17 Oct
2004
17 Oct
'04
10:34 a.m.
when my phone sends the following REGISTER (from port 2084) to ser
(0.8.14-2), ser will rewrite the contact before storing it into the
location databases and ends up with
"sip:195.47.254.134:2084;transport=udp;line=q67m1xq1". this is bad since
the phone is not listening on port 2084 at all and INVITEs will not work.
as I understand, the rport is only significant per transaction and should
not be applied to further signaling with the peer (such as INVITEs).
jakob
-- cut --
REGISTER sip:schlxter.se SIP/2.0
Via: SIP/2.0/TCP 195.47.254.134:5060;branch=z9hG4bK-n7jet4bj5ltt;rport
From: "Jakob Schlyter" <sip:jakob@schlxter.se>;tag=anzeb3vn51
To: "Jakob Schlyter" <sip:jakob@schlxter.se>
Call-ID: 3c267007dbba-qq34p593v107@195-47-254-134
CSeq: 1 REGISTER
Max-Forwards: 70
Contact: <sip:jakob@195.47.254.134:5060;transport=udp;line=q67m1xq1>;q=0.0
User-Agent: snom190-3.52
P-NAT-Refresh: 15
Supported: gruu
Allow-Events: dialog
X-Real-IP: 195.47.254.134
Expires: 600
Content-Length: 0
-- cut --
17 Oct
17 Oct
2:06 p.m.
This is necessary for phones behind NAT. They often put IP and port
which is not accessible from the public internet -- the phone is
typically reachable only through the NAT-binding that was created during
the registration process, that's the reason why SER rewrites the contact
with the IP and port assigned by the NAT device.
You can fine-tune this behaviour in the configuration file. SER will
rewrite the Contact header field only if it detects that the phone is
behind NAT (either src IP and IP in via do not match or there is a
RFC1918-style IP address).
Jan.
On 17-10 10:34, Jakob Schlyter wrote:
when my phone sends the following REGISTER (from port
2084) to ser
(0.8.14-2), ser will rewrite the contact before storing it into the
location databases and ends up with
"sip:195.47.254.134:2084;transport=udp;line=q67m1xq1". this is bad since
the phone is not listening on port 2084 at all and INVITEs will not work.
as I understand, the rport is only significant per transaction and should
not be applied to further signaling with the peer (such as INVITEs).
jakob
-- cut --
REGISTER sip:schlxter.se SIP/2.0
Via: SIP/2.0/TCP 195.47.254.134:5060;branch=z9hG4bK-n7jet4bj5ltt;rport
From: "Jakob Schlyter" <sip:jakob@schlxter.se>;tag=anzeb3vn51
To: "Jakob Schlyter" <sip:jakob@schlxter.se>
Call-ID: 3c267007dbba-qq34p593v107@195-47-254-134
CSeq: 1 REGISTER
Max-Forwards: 70
Contact: <sip:jakob@195.47.254.134:5060;transport=udp;line=q67m1xq1>;q=0.0
User-Agent: snom190-3.52
P-NAT-Refresh: 15
Supported: gruu
Allow-Events: dialog
X-Real-IP: 195.47.254.134
Expires: 600
Content-Length: 0
-- cut --
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
4:27 p.m.
On Sun, 17 Oct 2004, Jan Janak wrote:
This is necessary for phones behind NAT. They often
put IP and port
which is not accessible from the public internet -- the phone is
typically reachable only through the NAT-binding that was created during
the registration process, that's the reason why SER rewrites the contact
with the IP and port assigned by the NAT device.
according to rfc 3581, rport is specified per transaction. I understand
that this magic might be useful sometimes, but in this case it actually
breaks stuff since the phone doesn't receive a response on this port after
the transacation has ended.
You can fine-tune this behaviour in the configuration
file. SER will
rewrite the Contact header field only if it detects that the phone is
behind NAT (either src IP and IP in via do not match or there is a
RFC1918-style IP address).
so why did it rewrite the contact header? the via and the contact was the
same and no addresses used was rfc1918. can this feature be turned off?
when reading the docs, one might get the impression that this is what
fix_contact() is used for but it seems (from your description above) it is
performed anyway.
jakob
4:34 p.m.
On 17-10 16:27, Jakob Schlyter wrote:
Then you probably have an error in your configuration file.
fix_nated_contact should be only called when one of the conditions
above is true.
On Sun, 17 Oct 2004, Jan Janak wrote:
Do you know any other way how to get INVITE messages to the phones
behind NAT without port forwarding or similar magic ? If so please
share it with me.
This is necessary for phones behind NAT. They
often put IP and port
which is not accessible from the public internet -- the phone is
typically reachable only through the NAT-binding that was created during
the registration process, that's the reason why SER rewrites the contact
with the IP and port assigned by the NAT device.
according to rfc 3581, rport is specified per transaction. I understand
that this magic might be useful sometimes, but in this case it actually
breaks stuff since the phone doesn't receive a response on this port after
the transacation has ended. You can
fine-tune this behaviour in the configuration file. SER will
rewrite the Contact header field only if it detects that the phone is
behind NAT (either src IP and IP in via do not match or there is a
RFC1918-style IP address).
so why did it rewrite the contact header? the via and the contact was the
same and no addresses used was rfc1918. can this feature be turned off? when reading the docs, one might get the impression
that this is what
fix_contact() is used for but it seems (from your description above) it is
performed anyway.
No, this is what fix_nated_contact does. Contact will not be rewritten
unless you call that function.
Jan.
5:37 p.m.
Here is a snippet of the configuration file:
# Special handling for NATed clients; first, NAT test is
# executed: it looks for via!=received and RFC1918 addresses
# in Contact (may fail if line-folding is used); also,
# the received test should, if completed, should check all
# vias for rpesence of received
if (nat_uac_test("3")) {
# Allow RR-ed requests, as these may indicate that
# a NAT-enabled proxy takes care of it; unless it is
# a REGISTER
if (method == "REGISTER" || ! search("^Record-Route:")) {
log("LOG: Someone trying to register from private IP, rewriting\n");
# This will work only for user agents that support symmetric
# communication. We tested quite many of them and majority is
# smart enough to be symmetric. In some phones it takes a configuration
# option. With Cisco 7960, it is called NAT_Enable=Yes, with kphone it is
# called "symmetric media" and "symmetric signalling".
fix_nated_contact(); # Rewrite contact with source IP of signalling
if (method == "INVITE") {
fix_nated_sdp("1"); # Add direction=active to SDP
};
force_rport(); # Add rport parameter to topmost Via
setflag(6); # Mark as NATed
};
};
The snippet applies fix_nated_contact only if nat_uac_test returns true.
The parameter 3 tells nat_uac_test to do both -- RFC198 and via!=src IP
tests.
Jan.
On 17-10 16:34, Jan Janak wrote:
On 17-10 16:27, Jakob Schlyter wrote:
Then you probably have an error in your configuration file.
fix_nated_contact should be only called when one of the conditions
above is true.
On Sun, 17 Oct 2004, Jan Janak wrote:
Do you know any other way how to get INVITE messages to the phones
behind NAT without port forwarding or similar magic ? If so please
share it with me.
This is necessary for phones behind NAT. They
often put IP and port
which is not accessible from the public internet -- the phone is
typically reachable only through the NAT-binding that was created during
the registration process, that's the reason why SER rewrites the contact
with the IP and port assigned by the NAT device.
according to rfc 3581, rport is specified per transaction. I understand
that this magic might be useful sometimes, but in this case it actually
breaks stuff since the phone doesn't receive a response on this port after
the transacation has ended. You can
fine-tune this behaviour in the configuration file. SER will
rewrite the Contact header field only if it detects that the phone is
behind NAT (either src IP and IP in via do not match or there is a
RFC1918-style IP address).
so why did it rewrite the contact header? the via and the contact was the
same and no addresses used was rfc1918. can this feature be turned off? when reading the docs, one might get the
impression that this is what
fix_contact() is used for but it seems (from your description above) it is
performed anyway.
No, this is what fix_nated_contact does. Contact will not be rewritten
unless you call that function.
Jan.
_______________________________________________
Serusers mailing list
serusers(a)lists.iptel.org
http://lists.iptel.org/mailman/listinfo/serusers
6:05 p.m.
On Sun, 17 Oct 2004, Jan Janak wrote:
Then you probably have an error in your configuration
file.
fix_nated_contact should be only called when one of the conditions
above is true.
fix_nated_contact was not called, BUT it seems that the UA (snom) doesn't
send what it logged in the debug ui, the ports was changed upon transmit.
will look into this further with snom and report back to the list - sorry
for the confusion.
No, this is what fix_nated_contact does. Contact will
not be rewritten
unless you call that function.
good, this is what I expected - very confusing when things change in the
location db without any NAT tweeks on my side (I have no NAT support in my
ser configuration file).
jakob
7351
days inactive
7351
days old
5 comments
2 participants
participants (2)
-
Jakob Schlyter -
Jan Janak