Re: [SR-Users] Updated NAT traversal article
You are very welcome. Please let me know if you have any ideas on how it might be usefully expanded. Some others have made good suggestions, but unfortunately they present scope challenges because they lie outside the sphere of server-side NAT traversal as such. On Thu, May 17, 2018 at 11:52:08AM +0100, Asgaroth wrote: > Alex, > > Thank you for this blog post, great work, very helpfull information! > > Much appreciated. > > > On 11/05/18 15:13, Alex Balashov wrote: > > Hi, > > > > I have updated this article with some other topics: > > > > http://blog.csrpswitch.com/server-side-nat-traversal-with-kamailio-the-definitive-guide/ > > > > "The definitive guide" is of course an ambitious and moving target, so > > there may be more evolution in the future. > > > > -- Alex > > > > > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- Alex Balashov | Principal | Evariste Systems LLC Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Updated NAT traversal article
Alex, Thank you for this blog post, great work, very helpfull information! Much appreciated. On 11/05/18 15:13, Alex Balashov wrote: Hi, I have updated this article with some other topics: http://blog.csrpswitch.com/server-side-nat-traversal-with-kamailio-the-definitive-guide/ "The definitive guide" is of course an ambitious and moving target, so there may be more evolution in the future. -- Alex ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Updated NAT traversal article
Why not topology hiding, in such cases? Not always clients support TLS... On Mon, May 14, 2018, 20:38 Alex Balashov wrote: > Hi Sergiu, > > Thanks for the suggestion! I've not encountered this on a sufficiently > widespread basis that I personally feel it merits inclusion in the > article, given its already rather broad scope. However, I will certainly > have a think on whether there it ought to be incorporated into > additional commentary of some sort on edge cases and that. > > On Mon, May 14, 2018 at 01:27:23PM -0400, Sergiu Pojoga wrote: > > > Hi Alex, > > > > Glad to see the mention of SIP Outbound in your updated article. Here's > > another 5+5 cents of mine that might help others in the future. > > > > May be you faced it, may be not, but in the multi-homed scenario that you > > describe in your article, there may be circumstances under which calls > > towards the NAT'ed phone will fail mysteriously. Reason being Firewalls > of > > some ISPs or Enterprises that do packet inspection will reject such SIP > > requests due to presence of private IP addresses in the VIA and > > Record-Route headers (those of the SIP farm servers). > > > > The solution to overcome this impediment was quite simple and unexpected > > for me - TLS encrypt your SIP traffic, which renders firewall packet > > inspection to... a black hole :) > > > > Same technique bypasses whatever 'smart' ALG Router there might be at > > client's premises. > > > > Cheers, > > --Sergiu > > > > > > On Sat, May 12, 2018 at 2:33 AM, Alex Balashov < > abalas...@evaristesys.com> > > wrote: > > > > > Thank you, but the scope is ambitious enough that I think it would make > > > most sense to limit it to Kamailio-native approaches only. > > > > > > On May 12, 2018 8:31:58 AM GMT+02:00, Mojtaba > wrote: > > > >Hi, > > > >That's greats concept in this regards. > > > >I think it could be great to describe about SEMS (e.g B2BUA, > > > >NAT-Traversal) and working it with Kamailio. > > > >The SEMS has proper modules to solve NAT Traversal in Kamailio,too > > > >If you want, I could give you it's documents. > > > >Thanks With Regards.Mojtaba > > > > > > > >On Fri, May 11, 2018 at 6:43 PM, Alex Balashov > > > > wrote: > > > >> Hi, > > > >> > > > >> I have updated this article with some other topics: > > > >> > > > >> > > > >http://blog.csrpswitch.com/server-side-nat-traversal- > > > with-kamailio-the-definitive-guide/ > > > >> > > > >> "The definitive guide" is of course an ambitious and moving target, > > > >so > > > >> there may be more evolution in the future. > > > >> > > > >> -- Alex > > > >> > > > >> -- > > > >> Alex Balashov | Principal | Evariste Systems LLC > > > >> > > > >> Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) > > > >> Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ > > > >> > > > >> ___ > > > >> Kamailio (SER) - Users Mailing List > > > >> sr-users@lists.kamailio.org > > > >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > > > > > > > > > > > > > >-- > > > >--Mojtaba Esfandiari.S > > > > > > > >___ > > > >Kamailio (SER) - Users Mailing List > > > >sr-users@lists.kamailio.org > > > >https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > > > > > > > -- Alex > > > > > > -- > > > Sent via mobile, please forgive typos and brevity. > > > > > > ___ > > > Kamailio (SER) - Users Mailing List > > > sr-users@lists.kamailio.org > > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > > > > ___ > > Kamailio (SER) - Users Mailing List > > sr-users@lists.kamailio.org > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > -- > Alex Balashov | Principal | Evariste Systems LLC > > Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) > Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ > > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Updated NAT traversal article
Hi Sergiu, Thanks for the suggestion! I've not encountered this on a sufficiently widespread basis that I personally feel it merits inclusion in the article, given its already rather broad scope. However, I will certainly have a think on whether there it ought to be incorporated into additional commentary of some sort on edge cases and that. On Mon, May 14, 2018 at 01:27:23PM -0400, Sergiu Pojoga wrote: > Hi Alex, > > Glad to see the mention of SIP Outbound in your updated article. Here's > another 5+5 cents of mine that might help others in the future. > > May be you faced it, may be not, but in the multi-homed scenario that you > describe in your article, there may be circumstances under which calls > towards the NAT'ed phone will fail mysteriously. Reason being Firewalls of > some ISPs or Enterprises that do packet inspection will reject such SIP > requests due to presence of private IP addresses in the VIA and > Record-Route headers (those of the SIP farm servers). > > The solution to overcome this impediment was quite simple and unexpected > for me - TLS encrypt your SIP traffic, which renders firewall packet > inspection to... a black hole :) > > Same technique bypasses whatever 'smart' ALG Router there might be at > client's premises. > > Cheers, > --Sergiu > > > On Sat, May 12, 2018 at 2:33 AM, Alex Balashov > wrote: > > > Thank you, but the scope is ambitious enough that I think it would make > > most sense to limit it to Kamailio-native approaches only. > > > > On May 12, 2018 8:31:58 AM GMT+02:00, Mojtaba wrote: > > >Hi, > > >That's greats concept in this regards. > > >I think it could be great to describe about SEMS (e.g B2BUA, > > >NAT-Traversal) and working it with Kamailio. > > >The SEMS has proper modules to solve NAT Traversal in Kamailio,too > > >If you want, I could give you it's documents. > > >Thanks With Regards.Mojtaba > > > > > >On Fri, May 11, 2018 at 6:43 PM, Alex Balashov > > > wrote: > > >> Hi, > > >> > > >> I have updated this article with some other topics: > > >> > > >> > > >http://blog.csrpswitch.com/server-side-nat-traversal- > > with-kamailio-the-definitive-guide/ > > >> > > >> "The definitive guide" is of course an ambitious and moving target, > > >so > > >> there may be more evolution in the future. > > >> > > >> -- Alex > > >> > > >> -- > > >> Alex Balashov | Principal | Evariste Systems LLC > > >> > > >> Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) > > >> Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ > > >> > > >> ___ > > >> Kamailio (SER) - Users Mailing List > > >> sr-users@lists.kamailio.org > > >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > > > > > > > > > >-- > > >--Mojtaba Esfandiari.S > > > > > >___ > > >Kamailio (SER) - Users Mailing List > > >sr-users@lists.kamailio.org > > >https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > > > > -- Alex > > > > -- > > Sent via mobile, please forgive typos and brevity. > > > > ___ > > Kamailio (SER) - Users Mailing List > > sr-users@lists.kamailio.org > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- Alex Balashov | Principal | Evariste Systems LLC Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Updated NAT traversal article
Hi Alex, Glad to see the mention of SIP Outbound in your updated article. Here's another 5+5 cents of mine that might help others in the future. May be you faced it, may be not, but in the multi-homed scenario that you describe in your article, there may be circumstances under which calls towards the NAT'ed phone will fail mysteriously. Reason being Firewalls of some ISPs or Enterprises that do packet inspection will reject such SIP requests due to presence of private IP addresses in the VIA and Record-Route headers (those of the SIP farm servers). The solution to overcome this impediment was quite simple and unexpected for me - TLS encrypt your SIP traffic, which renders firewall packet inspection to... a black hole :) Same technique bypasses whatever 'smart' ALG Router there might be at client's premises. Cheers, --Sergiu On Sat, May 12, 2018 at 2:33 AM, Alex Balashov wrote: > Thank you, but the scope is ambitious enough that I think it would make > most sense to limit it to Kamailio-native approaches only. > > On May 12, 2018 8:31:58 AM GMT+02:00, Mojtaba wrote: > >Hi, > >That's greats concept in this regards. > >I think it could be great to describe about SEMS (e.g B2BUA, > >NAT-Traversal) and working it with Kamailio. > >The SEMS has proper modules to solve NAT Traversal in Kamailio,too > >If you want, I could give you it's documents. > >Thanks With Regards.Mojtaba > > > >On Fri, May 11, 2018 at 6:43 PM, Alex Balashov > > wrote: > >> Hi, > >> > >> I have updated this article with some other topics: > >> > >> > >http://blog.csrpswitch.com/server-side-nat-traversal- > with-kamailio-the-definitive-guide/ > >> > >> "The definitive guide" is of course an ambitious and moving target, > >so > >> there may be more evolution in the future. > >> > >> -- Alex > >> > >> -- > >> Alex Balashov | Principal | Evariste Systems LLC > >> > >> Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) > >> Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ > >> > >> ___ > >> Kamailio (SER) - Users Mailing List > >> sr-users@lists.kamailio.org > >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > > > > > >-- > >--Mojtaba Esfandiari.S > > > >___ > >Kamailio (SER) - Users Mailing List > >sr-users@lists.kamailio.org > >https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > -- Alex > > -- > Sent via mobile, please forgive typos and brevity. > > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Updated NAT traversal article
Thank you, but the scope is ambitious enough that I think it would make most sense to limit it to Kamailio-native approaches only. On May 12, 2018 8:31:58 AM GMT+02:00, Mojtaba wrote: >Hi, >That's greats concept in this regards. >I think it could be great to describe about SEMS (e.g B2BUA, >NAT-Traversal) and working it with Kamailio. >The SEMS has proper modules to solve NAT Traversal in Kamailio,too >If you want, I could give you it's documents. >Thanks With Regards.Mojtaba > >On Fri, May 11, 2018 at 6:43 PM, Alex Balashov > wrote: >> Hi, >> >> I have updated this article with some other topics: >> >> >http://blog.csrpswitch.com/server-side-nat-traversal-with-kamailio-the-definitive-guide/ >> >> "The definitive guide" is of course an ambitious and moving target, >so >> there may be more evolution in the future. >> >> -- Alex >> >> -- >> Alex Balashov | Principal | Evariste Systems LLC >> >> Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) >> Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ >> >> ___ >> Kamailio (SER) - Users Mailing List >> sr-users@lists.kamailio.org >> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users > > > >-- >--Mojtaba Esfandiari.S > >___ >Kamailio (SER) - Users Mailing List >sr-users@lists.kamailio.org >https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- Alex -- Sent via mobile, please forgive typos and brevity. ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Re: [SR-Users] Updated NAT traversal article
Hi, That's greats concept in this regards. I think it could be great to describe about SEMS (e.g B2BUA, NAT-Traversal) and working it with Kamailio. The SEMS has proper modules to solve NAT Traversal in Kamailio,too If you want, I could give you it's documents. Thanks With Regards.Mojtaba On Fri, May 11, 2018 at 6:43 PM, Alex Balashov wrote: > Hi, > > I have updated this article with some other topics: > > http://blog.csrpswitch.com/server-side-nat-traversal-with-kamailio-the-definitive-guide/ > > "The definitive guide" is of course an ambitious and moving target, so > there may be more evolution in the future. > > -- Alex > > -- > Alex Balashov | Principal | Evariste Systems LLC > > Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) > Web: http://www.evaristesys.com/, http://www.csrpswitch.com/ > > ___ > Kamailio (SER) - Users Mailing List > sr-users@lists.kamailio.org > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users -- --Mojtaba Esfandiari.S ___ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
