[OpenSIPS-Users] 2 UAs behind same NAT Device
Deon Vermeulen
vermeulen.deon at gmail.com
Tue Nov 2 13:25:59 CET 2010
Hi List
I'm trying to setup NAT to NOT use MediaProxy when it detects that 2
devices are behind the same NAT Device, but rather have coms go
directly between them.
At the moment I can dial between the 2 phones and answer the call.
The callee phone says "Call Established" upon answer, but the caller
phone still says "trying/connecting".
I am sure this has something to do with my configuration, but I have
"NO IDEA" where to start looking.
The phones are setup to use their local IPs with no other STUN, ICE,
or "proxy like" configurations.
Below is a snipped from my opensips.cfg with the NAT configs and would
really appreciate any help to get this working.
modparam("rr", "enable_full_lr", 1)
modparam("registrar", "received_avp", "$avp(i:42)")
modparam("usrloc", "db_mode", 2)
modparam("usrloc", "nat_bflag", 6)
modparam("domain", "db_mode", 1) # Use caching
modparam("auth_db|usrloc|uri|avpops", "use_domain", 1)
modparam("auth_db|alias_db|domain|uri|uri_db|usrloc|permissions|
siptrace|group|avpops|presence", "db_url", "mysql://
opensips:opensipsrw at localhost/opensips")
modparam("nathelper", "natping_interval", 10)
modparam("nathelper", "received_avp", "$avp(i:42)")
modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy-
dispatcher.sock")
modparam("mediaproxy", "mediaproxy_timeout", 500)
modparam("mi_datagram", "socket_name", "/var/run/opensips/
opensips.sock")
modparam("mi_datagram", "children_count", 4)
# ------------------------- request routing logic ------------------- #
route{
#
# -- 1 -- Request Validation
#
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
}
if (msg:len >= 2048 ) {
sl_send_reply("513", "Message too big");
exit;
}
#
# -- 2 -- Routing Preprocessing
#
## Record-route all except Register
## Mark packets with nat=yes
## This mark will be used to identify the request in the loose
## route section
if(!is_method("REGISTER")){
if(nat_uac_test("19")){
record_route(";nat=yes");
} else {
record_route();
}
}
##Loose_route packets
if (has_totag()) {
#sequential request withing a dialog should
# take the path determined by record-routing
if (loose_route()) {
#Check authentication of re-invites
if(method=="INVITE") {
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","1");
exit;
} else if (!db_check_from()) {
sl_send_reply("403", "Forbidden, use From=ID");
exit;
}
}
## BYE and CANCEL message handling
if(method=="BYE" || method=="CANCEL") {
end_media_session();
}
##Detect requests in the dialog behind NAT and flag with 6
if(nat_uac_test("19") || search("^Route:.*;nat=yes")){
append_hf("P-hint: LR|fixcontact,setflag6, mediaproxy
\r\n");
fix_contact();
setbflag(6);
use_media_proxy();
}
route(1);
} else {
sl_send_reply("404","Not here");
}
exit;
}
#CANCEL processing
if (is_method("CANCEL")) {
if (t_check_trans()) {
end_media_session();
t_relay();
}
exit;
}
t_check_trans();
#
# -- 3 -- Determine Request Target
#
if (method=="REGISTER") {
route(2);
} else {
route(3);
}
}
route[1] {
#
# -- 4 -- Forward request to target
#
# Forward statefully
t_on_reply("1");
t_on_failure("1");
if (!t_relay()) {
sl_reply_error();
}
exit;
}
route[2] {
## Register request handler
if (is_uri_host_local()) {
if (!www_authorize("", "subscriber")) {
www_challenge("", "1");
exit;
}
if (!db_check_to()) {
sl_send_reply("403", "Forbidden");
exit;
}
# Test to see if Caller is behind NAT
if(!search("^Contact:[ ]*\*") && client_nat_test("7")) {
setbflag(6);
fix_nated_register();
force_rport();
}
save("location");
exit;
} else {
sl_send_reply("403", "Forbidden");
}
}
route[3] {
## Requests handler
if (is_from_local()){
# From an internal domain -> check the credentials and the FROM
#if(!allow_trusted()){
if (!proxy_authorize("","subscriber")) {
proxy_challenge("","0");
exit;
} else if(!db_check_from()) {
sl_send_reply("403", "Forbidden, use From=ID");
exit;
}
if (client_nat_test("3")) {
append_hf("P-hint: route(3)|
setflag7,forcerport,fix_contact\r\n");
setbflag(7);
force_rport();
fix_contact();
}
..............
route[6] {
#
# -- NAT Traversal handling --
#
# Route[6] is the routing block responsible for activating the
MediaProxy, whenever
# the caller or callee is behind NAT (flags 6 or 7 respectively).
if (isbflagset(6) || isbflagset(7)) {
if ( $dd == $si ) {
xlog("L_INFO", "Both users behind same NAT, so we
dont use MediaProxy\n");
resetbflag(6); # Unset NAT flag general.
resetbflag(7); # Unset NAT flag general.
} else
append_hf("P-hint: Route[6]: mediaproxy \r\n");
use_media_proxy();
}
}
.............
onreply_route[1] {
#
#-- On-replay block routing --
#
if (client_nat_test("1")) {
append_hf("P-hint: Onreply-route - fixcontact \r\n");
fix_contact();
}
if ((isbflagset(6) || isbflagset(7)) && (status=~"(180)|(183)|
2[0-9][0-9]")) {
if (search("^Content-Type:[ ]*application/sdp")) {
append_hf("P-hint: onreply_route|usemediaproxy \r\n");
use_media_proxy();
}
}
exit;
}
Thanks again for helping. Really appreciate it.
Regards
Deon
More information about the Users
mailing list