Hi, I am having problem with configuring opensips to work with NATed clients. In my configuration, I am using a B2BUA and Opensips as the sip proxy.
The problem I am having is that when the B2BUA(233.32.345.5:5800) sends out 200 OK, Opensips (192.168.1.101:5060)is able to proxy it to the NATed client ( 116.24.163.21:2751), but the NATed client is not sending back any ACK, so the B2BUA hangs up after 30 second. Could someone give me any suggestion on what may be wrong in my config? Thanks in advance for all the help. U 233.32.345.5:5800 -> 192.168.1.101:5060 SIP/2.0 200 OK. Via: SIP/2.0/UDP 192.168.1.101 ;branch=z9hG4bK3ab5.9b17c4a1.0;received=233.32.345.5. Via: SIP/2.0/UDP 192.168.1.100:26682;received=116.24.163.21 ;branch=z9hG4bK-d87543-1a09c008b901bc5c-1--d87543-;rport=2751. Record-Route: <sip:192.168.1.101;lr=on;ftag=b81a6b5e;nat=yes>. From: "1000" <sip:[EMAIL PROTECTED]:5060>;tag=b81a6b5e. To: "0" <sip:[EMAIL PROTECTED]:5060>;tag=Sy7K9eUFg61tB. Call-ID: ODRiMGUzMGFiZDg2OGU0OGNiYmE0MWY5OWRkMTMxOTA.. CSeq: 2 INVITE. Contact: <sip:[EMAIL PROTECTED]:5800;transport=udp>. User-Agent: FreeSWITCH-mod_sofia/1.0.trunk-10454M. Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, PRACK, MESSAGE, SUBSCRIBE, NOTIFY, REFER, UPDATE, REGISTER, INFO. Supported: timer, precondition, path, replaces. Allow-Events: talk. Session-Expires: 120;refresher=uas. Min-SE: 120. Content-Type: application/sdp. Content-Disposition: session. Content-Length: 269. . v=0. o=FreeSWITCH 5494423604621376967 2638962022927722250 IN IP4 233.32.345.5. s=FreeSWITCH. c=IN IP4 233.32.345.5. t=0 0. m=audio 10272 RTP/AVP 0 101. a=rtpmap:0 PCMU/8000. a=rtpmap:101 telephone-event/8000. a=fmtp:101 0-16. a=silenceSupp:off - - - -. a=ptime:20. U 192.168.1.101:5060 -> 116.24.163.21:2751 SIP/2.0 200 OK. Via: SIP/2.0/UDP 192.168.1.100:26682;received=116.24.163.21 ;branch=z9hG4bK-d87543-1a09c008b901bc5c-1--d87543-;rport=2751. Record-Route: <sip:192.168.1.101;lr=on;ftag=b81a6b5e;nat=yes>. From: "1000" <sip:[EMAIL PROTECTED]:5060>;tag=b81a6b5e. To: "0" <sip:[EMAIL PROTECTED]:5060>;tag=Sy7K9eUFg61tB. Call-ID: ODRiMGUzMGFiZDg2OGU0OGNiYmE0MWY5OWRkMTMxOTA.. CSeq: 2 INVITE. Contact: <sip:[EMAIL PROTECTED]:5800;transport=udp>. User-Agent: FreeSWITCH-mod_sofia/1.0.trunk-10454M. Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, PRACK, MESSAGE, SUBSCRIBE, NOTIFY, REFER, UPDATE, REGISTER, INFO. Supported: timer, precondition, path, replaces. Allow-Events: talk. Session-Expires: 120;refresher=uas. Min-SE: 120. Content-Type: application/sdp. Content-Disposition: session. Content-Length: 269. . v=0. o=FreeSWITCH 5494423604621376967 2638962022927722250 IN IP4 233.32.345.5. s=FreeSWITCH. c=IN IP4 233.32.345.5. t=0 0. m=audio 10272 RTP/AVP 0 101. a=rtpmap:0 PCMU/8000. a=rtpmap:101 telephone-event/8000. a=fmtp:101 0-16. a=silenceSupp:off - - - -. a=ptime:20. U 192.168.1.101:5800 -> 233.32.345.5:5060 BYE sip:[EMAIL PROTECTED]:2751 SIP/2.0. Via: SIP/2.0/UDP 233.32.345.5:5800;rport;branch=z9hG4bK01H0jSevQ2Nmc. Route: <sip:192.168.1.101;lr=on;ftag=b81a6b5e;nat=yes>. Max-Forwards: 70. From: "0" <sip:[EMAIL PROTECTED]:5060>;tag=Sy7K9eUFg61tB. To: "1000" <sip:[EMAIL PROTECTED]:5060>;tag=b81a6b5e. Call-ID: ODRiMGUzMGFiZDg2OGU0OGNiYmE0MWY5OWRkMTMxOTA.. CSeq: 107702524 BYE. Contact: <sip:[EMAIL PROTECTED]:5800;transport=udp>. User-Agent: FreeSWITCH-mod_sofia/1.0.trunk-10454M. Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, PRACK, MESSAGE, SUBSCRIBE, NOTIFY, REFER, UPDATE, REGISTER, INFO. Supported: timer, precondition, path, replaces. Reason: SIP;cause=408;text="ACK Timeout". Content-Length: 0. . # # $Id: openser.cfg 1676 2007-02-21 13:16:34Z bogdan_iancu $ # #simple quick-start config script #Please refer to the Core CookBook at http://www.openser.org/dokuwiki/doku.php #for a explanation of possible statements, functions and parameters. # # ----------- global configuration parameters ------------------------ debug=3 # debug level (cmd line: -dddddddddd) fork=no log_stderror=yes # (cmd line: -E) children=4 port=5060 mpath="/usr/local/lib64/opensips/modules/" loadmodule "db_mysql.so" loadmodule "sl.so" loadmodule "tm.so" loadmodule "rr.so" loadmodule "maxfwd.so" loadmodule "usrloc.so" loadmodule "registrar.so" loadmodule "textops.so" loadmodule "mi_fifo.so" loadmodule "uri.so" loadmodule "uri_db.so" loadmodule "domain.so" loadmodule "xlog.so" loadmodule "permissions.so" loadmodule "auth.so" loadmodule "auth_db.so" loadmodule "dispatcher.so" loadmodule "nathelper.so" loadmodule "mediaproxy.so" modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo") modparam("usrloc", "db_mode", 2) modparam("rr", "enable_full_lr", 1) modparam("auth_db|usrloc|domain|uri_db|permissions|dispatcher","db_url","mysql:// root:[EMAIL PROTECTED]/app") modparam("auth_db","calculate_ha1",yes) modparam("auth_db","password_column","password") modparam("auth_db","user_column","sip_user") modparam("auth_db","load_credentials","agent_id") modparam("uri_db","db_table","agent") modparam("uri_db","user_column","sip_user") modparam("uri_db","use_uri_table",0) modparam("auth_db","use_domain",0) modparam("permissions", "db_mode", 1) modparam("permissions", "trusted_table", "server") modparam("permissions","source_col","server_ip") modparam("permissions","proto_col","transport") modparam("permissions","from_col","from_pattern") modparam("permissions","tag_col","peer_tag") modparam("dispatcher","table_name","dispatcher") modparam("dispatcher","setid_col","setid") modparam("dispatcher","destination_col","destination") modparam("dispatcher","flags_col","flags") modparam("dispatcher","flags",3) modparam("auth_db","load_credentials","enable") modparam("nathelper","received_avp", "$avp(i:42)") modparam("nathelper","received_avp", "$avp(i:42)") modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7890") modparam("nathelper", "natping_interval", 30) modparam("nathelper", "ping_nated_only", 0) modparam("nathelper", "sipping_bflag", 7) modparam("nathelper", "sipping_from", "sip:[EMAIL PROTECTED]<[EMAIL PROTECTED]> ") listen=udp:192.168.1.101:5060 listen=tcp:192.168.1.101:5060 listen=udp:233.32.345.5:5060 listen=tcp:233.32.345.5:5060 # ------------------------- request routing logic ------------------- # main routing logic route{ xlog("method <$rm> from-header <$fu>\n"); # initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; }; if (msg:len >= 2048 ) { sl_send_reply("513", "Message too big"); exit; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol ## NAT Detection # force_rport(); if (nat_uac_test("19")) { if (method=="REGISTER") { fix_nated_register(); } else { fix_nated_contact(); }; setflag(5); }; if(!is_method("REGISTER")){ if(nat_uac_test("19")){ record_route(";nat=yes"); } else { record_route(); }; }; if (has_totag()) { if (loose_route()) { if(method=="INVITE" && (!allow_trusted())) { if (!proxy_authorize("","auth")) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Forbidden, use From=ID"); exit; }; if ($avp(s:enable)=="0") { sl_send_reply("403", "Forbidden, use From=ID"); exit; } }; route(1); } else { sl_send_reply("404","Not here"); } route(1); exit; } if (is_method("CANCEL")) { if (t_check_trans()) t_relay(); exit; } if (method=="REGISTER") { route(2); } else { route(3); }; } route[1] { # send it out now; use stateful forwarding as it works # reliably even for UDP2TCP t_on_reply("1"); t_on_failure("1"); if (!t_relay()) { sl_reply_error(); }; exit; } route[2] { # # -- Register request handler -- # if (is_uri_host_local()) { if (!www_authorize("", "auth")) { www_challenge("", "0"); exit; }; if (!check_to()) { sl_send_reply("403", "Forbidden"); exit; }; if ($avp(s:enable)=="0") { sl_send_reply("403", "Forbidden, use From=ID"); exit; } save("location"); exit; } else if { sl_send_reply("403", "Forbidden"); }; } route[3] { if (is_from_local()){ # From an internal domain -> check the credentials and the FROM if (!proxy_authorize("","auth")) { proxy_challenge("","0"); exit; } else if (!check_from()) { sl_send_reply("403", "Forbidden, use From=ID"); exit; }; consume_credentials(); # Verify aliases if (is_uri_host_local()) { # -- Inbound to Inbound route(10); } else { # -- Inbound to outbound route(11); }; } else { if (is_uri_host_local()) { #-- Outbound to inbound route(12); } else { # -- Outbound to outbound route(13); }; }; } route[4] { revert_uri(); rewritehostport("233.32.345.5:5800"); route(1); } route[6] { if (is_method("BYE")) { } else if ((is_method("INVITE"))){ append_hf("P-hint: Route[6]: Rtpproxy \r\n"); t_on_failure("3"); }; } route[10] { append_hf("P-hint: inbound->inbound \r\n"); route(4); } route[11] { append_hf("P-hint: inbound->outbound \r\n"); route(1); } route[12] { lookup("aliases"); if (!lookup("location")) { sl_send_reply("404", "Not Found"); exit; }; route(1); } route[13] { append_hf("P-hint: outbound->inbound \r\n"); sl_send_reply("403", "Forbidden"); exit; } onreply_route[1] { xlog("L_INFO", "Reply - S=$rs D=$rr F=$fu T=$tu IP=$si ID=$ci\n"); search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); fix_nated_contact(); exit; } failure_route[1] { append_hf("P-hint: (4)passed thru failure_route[1]\r\n"); if (t_was_cancelled()) { exit; }; if (t_check_status("486")) { revert_uri(); prefix("b"); xlog("L_ERR","Stepped into the 486 ruri=<$ru>"); #ds_select_dst("2", "4"); rewritehostport("233.32.345.5:5800"); append_branch(); route(1); exit; }; if (t_check_status("408") || t_check_status("480")) { revert_uri(); prefix("u"); xlog("L_ERR","Stepped into the 480 ruri=<$ru>"); #ds_select_dst("2", "4"); rewritehostport("233.32.345.5:5800"); append_branch(); route(1); exit; }; } failure_route[3] { if (isbflagset(6) || isflagset(5)) { } }
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
