Piotr, Thanks for your email.
I've raised https://github.com/Metaswitch/sprout/issues/996 to track separating this, although it sounds like it's not too high priority if you can work around it with iptables - please let us know whether or not this approach works! Thanks, Matt From: Piotr Kurpiel [mailto:[email protected]] Sent: 08 April 2015 07:10 To: Matt Williams Cc: [email protected] Subject: Re: [Clearwater] bono bound to two physical IPs Hi Matt, thanks for your response. It's clear that P-CSCF (bono) does not relay media. Anyway I still would see it as beneficial to have a separation of access and core signalling, especially that in the deployment I am doing, for now, no SBC is planned (might change due to media flows - if needed to go to core). The separation is beneficial at least from security perspective. I will probably work it out with iptables (forcing NAT from public to local) for now. Piotr Kurpiel [email protected] +48602206891 On Tue, Apr 7, 2015 at 5:01 PM, Matt Williams <[email protected]> wrote: Piotr, It's good to hear from you. Unfortunately, bono doesn't currently support binding to two different IP addresses. For signaling only, it's probably not too hard to make this work. Bono is built from the "sprout" repository (https://github.com/Metaswitch/sprout) and the relevant code is all in the stack.cpp module (https://github.com/Metaswitch/sprout/blob/dev/sprout/stack.cpp). The fill_transport_details function always gets the local address (by calling pj_getaddrinfo on local_host), and we could tweak this to optionally use the public address instead. However, presumably the scenario you're considering here is that the only communication between the core and access networks is via the P-CSCF? If so, I suspect you'd also need to relay media between the two networks. Bono has no support for media at all - adding that would be quite a lot more effort. Is there a scenario in which having separate access and core networks for signaling (but not for media) might be useful? Please let me know. Alternatively, we've tested with Metaswitch's Perimeta P-CSCF/IBCF, which includes this function both for signaling and for media. I hope that helps, and please let me know on the media question. Thanks, Matt -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Piotr Kurpiel Sent: 07 April 2015 11:33 To: [email protected] Subject: [Clearwater] bono bound to two physical IPs All, I am trying to fit the Clearwater manual installation into an existing IP design, where access side is vlan-separated from core side. What I need is to configure bono to bind to two separate IPs (both configured and available from OS). The core IP is private, the access IP is already public (no NAT). I tried to make use of local_ip (for core) and public_ip (for access) but it seems that the public_ip only works on application layer of bono, rather than physically bind to that IP. Is there any trick to do that? Thanks. Piotr Kurpiel [email protected] +48602206891 _______________________________________________ Clearwater mailing list [email protected] http://lists.projectclearwater.org/listinfo/clearwater _______________________________________________ Clearwater mailing list [email protected] http://lists.projectclearwater.org/listinfo/clearwater
