Hi All,
I'm building a video conference system with the kamailio and the video AS. The network is as below:
UAC(behind NAT) ------ kamailio(public IP) ------ AS (public IP)
I have setup the basic kamailio and the SIP signaling can reach the AS and the call can be established. Now the time to setup the NAT traveral since the UACs are behind the NAT.
Since it's video scenario, I don't want the kamailio as the RTPproxy so try to use the NAT_Traversal module.
From the module doc, NAT_Traversal needs the Dialog module as well. Have no idea on how to load these two modules and the route config required although have readed the module docs. Wondering if someone can help on the config for this scenario?
All call with $rU=="0216666" is forwarded to the video AS as the route[CONF].
Thanks in advance!
Thanks,
Kevin
Below is the current config of the kamailio server:
==============CFG=============
AppSer01:root@/usr/local/kamailio-3.0/etc/kamailio$ cat kamailio.cfg #!KAMAILIO #!define WITH_DEBUG #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_USRLOCDB # $Id$ # # Kamailio (OpenSER) SIP Server v3.0 - basic configuration script # - web: http://www.kamailio.org # - git: http://sip-router.org # # Direct your questions about this file to: users@lists.kamailio.org # # Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php # for an explanation of possible statements, functions and parameters. # # Several features can be enabled using '#!define WITH_FEATURE' directives: # # *** To run in debug mode: # - define WITH_DEBUG # # *** To enable mysql: # - define WITH_MYSQL # # *** To enable authentication execute: # - enable mysql # - define WITH_AUTH # - add users using 'kamctl' # # *** To enable persistent user location execute: # - enable mysql # - define WITH_USRLOCDB # # *** To enable presence server execute: # - enable mysql # - define WITH_PRESENCE # # *** To enable nat traversal execute: # - define WITH_NAT # - install RTPProxy: http://www.rtpproxy.org # - start RTPProxy: # rtpproxy -l _your_public_ip_ -s udp:localhost:7722 # # *** To enable PSTN gateway routing execute: # - define WITH_PSTN # - set the value of pstn.gw_ip # - check route[PSTN] for regexp routing condition # # *** To enhance accounting execute: # - enable mysql # - define WITH_ACCDB # - add following columns to database #!ifdef ACCDB_COMMENT ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; #!endif
####### Global Parameters #########
#!ifdef WITH_DEBUG debug=4 log_stderror=no #!else debug=2 log_stderror=no #!endif
memdbg=5 memlog=5
log_facility=LOG_LOCAL0
fork=yes children=4
/* uncomment the next line to disable TCP (default on) */ #disable_tcp=yes
/* uncomment the next line to disable the auto discovery of local aliases based on revers DNS on IPs (default on) */ #auto_aliases=no
port=5060
/* uncomment and configure the following line if you want Kamailio to bind on a specific interface/port/proto (default bind on all available) */ listen=udp:210.13.124.15:5060
####### Custom Parameters #########
# These parameters can be modified runtime via RPC interface # - see the documentation of 'cfg_rpc' module. # # Format: group.id = value 'desc' description # Access: $sel(cfg_get.group.id) or @cfg_get.group.id #
#!ifdef WITH_PSTN # PSTN GW Routing # # - pstn.gw_ip: valid IP or hostname as string value, example: # pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address" # # - by default is empty to avoid misrouting pstn.gw_ip = "" desc "PSTN GW Address" #!endif
####### Modules Section ########
#set module path mpath="/usr/local/kamailio-3.0/lib/kamailio/modules_k/:/usr/local/kamailio-3.0/lib/kamailio/modules/"
/* uncomment next line for MySQL DB support */ #!ifdef WITH_MYSQL loadmodule "db_mysql.so" #!endif loadmodule "mi_fifo.so" loadmodule "kex.so" loadmodule "tm.so" loadmodule "tmx.so" loadmodule "sl.so" loadmodule "rr.so" loadmodule "pv.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "uri_db.so" loadmodule "siputils.so" loadmodule "xlog.so" loadmodule "sanity.so" loadmodule "ctl.so" loadmodule "mi_rpc.so" loadmodule "acc.so" #!ifdef WITH_AUTH loadmodule "auth.so" loadmodule "auth_db.so" #!endif /* uncomment next line for aliases support NOTE: a DB (like db_mysql) module must be also loaded */ #loadmodule "alias_db.so" /* uncomment next line for multi-domain support NOTE: a DB (like db_mysql) module must be also loaded NOTE: be sure and enable multi-domain support in all used modules (see "multi-module params" section ) */ #loadmodule "domain.so" #!ifdef WITH_PRESENCE loadmodule "presence.so" loadmodule "presence_xml.so" #!endif
#!ifdef WITH_NAT loadmodule "nathelper.so" #!endif
# ----------------- setting module-specific parameters ---------------
# ----- mi_fifo params ----- modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
# ----- rr params ----- # add value to ;lr param to cope with most of the UAs modparam("rr", "enable_full_lr", 1) # do not append from tag to the RR (no need for this script) modparam("rr", "append_fromtag", 0)
# ----- rr params ----- modparam("registrar", "method_filtering", 1) /* uncomment the next line to disable parallel forking via location */ # modparam("registrar", "append_branches", 0) /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10)
# ----- uri_db params ----- /* by default we disable the DB support in the module as we do not need it in this configuration */ modparam("uri_db", "use_uri_table", 0) modparam("uri_db", "db_url", "")
# ----- acc params ----- /* what sepcial events should be accounted ? */ modparam("acc", "early_media", 1) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) /* by default ww do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) /* account triggers (flags) */ modparam("acc", "failed_transaction_flag", 3) modparam("acc", "log_flag", 1) modparam("acc", "log_missed_flag", 2) modparam("acc", "log_extra", "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") /* enhanced DB accounting */ #!ifdef WITH_ACCDB modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 2) modparam("acc", "db_url", "mysql://openser:openK2mrw23@localhost/openser") modparam("acc", "db_extra", "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") #!endif
# ----- usrloc params ----- /* enable DB persistency for location entries */ #!ifdef WITH_USRLOCDB modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://openser:openK2mrw23@localhost/openser") #!endif
# ----- auth_db params ----- /* enable the DB based authentication */ #!ifdef WITH_AUTH modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "db_url", "mysql://openser:openK2mrw23@localhost/openser") modparam("auth_db", "load_credentials", "") #!endif
# ----- alias_db params ----- /* uncomment the following lines if you want to enable the DB based aliases */ #modparam("alias_db", "db_url", # "mysql://openser:openK2mrw23@localhost/openser")
# ----- domain params ----- /* uncomment the following lines to enable multi-domain detection support */ #modparam("domain", "db_url", # "mysql://openser:openK2mrw23@localhost/openser") #modparam("domain", "db_mode", 1) # Use caching
# ----- multi-module params ----- /* uncomment the following line if you want to enable multi-domain support in the modules (dafault off) */ #modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)
# ----- presence params ----- /* enable presence server support */ #!ifdef WITH_PRESENCE modparam("presence|presence_xml", "db_url", "mysql://openser:openK2mrw23@localhost/openser") modparam("presence_xml", "force_active", 1) modparam("presence", "server_address", "sip:10.0.0.10:5060") #!endif
# ----- nathelper ----- #!ifdef WITH_NAT modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722") modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org") modparam("registrar|nathelper", "received_avp", "$avp(i:80)") modparam("usrloc", "nat_bflag", 6) #!endif
####### Routing Logic ########
# main request routing logic
route{
if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; }
if(!sanity_check("1511", "7")) { xlog("Malformed SIP message from $si:$sp\n"); exit; }
# NAT detection route(NAT);
if (has_totag()) { # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { if (is_method("BYE")) { setflag(1); # do accounting ... setflag(3); # ... even if the transaction fails } route(RELAY); } else { if (is_method("SUBSCRIBE") && uri == myself) { # in-dialog subscribe requests route(PRESENCE); exit; } if ( is_method("ACK") ) { if ( t_check_trans() ) { # non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction ... ignore and discard.\n"); exit; } } sl_send_reply("404","Not here"); } exit; }
#initial requests
# CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) t_relay(); exit; }
t_check_trans();
# authentication route(AUTH);
# record routing for dialog forming requests (in case they are routed) # - remove preloaded route headers remove_hf("Route"); if (is_method("INVITE|SUBSCRIBE")) record_route();
# account only INVITEs if (is_method("INVITE")) { setflag(1); # do accounting } if (!uri==myself) /* replace with following line if multi-domain support is used */ ##if (!is_uri_host_local()) { append_hf("P-hint: outbound\r\n"); route(RELAY); }
# requests for my domain
if( is_method("PUBLISH|SUBSCRIBE")) route(PRESENCE);
if (is_method("REGISTER")) { if(isflagset(5)) { setbflag("6"); # uncomment next line to do SIP NAT pinging ## setbflag("7"); } if (!save("location")) sl_reply_error();
exit; }
if ($rU==$null) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; }
route(PSTN);
route(CONF);
# apply DB based aliases (uncomment to enable) ##alias_db_lookup("dbaliases");
if (!lookup("location")) { switch ($rc) { case -1: case -3: t_newtran(); t_reply("404", "Not Found"); exit; case -2: sl_send_reply("405", "Method Not Allowed"); exit; } }
# when routing via usrloc, log the missed calls also setflag(2);
route(RELAY); }
route[RELAY] { #!ifdef WITH_NAT if (check_route_param("nat=yes")) { setbflag("6"); } if (isflagset(5) || isbflagset("6")) { route(RTPPROXY); } #!endif
/* example how to enable some additional event routes */ if (is_method("INVITE")) { #t_on_branch("BRANCH_ONE"); t_on_reply("REPLY_ONE"); t_on_failure("FAIL_ONE"); }
if (!t_relay()) { sl_reply_error(); } exit; }
# Presence server route route[PRESENCE] { #!ifdef WITH_PRESENCE if (!t_newtran()) { sl_reply_error(); exit; };
if(is_method("PUBLISH")) { handle_publish(); t_release(); } else if( is_method("SUBSCRIBE")) { handle_subscribe(); t_release(); } exit; #!endif
# if presence enabled, this part will not be executed if (is_method("PUBLISH") || $rU==$null) { sl_send_reply("404", "Not here"); exit; } return; }
# Authentication route route[AUTH] { #!ifdef WITH_AUTH if (is_method("REGISTER")) { # authenticate the REGISTER requests (uncomment to enable auth) if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; }
if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } } else { # authenticate if from local subscriber (uncomment to enable auth) if (from_uri==myself) { if (!proxy_authorize("", "subscriber")) { proxy_challenge("", "0"); exit; } if (is_method("PUBLISH")) { if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } } else { if ($au!=$fU) { sl_send_reply("403","Forbidden auth ID"); exit; } }
consume_credentials(); # caller authenticated } } #!endif return; }
# Caller NAT detection route route[NAT]{ #!ifdef WITH_NAT force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); } setflag(5); } #!endif return; }
# RTPProxy control route[RTPPROXY] { #!ifdef WITH_NAT if (is_method("BYE")) { unforce_rtp_proxy(); } else if (is_method("INVITE")){ force_rtp_proxy(); } if (!has_totag()) add_rr_param(";nat=yes"); #!endif return; }
# PSTN GW routing route[PSTN] { #!ifdef WITH_PSTN # check if PSTN GW IP is defined if (strempty($sel(cfg_get.pstn.gw_ip))) { xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n"); return; }
# route to PSTN dialed numbers starting with '+' or '00' # (international format) # - update the condition to match your dialing rules for PSTN routing if(!($rU=~"^(+|00)[1-9][0-9]{3,20}$")) return;
# only local users allowed to call if(from_uri!=myself) { sl_send_reply("403", "Not Allowed"); exit; }
$ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip);
route(RELAY); exit; #!endif
return; }
# add by KJ --start route[CONF] { if(is_method("INVITE") && $rU=="0216666") { rewritehostport("210.x.y.z:5060"); } route(RELAY); exit; }
# add by KJ --end
# Sample branch router branch_route[BRANCH_ONE] { xdbg("new branch at $ru\n"); }
# Sample onreply route onreply_route[REPLY_ONE] { xdbg("incoming reply\n"); #!ifdef WITH_NAT if ((isflagset(5) || isbflagset("6")) && status=~"(183)|(2[0-9][0-9])") { force_rtp_proxy(); } if (isbflagset("6")) { fix_nated_contact(); } #!endif }
# Sample failure route failure_route[FAIL_ONE] { #!ifdef WITH_NAT if (is_method("INVITE") && (isbflagset("6") || isflagset(5))) { unforce_rtp_proxy(); } #!endif
if (t_is_canceled()) { exit; }
# uncomment the following lines if you want to block client # redirect based on 3xx replies. ##if (t_check_status("3[0-9][0-9]")) { ##t_reply("404","Not found"); ## exit; ##}
# uncomment the following lines if you want to redirect the failed # calls to a different new destination ##if (t_check_status("486|408")) { ## sethostport("192.168.2.100:5060"); ## append_branch(); ## # do not set the missed call flag again ## t_relay(); ##} } AppSer01:root@/usr/local/kamailio-3.0/etc/kamailio$
_________________________________________________________________ MSN十年回馈,每位用户可免费获得价值25元的卡巴斯基反病毒软件2010激活码,快来领取! http://kaba.msn.com.cn/?k=1
Everything you want to do is possible with the default configuration.
Just enable all configuration parts with "fix_nated_contact" and fix_nated_register". This will enable NAT traversal for SIP. Depeing if you want to relay media or not just enable/disable the "force_rtpproxy" calls.
regards
klaus
Am 12.06.2010 04:58, schrieb JinKevin:
Hi All,
I'm building a video conference system with the kamailio and the video AS. The network is as below:
UAC(behind NAT) ------ kamailio(public IP) ------ AS (public IP)
I have setup the basic kamailio and the SIP signaling can reach the AS and the call can be established. Now the time to setup the NAT traveral since the UACs are behind the NAT.
Since it's video scenario, I don't want the kamailio as the RTPproxy so try to use the NAT_Traversal module.
From the module doc, NAT_Traversal needs the Dialog module as well. Have no idea on how to load these two modules and the route config required although have readed the module docs. Wondering if someone can help on the config for this scenario?
All call with $rU=="0216666" is forwarded to the video AS as the route[CONF].
Thanks in advance!
Thanks, Kevin
Below is the current config of the kamailio server:
==============CFG============= AppSer01:root@/usr/local/kamailio-3.0/etc/kamailio$ cat kamailio.cfg #!KAMAILIO #!define WITH_DEBUG #!define WITH_MYSQL #!define WITH_AUTH #!define WITH_USRLOCDB # $Id$ # # Kamailio (OpenSER) SIP Server v3.0 - basic configuration script # - web: http://www.kamailio.org # - git: http://sip-router.org # # Direct your questions about this file to: <users@lists.kamailio.org mailto:users@lists.kamailio.org> # # Refer to the Core CookBook at http://www.kamailio.org/dokuwiki/doku.php # for an explanation of possible statements, functions and parameters. # # Several features can be enabled using '#!define WITH_FEATURE' directives: # # *** To run in debug mode: # - define WITH_DEBUG # # *** To enable mysql: # - define WITH_MYSQL # # *** To enable authentication execute: # - enable mysql # - define WITH_AUTH # - add users using 'kamctl' # # *** To enable persistent user location execute: # - enable mysql # - define WITH_USRLOCDB # # *** To enable presence server execute: # - enable mysql # - define WITH_PRESENCE # # *** To enable nat traversal execute: # - define WITH_NAT # - install RTPProxy: http://www.rtpproxy.org # - start RTPProxy: # rtpproxy -l _your_public_ip_ -s udp:localhost:7722 # # *** To enable PSTN gateway routing execute: # - define WITH_PSTN # - set the value of pstn.gw_ip # - check route[PSTN] for regexp routing condition # # *** To enhance accounting execute: # - enable mysql # - define WITH_ACCDB # - add following columns to database #!ifdef ACCDB_COMMENT ALTER TABLE acc ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE acc ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; ALTER TABLE acc ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE acc ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE acc ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN src_user VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN src_domain VARCHAR(128) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN dst_ouser VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN dst_user VARCHAR(64) NOT NULL DEFAULT ''; ALTER TABLE missed_calls ADD COLUMN dst_domain VARCHAR(128) NOT NULL DEFAULT ''; #!endif
####### Global Parameters ######### #!ifdef WITH_DEBUG debug=4 log_stderror=no #!else debug=2 log_stderror=no #!endif memdbg=5 memlog=5 log_facility=LOG_LOCAL0 fork=yes children=4 /* uncomment the next line to disable TCP (default on) */ #disable_tcp=yes /* uncomment the next line to disable the auto discovery of local aliases based on revers DNS on IPs (default on) */ #auto_aliases=no port=5060 /* uncomment and configure the following line if you want Kamailio to bind on a specific interface/port/proto (default bind on all available) */ listen=udp:210.13.124.15:5060
####### Custom Parameters ######### # These parameters can be modified runtime via RPC interface # - see the documentation of 'cfg_rpc' module. # # Format: group.id = value 'desc' description # Access: $sel(cfg_get.group.id) or @cfg_get.group.id # #!ifdef WITH_PSTN # PSTN GW Routing # # - pstn.gw_ip: valid IP or hostname as string value, example: # pstn.gw_ip = "10.0.0.101" desc "My PSTN GW Address" # # - by default is empty to avoid misrouting pstn.gw_ip = "" desc "PSTN GW Address" #!endif
####### Modules Section ######## #set module path mpath="/usr/local/kamailio-3.0/lib/kamailio/modules_k/:/usr/local/kamailio-3.0/lib/kamailio/modules/" /* uncomment next line for MySQL DB support */ #!ifdef WITH_MYSQL loadmodule "db_mysql.so" #!endif loadmodule "mi_fifo.so" loadmodule "kex.so" loadmodule "tm.so" loadmodule "tmx.so" loadmodule "sl.so" loadmodule "rr.so" loadmodule "pv.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "uri_db.so" loadmodule "siputils.so" loadmodule "xlog.so" loadmodule "sanity.so" loadmodule "ctl.so" loadmodule "mi_rpc.so" loadmodule "acc.so" #!ifdef WITH_AUTH loadmodule "auth.so" loadmodule "auth_db.so" #!endif /* uncomment next line for aliases support NOTE: a DB (like db_mysql) module must be also loaded */ #loadmodule "alias_db.so" /* uncomment next line for multi-domain support NOTE: a DB (like db_mysql) module must be also loaded NOTE: be sure and enable multi-domain support in all used modules (see "multi-module params" section ) */ #loadmodule "domain.so" #!ifdef WITH_PRESENCE loadmodule "presence.so" loadmodule "presence_xml.so" #!endif #!ifdef WITH_NAT loadmodule "nathelper.so" #!endif # ----------------- setting module-specific parameters ---------------
# ----- mi_fifo params ----- modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
# ----- rr params ----- # add value to ;lr param to cope with most of the UAs modparam("rr", "enable_full_lr", 1) # do not append from tag to the RR (no need for this script) modparam("rr", "append_fromtag", 0)
# ----- rr params ----- modparam("registrar", "method_filtering", 1) /* uncomment the next line to disable parallel forking via location */ # modparam("registrar", "append_branches", 0) /* uncomment the next line not to allow more than 10 contacts per AOR */ #modparam("registrar", "max_contacts", 10)
# ----- uri_db params ----- /* by default we disable the DB support in the module as we do not need it in this configuration */ modparam("uri_db", "use_uri_table", 0) modparam("uri_db", "db_url", "")
# ----- acc params ----- /* what sepcial events should be accounted ? */ modparam("acc", "early_media", 1) modparam("acc", "report_ack", 1) modparam("acc", "report_cancels", 1) /* by default ww do not adjust the direct of the sequential requests. if you enable this parameter, be sure the enable "append_fromtag" in "rr" module */ modparam("acc", "detect_direction", 0) /* account triggers (flags) */ modparam("acc", "failed_transaction_flag", 3) modparam("acc", "log_flag", 1) modparam("acc", "log_missed_flag", 2) modparam("acc", "log_extra", "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") /* enhanced DB accounting */ #!ifdef WITH_ACCDB modparam("acc", "db_flag", 1) modparam("acc", "db_missed_flag", 2) modparam("acc", "db_url", "mysql://openser:openK2mrw23@localhost/openser") modparam("acc", "db_extra", "src_user=$fU;src_domain=$fd;dst_ouser=$tU;dst_user=$rU;dst_domain=$rd") #!endif # ----- usrloc params ----- /* enable DB persistency for location entries */ #!ifdef WITH_USRLOCDB modparam("usrloc", "db_mode", 2) modparam("usrloc", "db_url", "mysql://openser:openK2mrw23@localhost/openser") #!endif # ----- auth_db params ----- /* enable the DB based authentication */ #!ifdef WITH_AUTH modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password") modparam("auth_db", "db_url", "mysql://openser:openK2mrw23@localhost/openser") modparam("auth_db", "load_credentials", "") #!endif # ----- alias_db params ----- /* uncomment the following lines if you want to enable the DB based aliases */ #modparam("alias_db", "db_url", # "mysql://openser:openK2mrw23@localhost/openser")
# ----- domain params ----- /* uncomment the following lines to enable multi-domain detection support */ #modparam("domain", "db_url", # "mysql://openser:openK2mrw23@localhost/openser") #modparam("domain", "db_mode", 1) # Use caching
# ----- multi-module params ----- /* uncomment the following line if you want to enable multi-domain support in the modules (dafault off) */ #modparam("alias_db|auth_db|usrloc|uri_db", "use_domain", 1)
# ----- presence params ----- /* enable presence server support */ #!ifdef WITH_PRESENCE modparam("presence|presence_xml", "db_url", "mysql://openser:openK2mrw23@localhost/openser") modparam("presence_xml", "force_active", 1) modparam("presence", "server_address", "sip:10.0.0.10:5060") #!endif # ----- nathelper ----- #!ifdef WITH_NAT modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7722") modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 1) modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org") modparam("registrar|nathelper", "received_avp", "$avp(i:80)") modparam("usrloc", "nat_bflag", 6) #!endif ####### Routing Logic ########
# main request routing logic route{ if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; } if(!sanity_check("1511", "7")) { xlog("Malformed SIP message from $si:$sp\n"); exit; } # NAT detection route(NAT); if (has_totag()) { # sequential request withing a dialog should # take the path determined by record-routing if (loose_route()) { if (is_method("BYE")) { setflag(1); # do accounting ... setflag(3); # ... even if the transaction fails } route(RELAY); } else { if (is_method("SUBSCRIBE") && uri == myself) { # in-dialog subscribe requests route(PRESENCE); exit; } if ( is_method("ACK") ) { if ( t_check_trans() ) { # non loose-route, but stateful ACK; must be an ACK after a 487 or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction ... ignore and discard.\n"); exit; } } sl_send_reply("404","Not here"); } exit; } #initial requests # CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) t_relay(); exit; } t_check_trans(); # authentication route(AUTH); # record routing for dialog forming requests (in case they are routed) # - remove preloaded route headers remove_hf("Route"); if (is_method("INVITE|SUBSCRIBE")) record_route(); # account only INVITEs if (is_method("INVITE")) { setflag(1); # do accounting } if (!uri==myself) /* replace with following line if multi-domain support is used */ ##if (!is_uri_host_local()) { append_hf("P-hint: outbound\r\n"); route(RELAY); } # requests for my domain if( is_method("PUBLISH|SUBSCRIBE")) route(PRESENCE); if (is_method("REGISTER")) { if(isflagset(5)) { setbflag("6"); # uncomment next line to do SIP NAT pinging ## setbflag("7"); } if (!save("location")) sl_reply_error(); exit; } if ($rU==$null) { # request with no Username in RURI sl_send_reply("484","Address Incomplete"); exit; } route(PSTN);
route(CONF); # apply DB based aliases (uncomment to enable) ##alias_db_lookup("dbaliases"); if (!lookup("location")) { switch ($rc) { case -1: case -3: t_newtran(); t_reply("404", "Not Found"); exit; case -2: sl_send_reply("405", "Method Not Allowed"); exit; } } # when routing via usrloc, log the missed calls also setflag(2); route(RELAY); }
route[RELAY] { #!ifdef WITH_NAT if (check_route_param("nat=yes")) { setbflag("6"); } if (isflagset(5) || isbflagset("6")) { route(RTPPROXY); } #!endif /* example how to enable some additional event routes */ if (is_method("INVITE")) { #t_on_branch("BRANCH_ONE"); t_on_reply("REPLY_ONE"); t_on_failure("FAIL_ONE"); } if (!t_relay()) { sl_reply_error(); } exit; }
# Presence server route route[PRESENCE] { #!ifdef WITH_PRESENCE if (!t_newtran()) { sl_reply_error(); exit; }; if(is_method("PUBLISH")) { handle_publish(); t_release(); } else if( is_method("SUBSCRIBE")) { handle_subscribe(); t_release(); } exit; #!endif
# if presence enabled, this part will not be executed if (is_method("PUBLISH") || $rU==$null) { sl_send_reply("404", "Not here"); exit; } return; } # Authentication route route[AUTH] { #!ifdef WITH_AUTH if (is_method("REGISTER")) { # authenticate the REGISTER requests (uncomment to enable auth) if (!www_authorize("", "subscriber")) { www_challenge("", "0"); exit; } if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } } else { # authenticate if from local subscriber (uncomment to enable auth) if (from_uri==myself) { if (!proxy_authorize("", "subscriber")) { proxy_challenge("", "0"); exit; } if (is_method("PUBLISH")) { if ($au!=$tU) { sl_send_reply("403","Forbidden auth ID"); exit; } } else { if ($au!=$fU) { sl_send_reply("403","Forbidden auth ID"); exit; } } consume_credentials(); # caller authenticated } } #!endif return; } # Caller NAT detection route route[NAT]{ #!ifdef WITH_NAT force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); } setflag(5); } #!endif return; } # RTPProxy control route[RTPPROXY] { #!ifdef WITH_NAT if (is_method("BYE")) { unforce_rtp_proxy(); } else if (is_method("INVITE")){ force_rtp_proxy(); } if (!has_totag()) add_rr_param(";nat=yes"); #!endif return; } # PSTN GW routing route[PSTN] { #!ifdef WITH_PSTN # check if PSTN GW IP is defined if (strempty($sel(cfg_get.pstn.gw_ip))) { xlog("SCRIPT: PSTN rotuing enabled but pstn.gw_ip not defined\n"); return; } # route to PSTN dialed numbers starting with '+' or '00' # (international format) # - update the condition to match your dialing rules for PSTN routing if(!($rU=~"^(+|00)[1-9][0-9]{3,20}$")) return; # only local users allowed to call if(from_uri!=myself) { sl_send_reply("403", "Not Allowed"); exit; } $ru = "sip:" + $rU + "@" + $sel(cfg_get.pstn.gw_ip); route(RELAY); exit; #!endif return; } # add by KJ --start route[CONF] { if(is_method("INVITE") && $rU=="0216666") { rewritehostport("210.x.y.z:5060"); } route(RELAY); exit; } # add by KJ --end # Sample branch router branch_route[BRANCH_ONE] { xdbg("new branch at $ru\n"); } # Sample onreply route onreply_route[REPLY_ONE] { xdbg("incoming reply\n"); #!ifdef WITH_NAT if ((isflagset(5) || isbflagset("6")) && status=~"(183)|(2[0-9][0-9])") { force_rtp_proxy(); } if (isbflagset("6")) { fix_nated_contact(); } #!endif } # Sample failure route failure_route[FAIL_ONE] { #!ifdef WITH_NAT if (is_method("INVITE") && (isbflagset("6") || isflagset(5))) { unforce_rtp_proxy(); } #!endif if (t_is_canceled()) { exit; } # uncomment the following lines if you want to block client # redirect based on 3xx replies. ##if (t_check_status("3[0-9][0-9]")) { ##t_reply("404","Not found"); ## exit; ##} # uncomment the following lines if you want to redirect the failed # calls to a different new destination ##if (t_check_status("486|408")) { ## sethostport("192.168.2.100:5060"); ## append_branch(); ## # do not set the missed call flag again ## t_relay(); ##} } AppSer01:root@/usr/local/kamailio-3.0/etc/kamailio$
使用新一代 Windows Live Messenger 轻松交流和共享! 立刻下载! http://www.windowslive.cn/messenger/
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
Many thanks Klaus,
with "fix_nated_contact", "fix_nated_register" and the "fix_nated_sdp", I have resovled the NAT Traversal.
Thanks,
Kevin
Date: Mon, 14 Jun 2010 08:31:47 +0200 From: klaus.mailinglists@pernau.at To: kevin.jzh@hotmail.com CC: sr-users@lists.sip-router.org Subject: Re: [SR-Users] Help need on NAT_Traversal
Everything you want to do is possible with the default configuration.
Just enable all configuration parts with "fix_nated_contact" and fix_nated_register". This will enable NAT traversal for SIP. Depeing if you want to relay media or not just enable/disable the "force_rtpproxy" calls.
regards
klaus
Am 12.06.2010 04:58, schrieb JinKevin:
Hi All,
I'm building a video conference system with the kamailio and the video AS. The network is as below:
UAC(behind NAT) ------ kamailio(public IP) ------ AS (public IP)
I have setup the basic kamailio and the SIP signaling can reach the AS and the call can be established. Now the time to setup the NAT traveral since the UACs are behind the NAT.
Since it's video scenario, I don't want the kamailio as the RTPproxy so try to use the NAT_Traversal module.
From the module doc, NAT_Traversal needs the Dialog module as well. Have no idea on how to load these two modules and the route config required although have readed the module docs. Wondering if someone can help on the config for this scenario?
All call with $rU=="0216666" is forwarded to the video AS as the route[CONF].
Thanks in advance!
Thanks, Kevin
Below is the current config of the kamailio server:
_________________________________________________________________ 一张照片的自白――Windows Live照片的可爱视频介绍 http://windowslivesky.spaces.live.com/blog/cns!5892B6048E2498BD!889.entry
-
JinKevin -
Klaus Darilion