I am very sorry Bogdan due to comany policy I can not attach any file. Regards, Shankar
----- Original Message ---- From: Bogdan-Andrei Iancu <[EMAIL PROTECTED]> To: shankar <[EMAIL PROTECTED]> Cc: [email protected] Sent: Monday, 16 April, 2007 1:29:56 PM Subject: Re: [Users] caller and callee behind diff NAT - ACK of 200OK is not reaching to callee Hi there, unfortunately your msg flow is not comprehensive due text misalignment. Make it a simple text file and attach it to the email . regards, bogdan shankar wrote: > Hi ALL, > > Currently I am useing ser 0.9.6 version, I am switching to openser but before > that I want to find out whether my scenario is valid. If it is valid then how > can I solve this problem using openser. > > Belo is message sequence for my scenario. > > user1 NAT router 1 SER Proxy SIP > Server NAT router 2 User2 > (192.x.x.3) (107.x.x.78) (107.x.x.201) > (107.x.x.150) (107.x.y.249) (192.x.x3) > | REGISTER(user1) |REGISTER(user1) |REGISTER(user1)| > | | > |-------------------> |---------------> |--------------> > | | | > | | > |REGISTER(user2)| | | > | | | ------------> > | | | > | | | > REGISTER(user2) | REGISTER(user2)| > | | | > <--------------------------------------------------------|<------------------------ > | > | INVITE | INVITE | INVITE | > INVITE | INVITE | > |----------------------------->|-------------------------->| > ----------------------->|------------------------------>|------------------------->| > | | | > | | | > | 100 trying | 100 trying | > | | | > | <-------------------------- |<------------------------- | > | | | > | 180 Ringing | 180 Ringing | 180 Ringing | 180 > Ringing | 180 Ringing | > | <--------------------------- | <----------------------- > |<---------------------- | <---------------------------- | > <---------------------- | > | | | > | | | > | 200 OK | 200 OK | 200 OK | > 200 OK | 200 OK | > | <--------------------------- | <---------------------- | > <---------------------- | <---------------------------- | > <---------------------- | > | | | > | | | > | ACK | ACK | ACK > | | | > | -----------------> | -----------------------> | > ----------------------> | ?????? | > | > Set up: > user 1: > Internal IP: 192.x.x.3 > external ip: 107.x.x.78 > user 2: > Internal IP: 192.x.x.3 > external ip: 107.x.y.249 > > Nat routers are FC5 linux PCs on which I have enabled SNAT and posrt > forwarding. > > In above case user2 is not getting ACK. fix_nated_contact() API of SER is > modifying contact > header to the destination ip of receiving message. e.g. SER proxy receives > REGISTER meassage > from user 1 from NAT router 1 then it changing contact ip to the dst ip of > REGISTER message i.e. > Nated ip of user1. Because of this RFEGISTER and INVITE goes fine. > But in case of 200 OK of INVITE comming from user 2 dst ip is IP of SIP > server, so SER adds server ip in the contact header of 200Ok because of this > user1 is sending ACK to SERVER but not to user2. > If I ignore the ACK (just for testing) and start media using RTPPROXY then > media packets are > going to SERVER but not to user2 because force_rtp_proxy follows the same > principle like > fix_nated_contact(). > > Please provide me some pointers. I am not able to unserstand how use1 will > know that 200OK is came from user 2. In 200OK message there no reference of > the nated IP of user2 > > below is my SER config file. > # $Id: nat-mediaproxy.cfg 51 2006-01-31 13:28:04Z /CN=Paul Hazlett/[EMAIL > PROTECTED] $ > debug=6 > fork=no > log_stderror=yes > listen=107.108.70.201 # INSERT YOUR IP ADDRESS HERE > port=5060 > children=4 > dns=no > rev_dns=no > fifo="/tmp/ser_fifo" > fifo_db_url="mysql://ser:[EMAIL PROTECTED]/ser" > #unix_sock="/tmp/ser_sock" > loadmodule "/usr/local/lib/ser/modules/mysql.so" > loadmodule "/usr/local/lib/ser/modules/sl.so" > loadmodule "/usr/local/lib/ser/modules/tm.so" > loadmodule "/usr/local/lib/ser/modules/rr.so" > loadmodule "/usr/local/lib/ser/modules/maxfwd.so" > loadmodule "/usr/local/lib/ser/modules/usrloc.so" > loadmodule "/usr/local/lib/ser/modules/registrar.so" > #loadmodule "/usr/local/lib/ser/modules/auth.so" > #loadmodule "/usr/local/lib/ser/modules/auth_db.so" > loadmodule "/usr/local/lib/ser/modules/uri.so" > loadmodule "/usr/local/lib/ser/modules/uri_db.so" > #loadmodule "/usr/local/lib/ser/modules/domain.so" > #loadmodule "/usr/local/lib/ser/modules/mediaproxy.so" > loadmodule "/usr/local/lib/ser/modules/nathelper.so" > loadmodule "/usr/local/lib/ser/modules/textops.so" > modparam("auth_db|domain|uri_db|usrloc", "db_url", "mysql://ser:[EMAIL > PROTECTED]/ser") > #modparam("auth_db", "calculate_ha1", 1) > #modparam("auth_db", "password_column", "password") > modparam("nathelper", "natping_interval", 30) > modparam("nathelper", "ping_nated_only", 1) > modparam("nathelper", "rtpproxy_sock", "unix:/var/run/rtpproxy.sock") > modparam("usrloc", "db_mode", 2) > modparam("registrar", "nat_flag", 6) > modparam("rr", "enable_full_lr", 1) > route { > # ----------------------------------------------------------------- > # Sanity Check Section > # ----------------------------------------------------------------- > if (!mf_process_maxfwd_header("10")) { > sl_send_reply("483", "Too Many Hops"); > break; > }; > if (msg:len > max_len) { > sl_send_reply("513", "Message Overflow"); > break; > }; > # !! Nathelper > # Special handling for NATed clients; first, NAT test is > # executed: it looks for via!=received and RFC1918 addresses > # in Contact (may fail if line-folding is used); also, > # the received test should, if completed, should check all > # vias for rpesence of received > if (nat_uac_test("3")) { > # Allow RR-ed requests, as these may indicate that > # a NAT-enabled proxy takes care of it; unless it is > # a REGISTER > if (method == "REGISTER" || ! search("^Record-Route:")) { > log("LOG: Someone trying to register from private IP, > rewriting\n"); > # This will work only for user agents that support symmetric > # communication. We tested quite many of them and majority is > # smart enough to be symmetric. In some phones it takes a > configuration > # option. With Cisco 7960, it is called NAT_Enable=Yes, with > kphone it is > # called "symmetric media" and "symmetric signalling". > fix_nated_contact(); # Rewrite contact with source IP of > signalling > # if (method == "INVITE") { > # fix_nated_sdp("1"); # Add direction=active to SDP > # }; > force_rport(); # Add rport parameter to topmost Via > setflag(6); # Mark as NATed > }; > }; > > # we record-route all messages -- to make sure that > # subsequent messages will go through our proxy; that's > # particularly good if upstream and downstream entities > # use different transport protocol > if (!method=="REGISTER") record_route(); > # ----------------------------------------------------------------- > # Call Tear Down Section > # ----------------------------------------------------------------- > if (method=="BYE" || method=="CANCEL") { > unforce_rtp_proxy(); > }; > # ----------------------------------------------------------------- > # Loose Route Section > # ----------------------------------------------------------------- > if (loose_route()) { > if ((method=="INVITE" || method=="REFER") && !has_totag()) { > sl_send_reply("403", "Forbidden"); > break; > }; > if (method=="INVITE") { > # if (!proxy_authorize("","subscriber")) { > # proxy_challenge("","0"); > # break; > # } else if (!check_from()) { > # sl_send_reply("403", "Use From=ID"); > # break; > # }; > # consume_credentials(); > > if (nat_uac_test("19")) { > setflag(6); > force_rport(); > fix_nated_contact(); > }; > force_rtp_proxy("l"); > }; > route(1); > break; > }; > # ----------------------------------------------------------------- > # Call Type Processing Section > # ----------------------------------------------------------------- > if (uri!=myself) { > route(4); > route(1); > break; > }; > if (method=="ACK") { > route(1); > break; > } else if (method=="CANCEL") { > route(1); > break; > } else if (method=="INVITE") { > route(3); > break; > } else if (method=="REGISTER") { > route(2); > break; > }; > lookup("aliases"); > if (uri!=myself) { > append_hf("P-hint: outbound alias\r\n"); > route(4); > route(1); > break; > }; > if (!lookup("location")) { > sl_send_reply("404", "User Not Found"); > break; > }; > route(1); > } > route[1] { > # ----------------------------------------------------------------- > # Default Message Handler > # ----------------------------------------------------------------- > t_on_reply("1"); > if (!t_relay()) { > if (method=="INVITE" && isflagset(6)) { > unforce_rtp_proxy(); > }; > sl_reply_error(); > }; > } > route[2] { > # ----------------------------------------------------------------- > # REGISTER Message Handler > # ---------------------------------------------------------------- > if (!search("^Contact:[ ]*\*") && nat_uac_test("19")) { > setflag(6); > fix_nated_register(); > force_rport(); > }; > sl_send_reply("100", "Trying"); > # if (!www_authorize("","subscriber")) { > # www_challenge("","0"); > # break; > # }; > # if (!check_to()) { > # sl_send_reply("401", "Unauthorized"); > # break; > # }; > # consume_credentials(); > if (!save("location")) { > sl_reply_error(); > }; > } > > > Send a FREE SMS to your friend's mobile from Yahoo! Messenger. Get it > now at http://in.messenger.yahoo.com/ > > _______________________________________________ > Users mailing list > [email protected] > http://openser.org/cgi-bin/mailman/listinfo/users > > Send a FREE SMS to your friend's mobile from Yahoo! Messenger. Get it now at http://in.messenger.yahoo.com/ _______________________________________________ Users mailing list [email protected] http://openser.org/cgi-bin/mailman/listinfo/users
