Re: [asterisk-users] Asterisk/iaxclient IAX2 source port
Why not let the softphones register to the closest asterisk box and use dundi to route the calls to the box where the softphone is registered ? Not exactly sure how dundi would solve this issue. How does a softphone configured to connect to sitea.asterisk.server connect to siteb.asterisk.server automagically when it's at siteb? We can't just configure the softphones to connect to asterisk because they also need to work when the softphone is simply out in the world not at any site. In the end, the system we have works quite well and we're not really interested in the complexity of moving to dundi unless there's no other way or a very compelling reason to do so. (Glad it works well for you though) The NAT issue is a serious one for us that really does seem to be an oversight in the design/implementation of IAX2. Surely there's a way to tell asterisk to use an ephemeral source port for its outbound IAX2 connections... Chris ___ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk/iaxclient IAX2 source port
Michiel, I'm still confused as to how this would help me. Nevertheless, I'm curious: Why not let the softphones register to the closest asterisk box and use dundi to route the calls to the box where the softphone is registered ? How do you get around having to synchronize the softphone reg info between sites? Or is there some DUNDi magic that would allow a softphone from site-A to register on site-B's asterisk box without site-B having a local entry in iax.conf for that softphone? Chris ___ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
[asterisk-users] Asterisk/iaxclient IAX2 source port
All,
I have a simple question and a complicated reason for asking:
Is it possible to change asterisk's source port for outbound IAX2
connections?
I've tried using sourceaddress to no avail. I can set it to:
proper.ip.of.box:4569
or
0.0.0.0:4569
and it works as expected. But if I try to set it to:
proper.ip.of.box:5000
or
0.0.0.0:5000
it fails around line 8536 in channels/chan_iax2.c, function
peer_set_srcaddr, specifically:
if (ast_netsock_find(netsock, sin)) {
always returns false unless the port is set to 4569. Thus tripping the
error message:
chan_iax2.c:8940 peer_set_srcaddr: Non-local or unbound address specified
(0.0.0.0:5000) in sourceaddress for 'test-trunk', reverting to default
Is there any way to get asterisk to listen for inbound connections on
4569, but to use a non-4569 source port? (Ephemeral ports would be great)
Below is the reason for my asking, for the curious:
Currently, asterisk uses port 4569 as both the source and
destination port for all its outbound connections. This is generally
fine, but I find myself in a very frustrating NAT issue as a result of
iaxclient also defaulting to using 4569 for both source and destination
ports. We run several sites around the world, all using ENUM to place
calls between sites. Thus, none of the sites register with each other.
Thus, until a call is made, there is no connection between site A and site
B, and thus no NAT entries in the router at site B for site A.
Normally, this is fine. A call is placed from A to B and the
packets come into the router at B and get NATed properly:
A.ext:4569 - B.ext:4569 - A.ext:4569 - B.int.asterisk:4569
The trouble though, comes when someone who normally works at site
A vists site B, but has their IAX softphone (zoiper) set to register back
to site A. By default, this softphone, like asterisk, uses 4569 for both
the source and destination port. Thus, if there is no call between site A
and site B and a softphone registers back to site A, a NAT mapping gets
created that looks like:
A.ext:4569 - B.ext:4569 - A.ext:4569 - B.int.softphone:4569
Now, for the life of this NAT entry, if someone at site A dials
site B, their call will be routed to the lucky softphone that got this
entry, and not to the asterisk server at site B. Of course, calls out
from site B to site A still work properly, since the NAT device just
changes the port number on the fly since 4569 already has a mapping:
B.int.asterisk:4569 - A.ext:4569 - B.ext:65535 - A.ext:4569
There are three options I see that would fix this:
1. Prevent the linux router at site B from giving the 4569/4569 conntrack
entry to a softphone. Would be great, but as far as I can tell, there's
no way to do this using a standard distribution kernel. (Hopefully I'm
wrong, but my research hasn't turned up anything at all useful in this
regard)
2. Reconfigure all softphones to use a port other than 4569 as their
source port. In theory this is possible, but a huge pain to find/change
every existing softphone, as well as to ensure that people don't
accidentally end up with the default config in the future causing the
same problem.
3. Reconfigure asterisk to use a port other than 4569 for its source port
on outbound connections. The number of asterisk servers relative to
softphones is small, and the asterisk servers are configured/controlled by
admins, not end users. Thus we could have some guarantee that this
solution couldn't be circumvented.
Am I overlooking something? Is there an obvious solution here
that's escaped me?
(Ugh, why couldn't iaxclient/zoiper/asterisk all just follow the
RFCs and use ephemeral source ports to begin with?)
Thanks,
Chris
___
--Bandwidth and Colocation Provided by http://www.api-digital.com--
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
Re: [asterisk-users] Asterisk/iaxclient IAX2 source port
On 13:52, Tue 18 Dec 07, Chris Tracy wrote: All, Below is the reason for my asking, for the curious: Currently, asterisk uses port 4569 as both the source and destination port for all its outbound connections. This is generally fine, but I find myself in a very frustrating NAT issue as a result of iaxclient also defaulting to using 4569 for both source and destination ports. We run several sites around the world, all using ENUM to place calls between sites. Thus, none of the sites register with each other. Thus, until a call is made, there is no connection between site A and site B, and thus no NAT entries in the router at site B for site A. Normally, this is fine. A call is placed from A to B and the packets come into the router at B and get NATed properly: A.ext:4569 - B.ext:4569 - A.ext:4569 - B.int.asterisk:4569 The trouble though, comes when someone who normally works at site A vists site B, but has their IAX softphone (zoiper) set to register back to site A. By default, this softphone, like asterisk, uses 4569 for both the source and destination port. Thus, if there is no call between site A and site B and a softphone registers back to site A, a NAT mapping gets created that looks like: A.ext:4569 - B.ext:4569 - A.ext:4569 - B.int.softphone:4569 Now, for the life of this NAT entry, if someone at site A dials site B, their call will be routed to the lucky softphone that got this entry, and not to the asterisk server at site B. Of course, calls out from site B to site A still work properly, since the NAT device just changes the port number on the fly since 4569 already has a mapping: B.int.asterisk:4569 - A.ext:4569 - B.ext:65535 - A.ext:4569 There are three options I see that would fix this: 1. Prevent the linux router at site B from giving the 4569/4569 conntrack entry to a softphone. Would be great, but as far as I can tell, there's no way to do this using a standard distribution kernel. (Hopefully I'm wrong, but my research hasn't turned up anything at all useful in this regard) 2. Reconfigure all softphones to use a port other than 4569 as their source port. In theory this is possible, but a huge pain to find/change every existing softphone, as well as to ensure that people don't accidentally end up with the default config in the future causing the same problem. 3. Reconfigure asterisk to use a port other than 4569 for its source port on outbound connections. The number of asterisk servers relative to softphones is small, and the asterisk servers are configured/controlled by admins, not end users. Thus we could have some guarantee that this solution couldn't be circumvented. Why not let the softphones register to the closest asterisk box and use dundi to route the calls to the box where the softphone is registered ? We use this in a couple of setups with great success. Not with softphones, but with philips dect phones. -- Michiel van Baak [EMAIL PROTECTED] http://michiel.vanbaak.eu GnuPG key: http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0x71C946BD Why is it drug addicts and computer afficionados are both called users? ___ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
