[OpenSIPS-Users] nat_traversal: register keepalive not engaging

Saúl Ibarra Corretgé saul at ag-projects.com
Wed Sep 7 09:44:34 CEST 2011


Hi,

On Sep 6, 2011, at 3:29 PM, Gremaud Odin wrote:

> Hello everyone,
> 
> I began using the nat_traversal module to create a NAT traversal dedicated box, but I'm now stuck on something probably pretty stupid. Here is the design I'm working with:
> 
> Public network  ||  Private network
>                ||
>    U1 -------> P1 -------> P2
>                ||
>                ||
> 
> U1 being the NATed UAC, P1 the NAT box and P2 an OpenSIPS Proxy/Registrar.
> 
> The registration process is OK, and I can even call another UA using U1. When checking the proper functioning of my script, I noticed that I could not call U1 from any other UA: indeed, the register keepalive did not trigger properly (no keepalive engaged for REGISTER, even if it pass on the function). The keepalive mechanism is working fine with INVITE (did not try with SUBSCRIBE), I traced OPTION messages going to U1 (which replies with a "404 Not Found", is this normal?). I double-checked using the module statistics, and there was no register keepalive, but during an dialog, it effectively shows that U1 is keepalived. I traced the registration process for a possible error, but the request is correctly transfered to P2, which responds with a 200 OK that P1 receives correctly. I have no more ideas about what I'm missing here...
> 
> If it can help, here is the NAT and registrar process I use:
> 
> ### NAT DETECTION ###
> force_rport();
> 
> # Avoid NAT detection if source IP is local
> if ( client_nat_test("8") && $si!~"^10\.0\.0\.[0-9]{1,3}$") {
>    fix_contact();
>    append_hf("NAT-Scope: nat-relay\r\n");
> 
>    # For initial invites and all subscribe
>    if ((is_method("INVITE") && !has_totag()) || is_method("SUBSCRIBE")) {
>        nat_keepalive();
> 
>    # For registers
>    } else if (is_method("REGISTER")) {
>        nat_keepalive();
>        append_hf("NAT-Received: $source_uri\r\n");
>    }
> 
>    setflag(5);
> }
> 
> ### REGISTRAR ###
> if (is_domain_local("$fd") && is_method("REGISTER")) {
>    append_hf("Supported: Path\r\n");
>    add_path_received();
>    force_send_socket(10.0.0.1:5060);
>    t_relay("10.0.0.2:5060");
>    exit;
> }
> 
> ### RELAYING ###
> # The request was processed by the proxy/registrar
> if ($hdr(NAT-Scope)=="nat-relay" && !isflagset(5)) {
>    #$du = $hdr(NAT-Received);
>    $fs = $keepalive.socket($du);
> # Not a subsequent message (REGISTER, SUBSCRIBE or initial INVITE), avoid looping on P2
> } else if (!has_totag() && $si != "10.0.0.2") {
>    $du = "sip:10.0.0.2:5060";
>    $fs = "10.0.0.1:5060";
> }
> 
> if (!t_relay("0x03")) {
>    sl_reply_error();
> }
> 
> Any advice or idea is welcome :)
> 

I see you call fix_contact for any type of request. Don't do this for REGISTER requests or you'll save the wrong received information. For a REGISTER just do force_rport() and nat_keepalive().

Also, the NAT test you are doing seems wrong. If an endpoint puts his own public IP address in the Contact header it will pass your test and no keepalive will be done. I usually use 3, and in the case I mentioned before the endpoint would fail test 2, because it would have a private address in the topmost Via.


Regards,

--
Saúl Ibarra Corretgé
AG Projects






More information about the Users mailing list