[Freeswitch-users] Wrong IP on ACK?

Anthony Minessale anthony.minessale at gmail.com
Wed Nov 19 06:12:10 PST 2008 

brian is out of town today
can you ping me on irc and send me to login credential and i can try to have
a look.

again, you understand that we are not doing anything wrong here and what I
am trying to do is a hack for your sake right?


On Wed, Nov 19, 2008 at 8:05 AM, David Aldworth <daldworth at teliax.com>wrote:

> We're still having a problem with this. As you can see from the below the
> ACK goes to the port in the Contact field of the 200 OK instead of that of
> the UDP header, which is where their router is expecting to get the call
> from.
> Help!
>
> David
>
> On Nov 6, 2008, at 10:55 AM, David Aldworth wrote:
>
> No love. They set extern ip so the IP comes through correctly, but the acl
> did not seem to have any affect. We are still sending to the wrong port. Sip
> trace, acl.conf.xml and sip profile are below:
> U 2008/11/06 10:46:01.924795 70.88.65.1:50085 -> 70.42.223.23:5060
> SIP/2.0 100 Trying.
> Via: SIP/2.0/UDP 70.42.223.23;branch=z9hG4bKU7360cS96r7Sg;received=
> 70.42.223.23;rport=5060.
> From: "TELIAX FAX" <sip:303825XXXX at 70.42.223.23>;tag=armgX7QeNQ94N.
> To: <sip:317376XXXX at 70.88.65.1:50085>.
> Call-ID: 9e67419c-26cd-122c-0b81-e9d53e66cb70.
> CSeq: 106878444 INVITE.
> User-Agent: Asterisk PBX.
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY.
> Contact: <sip:317376XXXX at 70.88.65.1>.
> Content-Length: 0.
> .
>
> U 2008/11/06 10:46:01.931791 70.88.65.1:50085 -> 70.42.223.23:5060
> SIP/2.0 180 Ringing.
> Via: SIP/2.0/UDP 70.42.223.23;branch=z9hG4bKU7360cS96r7Sg;received=
> 70.42.223.23;rport=5060.
> From: "TELIAX FAX" <sip:303825XXXX at 70.42.223.23>;tag=armgX7QeNQ94N.
> To: <sip:317376XXXX at 70.88.65.1:50085>;tag=as78a21a0c.
> Call-ID: 9e67419c-26cd-122c-0b81-e9d53e66cb70.
> CSeq: 106878444 INVITE.
> User-Agent: Asterisk PBX.
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY.
> Contact: <sip:317376XXXX at 70.88.65.1>.
> Content-Length: 0.
> .
>
> U 2008/11/06 10:46:01.932294 70.88.65.1:50085 -> 70.42.223.23:5060
> SIP/2.0 200 OK.
> Via: SIP/2.0/UDP 70.42.223.23;branch=z9hG4bKU7360cS96r7Sg;received=
> 70.42.223.23;rport=5060.
> From: "TELIAX FAX" <sip:303825XXXX at 70.42.223.23>;tag=armgX7QeNQ94N.
> To: <sip:317376XXXX at 70.88.65.1:50085>;tag=as78a21a0c.
> Call-ID: 9e67419c-26cd-122c-0b81-e9d53e66cb70.
> CSeq: 106878444 INVITE.
> User-Agent: Asterisk PBX.
> Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY.
> Contact: <sip:317376XXXX at 70.88.65.1>.
> Content-Type: application/sdp.
> Content-Length: 257.
> .
> v=0.
> o=root 2901 2901 IN IP4 70.88.65.1.
> s=session.
> c=IN IP4 70.88.65.1.
> t=0 0.
> m=audio 19378 RTP/AVP 0 8 3 101.
> a=rtpmap:0 PCMU/8000.
> a=rtpmap:8 PCMA/8000.
> a=rtpmap:3 GSM/8000.
> a=rtpmap:101 telephone-event/8000.
> a=fmtp:101 0-16.
> a=silenceSupp:off - - - -.
>
> U 2008/11/06 10:46:01.932694 70.42.223.23:5060 -> 70.88.65.1:5060
> ACK sip:317376XXXX at 70.88.65.1 SIP/2.0.
> Via: SIP/2.0/UDP 70.42.223.23;rport;branch=z9hG4bKvgXZ279c41Xcc.
> Max-Forwards: 70.
> From: "TELIAX FAX" <sip:303825XXXX at 70.42.223.23>;tag=armgX7QeNQ94N.
> To: <sip:317376XXXX at 70.88.65.1:50085>;tag=as78a21a0c.
> Call-ID: 9e67419c-26cd-122c-0b81-e9d53e66cb70.
> CSeq: 106878444 ACK.
> Contact: <sip:mod_sofia at 70.42.223.23:5060>.
> Content-Length: 0.
>
>
> Here is the acl:
>
> <configuration name="acl.conf" description="Network Lists">
>   <network-lists>
>     <list name="dl-candidates" default="allow">
>       <node type="deny" cidr="10.0.0.0/8"/>
>       <node type="deny" cidr="172.16.0.0/12"/>
>       <node type="deny" cidr="192.168.0.0/16"/>
>     </list>
>     <list name="rfc1918" default="deny">
>       <node type="allow" cidr="10.0.0.0/8"/>
>       <node type="allow" cidr="172.16.0.0/12"/>
>       <node type="allow" cidr="192.168.0.0/16"/>
>     </list>
>     <list name="lan" default="allow">
>       <node type="deny" cidr="192.168.42.0/24"/>
>       <node type="allow" cidr="192.168.42.42/32"/>
>     </list>
>     <list name="strict" default="deny">
>       <node type="allow" cidr="208.102.123.124/32"/>
>     </list>
>     <list name="domains" default="deny">
>       <node type="allow" domain="$${domain}"/>
>     </list>
>     <list name="nat" default="allow">
>       <node type="allow" cidr="0.0.0.0/0"/>
>     </list>
>   </network-lists>
> </configuration>
>
>
> And here is the sip profile:
>
> <profile name="external">
>
>   <gateways>
>     <X-PRE-PROCESS cmd="include" data="external/*.xml"/>
>   </gateways>
>
>   <domains>
>     <domain name="$${domain}" parse="true"/>
>   </domains>
>
>   <settings>
>     <param name="debug" value="0"/>
>     <param name="sip-trace" value="no"/>
>     <param name="rfc2833-pt" value="101"/>
>     <param name="sip-port" value="5060"/>
>     <param name="dialplan" value="XML"/>
>     <param name="context" value="public"/>
>     <param name="dtmf-duration" value="100"/>
>     <param name="codec-prefs" value="$${outbound_codec_prefs}"/>
>     <param name="hold-music" value="$${hold_music}"/>
>     <param name="use-rtp-timer" value="true"/>
>     <param name="rtp-timer-name" value="soft"/>
>     <param name="multiple-registrations" value="true"/>
>     <param name="manage-presence" value="true"/>
>     <param name="aggressive-nat-detection" value="true"/>
>     <param name="NDLB-force-rport" value="true"/>
>     <param name="inbound-codec-negotiation" value="generous"/>
>     <param name="nonce-ttl" value="60"/>
>     <param name="auth-calls" value="true"/>
>     <param name="rtp-timeout-sec" value="1800"/>
>     <param name="rtp-ip" value="$${local_ip_v4}"/>
>     <param name="sip-ip" value="$${local_ip_v4}"/>
>     <param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
>     <param name="ext-sip-ip" value="$${external_sip_ip}"/>
>     <param name="rtp-timeout-sec" value="300"/>
>     <param name="rtp-hold-timeout-sec" value="1800"/>
>     <param name="apply-nat-acl" value="nat"/>
>   </settings>
> </profile>
>
>
>
>
>
>
> On Nov 6, 2008, at 8:37 AM, Anthony Minessale wrote:
>
> doh,
> I keep doing that sorry.
>
> apply-nat-acl not apply_nat_acl
>
>
>
> On Thu, Nov 6, 2008 at 8:22 AM, David Aldworth <daldworth at teliax.com>wrote:
>
>> Yes. Below are settings that have been persistent through recent testing.
>> Is there anything else we can try or should we open a jira?
>>   <settings>
>>     <param name="debug" value="0"/>
>>     <param name="sip-trace" value="no"/>
>>     <param name="rfc2833-pt" value="101"/>
>>     <param name="sip-port" value="5060"/>
>>     <param name="dialplan" value="XML"/>
>>     <param name="context" value="public"/>
>>     <param name="dtmf-duration" value="100"/>
>>     <param name="codec-prefs" value="$${outbound_codec_prefs}"/>
>>     <param name="hold-music" value="$${hold_music}"/>
>>     <param name="use-rtp-timer" value="true"/>
>>     <param name="rtp-timer-name" value="soft"/>
>>     <param name="multiple-registrations" value="true"/>
>>     <param name="manage-presence" value="true"/>
>>     <param name="aggressive-nat-detection" value="true"/>
>>     <param name="NDLB-force-rport" value="true"/>
>>     <param name="inbound-codec-negotiation" value="generous"/>
>>     <param name="nonce-ttl" value="60"/>
>>     <param name="auth-calls" value="true"/>
>>     <param name="rtp-timeout-sec" value="1800"/>
>>     <param name="rtp-ip" value="$${local_ip_v4}"/>
>>     <param name="sip-ip" value="$${local_ip_v4}"/>
>>     <param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
>>     <param name="ext-sip-ip" value="$${external_sip_ip}"/>
>>     <param name="rtp-timeout-sec" value="300"/>
>>     <param name="rtp-hold-timeout-sec" value="1800"/>
>>     <param name="apply_nat_acl" value="nat"/>
>>   </settings>
>>
>> On Nov 6, 2008, at 7:01 AM, Anthony Minessale wrote:
>>
>> did you remember to add
>> <param name="apply_nat_acl" value="nat"/>
>> to the profile in question and restart?
>>
>> On Wed, Nov 5, 2008 at 10:39 PM, David Aldworth <daldworth at teliax.com>wrote:
>>
>>> Brian, we updated the acl to:
>>>
>>>     <list name="nat" default="allow">
>>>        <node type="allow" cidr="0.0.0.0/0"/>
>>>     </list>
>>>
>>> And the ACK is still going to the wrong (right but wrong) ip/port.
>>>
>>> Is there any way to get that ACK to go to the ip/port of the UDP header?
>>>
>>> David
>>>
>>> On Nov 5, 2008, at 4:21 PM, Brian West wrote:
>>>
>>> > 0.0.0.0/0 should match all IP space.
>>> >
>>> > /b
>>> >
>>> > On Nov 5, 2008, at 5:16 PM, David Aldworth wrote:
>>> >
>>> >> Anthony, In hopes of matching all IP's we added a very simple:
>>> >>
>>> >>    <list name="nat" default="allow">
>>> >>    </list>
>>> >>
>>> >> To the acl.conf.xml and we added:
>>> >>
>>> >>    <param name="apply_nat_acl" value="nat"/>
>>> >>
>>> >> To the sip profile. Unfortunately there was no affect. What would be
>>> >> the correct acl to match all IP's?
>>> >>
>>> >> David
>>> >
>>> >
>>> > _______________________________________________
>>> > Freeswitch-users mailing list
>>> > Freeswitch-users at lists.freeswitch.org
>>> > http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> > UNSUBSCRIBE:
>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> > http://www.freeswitch.org
>>>
>>>
>>> _______________________________________________
>>> Freeswitch-users mailing list
>>> Freeswitch-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>>
>> --
>> Anthony Minessale II
>>
>> FreeSWITCH http://www.freeswitch.org/
>> ClueCon http://www.cluecon.com/
>>
>> AIM: anthm
>> MSN:anthony_minessale at hotmail.com <MSN%3Aanthony_minessale at hotmail.com>
>> GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com<PAYPAL%3Aanthony.minessale at gmail.com>
>> IRC: irc.freenode.net #freeswitch
>>
>> FreeSWITCH Developer Conference
>> sip:888 at conference.freeswitch.org <sip%3A888 at conference.freeswitch.org>
>> iax:guest at conference.freeswitch.org/888
>> googletalk:conf+888 at conference.freeswitch.org<googletalk%3Aconf%2B888 at conference.freeswitch.org>
>> pstn:213-799-1400
>> _______________________________________________
>> Freeswitch-users mailing list
>> Freeswitch-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>>
>> _______________________________________________
>> Freeswitch-users mailing list
>> Freeswitch-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>
>
> --
> Anthony Minessale II
>
> FreeSWITCH http://www.freeswitch.org/
> ClueCon http://www.cluecon.com/
>
> AIM: anthm
> MSN:anthony_minessale at hotmail.com <MSN%3Aanthony_minessale at hotmail.com>
> GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com<PAYPAL%3Aanthony.minessale at gmail.com>
> IRC: irc.freenode.net #freeswitch
>
> FreeSWITCH Developer Conference
> sip:888 at conference.freeswitch.org <sip%3A888 at conference.freeswitch.org>
> iax:guest at conference.freeswitch.org/888
> googletalk:conf+888 at conference.freeswitch.org<googletalk%3Aconf%2B888 at conference.freeswitch.org>
> pstn:213-799-1400
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
>
>
> _______________________________________________
> Freeswitch-users mailing list
> Freeswitch-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>


-- 
Anthony Minessale II

FreeSWITCH http://www.freeswitch.org/
ClueCon http://www.cluecon.com/

AIM: anthm
MSN:anthony_minessale at hotmail.com <MSN%3Aanthony_minessale at hotmail.com>
GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com<PAYPAL%3Aanthony.minessale at gmail.com>
IRC: irc.freenode.net #freeswitch

FreeSWITCH Developer Conference
sip:888 at conference.freeswitch.org <sip%3A888 at conference.freeswitch.org>
iax:guest at conference.freeswitch.org/888
googletalk:conf+888 at conference.freeswitch.org<googletalk%3Aconf%2B888 at conference.freeswitch.org>
pstn:213-799-1400
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20081119/ccddccdc/attachment-0002.html

More information about the FreeSWITCH-users mailing list