Mikma, Thanks for replying! I was afraid this list might be very empty. See below...
On Sat, Jan 14, 2012 at 1:46 AM, Mikael Magnusson <mikma...@gmail.com> wrote: > On 01/14/2012 12:36 AM, Chris Tilt wrote: >> Hello. >> >> Please forgive my ignorance on the subject of SIP, but I am looking >> for a solution to the SIP + NAT problem with a slightly twisted use >> case that involves establishing connections based not on phone >> numbers, but rather on unique ids of computer hosts. I am an >> experienced Erlang programmer, which is what drew me to Yxa in the >> first place, so making the extensions myself should not be a problem. >> However, I would like your opinion on the feasibility before I start >> work. >> >> I'd like to use UDIDs or a hash of them in place of phone numbers >> because these computers do not have phone numbers. Next, in order to >> short-circuit the not-so-rare case that the two computers are behind >> the same firewall, I'd like to include the local/private IP addresses >> in the INVITE message so that the invitee can notice a peer on an >> internal network and avoid routing packets through the firewall >> needlessly. Perhaps this is better done once the "call" is established >> via a secondary protocol message, but it seems like adding headers is >> straight forward in SIP. Am I crazy to think this? > > If you want to set up a direct connection between the peers I think you > should use SDP as usual in SIP INVITEs. > Ok, that makes sense. SDP is quite simple as I see now; I could just add the private IP address as a tag there. >> >> The application is remote login from a client to a host where both >> systems sit behind firewalls and know only some agreed-upon public >> name such as u...@well-known-domain.net. The incoming proxy and SIP >> router are good candidates for connection establishment through the >> NATs, with public domain at incomingproxy.well-known-domain.net. One >> more question... I noticed that STUN was added to Yxa. Do the STUN >> packets and SIP packets come out through the same port of the NAT >> (with respect to the internal side of the NAT)? If so, then it seems >> this would be a good thing to assist with NAT traversal. If not, then >> how do SIP routed messages pass into the NAT of the invitee (from >> internet side to private network side) since there would not be an >> open port? Or does this require opening of the SIP port (5060?) on the >> NAT/firewall of the peer networks? > > The NATed peers will need to keep the hair pin opened in the NAT router > by regularly sending traffic to the Yxa proxy. There are several > solutions to the NAT problem. One is to put a SBC in front of the Yxa > server, another is to use ICE. I agree that hole must be maintained with some sort of keep-alive, but what I was asking is wether the STUN and SIP packets use the same port? That seems critical in order for the SIP packets to even make it through the firewall. I can use the SBC on the server side with little problem, but I can not require one on the client. Is that a usable configuration? I guess it's time to dig into the code :-) The oldest version of Erlang that is still available is just one version newer than the one required by the config file. Hopefully that will do. > > /Mikma > > _______________________________________________ > Yxa-devel mailing list > Yxa-devel@lists.su.se > https://lists.su.se/mailman/listinfo/yxa-devel Cheers, Chris _______________________________________________ Yxa-devel mailing list Yxa-devel@lists.su.se https://lists.su.se/mailman/listinfo/yxa-devel
