Ignacio, Your configuration script heavily depends on your network setup:
1- Is your proxy server behind a nat? If so, do you know your public IP address? 2- Are you using rtp proxy? What's the path for your rtp - through what devices with what IPs? On Tue, Aug 7, 2012 at 2:53 PM, Ignacio Gonzalez <[email protected]> wrote: > Hi Ali, I use this configuration script to start my opensips proxy and it > start, I only want to know, Do you see something wrong? > I put in bold the modifications a made to add the nat_traversal module and > the advertised_address parameter. > > In the documentation it says that nat_traversal is straight forward when > using a single proxy, ( that is my case ). > > "In this case the usage is straight forward. The nat_keepalive() function > needs to be called before save_location() for REGISTER requests, before > handle_subscribe() for SUBSCRIBE requests and before t_relay() for the > first INVITE of a dialog. " > > I do not configure any subscription, and I did not find the save_location > function, I assumed that save("location") is a newer version of this > function. > > #CONFIG FILE > > debug=3 > log_stderror=no > log_facility=LOG_LOCAL1 > > fork=yes > children=4 > > #debug=6 > #fork=no > #log_stderror=yes > > #disable_dns_blacklist=no > > #dns_try_ipv6=yes > > auto_aliases=no > > *advertised_address="mydomain.com"* > > listen=udp:192.168.1.220:5060 # CUSTOMIZE ME > > disable_tcp=no > listen=tcp:192.168.1.220:5060 # CUSTOMIZE ME > > disable_tls=yes > > mpath="/home/syrium/opensips_proxy/lib/opensips/modules/" > > loadmodule "signaling.so" > > loadmodule "sl.so" > > loadmodule "tm.so" > modparam("tm", "fr_timer", 5) > modparam("tm", "fr_inv_timer", 30) > modparam("tm", "restart_fr_on_each_reply", 0) > modparam("tm", "onreply_avp_mode", 1) > > loadmodule "rr.so" > modparam("rr", "append_fromtag", 0) > > loadmodule "maxfwd.so" > > loadmodule "sipmsgops.so" > > loadmodule "mi_fifo.so" > modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo") > modparam("mi_fifo", "fifo_mode", 0666) > > loadmodule "uri.so" > modparam("uri", "use_uri_table", 0) > modparam("uri", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") > # CUSTOMIZE ME > > loadmodule "db_mysql.so" > > loadmodule "usrloc.so" > modparam("usrloc", "nat_bflag", 10) > modparam("usrloc", "db_mode", 2) > modparam("usrloc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") > # CUSTOMIZE ME > > loadmodule "registrar.so" > modparam("registrar", "tcp_persistent_flag", 7) > modparam("registrar", "received_avp", "$avp(received_nh)") > #modparam("registrar", "max_contacts", 10) > > loadmodule "acc.so" > modparam("acc", "early_media", 0) > modparam("acc", "report_cancels", 0) > modparam("acc", "detect_direction", 0) > modparam("acc", "failed_transaction_flag", 3) > modparam("acc", "db_flag", 1) > modparam("acc", "db_missed_flag", 2) > modparam("acc", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") > # CUSTOMIZE ME > > loadmodule "auth.so" > loadmodule "auth_db.so" > modparam("auth_db", "calculate_ha1", yes) > modparam("auth_db", "password_column", "password") > modparam("auth_db", "db_url", > "mysql://opensips:opensipsrw@localhost/opensips") > # CUSTOMIZE ME > modparam("auth_db", "load_credentials", "") > > loadmodule "domain.so" > modparam("domain", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") > # CUSTOMIZE ME > modparam("domain", "db_mode", 1) # Use caching > modparam("auth_db|usrloc|uri", "use_domain", 1) > > loadmodule "dialog.so" > modparam("dialog", "dlg_match_mode", 1) > modparam("dialog", "default_timeout", 21600) # 6 hours timeout > modparam("dialog", "db_mode", 2) > modparam("dialog", "db_url", "mysql://opensips:opensipsrw@localhost/opensips") > # CUSTOMIZE ME > > *loadmodule "nat_traversal.so"* > > loadmodule "nathelper.so" > modparam("nathelper", "natping_interval", 10) > modparam("nathelper", "ping_nated_only", 1) > modparam("nathelper", "received_avp", "$avp(received_nh)") > > loadmodule "rtpproxy.so" > modparam("rtpproxy", "rtpproxy_sock", "udp:localhost:12221") # CUSTOMIZE ME > > ####### Routing Logic ######## > > route{ > force_rport(); > if (nat_uac_test("23")) { > if (is_method("REGISTER")) { > fix_nated_register(); > setbflag(10); > } else { > fix_nated_contact(); > setflag(10); > } > } > > > if (!mf_process_maxfwd_header("10")) { > sl_send_reply("483","Too Many Hops"); > exit; > } > > if (has_totag()) { > # sequential request withing a dialog should > # take the path determined by record-routing > if (loose_route()) { > > # validate the sequential request against dialog > if ( $DLG_status!=NULL && !validate_dialog() ) { > xlog("In-Dialog $rm from $si (callid=$ci) is not valid > according to dialog\n"); > ## exit; > } > > if (is_method("BYE")) { > setflag(1); # do accounting ... > setflag(3); # ... even if the transaction fails > } else if (is_method("INVITE")) { > # even if in most of the cases is useless, do RR for > # re-INVITEs alos, as some buggy clients do change route > set > # during the dialog. > record_route(); > } > > if (check_route_param("nat=yes")) > setflag(10); > > # route it out to whatever destination was set by loose_route() > # in $du (destination URI). > route(1); > } else { > > if ( is_method("ACK") ) { > if ( t_check_trans() ) { > # non loose-route, but stateful ACK; must be an ACK > after > # a 487 or e.g. 404 from upstream server > t_relay(); > exit; > } else { > # ACK without matching transaction -> > # ignore and discard > exit; > } > } > sl_send_reply("404","Not here"); > } > exit; > } > > # CANCEL processing > if (is_method("CANCEL")) > { > if (t_check_trans()) > t_relay(); > exit; > } > > t_check_trans(); > > if ( !(is_method("REGISTER") ) ) { > > if (is_from_local()) > { > > # authenticate if from local subscriber > # authenticate all initial non-REGISTER request that pretend > to be > # generated by local subscriber (domain from FROM URI is local) > if (!proxy_authorize("", "subscriber")) { > proxy_challenge("", "0"); > exit; > } > if (!db_check_from()) { > sl_send_reply("403","Forbidden auth ID"); > exit; > } > > consume_credentials(); > # caller authenticated > > } else { > # if caller is not local, then called number must be local > > if (!is_uri_host_local()) { > send_reply("403","Rely forbidden"); > exit; > } > } > > } > > # preloaded route checking > if (loose_route()) { > xlog("L_ERR", "Attempt to route with preloaded Route's > [$fu/$tu/$ru/$ci]"); > if (!is_method("ACK")) > sl_send_reply("403","Preload Route denied"); > exit; > } > > # record routing > if (!is_method("REGISTER|MESSAGE")) > record_route(); > > # account only INVITEs > if (is_method("INVITE")) { > > # create dialog with timeout > if ( !create_dialog("B") ) { > send_reply("500","Internal Server Error"); > exit; > } > > setflag(1); # do accounting > } > > > if (!is_uri_host_local()) { > append_hf("P-hint: outbound\r\n"); > > route(1); > } > > # requests for my domain > > if (is_method("PUBLISH|SUBSCRIBE")) > { > sl_send_reply("503", "Service Unavailable"); > exit; > } > > if (is_method("REGISTER")) > { > > # authenticate the REGISTER requests > if (!www_authorize("", "subscriber")) > { > www_challenge("", "0"); > exit; > } > > if (!db_check_to()) > { > sl_send_reply("403","Forbidden auth ID"); > exit; > } > > if ( proto==TCP || 0 ) > setflag(7); > > *if ( client_nat_test("3") ) { > nat_keepalive(); > }* > > if (!save("location")) > sl_reply_error(); > > exit; > } > > if ($rU==NULL) { > # request with no Username in RURI > sl_send_reply("484","Address Incomplete"); > exit; > } > > # do lookup with method filtering > if (!lookup("location","m")) { > if (!db_does_uri_exist()) { > send_reply("420","Bad Extension"); > exit; > } > > t_newtran(); > t_reply("404", "Not Found"); > exit; > } > > if ( isbflagset(10) ) > setflag(10); > > # when routing via usrloc, log the missed calls also > setflag(2); > route(1); > } > > > route[1] { > # for INVITEs enable some additional helper routes > if (is_method("INVITE")) { > > if (isflagset(10)) { > rtpproxy_offer("ro"); > } > > t_on_branch("2"); > t_on_reply("2"); > t_on_failure("1"); > > *if ( client_nat_test("3") ) { > nat_keepalive(); > }* > > } > > if (isflagset(10)) { > add_rr_param(";nat=yes"); > } > > > > if (!t_relay()) { > send_reply("500","Internal Error"); > }; > exit; > } > > branch_route[2] { > xlog("new branch at $ru\n"); > } > > onreply_route[2] { > if ( nat_uac_test("1") ) > fix_nated_contact(); > if ( isflagset(10) ) > rtpproxy_answer("ro"); > xlog("incoming reply\n"); > } > > failure_route[1] { > if ( t_was_cancelled() ) { > exit; > } > } > > local_route { > if (is_method("BYE") && $DLG_dir=="UPSTREAM") { > > acc_db_request("200 Dialog Timeout", "acc"); > > } > } > > Thanks for your time Ali. > > > 2012/8/7 Ignacio Gonzalez <[email protected]> > >> Ok aly, I will read more, i have created the configuration script already >> with opensips-cp, I created a residential script and I selected the NAT >> option but that option just install nathelper module, and this why I asked >> you if nathelper and nat traversal module were mutually exclusive. I will >> add nat traversal to my configuration script. >> >> Another question, where can I read about the differences between >> residential and trunking scripts? >> >> >> 2012/8/7 Ali Pey <[email protected]> >> >>> Ignacio, >>> >>> You need to implement nat traversal in your routing script - >>> opensips.cfg. IMO, forget about the opensips-cp until you get it to work. >>> Once you know how it works, then you know how you can do with the config >>> tool. Sounds like you need lots more reading/testing :) >>> >>> Regards, >>> Ali Pey >>> >>> >>> On Mon, Aug 6, 2012 at 1:38 PM, Ignacio Gonzalez <[email protected]>wrote: >>> >>>> Ok, i red the NAT_TRAVERSAL module, i don't know how to configure using >>>> the configuration tool, do I have to configure it manual? The NAT_TRAVERSAL >>>> module and the NATHELPER module are mutually exclusive? >>>> >>>> >>>> 2012/8/5 Ali Pey <[email protected]> >>>> >>>>> Hello Ignacio, >>>>> >>>>> Yes, you can handle nat and you don't need stun, turn or ICE. In fact, >>>>> it's always better to turn off any nat traversal feature on the phone when >>>>> you are using a proxy server such as OpenSIPS. >>>>> >>>>> Check out the nat traveral module and advertized_ip. How you implement >>>>> it depends on your network setup: >>>>> http://www.opensips.org/html/docs/modules/1.8.x/nat_traversal.html >>>>> >>>>> Regards, >>>>> Ali Pey >>>>> >>>>> On Sat, Aug 4, 2012 at 5:31 PM, Ignacio Gonzalez >>>>> <[email protected]>wrote: >>>>> >>>>>> Hello everybody, I have configured my opensips proxy with >>>>>> NAT_TRAVERSAL support using the new tool for configuration. I developed a >>>>>> softphone using JAIN-SIP, I think JAIN-SIP does not implements STUN, TURN >>>>>> and ICE for NAT Traversal ( RFC 6314), is any way to do nat traversal >>>>>> without making a new softphone with another library? >>>>>> >>>>>> I also have tested this softphone with Inphonex, and this company use >>>>>> openSER in its proxy and the softphone works fine, but i don't know how >>>>>> they do that, so I thought to ask if is something I can do in the >>>>>> configuration file of my proxy or they use something else to solve this >>>>>> problem. >>>>>> >>>>>> Thanks for all. >>>>>> >>>>>> _______________________________________________ >>>>>> Users mailing list >>>>>> [email protected] >>>>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Users mailing list >>>>> [email protected] >>>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Users mailing list >>>> [email protected] >>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >>>> >>>> >>> >>> _______________________________________________ >>> Users mailing list >>> [email protected] >>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >>> >>> >> > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opensips.org/cgi-bin/mailman/listinfo/users > >
_______________________________________________ Users mailing list [email protected] http://lists.opensips.org/cgi-bin/mailman/listinfo/users
