Re: [Users] Multiple IP in one box

Thu, 24 Nov 2005 01:34:01 -0800 

Do I get your scenario right.

              |
  +-          |           -+
  |        public IP       |
             NAT
     priv           priv
-----LAN1           LAN2-------
  |                        |
  +-                      -+


LAN 1 can ping LAN 2 and vice versa?

LAN 1 and LAN 2 can access the Internet and get NATed?
If yes, I would setup openser to listen on the public interface only. It should do NAT traversal for NATed clients. I'm not sure if this will work (depending on the NAT implementation), but openser should handle NATed clients in LAN 1 and LAN 2 like NATed clients somewhere in the Internet. 

regards
klaus

Fernando Rodriguez wrote:

Iqbal,

Actualy the conection between the atas is made the problem is that only one
side can hear the other so the voice is not going tru.

Of I run ser/openser with out forking I see it listening to all the ip
addresses, I think is more an issue of using media proxy or rtpproxy.

The 10.xx and 192.169.xx networks can ping and do anything to the internet
the problem is from the internet to the inside ..



-----Mensaje original-----
De: Iqbal [mailto:[EMAIL PROTECTED] Enviado el: Martes, 22 de Noviembre de 2005 10:38 a.m. 
Para: Fernando Rodriguez
Asunto: Re: [Users] Multiple IP in one box

Hi
You have 3 IP to which you want ser to listen to, to allow ATA to make calls, why not just tell the ATA the sip proxy addess, instead and let it deal with the NAT issue and henceonly listen to one IP address, I mean can your ATA on the 10.254 network see the public IP address vis NA translation. If not get SER to listen to all the IP address, by using the listen command 

iqbal

Fernando Rodriguez wrote:
Im trying to use openser as a Proxy for different interfaces in one box I have tried almos averithing to make it work properly but for some reason I cant.
Here is my setup and I hope someone can helpme or guide me in the right way. 









One Linux-OpenSer box with 4 netcards



1 Has a public ip

2 Has a 192.168.23.10 ip

3 Has a 10.254.10.240 ip

4 Is not being used
I want to be able to make calls from the ATAs in all the different networks, but the fact is that as it is now I cant, I want to know if I have to set up multiple media proxies or rtpproxy if I have to use a proxy dispatcher or not. 



This is my configuration file









# ----------- global configuration parameters ------------------------



#debug=9         # debug level (cmd line: -dddddddddd)

fork=yes

log_stderror=no # (cmd line: -E)



/* Uncomment these lines to enter debugging mode

#fork=no

#log_stderror=yes

*/



check_via=no    # (cmd. line: -v)

dns=no           # (cmd. line: -r)

rev_dns=no      # (cmd. line: -R)

#port=5060

children=4

fifo="/tmp/openser_fifo"

fifo_db_url="mysql://openser:[EMAIL PROTECTED]/openser"



alias="test.net"

# ------------------ module loading ----------------------------------



#loadmodule "/usr/lib/openser/modules/acc.so"

loadmodule "/usr/lib/openser/modules/mysql.so"

loadmodule "/usr/lib/openser/modules/sl.so"

loadmodule "/usr/lib/openser/modules/tm.so"

loadmodule "/usr/lib/openser/modules/rr.so"

loadmodule "/usr/lib/openser/modules/maxfwd.so"

loadmodule "/usr/lib/openser/modules/usrloc.so"

loadmodule "/usr/lib/openser/modules/registrar.so"

loadmodule "/usr/lib/openser/modules/auth.so"

loadmodule "/usr/lib/openser/modules/auth_db.so"

loadmodule "/usr/lib/openser/modules/uri.so"

loadmodule "/usr/lib/openser/modules/uri_db.so"

loadmodule "/usr/lib/openser/modules/domain.so"

loadmodule "/usr/lib/openser/modules/mediaproxy.so"

loadmodule "/usr/lib/openser/modules/nathelper.so"

loadmodule "/usr/lib/openser/modules/textops.so"





# ----------------- setting module-specific parameters ---------------

# -- usrloc params --



modparam("usrloc", "db_mode", 2)

modparam("usrloc", "timer_interval", 10)
modparam("usrloc", "db_url", "mysql://openser:[EMAIL PROTECTED]/openser") 



# -- auth params --
modparam("auth_db", "db_url", "mysql://openser:[EMAIL PROTECTED]/openser") 

modparam("auth_db", "calculate_ha1", yes)

modparam("auth_db", "password_column", "password")



# -- rr params --

# add value to ;lr param to make some broken UAs happy

modparam("rr", "enable_full_lr", 1)





# -- tm Params --

modparam("tm", "fr_inv_timer", 45 )

modparam("tm", "fr_timer", 12 )



modparam("registrar", "nat_flag", 6)





modparam("nathelper", "rtpproxy_disable", 1)

#modparam("nathelper", "natping_interval", 30)

#modparam("nathelper", "sipping_from", "sip:[EMAIL PROTECTED]")
#modparam("mediaproxy", "ping_nated_only", 0) # Ping only clients behind NAT 

modparam("mediaproxy", "natping_interval", 20)

modparam("mediaproxy", "mediaproxy_socket", "/var/run/mediaproxy.sock")



modparam("registrar", "nat_flag", 6)





# -------------------------  request routing logic -------------------



# main routing logic



route {
# ----------------------------------------------------------------- 

       # Procesos de Limpieza
# ----------------------------------------------------------------- 

       if (!mf_process_maxfwd_header("10")) {

               sl_send_reply("483", "Too Many Hops");

               break;

       };



       if (msg:len > max_len) {

               sl_send_reply("513", "Message Overflow");

               break;

       };
# ----------------------------------------------------------------- 

       # Registro
# -----------------------------------------------------------------
if (method!="REGISTER") { 
       log(1, "Area de Registro\n");



               record_route();

       };
# ----------------------------------------------------------------- 

       # Call Tear Down Section
# ----------------------------------------------------------------- 

       if (method=="BYE" || method=="CANCEL") {

               log(1, "Proceso de fin de llamada\n");

               end_media_session();

       };
# ----------------------------------------------------------------- 

       # Loose Route Section
# ----------------------------------------------------------------- 

       if (loose_route()) {



               if (has_totag() && (method=="INVITE" || method=="ACK")) {
if (client_nat_test("3") || search("^Route:.*;nat=yes")) { 

                               setflag(6);

                               use_media_proxy();

                       };

               };



               route(1);

               break;

       };
# ----------------------------------------------------------------- 

       # Call Type Processing Section
# ----------------------------------------------------------------- 



       if (uri!=myself) {

               route(1);

               break;

       };



       if (uri==myself) {



               if (method=="CANCEL") {

                       route(3);

                       break;

               } else if (method=="INVITE") {

                       route(3);

                       break;

               } else  if (method=="REGISTER") {

                       route(2);

                       break;

               };



               lookup("aliases");

               if (uri!=myself) {

                       route(1);

                       break;

               };



               if (!lookup("location")) {

                       sl_send_reply("404", "User Not Found");

                       break;

               };

       };



       route(1);

}



route[1] {
# ----------------------------------------------------------------- 

       # Default Message Handler
# ----------------------------------------------------------------- 



       t_on_reply("1");



       if (!t_relay()) {



               if (method=="INVITE" || method=="ACK") {

                       end_media_session();

               };



               sl_reply_error();

       };

}



route[2] {
# ----------------------------------------------------------------- 

       # REGISTER Message Handler

       # ----------------------------------------------------------------



       sl_send_reply("100", "Trying");



#               if(dst_ip==192.168.1.1) {

#                       log("message received on loopback interface\n");

#                setflag(7);

#                fix_nated_register();

#                force_rport();

#        };

#               if(dst_ip==192.168.108.253) {

#                       log("message received on loopback interface\n");

#                setflag(6);

#                fix_nated_register();

#                force_rport();

#        };



       if (!www_authorize("test.net","subscriber")) {

               www_challenge("test.net","0");

               break;

       };



       if (!check_to()) {

               sl_send_reply("401", "Unauthorized");

               break;

       };



       consume_credentials();



       if (!save("location")) {

               sl_reply_error();

       };

fix_nated_register();

}



route[3] {
# ----------------------------------------------------------------- 

       # CANCEL and INVITE Message Handler
# ----------------------------------------------------------------- 



       lookup("aliases");

       if (uri!=myself) {

               route(1);

               break;

       };



       if (!lookup("location")) {

               sl_send_reply("404", "User Not Found");

               break;

       };



       if (method=="CANCEL") {

               route(1);

               break;

       };



       if (!proxy_authorize("","subscriber")) {

               proxy_challenge("","0");

               break;

       } else if (!check_from()) {

               sl_send_reply("403", "Use From=ID");

               break;

       };



       consume_credentials();
# ------------------------------------------------------------------------ 

       #                          Reglas de LLamada
# ------------------------------------------------------------------------
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 1xxx a 2xxx\n");

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 1xxx a 3xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 1xxx a 4xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 2xxx a 1xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 2xxx a 3xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 2xxx a 4xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 3xxx a 1xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 3xxx a 2xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 3xxx a 4xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 4xxx a 1xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 4xxx a 2xxx\n");

               fix_contact();

               use_media_proxy();

               };
if(uri=~"(^sip:[EMAIL PROTECTED])" && from_uri=~"(^sip:[EMAIL PROTECTED])") { 

               log(1, "Llamada de extenciones 4xxx a 3xxx\n");

               fix_contact();

               use_media_proxy();

               };



       route(1);

}



onreply_route[1] {
#if ((isflagset(6) || isflagset(7)) && (status=~"(180)|(183)|2[0-9][0-9]")) { 



           #    if (!search("^Content-Length:\ +0")) {

                       log(1, "Mensaje de prueba en reply route\n");

               fix_contact();

                       use_media_proxy();

            #   };

      # };



}
As you can see I use different starting numbers for the ATA for each of the interfaces, I tested using only one mediaproxy listening to 127.0.0.1 but I have tried a lot of configurations, all the clients register perfectly but cant seem to call one another exept the ones that are on the same interface. 



Im using fedora core 3 with openser 0.95 mediaproxy 1.42
Hope any one can help me or point me the way to do this of if its not viable or cant be done. 



Thanks a lot for your kind help



Yours truly





Fernando Rodriguez V.

[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>

AITelecom S.A. de C.V.

http://www.aitelecom.net







------------------------------------------------------------------------

_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users






_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users





_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users

Reply via email to