[OpenSIPS-Users] Receiving requests via registration TCP connection
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Mon Oct 13 13:49:01 CEST 2008
Hi Iñaki,
Iñaki Baz Castillo wrote:
> Hi, in case a TCP client behind NAT sends a REGISTER toa proxy with
> public IP, the proxy/registrar can "solve" NAT issues by adding
> "received:REAL_SOURCE_IP:REAL_SOURCE_PORT" to the Contact in REGISTER.
> So when the proxy receives a request for this AoR it will forward it
> to the public IP and port from where it received the REGISTER.
>
> Of course, for this to work is needed the TCP connection remains open
> (it could be achieved by requiring REGISTER every 32 seconds or using
> PING-PONG TCP keepalive if both client and server implement it).
>
Or you can simply instruct OpenSIPS to keep open the TCP connection
where the REGISTER was received - see
http://www.opensips.org/html/docs/modules/devel/registrar.html#id2520469
> But I wonder how "legal/valid" is this in RFC3261. I mean: is really
> valid for a proxy to send *new* requests to a registered UA via the
> TCP connection used for UA registration?
>
yes, it is legal - if I'm not wrong, there is even on RFC about reusing
TCP connections.
> Imagine UA1 sends a TCP INVITE to proxy P2 responsible for UA2 AoR. So
> UA1 starts a TCP connection from a random port (maybe 22222) to P2.
> This connection is just supposed for requests sent **by UA1** and
> responses sent from UA2.
> Now imagine that P2 sends a request to UA1 against port 22222 using
> the previous connection. AFAIK this is not defined in RFC3261 and UA1
> could just drop these requests.
>
> So I wonder which is the difference between this example and the case
> in with a registrar/proxy sends requests to a registered user via the
> TCP connection used for UA registration.
>
>
A server should re-use a TCP connection only if the IP:port of the other
peer is the same with the IP:port of the connection. The re-usage should
not be done on any other criteria - only if target at IP level is the same.
> Opinions? With the TCP UA's I've tryed (i-e- Twinkle) it seems to work
> (Twinkle accepts request from registrar/proxy coming via the TCP
> connection used for registration).
>
>
IMO, this is bogus - a device should reject incoming calls that do not
have in RURI an registered contact.
Regards,
Bogdan
More information about the Users
mailing list