[OpenSIPS-Users] 2 UAs behind same NAT Device

Deon Vermeulen vermeulen.deon at gmail.com
Tue Nov 2 13:25:59 CET 2010


Hi List

I'm trying to setup NAT to NOT use MediaProxy when it detects that 2  
devices are behind the same NAT Device, but rather have coms go  
directly between them.
At the moment I can dial between the 2 phones and answer the call.
The callee phone says "Call Established" upon answer, but the caller  
phone still says "trying/connecting".
I am sure this has something to do with my configuration, but I have  
"NO IDEA" where to start looking.
The phones are setup to use their local IPs with no other STUN, ICE,  
or "proxy like" configurations.
Below is a snipped from my opensips.cfg with the NAT configs and would  
really appreciate any help to get this working.

modparam("rr", "enable_full_lr", 1)
modparam("registrar", "received_avp", "$avp(i:42)")
modparam("usrloc", "db_mode",   2)
modparam("usrloc", "nat_bflag", 6)
modparam("domain", "db_mode", 1) # Use caching
modparam("auth_db|usrloc|uri|avpops", "use_domain", 1)
modparam("auth_db|alias_db|domain|uri|uri_db|usrloc|permissions| 
siptrace|group|avpops|presence", "db_url", "mysql:// 
opensips:opensipsrw at localhost/opensips")
modparam("nathelper", "natping_interval", 10)
modparam("nathelper", "received_avp", "$avp(i:42)")
modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy- 
dispatcher.sock")
modparam("mediaproxy", "mediaproxy_timeout", 500)
modparam("mi_datagram", "socket_name", "/var/run/opensips/ 
opensips.sock")
modparam("mi_datagram", "children_count", 4)


# -------------------------  request routing logic ------------------- #

route{

     #
     # -- 1 -- Request Validation
     #
     if (!mf_process_maxfwd_header("10")) {
         sl_send_reply("483","Too Many Hops");
         exit;
     }

     if (msg:len >=  2048 ) {
         sl_send_reply("513", "Message too big");
         exit;
     }

     #
     # -- 2 -- Routing Preprocessing
     #
     ## Record-route all except Register
     ## Mark packets with nat=yes
     ## This mark will be used to identify the request in the loose
     ## route section
     if(!is_method("REGISTER")){
         if(nat_uac_test("19")){
             record_route(";nat=yes");
         } else {
             record_route();
         }
     }

     ##Loose_route packets
     if (has_totag()) {
         #sequential request withing a dialog should
         # take the path determined by record-routing
         if (loose_route()) {
             #Check authentication of re-invites
             if(method=="INVITE") {
                 if (!proxy_authorize("","subscriber")) {
                 proxy_challenge("","1");
                 exit;
             } else if (!db_check_from()) {
                 sl_send_reply("403", "Forbidden, use From=ID");
                 exit;
             }
         }
                 ## BYE and CANCEL message handling
         if(method=="BYE" || method=="CANCEL") {
             end_media_session();
         }
         ##Detect requests in the dialog behind NAT and flag with 6
             if(nat_uac_test("19") || search("^Route:.*;nat=yes")){
                 append_hf("P-hint: LR|fixcontact,setflag6, mediaproxy 
\r\n");
                 fix_contact();
                 setbflag(6);
                 use_media_proxy();
             }
             route(1);
         } else {
             sl_send_reply("404","Not here");
         }
         exit;
     }

     #CANCEL processing
     if (is_method("CANCEL")) {
         if (t_check_trans()) {
             end_media_session();
             t_relay();
         }
         exit;
     }

     t_check_trans();

     #
     # -- 3 -- Determine Request Target
     #
     if (method=="REGISTER") {
         route(2);
     } else {
         route(3);
     }
}


route[1] {
     #
     # -- 4 -- Forward request to target
     #
     # Forward statefully
     t_on_reply("1");
     t_on_failure("1");
     if (!t_relay()) {
         sl_reply_error();
     }
     exit;
}

route[2] {
     ## Register request handler
     if (is_uri_host_local()) {
         if (!www_authorize("", "subscriber")) {
             www_challenge("", "1");
             exit;
         }

         if (!db_check_to()) {
             sl_send_reply("403", "Forbidden");
             exit;
         }

            # Test to see if Caller is behind NAT
         if(!search("^Contact:[ ]*\*") && client_nat_test("7")) {
             setbflag(6);
             fix_nated_register();
             force_rport();
         }
         save("location");
         exit;

     } else {
         sl_send_reply("403", "Forbidden");
     }
}


route[3] {
     ## Requests handler
     if (is_from_local()){
         # From an internal domain -> check the credentials and the FROM
         #if(!allow_trusted()){
             if (!proxy_authorize("","subscriber")) {
                 proxy_challenge("","0");
                 exit;
             } else if(!db_check_from()) {
             sl_send_reply("403", "Forbidden, use From=ID");
             exit;
         }

         if (client_nat_test("3")) {
             append_hf("P-hint: route(3)| 
setflag7,forcerport,fix_contact\r\n");
             setbflag(7);
             force_rport();
             fix_contact();
         }

..............

route[6] {
     #
     # -- NAT Traversal handling --
     #
     # Route[6] is the routing block responsible for activating the  
MediaProxy, whenever
     # the caller or callee is behind NAT (flags 6 or 7 respectively).
     if (isbflagset(6) || isbflagset(7)) {
            if ( $dd == $si ) {
                    xlog("L_INFO", "Both users behind same NAT, so we  
dont use MediaProxy\n");
                    resetbflag(6);  # Unset NAT flag general.
                    resetbflag(7);  # Unset NAT flag general.
         } else
         append_hf("P-hint: Route[6]: mediaproxy \r\n");
         use_media_proxy();
     }
}

.............

onreply_route[1] {
#
#-- On-replay block routing --
#
     if (client_nat_test("1")) {
         append_hf("P-hint: Onreply-route - fixcontact \r\n");
         fix_contact();
     }

     if ((isbflagset(6) || isbflagset(7)) && (status=~"(180)|(183)| 
2[0-9][0-9]")) {
         if (search("^Content-Type:[ ]*application/sdp")) {
             append_hf("P-hint: onreply_route|usemediaproxy \r\n");
         use_media_proxy();
         }
     }
     exit;
}


Thanks again for helping. Really appreciate it.

Regards
Deon



More information about the Users mailing list