Hi Nikolay,
First of all, thanks for providing that level of details.  I took a look
at your debug logs and here are my observations.
 
When you make the call from your Eyebeam outside of the VPN, the
sipXproxy detects that this Eyebeam is behind a remote NAT.  More
specifically, it sees that the configured IP address of the Eyebeam is
192.168.11.34 but it is is behind a NAT whose public IP is 91.77.13.212.

 
When the a call is made by Eyebeam to the Yates box, the NAT traversal
feature knows that there are at least one NAT between them, as such,
thus these endpoints cannot stream media directly to each other.  To
allow media to flow between the two endpoints, sipXecs needs to insert a
media relay in the middle of the RTP flow.  That media relay will
dynamically learn the port translations created by the NAT for the media
session and will start relaying packets to reachable IP:ports.  This is
a long-winded way of saying that, given the location of the Eyebeam, it
is expected behavior that sipXecs will go in an change the SDP.
 
Having said that, you are still faced with speech path issues.  I looked
at your sipXecs configuration and it appears to be fine however there
are a couple of things I would want you to check:
1- The SDP I'm getting from your eyebeam suggest that you have ICE
enabled.  if you rely on sipXecs to handle your NAT traversal, you need
to disable any NAT-traversal-assist at the phones as those can conflict.
Please check the Eyebeam configuration to ensure that 'Enable ICE' is
turned off and that that your address is set to 'Use local address'.
2- Have you opened the media ports used by the sipXecs NAT traversal
feature on your firewall?  More specifically, the range of ports 30000
to 30500 is used to relay media of endpoints that cannot stream to each
other directly.  In order for this to work, you need to open the
30000-30500 UDP port range on your firewall and configure port
forwarding rules to send traffic received on those ports to sipXecs's
private IP address (172.23.19.5).
 
If you have done those things and you are still faced with speech path
issues, please take a tcpdump of the call on your sipXecs box and send
it to me.  When you do, please specify the 'any' interface, using '-i
any' so that I can see the interprocess communication.  Here's the
tcpdump command I normally use:  tcpdump -n -nn -s 0 -i any w
mycapture.cap
 
cheers,
bob
 
________________________________

From: [email protected]
[mailto:[email protected]] On Behalf Of Nikolay
Kondratyev
Sent: Monday, March 30, 2009 3:06 AM
To: [email protected]
Subject: [sipX-dev] remote workers: problem with voice



        Hi all,

         

        I found the following problem on my test sipx (015027) machine:
under certain circumstances there is no voice for remote worker.

         

        Here is the detailed description of my setup:

        I use YATE (http://yate.null.ro) as h323-sip gateway between my
sipx and avaya ip office (due to some problems with sip in avaya).

        YATE is configured to relay media. And YATE is running on the
same machine as sipx, but uses port 5059 for sip, and ports 16384 -
18000 for rtp.

        Sipx has dns name sipx3.lab.nstel.ru and ip address 172.23.19.5
(/24).

         

        Network 172.23.0.0/16 is declared local (intranet) for sipx.

        Intranet domains are

        *.sipx3.lab.nstel.ru

        *.yate.lab.nstel.ru

         

        Remote workers can either use vpn connection, which does not
differ much from local users,  or use sipx nat traversal feature.

        External (nat'ed into internal) ip address is 81.211.30.104 and
is named vpn.nstel.ru in the external dns.

        When a user dials 9 and 7digits the call is routed to yate and
then to pstn.

         

        The problem is that:

         

        When user 3853 (eyebeam), registered trough vpn (Contact:
<sip:[email protected]:51860;transport=TCP>), dials 96414045 the call is
set up and voice is ok. 

        Call-id MTQ3ODFjZDBmNGFiOTliNWFmMDZjNTFhYjVlZTAyZTA. in the
attached merged.xml file.

         

        But when the same user is registered using nat-traversal, and
dialing the same number, the call is set up, but there is no voice.

        Call-id NGVlMWUzY2RkMDA1M2ViMTEzYTc0N2RjYTRhODU2MzQ. in the
attached merged.xml file.

         

        My analysis of the problem is that, in the second (problematic)
case, sipxproxy substitutes media ports when forwarding Invite (frames
26 and 41 in the merged.xml) and 200 Ok (frames 44,47) messages.

        Such substitution does not occur in the first case, and, I
believe, should not occur in the second case.

        I think that it is the cause of my problem.

        Can somebody please verify if my analysis is correct? Is it a
bug, or a configuration problem?

         

        The whole snapshot is available at
ftp://sipx:[email protected]/sipx-configuration-sipx3.lab.nstel.ru.tar.g
z

         

        Thanks and regards,

        Nikolay.

_______________________________________________
sipx-dev mailing list
[email protected]
List Archive: http://list.sipfoundry.org/archive/sipx-dev
Unsubscribe: http://list.sipfoundry.org/mailman/listinfo/sipx-dev

Reply via email to