Re: [Yxa-devel] Adding headers to the INVITE messages
On 01/16/2012 10:22 PM, Chris Tilt wrote: > Mikma, > > Thanks for replying! I was afraid this list might be very empty. See below... > > On Sat, Jan 14, 2012 at 1:46 AM, Mikael Magnusson wrote: >> On 01/14/2012 12:36 AM, Chris Tilt wrote: >> If you want to set up a direct connection between the peers I think >> you should use SDP as usual in SIP INVITEs. > Ok, that makes sense. SDP is quite simple as I see now; I could just > add the private IP address as a tag there. Just be aware of the existence of SIP SBCs and SIP capable firewalls which needs to modify the SDP when NAT:ing the traffic. Which means you can't always rely on the SDP to not be modified as specified by the RFCs. > I agree that hole must be maintained with some sort of keep-alive, but > what I was asking is wether the STUN and SIP packets use the same > port? That seems critical in order for the SIP packets to even make it > through the firewall. I can use the SBC on the server side with little > problem, but I can not require one on the client. Is that a usable > configuration? I found this: "I just committed a basic STUN server implementation that can respond to STUN requests received on the SIP ports." https://lists.su.se/archive/public/yxa-devel/msg00335.html > I guess it's time to dig into the code :-) The oldest version of > Erlang that is still available is just one version newer than the one > required by the config file. Hopefully that will do. Try the following branch if git master don't work for you. https://github.com/mikma/yxa/tree/otp-r14a /Mikma ___ Yxa-devel mailing list Yxa-devel@lists.su.se https://lists.su.se/mailman/listinfo/yxa-devel
Re: [Yxa-devel] Adding headers to the INVITE messages
Mikma, Thanks for replying! I was afraid this list might be very empty. See below... On Sat, Jan 14, 2012 at 1:46 AM, Mikael Magnusson wrote: > On 01/14/2012 12:36 AM, Chris Tilt wrote: >> Hello. >> >> Please forgive my ignorance on the subject of SIP, but I am looking >> for a solution to the SIP + NAT problem with a slightly twisted use >> case that involves establishing connections based not on phone >> numbers, but rather on unique ids of computer hosts. I am an >> experienced Erlang programmer, which is what drew me to Yxa in the >> first place, so making the extensions myself should not be a problem. >> However, I would like your opinion on the feasibility before I start >> work. >> >> I'd like to use UDIDs or a hash of them in place of phone numbers >> because these computers do not have phone numbers. Next, in order to >> short-circuit the not-so-rare case that the two computers are behind >> the same firewall, I'd like to include the local/private IP addresses >> in the INVITE message so that the invitee can notice a peer on an >> internal network and avoid routing packets through the firewall >> needlessly. Perhaps this is better done once the "call" is established >> via a secondary protocol message, but it seems like adding headers is >> straight forward in SIP. Am I crazy to think this? > > If you want to set up a direct connection between the peers I think you > should use SDP as usual in SIP INVITEs. > Ok, that makes sense. SDP is quite simple as I see now; I could just add the private IP address as a tag there. >> >> The application is remote login from a client to a host where both >> systems sit behind firewalls and know only some agreed-upon public >> name such as u...@well-known-domain.net. The incoming proxy and SIP >> router are good candidates for connection establishment through the >> NATs, with public domain at incomingproxy.well-known-domain.net. One >> more question... I noticed that STUN was added to Yxa. Do the STUN >> packets and SIP packets come out through the same port of the NAT >> (with respect to the internal side of the NAT)? If so, then it seems >> this would be a good thing to assist with NAT traversal. If not, then >> how do SIP routed messages pass into the NAT of the invitee (from >> internet side to private network side) since there would not be an >> open port? Or does this require opening of the SIP port (5060?) on the >> NAT/firewall of the peer networks? > > The NATed peers will need to keep the hair pin opened in the NAT router > by regularly sending traffic to the Yxa proxy. There are several > solutions to the NAT problem. One is to put a SBC in front of the Yxa > server, another is to use ICE. I agree that hole must be maintained with some sort of keep-alive, but what I was asking is wether the STUN and SIP packets use the same port? That seems critical in order for the SIP packets to even make it through the firewall. I can use the SBC on the server side with little problem, but I can not require one on the client. Is that a usable configuration? I guess it's time to dig into the code :-) The oldest version of Erlang that is still available is just one version newer than the one required by the config file. Hopefully that will do. > > /Mikma > > ___ > Yxa-devel mailing list > Yxa-devel@lists.su.se > https://lists.su.se/mailman/listinfo/yxa-devel Cheers, Chris ___ Yxa-devel mailing list Yxa-devel@lists.su.se https://lists.su.se/mailman/listinfo/yxa-devel
Re: [Yxa-devel] Adding headers to the INVITE messages
On 01/14/2012 12:36 AM, Chris Tilt wrote: > Hello. > > Please forgive my ignorance on the subject of SIP, but I am looking > for a solution to the SIP + NAT problem with a slightly twisted use > case that involves establishing connections based not on phone > numbers, but rather on unique ids of computer hosts. I am an > experienced Erlang programmer, which is what drew me to Yxa in the > first place, so making the extensions myself should not be a problem. > However, I would like your opinion on the feasibility before I start > work. > > I'd like to use UDIDs or a hash of them in place of phone numbers > because these computers do not have phone numbers. Next, in order to > short-circuit the not-so-rare case that the two computers are behind > the same firewall, I'd like to include the local/private IP addresses > in the INVITE message so that the invitee can notice a peer on an > internal network and avoid routing packets through the firewall > needlessly. Perhaps this is better done once the "call" is established > via a secondary protocol message, but it seems like adding headers is > straight forward in SIP. Am I crazy to think this? If you want to set up a direct connection between the peers I think you should use SDP as usual in SIP INVITEs. > > The application is remote login from a client to a host where both > systems sit behind firewalls and know only some agreed-upon public > name such as u...@well-known-domain.net. The incoming proxy and SIP > router are good candidates for connection establishment through the > NATs, with public domain at incomingproxy.well-known-domain.net. One > more question... I noticed that STUN was added to Yxa. Do the STUN > packets and SIP packets come out through the same port of the NAT > (with respect to the internal side of the NAT)? If so, then it seems > this would be a good thing to assist with NAT traversal. If not, then > how do SIP routed messages pass into the NAT of the invitee (from > internet side to private network side) since there would not be an > open port? Or does this require opening of the SIP port (5060?) on the > NAT/firewall of the peer networks? The NATed peers will need to keep the hair pin opened in the NAT router by regularly sending traffic to the Yxa proxy. There are several solutions to the NAT problem. One is to put a SBC in front of the Yxa server, another is to use ICE. /Mikma ___ Yxa-devel mailing list Yxa-devel@lists.su.se https://lists.su.se/mailman/listinfo/yxa-devel
[Yxa-devel] Adding headers to the INVITE messages
Hello. Please forgive my ignorance on the subject of SIP, but I am looking for a solution to the SIP + NAT problem with a slightly twisted use case that involves establishing connections based not on phone numbers, but rather on unique ids of computer hosts. I am an experienced Erlang programmer, which is what drew me to Yxa in the first place, so making the extensions myself should not be a problem. However, I would like your opinion on the feasibility before I start work. I'd like to use UDIDs or a hash of them in place of phone numbers because these computers do not have phone numbers. Next, in order to short-circuit the not-so-rare case that the two computers are behind the same firewall, I'd like to include the local/private IP addresses in the INVITE message so that the invitee can notice a peer on an internal network and avoid routing packets through the firewall needlessly. Perhaps this is better done once the "call" is established via a secondary protocol message, but it seems like adding headers is straight forward in SIP. Am I crazy to think this? The application is remote login from a client to a host where both systems sit behind firewalls and know only some agreed-upon public name such as u...@well-known-domain.net. The incoming proxy and SIP router are good candidates for connection establishment through the NATs, with public domain at incomingproxy.well-known-domain.net. One more question... I noticed that STUN was added to Yxa. Do the STUN packets and SIP packets come out through the same port of the NAT (with respect to the internal side of the NAT)? If so, then it seems this would be a good thing to assist with NAT traversal. If not, then how do SIP routed messages pass into the NAT of the invitee (from internet side to private network side) since there would not be an open port? Or does this require opening of the SIP port (5060?) on the NAT/firewall of the peer networks? As I said, I am only a few hours into studying SIP and I apologize if I'm completely off base here. Please set me in the right direction. Cheers, Chris P.S. The Yxa documentation is really fantastic. It's nice to see good work and well written docs at the same time! Thank you! ___ Yxa-devel mailing list Yxa-devel@lists.su.se https://lists.su.se/mailman/listinfo/yxa-devel
