[OpenSIPS-Users] Public IP in REGISTER

Dipteshkumar Patel diptesh.patel at ecosmob.com
Thu Mar 5 06:25:23 EST 2020 

Hello Jehan,

OpenSIPS handle NAT different way for INVITE and REGISTER packets. If we
use fix_nated_contact(), it will get the actual source ip from network and
create a lump for that and replace the headers(like Contact, Received in
Via and c parameter in SDP packet) just before sent out or relay the packet.

In your case, You need to manage the REGISTER and we are using OpenSIPS as
a Registrar so we are not relay the packet so fix_nated_contact() will not
help you. and your location table will have the private ip not public. So
Let me guide how NAT can be managed in Registration.

There are three modules are responsible for the registration with NAT
handling.
1. registrar module
2. usrloc module
3. nathelper module

nathelper module can check the packet source is behind nat or nat and get
the public ip from source ip.

We need to define a module parameter for netheper module with an
avp variable so the module will store the received IP in that avp. and
similar avp should be in registrar module so registrar module can read the
avp and store it into location as received parameter.

modparam("nathelper", "received_avp", "$avp(received)")

modparam("registrar", "received_avp", "$avp(received)")


Refer the following snippet.

/*Other registrar Parameters*/
modparam("registrar", "received_avp", "$avp(received)")

/*Other nethelper Parameters*/
modparam("nathelper", "received_avp", "$avp(received)") #keep in mind that
this avp should be same in registrar module.

/*Other usrloc Parameters*/
modparam("usrloc", "nat_bflag", "NAT_FLAG")

route(NAT_MANAGE);
-------
/*Some Authentication Stuff*/
-------
if(!save("location")) {
            sl_reply_error();
}

route[NAT_MANAGE] {
    if(nat_uac_test("19")){
        xlog("L_INFO","--- [NAT_MANAGE] UAC IS BEHIND NAT ---");
        if(is_method("REGISTER")){
            fix_nated_register();
            setbflag(NAT_FLAG);
        } else {
            fix_nated_contact();
            setflag(NAT_FLAG);
            if (has_body("application/sdp")){
                fix_nated_sdp("3");
            }
        }
    }
}

Output of opensipsctl ul show
-----------------------------------------------

AOR:: 100 at world.provider.in
    Contact:: sip:100@[ACTUAL CONTACT IP]:5060 Q=
            ContactID:: 2522655082190201667
            Expires:: 2219
            Callid:: 18480129104911-28121824031899 at 192.168.30.238
            Cseq:: 6
            User-agent:: Phone Ver2.2
            Received:: sip:[RECEIVED IP]:5060 /*This IP will be used as
request domain on relay the packet*/
            State:: CS_SYNC
            Flags:: 0
            Cflags:: SIPPING_RTO SIPPING_ENABLE NAT_FLAG
            Socket:: udp:[OPENSIPS LISTEN SOCKET]:5070
            Methods:: 7551

I hope this will solve your problem.

Thanks & Regards
*Diptesh Patel*
Software Developer
Ecosmob Technologies Ltd,
Ahmedabad
Mo:*+919898962659*


On Thu, Mar 5, 2020 at 4:35 AM Jehanzaib Younis <jehanzaib.kiani at gmail.com>
wrote:

> Thank you for your email Callum,
> I can not see the public IP in the command line that is strange. but
> OPTION is working fine. i can see 200 OK in the OPTION.
> I have already tried what you have suggested i.e fixed_nated_contact on
> INVITE it is still sending to my 10.xx.xx.xx ip.
>
> Here is my URL location
> AOR:: xxxxxx
>         Contact:: sip:xxx at 10.202.128.xx:5060;transport=udp Q=
>                 Expires:: 2914
>                 Callid:: n883832msp1lm0nl3cmjks88jkpinsc0 at 10.202.128.xx
>                 Cseq:: 12
>                 User-agent:: HUAWEI-EchoLife HG8240H/V3R013C10S108
>                 State:: CS_NEW
>                 Flags:: 0
>                 Cflags:: 3
>                 Socket:: udp:mysipserverip:5060
>                 Methods:: 8191
>
> here is my url and nat module parameters
>
> loadmodule "usrloc.so"
> modparam("usrloc", "nat_bflag", "NAT")
> modparam("usrloc", "db_mode",   0)
>
> loadmodule "nathelper.so"
> modparam("nathelper", "natping_interval", 120) # Ping interval 120 s
> modparam("nathelper", "ping_nated_only", 1)   # Ping only clients behind
> NAT
> modparam("nathelper", "sipping_method", "OPTIONS")
> modparam("nathelper", "sipping_from", "sip:pinger at mytestdomain.com")
> modparam("nathelper", "received_avp", "$avp(i:42)")
> modparam("nathelper", "sipping_bflag", 7)
>
> loadmodule "nat_traversal.so"
> modparam("nat_traversal", "keepalive_interval", 120)
> modparam("nat_traversal", "keepalive_method", "OPTIONS")
> modparam("nat_traversal", "keepalive_from", "sip:pinger at mytestdomain.com")
>
> Any suggestions please?
>
> Thank you
>
>
> On Wed, Mar 4, 2020 at 9:50 PM Callum Guy <callum.guy at x-on.co.uk> wrote:
>
>> Hi Jehan,
>>
>> Sounds like you want to be using fix_nated_contact() - when the INVITE
>> arrives you can try the following:
>>
>> # Check if contact is RFC1918
>> if (nat_uac_test(1)) {
>>     # Replace the contact IP with the received address from the network
>>     fix_nated_contact();
>> }
>>
>> If you look at the registrations via CLI or database (if in use) you'll
>> see that OpenSIPs is tracking both a contact and received value to deal
>> with this - that will be where your NAT pings are getting the address from.
>>
>> Hopefully that helps to get you on the correct path!
>>
>> Callum
>>
>> On Tue, 3 Mar 2020 at 21:06, Jehanzaib Younis <jehanzaib.kiani at gmail.com>
>> wrote:
>>
>>> Hi gang,
>>>
>>> I have quite strange issue. When in some cases when my customer's have
>>> 10.202.128.xx range they are behind NAT. when i see opensipsctl ul show
>>> number at sip
>>> i see contact header as Contact:: sip:number at 10.202.128.xx:5060;transport=udp
>>> Q=
>>> which means when i try to relay the invite goes to that
>>> 10.202.128.xx:5060 which is wrong. It should go to its public IP:port
>>>
>>> but weird thing is, i see the OPTION is sent to its Public IP (OPTIONS
>>> sip:180.xx.xx.xx:1502). I also see the 200 OK which is perfect.
>>>
>>> I tried to use fix_nated_register(); but it does not change anything.
>>>
>>> Can anyone help please?
>>>
>>> Thank you
>>>
>>>
>>> Regards,
>>> Jehan
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opensips.org
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>>
>>
>>
>> *0333 332 0000  |  www.x-on.co.uk <http://www.x-on.co.uk>  |   **
>> <https://www.linkedin.com/company/x-on>   <https://www.facebook.com/XonTel>
>>   <https://twitter.com/xonuk> *
>>
>> X-on is a trading name of Storacall Technology Ltd a limited company
>> registered in England and Wales.
>> Registered Office : Avaland House, 110 London Road, Apsley, Hemel
>> Hempstead, Herts, HP3 9SD. Company Registration No. 2578478.
>> The information in this e-mail is confidential and for use by the
>> addressee(s) only. If you are not the intended recipient, please notify
>> X-on immediately on +44(0)333 332 0000 and delete the
>> message from your computer. If you are not a named addressee you must not
>> use, disclose, disseminate, distribute, copy, print or reply to this email. Views
>> or opinions expressed by an individual
>> within this email may not necessarily reflect the views of X-on or its
>> associated companies. Although X-on routinely screens for viruses,
>> addressees should scan this email and any attachments
>> for viruses. X-on makes no representation or warranty as to the absence
>> of viruses in this email or any attachments.
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opensips.org
>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>

-- 
*Disclaimer*
In addition to generic Disclaimer which you have agreed on our 
website, any views or opinions presented in this email are solely those of 
the originator and do not necessarily represent those of the Company or its 
sister concerns. Any liability (in negligence, contract or otherwise) 
arising from any third party taking any action, or refraining from taking 
any action on the basis of any of the information contained in this email 
is hereby excluded.



*Confidentiality*
This communication (including any 
attachment/s) is intended only for the use of the addressee(s) and contains 
information that is PRIVILEGED AND CONFIDENTIAL. Unauthorized reading, 
dissemination, distribution, or copying of this communication is 
prohibited. Please inform originator if you have received it in error.



*Caution for viruses, malware etc.*
This communication, including any 
attachments, may not be free of viruses, trojans, similar or new 
contaminants/malware, interceptions or interference, and may not be 
compatible with your systems. You shall carry out virus/malware scanning on 
your own before opening any attachment to this e-mail. The sender of this 
e-mail and Company including its sister concerns shall not be liable for 
any damage that may incur to you as a result of viruses, incompleteness of 
this message, a delay in receipt of this message or any other computer 
problems. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20200305/d5168f2f/attachment-0001.html>

More information about the Users mailing list