setup a test scenario, where i have Kamailio and rtpproxy running on one CentOS box (Server1) and i have Asterisk running on another CentOS box (Server2). Server1 has 2 NIC's eth0 and eth1 that are both assigned Public IP's. There is a transparent bridge br0 connecting eth0 and eth1 which also has its own Public IP. Finally eth0 on Server2 also has a Public IP.
Server2 must be assigned a Public IP.
My goal is to modify rtpproxy so that i can intercept packets traveling to Server2, process them and let them resume along their original path. I would like to know if there is another way of setting this up so that i dont use as many Public IP's ? Do any of you see a problem with this setup, things that may not work eventually, or any other concerns ?
Thanks, Vikram.
Hello,
On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
Hello All,
I am trying to setup a test scenario, where i have Kamailio and rtpproxy running on one CentOS box (Server1) and i have Asterisk running on another CentOS box (Server2). Server1 has 2 NIC's eth0 and eth1 that are both assigned Public IP's. There is a transparent bridge br0 connecting eth0 and eth1 which also has its own Public IP. Finally eth0 on Server2 also has a Public IP.
Server2 must be assigned a Public IP.
My goal is to modify rtpproxy so that i can intercept packets traveling to Server2, process them and let them resume along their original path. I would like to know if there is another way of setting this up so that i dont use as many Public IP's ? Do any of you see a problem with this setup, things that may not work eventually, or any other concerns ?
rtpproxy can do bridging of two interfaces -- see the example cfg:
modules/nathelper/examples/alg.cfg
Cheers, Daniel
Daniel,
Thank you for your reply. Let me briefly explain what i am trying to achieve over here.
_____ eth0 _____ eth1 ______ |_____|------|_____|--------|______| Internet Server1 Server2 2 NIC's 1 NIC (Public IP)
I show above a sketch of the desired setup.
Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed. Server2 - Runs Asterisk. It must be assigned a Public IP.
I need to use rtpproxy to intercept data being sent to Server 2, process them and let them continue along their original path. Are there any references you can point me to, that show how to use rtpproxy to achieve this bridging? Does the connection between eth1 of Server1 and eth0 of Server2 have to made using a crossover cable ?
Thank you for all your help. Regards, Vikram.
Daniel-Constantin Mierla wrote:
Hello,
On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
Hello All,
I am trying to setup a test scenario, where i have Kamailio and rtpproxy running on one CentOS box (Server1) and i have Asterisk running on another CentOS box (Server2). Server1 has 2 NIC's eth0 and eth1 that are both assigned Public IP's. There is a transparent bridge br0 connecting eth0 and eth1 which also has its own Public IP. Finally eth0 on Server2 also has a Public IP.
Server2 must be assigned a Public IP.
My goal is to modify rtpproxy so that i can intercept packets traveling to Server2, process them and let them resume along their original path. I would like to know if there is another way of setting this up so that i dont use as many Public IP's ? Do any of you see a problem with this setup, things that may not work eventually, or any other concerns ?
rtpproxy can do bridging of two interfaces -- see the example cfg:
modules/nathelper/examples/alg.cfg
Cheers, Daniel
On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
Daniel,
Thank you for your reply. Let me briefly explain what i am trying to achieve over here.
_____ eth0 _____ eth1 ______ |_____|------|_____|--------|______| Internet Server1 Server2 2 NIC's 1 NIC (Public IP)
I show above a sketch of the desired setup.
Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed. Server2 - Runs Asterisk. It must be assigned a Public IP.
I need to use rtpproxy to intercept data being sent to Server 2, process them and let them continue along their original path. Are there any references you can point me to, that show how to use rtpproxy to achieve this bridging? Does the connection between eth1 of Server1 and eth0 of Server2 have to made using a crossover cable ?
probably your diagram is not displayed properly by the email client, since I do not really get what you wanted to draw.
However, in the kamailio server, if you have two network interfaces, run kamailio to listen on both and rtpproxy in bridging mode between them. Then rtpproxy will get packets coming on eth0 and send onver eth1 and viceversa. I gave you the path in the source three where you find an example to start with (in my previous email).
Cheers, Daniel
Daniel-Constantin Mierla wrote:
Hello,
On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
Hello All,
I am trying to setup a test scenario, where i have Kamailio and rtpproxy running on one CentOS box (Server1) and i have Asterisk running on another CentOS box (Server2). Server1 has 2 NIC's eth0 and eth1 that are both assigned Public IP's. There is a transparent bridge br0 connecting eth0 and eth1 which also has its own Public IP. Finally eth0 on Server2 also has a Public IP.
Server2 must be assigned a Public IP.
My goal is to modify rtpproxy so that i can intercept packets traveling to Server2, process them and let them resume along their original path. I would like to know if there is another way of setting this up so that i dont use as many Public IP's ? Do any of you see a problem with this setup, things that may not work eventually, or any other concerns ?
rtpproxy can do bridging of two interfaces -- see the example cfg:
modules/nathelper/examples/alg.cfg
Cheers, Daniel
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
Daniel,
Thanks once again for your reply. I present below a more detailed system description. The first ASCII sketch depicts the setup we have in our lab here and the second ASCII sketch depicts the dataflow we are working towards.
System setup: -------------
------------ | Internet | ------------ | | ------|------------------------ | | CentOS v5.4 | | ---|---- -------- | | | NIC1 |<------>| NIC2 | | <- Server 1 | | eth0 | bridge | eth1 | | | -------- ----|--- | | Rtpproxy,Kamailio | | -------------------------|----- | |<- Cross over cable | ----------- |CentOS v5.4| | Asterisk | <- Server 2 -----------
Dataflow: ---------
------------------ |SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)| ----------------- | |Public IP ---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | --|--------------- | | | | v | | | | --|------- | | | ||Decryption| ^ ^ | | -|------|-- | | | | | v port 5060| | | | | ---|---- | | | | | |Kamailio|--->- | | | v -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 | ---------------------------
Questions: ---------- 1) Is it common practice to implement "Decryption" and "srtp" as shown in the dataflow diagram? If not, what is a more appropriate place to implement them ? 2) Once deployed, will such as system be capable of handling several hundreds or thousands of calls ?
Wish you all a Merry Christmas and a Happy New Year.
Thanks and Regards, Vikram.
PS : Here is the script used to setup the bridge between eth0 and eth1
brctl addbr br0 brctl stp br0 on brctl addif br0 eth0 brctl addif br0 eth1 ifdown eth0 1>/dev/null 2>&1 ifdown eth1 1>/dev/null 2>&1 ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 64.221.148.221 netmask 255.255.255.224 up route add default gw 64.221.148.220 for file in br0 eth0 eth1 do echo "1" > /proc/sys/net/ipv4/conf/${file}/proxy_arp echo "1" > /proc/sys/net/ipv4/conf/${file}/forwarding done; echo "1" > /proc/sys/net/ipv4/ip_forward
Daniel-Constantin Mierla wrote:
On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
Daniel,
Thank you for your reply. Let me briefly explain what i am trying to achieve over here.
_____ eth0 _____ eth1 ______ |_____|------|_____|--------|______| Internet Server1 Server2 2 NIC's 1 NIC (Public IP)
I show above a sketch of the desired setup.
Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed. Server2 - Runs Asterisk. It must be assigned a Public IP.
I need to use rtpproxy to intercept data being sent to Server 2, process them and let them continue along their original path. Are there any references you can point me to, that show how to use rtpproxy to achieve this bridging? Does the connection between eth1 of Server1 and eth0 of Server2 have to made using a crossover cable ?
probably your diagram is not displayed properly by the email client, since I do not really get what you wanted to draw.
However, in the kamailio server, if you have two network interfaces, run kamailio to listen on both and rtpproxy in bridging mode between them. Then rtpproxy will get packets coming on eth0 and send onver eth1 and viceversa. I gave you the path in the source three where you find an example to start with (in my previous email).
Cheers, Daniel
Daniel-Constantin Mierla wrote:
Hello,
On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
Hello All,
I am trying to setup a test scenario, where i have Kamailio and rtpproxy running on one CentOS box (Server1) and i have Asterisk running on another CentOS box (Server2). Server1 has 2 NIC's eth0 and eth1 that are both assigned Public IP's. There is a transparent bridge br0 connecting eth0 and eth1 which also has its own Public IP. Finally eth0 on Server2 also has a Public IP.
Server2 must be assigned a Public IP.
My goal is to modify rtpproxy so that i can intercept packets traveling to Server2, process them and let them resume along their original path. I would like to know if there is another way of setting this up so that i dont use as many Public IP's ? Do any of you see a problem with this setup, things that may not work eventually, or any other concerns ?
rtpproxy can do bridging of two interfaces -- see the example cfg:
modules/nathelper/examples/alg.cfg
Cheers, Daniel
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
Daniel,
Please find below a corrected Dataflow diagram.
----------------- |SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)| ----------------- | |Public IP ---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | -|----|----------- | | | | | | | | | | | -|-------- | | | | | |Decryption| ^ ^ | | | -|-------- | | | | v v port 5060 | | | | | -|------ | | | | | |Kamailio|--->- | | | | -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 | ---------------------------
Thanks and Regards, Vikram.
Vikram Ragukumar wrote:
Daniel,
Thanks once again for your reply. I present below a more detailed system description. The first ASCII sketch depicts the setup we have in our lab here and the second ASCII sketch depicts the dataflow we are working towards.
System setup:
| Internet |
| |------|------------------------ | | CentOS v5.4 | | ---|---- -------- | | | NIC1 |<------>| NIC2 | | <- Server 1 | | eth0 | bridge | eth1 | | | -------- ----|--- | | Rtpproxy,Kamailio | | -------------------------|----- | |<- Cross over cable | ----------- |CentOS v5.4| | Asterisk | <- Server 2 -----------
Dataflow:
|SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)|
| |Public IP---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | --|--------------- | | | | v | | | | --|------- | | | ||Decryption| ^ ^ | | -|------|-- | | | | | v port 5060| | | | | ---|---- | | | | | |Kamailio|--->- | | | v -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 |
Questions:
- Is it common practice to implement "Decryption" and "srtp" as shown
in the dataflow diagram? If not, what is a more appropriate place to implement them ? 2) Once deployed, will such as system be capable of handling several hundreds or thousands of calls ?
Wish you all a Merry Christmas and a Happy New Year.
Thanks and Regards, Vikram.
PS : Here is the script used to setup the bridge between eth0 and eth1
brctl addbr br0 brctl stp br0 on brctl addif br0 eth0 brctl addif br0 eth1 ifdown eth0 1>/dev/null 2>&1 ifdown eth1 1>/dev/null 2>&1 ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 64.221.148.221 netmask 255.255.255.224 up route add default gw 64.221.148.220 for file in br0 eth0 eth1 do echo "1" > /proc/sys/net/ipv4/conf/${file}/proxy_arp echo "1" > /proc/sys/net/ipv4/conf/${file}/forwarding done; echo "1" > /proc/sys/net/ipv4/ip_forward
Daniel-Constantin Mierla wrote:
On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
Daniel,
Thank you for your reply. Let me briefly explain what i am trying to achieve over here.
_____ eth0 _____ eth1 ______ |_____|------|_____|--------|______| Internet Server1 Server2 2 NIC's 1 NIC (Public IP)
I show above a sketch of the desired setup.
Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed. Server2 - Runs Asterisk. It must be assigned a Public IP.
I need to use rtpproxy to intercept data being sent to Server 2, process them and let them continue along their original path. Are there any references you can point me to, that show how to use rtpproxy to achieve this bridging? Does the connection between eth1 of Server1 and eth0 of Server2 have to made using a crossover cable ?
probably your diagram is not displayed properly by the email client, since I do not really get what you wanted to draw.
However, in the kamailio server, if you have two network interfaces, run kamailio to listen on both and rtpproxy in bridging mode between them. Then rtpproxy will get packets coming on eth0 and send onver eth1 and viceversa. I gave you the path in the source three where you find an example to start with (in my previous email).
Cheers, Daniel
Daniel-Constantin Mierla wrote:
Hello,
On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
Hello All,
I am trying to setup a test scenario, where i have Kamailio and rtpproxy running on one CentOS box (Server1) and i have Asterisk running on another CentOS box (Server2). Server1 has 2 NIC's eth0 and eth1 that are both assigned Public IP's. There is a transparent bridge br0 connecting eth0 and eth1 which also has its own Public IP. Finally eth0 on Server2 also has a Public IP.
Server2 must be assigned a Public IP.
My goal is to modify rtpproxy so that i can intercept packets traveling to Server2, process them and let them resume along their original path. I would like to know if there is another way of setting this up so that i dont use as many Public IP's ? Do any of you see a problem with this setup, things that may not work eventually, or any other concerns ?
rtpproxy can do bridging of two interfaces -- see the example cfg:
modules/nathelper/examples/alg.cfg
Cheers, Daniel
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
Hello,
I haven't used such scenario so far and not a big linux network routing expert here, so the command you use for bridging do not help me too much.
When I need to bridge two network then I use rtpproxy in bridging mode, like the example I pointed in a previous email, and all run fine.
Cheers, Daniel
On 12/22/09 10:40 PM, Vikram Ragukumar wrote:
Daniel,
Please find below a corrected Dataflow diagram.
|SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)|
| |Public IP---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | -|----|----------- | | | | | | | | | | | -|-------- | | | | | |Decryption| ^ ^ | | | -|-------- | | | | v v port 5060 | | | | | -|------ | | | | | |Kamailio|--->- | | | | -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 |
Thanks and Regards, Vikram.
Vikram Ragukumar wrote:
Daniel,
Thanks once again for your reply. I present below a more detailed system description. The first ASCII sketch depicts the setup we have in our lab here and the second ASCII sketch depicts the dataflow we are working towards.
System setup:
| Internet |
| |------|------------------------ | | CentOS v5.4 | | ---|---- -------- | | | NIC1 |<------>| NIC2 | | <- Server 1 | | eth0 | bridge | eth1 | | | -------- ----|--- | | Rtpproxy,Kamailio | | -------------------------|----- | |<- Cross over cable | ----------- |CentOS v5.4| | Asterisk | <- Server 2 -----------
Dataflow:
|SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)|
| |Public IP---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | --|--------------- | | | | v | | | | --|------- | | | ||Decryption| ^ ^ | | -|------|-- | | | | | v port 5060| | | | | ---|---- | | | | | |Kamailio|--->- | | | v -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 |
Questions:
- Is it common practice to implement "Decryption" and "srtp" as
shown in the dataflow diagram? If not, what is a more appropriate place to implement them ? 2) Once deployed, will such as system be capable of handling several hundreds or thousands of calls ?
Wish you all a Merry Christmas and a Happy New Year.
Thanks and Regards, Vikram.
PS : Here is the script used to setup the bridge between eth0 and eth1
brctl addbr br0 brctl stp br0 on brctl addif br0 eth0 brctl addif br0 eth1 ifdown eth0 1>/dev/null 2>&1 ifdown eth1 1>/dev/null 2>&1 ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 64.221.148.221 netmask 255.255.255.224 up route add default gw 64.221.148.220 for file in br0 eth0 eth1 do echo "1" > /proc/sys/net/ipv4/conf/${file}/proxy_arp echo "1" > /proc/sys/net/ipv4/conf/${file}/forwarding done; echo "1" > /proc/sys/net/ipv4/ip_forward
Daniel-Constantin Mierla wrote:
On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
Daniel,
Thank you for your reply. Let me briefly explain what i am trying to achieve over here.
_____ eth0 _____ eth1 ______ |_____|------|_____|--------|______| Internet Server1 Server2 2 NIC's 1 NIC (Public IP)
I show above a sketch of the desired setup.
Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed. Server2 - Runs Asterisk. It must be assigned a Public IP.
I need to use rtpproxy to intercept data being sent to Server 2, process them and let them continue along their original path. Are there any references you can point me to, that show how to use rtpproxy to achieve this bridging? Does the connection between eth1 of Server1 and eth0 of Server2 have to made using a crossover cable ?
probably your diagram is not displayed properly by the email client, since I do not really get what you wanted to draw.
However, in the kamailio server, if you have two network interfaces, run kamailio to listen on both and rtpproxy in bridging mode between them. Then rtpproxy will get packets coming on eth0 and send onver eth1 and viceversa. I gave you the path in the source three where you find an example to start with (in my previous email).
Cheers, Daniel
Daniel-Constantin Mierla wrote:
Hello,
On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
Hello All,
I am trying to setup a test scenario, where i have Kamailio and rtpproxy running on one CentOS box (Server1) and i have Asterisk running on another CentOS box (Server2). Server1 has 2 NIC's eth0 and eth1 that are both assigned Public IP's. There is a transparent bridge br0 connecting eth0 and eth1 which also has its own Public IP. Finally eth0 on Server2 also has a Public IP.
Server2 must be assigned a Public IP.
My goal is to modify rtpproxy so that i can intercept packets traveling to Server2, process them and let them resume along their original path. I would like to know if there is another way of setting this up so that i dont use as many Public IP's ? Do any of you see a problem with this setup, things that may not work eventually, or any other concerns ?
rtpproxy can do bridging of two interfaces -- see the example cfg:
modules/nathelper/examples/alg.cfg
Cheers, Daniel
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
Daniel-
I haven't used such scenario so far and not a big linux network routing expert here, so the command you use for bridging do not help me too much.
When I need to bridge two network then I use rtpproxy in bridging mode, like the example I pointed in a previous email, and all run fine.
Thanks for your reply Daniel. Our concern with using rtpproxy for bridging is that we may end up with less call capacity. We don't want to touch in user space packets that don't need decryption and transcoding -- we want to let them through to the other network using Linux bridging and the 2 NICs.
-Jeff
On 12/22/09 10:40 PM, Vikram Ragukumar wrote:
Daniel,
Please find below a corrected Dataflow diagram.
|SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)|
| |Public IP---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | -|----|----------- | | | | | | | | | | | -|-------- | | | | | |Decryption| ^ ^ | | | -|-------- | | | | v v port 5060 | | | | | -|------ | | | | | |Kamailio|--->- | | | | -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 |
Thanks and Regards, Vikram.
Vikram Ragukumar wrote:
Daniel,
Thanks once again for your reply. I present below a more detailed system description. The first ASCII sketch depicts the setup we have in our lab here and the second ASCII sketch depicts the dataflow we are working towards.
System setup:
| Internet |
| |------|------------------------ | | CentOS v5.4 | | ---|---- -------- | | | NIC1 |<------>| NIC2 | | <- Server 1 | | eth0 | bridge | eth1 | | | -------- ----|--- | | Rtpproxy,Kamailio | | -------------------------|----- | |<- Cross over cable | ----------- |CentOS v5.4| | Asterisk | <- Server 2 -----------
Dataflow:
|SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)|
| |Public IP---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | --|--------------- | | | | v | | | | --|------- | | | ||Decryption| ^ ^ | | -|------|-- | | | | | v port 5060| | | | | ---|---- | | | | | |Kamailio|--->- | | | v -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 |
Questions:
- Is it common practice to implement "Decryption" and "srtp" as
shown in the dataflow diagram? If not, what is a more appropriate place to implement them ? 2) Once deployed, will such as system be capable of handling several hundreds or thousands of calls ?
Wish you all a Merry Christmas and a Happy New Year.
Thanks and Regards, Vikram.
PS : Here is the script used to setup the bridge between eth0 and eth1
brctl addbr br0 brctl stp br0 on brctl addif br0 eth0 brctl addif br0 eth1 ifdown eth0 1>/dev/null 2>&1 ifdown eth1 1>/dev/null 2>&1 ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 64.221.148.221 netmask 255.255.255.224 up route add default gw 64.221.148.220 for file in br0 eth0 eth1 do echo "1" > /proc/sys/net/ipv4/conf/${file}/proxy_arp echo "1" > /proc/sys/net/ipv4/conf/${file}/forwarding done; echo "1" > /proc/sys/net/ipv4/ip_forward
Daniel-Constantin Mierla wrote:
On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
Daniel,
Thank you for your reply. Let me briefly explain what i am trying to achieve over here.
_____ eth0 _____ eth1 ______ |_____|------|_____|--------|______| Internet Server1 Server2 2 NIC's 1 NIC (Public IP)
I show above a sketch of the desired setup.
Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed. Server2 - Runs Asterisk. It must be assigned a Public IP.
I need to use rtpproxy to intercept data being sent to Server 2, process them and let them continue along their original path. Are there any references you can point me to, that show how to use rtpproxy to achieve this bridging? Does the connection between eth1 of Server1 and eth0 of Server2 have to made using a crossover cable ?
probably your diagram is not displayed properly by the email client, since I do not really get what you wanted to draw.
However, in the kamailio server, if you have two network interfaces, run kamailio to listen on both and rtpproxy in bridging mode between them. Then rtpproxy will get packets coming on eth0 and send onver eth1 and viceversa. I gave you the path in the source three where you find an example to start with (in my previous email).
Cheers, Daniel
Daniel-Constantin Mierla wrote:
Hello,
On 12/18/09 12:38 AM, Vikram Ragukumar wrote: > Hello All, > > I am trying to setup a test scenario, where i have Kamailio and > rtpproxy running on one CentOS box (Server1) and i have Asterisk > running on another CentOS box (Server2). Server1 has 2 NIC's eth0 > and eth1 that are both assigned Public IP's. There is a > transparent bridge br0 connecting eth0 and eth1 which also has > its own Public IP. Finally eth0 on Server2 also has a Public IP. > > Server2 must be assigned a Public IP. > > My goal is to modify rtpproxy so that i can intercept packets > traveling to Server2, process them and let them resume along > their original path. > I would like to know if there is another way of setting this up > so that i dont use as many Public IP's ? > Do any of you see a problem with this setup, things that may not > work eventually, or any other concerns ? > rtpproxy can do bridging of two interfaces -- see the example cfg:
modules/nathelper/examples/alg.cfg
Cheers, Daniel
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
-- Daniel-Constantin Mierla
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
On 23.12.2009 20:21, Jeff Brower wrote:
Daniel-
I haven't used such scenario so far and not a big linux network routing expert here, so the command you use for bridging do not help me too much.
When I need to bridge two network then I use rtpproxy in bridging mode, like the example I pointed in a previous email, and all run fine.
Thanks for your reply Daniel. Our concern with using rtpproxy for bridging is that we may end up with less call capacity. We don't want to touch in user space packets that don't need decryption and transcoding -- we want to let them through to the other network using Linux bridging and the 2 NICs.
Why using rtpproxy at all for unencrypted calls? Just let them through directly to Asterisk.
IF you do not want RTP directly to Asterisk, but need kernel-based forwarding, you could use mediaproxy2 (kernel-based) for RTP and rtpproxy for SRTP.
klaus
-Jeff
On 12/22/09 10:40 PM, Vikram Ragukumar wrote:
Daniel,
Please find below a corrected Dataflow diagram.
|SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)|
| |Public IP---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | -|----|----------- | | | | | | | | | | | -|-------- | | | | | |Decryption| ^ ^ | | | -|-------- | | | | v v port 5060 | | | | | -|------ | | | | | |Kamailio|--->- | | | | -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 |
Thanks and Regards, Vikram.
Vikram Ragukumar wrote:
Daniel,
Thanks once again for your reply. I present below a more detailed system description. The first ASCII sketch depicts the setup we have in our lab here and the second ASCII sketch depicts the dataflow we are working towards.
System setup:
| Internet |
| |------|------------------------ | | CentOS v5.4 | | ---|---- -------- | | | NIC1 |<------>| NIC2 | |<- Server 1 | | eth0 | bridge | eth1 | | | -------- ----|--- | | Rtpproxy,Kamailio | | -------------------------|----- | |<- Cross over cable | ----------- |CentOS v5.4| | Asterisk |<- Server 2 -----------
Dataflow:
|SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)|
| |Public IP---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | --|--------------- | | | | v | | | | --|------- | | | ||Decryption| ^ ^ | | -|------|-- | | | | | v port 5060| | | | | ---|---- | | | | | |Kamailio|--->- | | | v -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 |
Questions:
- Is it common practice to implement "Decryption" and "srtp" as
shown in the dataflow diagram? If not, what is a more appropriate place to implement them ? 2) Once deployed, will such as system be capable of handling several hundreds or thousands of calls ?
Wish you all a Merry Christmas and a Happy New Year.
Thanks and Regards, Vikram.
PS : Here is the script used to setup the bridge between eth0 and eth1
brctl addbr br0 brctl stp br0 on brctl addif br0 eth0 brctl addif br0 eth1 ifdown eth0 1>/dev/null 2>&1 ifdown eth1 1>/dev/null 2>&1 ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 64.221.148.221 netmask 255.255.255.224 up route add default gw 64.221.148.220 for file in br0 eth0 eth1 do echo "1"> /proc/sys/net/ipv4/conf/${file}/proxy_arp echo "1"> /proc/sys/net/ipv4/conf/${file}/forwarding done; echo "1"> /proc/sys/net/ipv4/ip_forward
Daniel-Constantin Mierla wrote:
On 12/18/09 10:08 PM, Vikram Ragukumar wrote:
Daniel,
Thank you for your reply. Let me briefly explain what i am trying to achieve over here.
_____ eth0 _____ eth1 ______ |_____|------|_____|--------|______| Internet Server1 Server2 2 NIC's 1 NIC (Public IP)
I show above a sketch of the desired setup.
Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed. Server2 - Runs Asterisk. It must be assigned a Public IP.
I need to use rtpproxy to intercept data being sent to Server 2, process them and let them continue along their original path. Are there any references you can point me to, that show how to use rtpproxy to achieve this bridging? Does the connection between eth1 of Server1 and eth0 of Server2 have to made using a crossover cable ?
probably your diagram is not displayed properly by the email client, since I do not really get what you wanted to draw.
However, in the kamailio server, if you have two network interfaces, run kamailio to listen on both and rtpproxy in bridging mode between them. Then rtpproxy will get packets coming on eth0 and send onver eth1 and viceversa. I gave you the path in the source three where you find an example to start with (in my previous email).
Cheers, Daniel
Daniel-Constantin Mierla wrote: > Hello, > > On 12/18/09 12:38 AM, Vikram Ragukumar wrote: >> Hello All, >> >> I am trying to setup a test scenario, where i have Kamailio and >> rtpproxy running on one CentOS box (Server1) and i have Asterisk >> running on another CentOS box (Server2). Server1 has 2 NIC's eth0 >> and eth1 that are both assigned Public IP's. There is a >> transparent bridge br0 connecting eth0 and eth1 which also has >> its own Public IP. Finally eth0 on Server2 also has a Public IP. >> >> Server2 must be assigned a Public IP. >> >> My goal is to modify rtpproxy so that i can intercept packets >> traveling to Server2, process them and let them resume along >> their original path. >> I would like to know if there is another way of setting this up >> so that i dont use as many Public IP's ? >> Do any of you see a problem with this setup, things that may not >> work eventually, or any other concerns ? >> > rtpproxy can do bridging of two interfaces -- see the example cfg: > > modules/nathelper/examples/alg.cfg > > Cheers, > Daniel >
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
-- Daniel-Constantin Mierla
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
Klaus-
On 23.12.2009 20:21, Jeff Brower wrote:
Daniel-
I haven't used such scenario so far and not a big linux network routing expert here, so the command you use for bridging do not help me too much.
When I need to bridge two network then I use rtpproxy in bridging mode, like the example I pointed in a previous email, and all run fine.
Thanks for your reply Daniel. Our concern with using rtpproxy for bridging is that we may end up with less call capacity. We don't want to touch in user space packets that don't need decryption and transcoding -- we want to let them through to the other network using Linux bridging and the 2 NICs.
Why using rtpproxy at all for unencrypted calls? Just let them through directly to Asterisk.
Yes, we're doing that now, using Linux bridging (2 NICs).
IF you do not want RTP directly to Asterisk, but need kernel-based forwarding, you could use mediaproxy2 (kernel-based) for RTP and rtpproxy for SRTP.
Ok thanks for that suggestion. At call capacity increases, we may move encryption and transcoding to an accelerator card... rtpproxy is a good UDP/RTP place to interface with the card.
-Jeff
On 12/22/09 10:40 PM, Vikram Ragukumar wrote:
Daniel,
Please find below a corrected Dataflow diagram.
|SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)|
| |Public IP---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | -|----|----------- | | | | | | | | | | | -|-------- | | | | | |Decryption| ^ ^ | | | -|-------- | | | | v v port 5060 | | | | | -|------ | | | | | |Kamailio|--->- | | | | -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 |
Thanks and Regards, Vikram.
Vikram Ragukumar wrote:
Daniel,
Thanks once again for your reply. I present below a more detailed system description. The first ASCII sketch depicts the setup we have in our lab here and the second ASCII sketch depicts the dataflow we are working towards.
System setup:
| Internet |
| |------|------------------------ | | CentOS v5.4 | | ---|---- -------- | | | NIC1 |<------>| NIC2 | |<- Server 1 | | eth0 | bridge | eth1 | | | -------- ----|--- | | Rtpproxy,Kamailio | | -------------------------|----- | |<- Cross over cable | ----------- |CentOS v5.4| | Asterisk |<- Server 2 -----------
Dataflow:
|SIP Caller's | |Encrypted SIP | |(Port9090) + | |UDP | |(Port10000-20000)|
| |Public IP---|----------------------- | --|---- ------- | Public IP || NIC1 |<------>| NIC2 | | ----------- || eth0 | bridge | eth1 |->-| Asterisk | | --|----- --|--|- | |CentOS v5.4| | v port 9090 | | | | Server 2 | | --|--------------- | | | ----------- ||Libnetfilter_queue|| | | | --|--------------- | | | | v | | | | --|------- | | | ||Decryption| ^ ^ | | -|------|-- | | | | | v port 5060| | | | | ---|---- | | | | | |Kamailio|--->- | | | v -------- | | | | | | | |UDPports | | | -|-- -------- | | ||srtp|->--|rtpproxy|->- | | ---- -------- | | Server 1,CentOS v5.4 |
Questions:
- Is it common practice to implement "Decryption" and "srtp" as
shown in the dataflow diagram? If not, what is a more appropriate place to implement them ? 2) Once deployed, will such as system be capable of handling several hundreds or thousands of calls ?
Wish you all a Merry Christmas and a Happy New Year.
Thanks and Regards, Vikram.
PS : Here is the script used to setup the bridge between eth0 and eth1
brctl addbr br0 brctl stp br0 on brctl addif br0 eth0 brctl addif br0 eth1 ifdown eth0 1>/dev/null 2>&1 ifdown eth1 1>/dev/null 2>&1 ifconfig eth0 0.0.0.0 up ifconfig eth1 0.0.0.0 up ifconfig br0 64.221.148.221 netmask 255.255.255.224 up route add default gw 64.221.148.220 for file in br0 eth0 eth1 do echo "1"> /proc/sys/net/ipv4/conf/${file}/proxy_arp echo "1"> /proc/sys/net/ipv4/conf/${file}/forwarding done; echo "1"> /proc/sys/net/ipv4/ip_forward
Daniel-Constantin Mierla wrote:
On 12/18/09 10:08 PM, Vikram Ragukumar wrote: > Daniel, > > Thank you for your reply. Let me briefly explain what i am trying > to achieve over here. > > _____ eth0 _____ eth1 ______ > |_____|------|_____|--------|______| Internet > Server1 Server2 > 2 NIC's 1 NIC > (Public IP) > > I show above a sketch of the desired setup. > > Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed. > Server2 - Runs Asterisk. It must be assigned a Public IP. > > I need to use rtpproxy to intercept data being sent to Server 2, > process them and let them continue along their original path. Are > there any references you can point me to, that show how to use > rtpproxy to achieve this bridging? Does the connection between eth1 > of Server1 and eth0 of Server2 have to made using a crossover cable ?
probably your diagram is not displayed properly by the email client, since I do not really get what you wanted to draw.
However, in the kamailio server, if you have two network interfaces, run kamailio to listen on both and rtpproxy in bridging mode between them. Then rtpproxy will get packets coming on eth0 and send onver eth1 and viceversa. I gave you the path in the source three where you find an example to start with (in my previous email).
Cheers, Daniel
> > Daniel-Constantin Mierla wrote: >> Hello, >> >> On 12/18/09 12:38 AM, Vikram Ragukumar wrote: >>> Hello All, >>> >>> I am trying to setup a test scenario, where i have Kamailio and >>> rtpproxy running on one CentOS box (Server1) and i have Asterisk >>> running on another CentOS box (Server2). Server1 has 2 NIC's eth0 >>> and eth1 that are both assigned Public IP's. There is a >>> transparent bridge br0 connecting eth0 and eth1 which also has >>> its own Public IP. Finally eth0 on Server2 also has a Public IP. >>> >>> Server2 must be assigned a Public IP. >>> >>> My goal is to modify rtpproxy so that i can intercept packets >>> traveling to Server2, process them and let them resume along >>> their original path. >>> I would like to know if there is another way of setting this up >>> so that i dont use as many Public IP's ? >>> Do any of you see a problem with this setup, things that may not >>> work eventually, or any other concerns ? >>> >> rtpproxy can do bridging of two interfaces -- see the example cfg: >> >> modules/nathelper/examples/alg.cfg >> >> Cheers, >> Daniel
One of the impediments to using mediaproxy2 is that AG does not seem interested in maintaining or supporting long-term fundamental compatibility with Kamailio/SR, as an OpenSIPS partisan. Perhaps I am mistaken on that, but that is the impression that I get.
A good approach is likely to be possible soon in Kamailio 3.x/SR with the use of the kernel-bound RTP proxy that was built into SER,
I do not exactly know how well it works at this point, but seems to me like a better approach if my perception of political difficulties with mediaproxy2 is accurate:
http://www.kamailio.org/docs/modules/3.0.x/modules/iptrtpproxy.html
On 12/24/09 5:14 AM, Alex Balashov wrote:
One of the impediments to using mediaproxy2 is that AG does not seem interested in maintaining or supporting long-term fundamental compatibility with Kamailio/SR, as an OpenSIPS partisan. Perhaps I am mistaken on that, but that is the impression that I get.
A good approach is likely to be possible soon in Kamailio 3.x/SR with the use of the kernel-bound RTP proxy that was built into SER,
I do not exactly know how well it works at this point, but seems to me like a better approach if my perception of political difficulties with mediaproxy2 is accurate:
http://www.kamailio.org/docs/modules/3.0.x/modules/iptrtpproxy.html
AFAIK iptrtpproxy is very stable and deployed on some public voip services. Perhaps the authors can give more feedback (therefore I cc-ed sr-dev). I plan to start using it with Kamailio 3.0.
Along with this, I want to bring in attention another alternative, that opens the service to more media-oriented features (e.g., like in call audio messages): using a light weight media server in back-to-back user agent mode, like SEMS (of course it could be very-stripped-down config of asterisk or freeswitch). Network architecture would be:
[caller] ====== [kamailio] ====== [sems] ====== [kamailio] ====== [callee]
The over-all performances are comparable (when no transcoding happens) with today's cpu power.
Cheers, Daniel
Hi Vikram!
Why do you want to use multiple interfaces on server1 at all? As all servers have public IP I do not see the need for multiple interfaces. Why not make it simple and use:
Clients <------>Server1<------------>Server2 Kamailio+ Asterisk rtpproxy 1 public IP 1 public IP
regards klaus
Vikram Ragukumar wrote:
Daniel,
Thank you for your reply. Let me briefly explain what i am trying to achieve over here.
_____ eth0 _____ eth1 ______ |_____|------|_____|--------|______| Internet Server1 Server2 2 NIC's 1 NIC (Public IP)
I show above a sketch of the desired setup.
Server1 - Runs Kamailio and rtpproxy. It has 2 NIC's installed. Server2 - Runs Asterisk. It must be assigned a Public IP.
I need to use rtpproxy to intercept data being sent to Server 2, process them and let them continue along their original path. Are there any references you can point me to, that show how to use rtpproxy to achieve this bridging? Does the connection between eth1 of Server1 and eth0 of Server2 have to made using a crossover cable ?
Thank you for all your help. Regards, Vikram.
Daniel-Constantin Mierla wrote:
Hello,
On 12/18/09 12:38 AM, Vikram Ragukumar wrote:
Hello All,
I am trying to setup a test scenario, where i have Kamailio and rtpproxy running on one CentOS box (Server1) and i have Asterisk running on another CentOS box (Server2). Server1 has 2 NIC's eth0 and eth1 that are both assigned Public IP's. There is a transparent bridge br0 connecting eth0 and eth1 which also has its own Public IP. Finally eth0 on Server2 also has a Public IP.
Server2 must be assigned a Public IP.
My goal is to modify rtpproxy so that i can intercept packets traveling to Server2, process them and let them resume along their original path. I would like to know if there is another way of setting this up so that i dont use as many Public IP's ? Do any of you see a problem with this setup, things that may not work eventually, or any other concerns ?
rtpproxy can do bridging of two interfaces -- see the example cfg:
modules/nathelper/examples/alg.cfg
Cheers, Daniel
Kamailio (OpenSER) - Users mailing list Users@lists.kamailio.org http://lists.kamailio.org/cgi-bin/mailman/listinfo/users http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
-
Alex Balashov -
Daniel-Constantin Mierla -
Jeff Brower -
Klaus Darilion -
Vikram Ragukumar