I am setting up a SER/Mediaproxy/MySQL box. I have it setup and running except for NAT. When I put up a call this is what my session look like. The 127 are the fakeconversations.py. The other session is my live traffic but the other end has all ????????????????. Any ideas. I am using the basic SER/Mediaproxy config below.
Caller Via Called Status Duration Codec Type Traffic ---------------------------------------------------------------------------- ---------------------------------------- 127.0.0.1:10000 - 10.0.1.100:60004 - 127.0.0.1:10002 active 0'10" Dynamic(127) Audio 94.38k/188.58k/94.38k 10.0.2.1:15040 - 10.0.1.100:60000 - ?.?.?.?:? inactive 4'41" Dynamic(107) Audio 1.58M/0/0
Total traffic: 120.55kbps/74.61kbps/149.22kbps (in1/in2/out) Session count: 2 Proxy version: 1.8.0
#####################SER.CFG [root@voipproxy1 mediaproxy]# cat /usr/local/etc/ser/ser.cfg # $Id: nat-mediaproxy.cfg 51 2006-01-31 13:28:04Z /CN=Paul Hazlett/emailAddress=paul@onsip.org $ debug=7 fork=yes log_stderror=no
listen=10.0.1.100 # INSERT YOUR IP ADDRESS HERE port=5060 children=4 sock_mode=0666
dns=no rev_dns=no fifo="/tmp/ser_fifo" fifo_db_url="mysql://ser:heslo@localhost/ser"
loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" loadmodule "/usr/local/lib/ser/modules/uri.so" loadmodule "/usr/local/lib/ser/modules/uri_db.so" loadmodule "/usr/local/lib/ser/modules/domain.so" loadmodule "/usr/local/lib/ser/modules/mediaproxy.so" loadmodule "/usr/local/lib/ser/modules/nathelper.so" loadmodule "/usr/local/lib/ser/modules/textops.so"
modparam("auth_db|domain|uri_db|usrloc", "db_url", "mysql://ser:heslo@localhost/ser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password")
modparam("nathelper", "rtpproxy_disable", 1) modparam("nathelper", "natping_interval", 0)
modparam("mediaproxy","natping_interval", 30) modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy.sock") modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients") modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients")
modparam("usrloc", "db_mode", 2)
modparam("registrar", "nat_flag", 6)
modparam("rr", "enable_full_lr", 1)
route {
# ----------------------------------------------------------------- # Sanity Check Section # ----------------------------------------------------------------- if (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many Hops"); break; };
if (msg:len > max_len) { sl_send_reply("513", "Message Overflow"); break; };
# ----------------------------------------------------------------- # Record Route Section # ----------------------------------------------------------------- if (method=="INVITE" && client_nat_test("3")) { # INSERT YOUR IP ADDRESS HERE record_route_preset("10.0.1.100:5060;nat=yes"); } else if (method!="REGISTER") { record_route(); };
# ----------------------------------------------------------------- # Call Tear Down Section # ----------------------------------------------------------------- if (method=="BYE" || method=="CANCEL") { end_media_session(); };
# ----------------------------------------------------------------- # Loose Route Section # ----------------------------------------------------------------- if (loose_route()) {
if ((method=="INVITE" || method=="REFER") && !has_totag()) { sl_send_reply("403", "Forbidden"); break; };
if (method=="INVITE") {
if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); break; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); break; }; consume_credentials();
if (client_nat_test("3") || search("^Route:.*;nat=yes")) { setflag(6); use_media_proxy(); }; };
route(1); break; };
# ----------------------------------------------------------------- # Call Type Processing Section # ----------------------------------------------------------------- if (uri!=myself) { route(4); route(1); break; };
if (method=="ACK") { route(1); break; } else if (method=="CANCEL") { route(1); break; } else if (method=="INVITE") { route(3); break; } else if (method=="REGISTER") { route(2); break; };
lookup("aliases"); if (uri!=myself) { route(4); route(1); break; };
if (!lookup("location")) { sl_send_reply("404", "User Not Found"); break; };
route(1); }
route[1] {
# ----------------------------------------------------------------- # Default Message Handler # -----------------------------------------------------------------
t_on_reply("1");
if (!t_relay()) {
if (method=="INVITE" || method=="ACK") { end_media_session(); };
sl_reply_error(); }; }
route[2] {
# ----------------------------------------------------------------- # REGISTER Message Handler # ----------------------------------------------------------------
sl_send_reply("100", "Trying");
if (!search("^Contact:[ ]**") && client_nat_test("7")) { setflag(6); fix_nated_register(); force_rport(); };
if (!www_authorize("","subscriber")) { www_challenge("","0"); break; };
if (!check_to()) { sl_send_reply("401", "Unauthorized"); break; };
consume_credentials();
if (!save("location")) { sl_reply_error(); }; }
route[3] {
# ----------------------------------------------------------------- # INVITE Message Handler # -----------------------------------------------------------------
if (client_nat_test("3")) { setflag(7); force_rport(); fix_nated_contact(); };
if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); break; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); break; };
consume_credentials();
lookup("aliases"); if (uri!=myself) { route(4); route(1); break; };
if (!lookup("location")) { sl_send_reply("404", "User Not Found"); break; };
route(4); route(1); }
route[4] {
# ----------------------------------------------------------------- # NAT Traversal Section # -----------------------------------------------------------------
if (isflagset(6) || isflagset(7)) { if (!isflagset(8)) { setflag(8); use_media_proxy(); }; }; }
onreply_route[1] {
if ((isflagset(6) || isflagset(7)) && (status=~"(180)|(183)|2[0-9][0-9]")) {
if (!search("^Content-Length:[ ]*0")) { use_media_proxy(); }; };
if (client_nat_test("1")) { fix_nated_contact(); }; }
######################MEDIAPROXY.INI [Dispatcher] defaultProxy = /var/run/mediaproxy.sock
[MediaProxy] ;start = yes ;socket = /var/run/mediaproxy.sock ;group = openser ;listen = None ;allow = None proxyIP = 10.0.1.100 portRange = 60000:65000 ;TOS = 0xb8 ;idleTimeout = 60 ;holdTimeout = 3600 ;forceClose = 0
[Accounting] ; one of none, radius or database accounting = database
[Database] user = ser password = heslo host = localhost database = ser table = acc
[Radius] secret = secret server = localhost authport = 1812 acctport = 1813 dictionaries = /etc/radiusclient-ng/dictionary, /etc/openser/radius/dictionary, /usr/local/mediaproxy/dictionary retries = 2 timeout = 3
Bill
Bill, Note that the onsip.org config file uses a reference design where SER has a public address and UAs may be behind NAT (far-end NAT traversal). The nat_uac_test function uses private address segments to determine whether to fix-up SDP and whether to proxy a call. Your mediaproxy output indicates that you are running a scenario using a private segment in 10.0.0.0/8. g-)
Bill wrote:
I am setting up a SER/Mediaproxy/MySQL box. I have it setup and running except for NAT. When I put up a call this is what my session look like. The 127 are the fakeconversations.py. The other session is my live traffic but the other end has all ????????????????. Any ideas. I am using the basic SER/Mediaproxy config below.
Caller Via Called Status Duration Codec Type Traffic
127.0.0.1:10000 - 10.0.1.100:60004 - 127.0.0.1:10002 active 0'10" Dynamic(127) Audio 94.38k/188.58k/94.38k 10.0.2.1:15040 - 10.0.1.100:60000 - ?.?.?.?:? inactive 4'41" Dynamic(107) Audio 1.58M/0/0
Total traffic: 120.55kbps/74.61kbps/149.22kbps (in1/in2/out) Session count: 2 Proxy version: 1.8.0
#####################SER.CFG [root@voipproxy1 mediaproxy]# cat /usr/local/etc/ser/ser.cfg # $Id: nat-mediaproxy.cfg 51 2006-01-31 13:28:04Z /CN=Paul Hazlett/emailAddress=paul@onsip.org $ debug=7 fork=yes log_stderror=no
listen=10.0.1.100 # INSERT YOUR IP ADDRESS HERE port=5060 children=4 sock_mode=0666
dns=no rev_dns=no fifo="/tmp/ser_fifo" fifo_db_url="mysql://ser:heslo@localhost/ser"
loadmodule "/usr/local/lib/ser/modules/mysql.so" loadmodule "/usr/local/lib/ser/modules/sl.so" loadmodule "/usr/local/lib/ser/modules/tm.so" loadmodule "/usr/local/lib/ser/modules/rr.so" loadmodule "/usr/local/lib/ser/modules/maxfwd.so" loadmodule "/usr/local/lib/ser/modules/usrloc.so" loadmodule "/usr/local/lib/ser/modules/registrar.so" loadmodule "/usr/local/lib/ser/modules/auth.so" loadmodule "/usr/local/lib/ser/modules/auth_db.so" loadmodule "/usr/local/lib/ser/modules/uri.so" loadmodule "/usr/local/lib/ser/modules/uri_db.so" loadmodule "/usr/local/lib/ser/modules/domain.so" loadmodule "/usr/local/lib/ser/modules/mediaproxy.so" loadmodule "/usr/local/lib/ser/modules/nathelper.so" loadmodule "/usr/local/lib/ser/modules/textops.so"
modparam("auth_db|domain|uri_db|usrloc", "db_url", "mysql://ser:heslo@localhost/ser") modparam("auth_db", "calculate_ha1", 1) modparam("auth_db", "password_column", "password")
modparam("nathelper", "rtpproxy_disable", 1) modparam("nathelper", "natping_interval", 0)
modparam("mediaproxy","natping_interval", 30) modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy.sock") modparam("mediaproxy","sip_asymmetrics","/usr/local/etc/ser/sip-clients") modparam("mediaproxy","rtp_asymmetrics","/usr/local/etc/ser/rtp-clients")
modparam("usrloc", "db_mode", 2)
modparam("registrar", "nat_flag", 6)
modparam("rr", "enable_full_lr", 1)
route {
# ----------------------------------------------------------------- # Sanity Check Section # ----------------------------------------------------------------- if (!mf_process_maxfwd_header("10")) { sl_send_reply("483", "Too Many Hops"); break; }; if (msg:len > max_len) { sl_send_reply("513", "Message Overflow"); break; }; # ----------------------------------------------------------------- # Record Route Section # ----------------------------------------------------------------- if (method=="INVITE" && client_nat_test("3")) { # INSERT YOUR IP ADDRESS HERE record_route_preset("10.0.1.100:5060;nat=yes"); } else if (method!="REGISTER") { record_route(); }; # ----------------------------------------------------------------- # Call Tear Down Section # ----------------------------------------------------------------- if (method=="BYE" || method=="CANCEL") { end_media_session(); }; # ----------------------------------------------------------------- # Loose Route Section # ----------------------------------------------------------------- if (loose_route()) { if ((method=="INVITE" || method=="REFER") && !has_totag()) { sl_send_reply("403", "Forbidden"); break; }; if (method=="INVITE") { if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); break; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); break; }; consume_credentials(); if (client_nat_test("3") ||search("^Route:.*;nat=yes")) { setflag(6); use_media_proxy(); }; };
route(1); break; }; # ----------------------------------------------------------------- # Call Type Processing Section # ----------------------------------------------------------------- if (uri!=myself) { route(4); route(1); break; }; if (method=="ACK") { route(1); break; } else if (method=="CANCEL") { route(1); break; } else if (method=="INVITE") { route(3); break; } else if (method=="REGISTER") { route(2); break; }; lookup("aliases"); if (uri!=myself) { route(4); route(1); break; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); break; }; route(1);}
route[1] {
# ----------------------------------------------------------------- # Default Message Handler # ----------------------------------------------------------------- t_on_reply("1"); if (!t_relay()) { if (method=="INVITE" || method=="ACK") { end_media_session(); }; sl_reply_error(); };}
route[2] {
# ----------------------------------------------------------------- # REGISTER Message Handler # ---------------------------------------------------------------- sl_send_reply("100", "Trying"); if (!search("^Contact:[ ]*\*") && client_nat_test("7")) { setflag(6); fix_nated_register(); force_rport(); }; if (!www_authorize("","subscriber")) { www_challenge("","0"); break; }; if (!check_to()) { sl_send_reply("401", "Unauthorized"); break; }; consume_credentials(); if (!save("location")) { sl_reply_error(); };}
route[3] {
# ----------------------------------------------------------------- # INVITE Message Handler # ----------------------------------------------------------------- if (client_nat_test("3")) { setflag(7); force_rport(); fix_nated_contact(); }; if (!proxy_authorize("","subscriber")) { proxy_challenge("","0"); break; } else if (!check_from()) { sl_send_reply("403", "Use From=ID"); break; }; consume_credentials(); lookup("aliases"); if (uri!=myself) { route(4); route(1); break; }; if (!lookup("location")) { sl_send_reply("404", "User Not Found"); break; }; route(4); route(1);}
route[4] {
# ----------------------------------------------------------------- # NAT Traversal Section # ----------------------------------------------------------------- if (isflagset(6) || isflagset(7)) { if (!isflagset(8)) { setflag(8); use_media_proxy(); }; };}
onreply_route[1] {
if ((isflagset(6) || isflagset(7)) &&(status=~"(180)|(183)|2[0-9][0-9]")) {
if (!search("^Content-Length:[ ]*0")) { use_media_proxy(); }; }; if (client_nat_test("1")) { fix_nated_contact(); };}
######################MEDIAPROXY.INI [Dispatcher] defaultProxy = /var/run/mediaproxy.sock
[MediaProxy] ;start = yes ;socket = /var/run/mediaproxy.sock ;group = openser ;listen = None ;allow = None proxyIP = 10.0.1.100 portRange = 60000:65000 ;TOS = 0xb8 ;idleTimeout = 60 ;holdTimeout = 3600 ;forceClose = 0
[Accounting] ; one of none, radius or database accounting = database
[Database] user = ser password = heslo host = localhost database = ser table = acc
[Radius] secret = secret server = localhost authport = 1812 acctport = 1813 dictionaries = /etc/radiusclient-ng/dictionary, /etc/openser/radius/dictionary, /usr/local/mediaproxy/dictionary retries = 2 timeout = 3
Bill
Serusers mailing list Serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers
-
Bill -
Greger V. Teigre