[Freeswitch-users] docker / NAT troubles..

Wed Apr 6 21:49:42 MSD 2016

Sounds like a running FS in a docker container (rfc1918 addrs) on a host which itself is assigned a rfc1918 addr.

-- Nathan

On 04/06/2016 12:39 PM, Michael Jerris wrote:
> The default acl's treat all rfc1918 addresses as internal.  you'll need to make one that treats your external addresses
> as external even tho they are rfc1918.  Why are you natting from one private address to another?  Its a very strange
> implementation
>
>
>> On Apr 6, 2016, at 1:31 PM, Oz Mortimer <omortimer at gmail.com <mailto:omortimer at gmail.com>> wrote:
>>
>> Hi,
>> Thanks for the reply - I wish I understood it - but I don’t ;)
>> Yes, the natting is between one rfc1918 address space to another.
>>
>> Based on your reply I tried
>>
>> <param name="apply-nat-acl" value="damnnat”/>
>>
>> where acl.conf.xml has
>>
>>  <list name="damnnat" default="allow">
>>       <node type="allow" cidr="192.168.1.0/24"/>
>>       <node type="allow" cidr="172.17.0.0/24"/>
>>     </list>
>>
>> To no avail!. can you give me a pointer to what I need to change and where?
>>
>> Thanks
>> Oz.
>>
>>> On 6 Apr 2016, at 17:58, Michael Jerris <mike at jerris.com <mailto:mike at jerris.com>> wrote:
>>>
>>> you are natting from one rfc1918 address space to another?  If so, all the default nat acl's will be wrong, and you
>>> will have to make your own acl's that match your network environment.
>>>
>>>> On Apr 6, 2016, at 12:48 PM, Oz Mortimer <omortimer at gmail.com <mailto:omortimer at gmail.com>> wrote:
>>>>
>>>> HI,
>>>>
>>>> I’m trying to get FS running in Docker, which largely was pain free (i know, i know, VMs, etc), but I can’t get my
>>>> head around what is going on with RTP. Ive set ext-rtp-ip and it seems to be taking affect:
>>>>
>>>> freeswitch at 7ad22635059e> sofia status profile internal
>>>> =================================================================================================
>>>> Name internal
>>>> Domain Name N/A
>>>> Auto-NAT false
>>>> DBName sofia_reg_internal
>>>> Pres Hosts 172.17.0.5,172.17.0.5
>>>> Dialplan XML
>>>> Context trusted
>>>> Challenge Realm auto_from
>>>> RTP-IP 172.17.0.5
>>>> Ext-RTP-IP 192.168.1.168
>>>> SIP-IP 172.17.0.5
>>>> Ext-SIP-IP 192.168.1.168
>>>> URL sip:mod_sofia at 192.168.1.168:5060
>>>> BIND-URL sip:mod_sofia at 192.168.1.168:5060;maddr=172.17.0.5;transport=udp,tcp
>>>> HOLD-MUSIC local_stream://moh
>>>> OUTBOUND-PROXY N/A
>>>> CODECS IN G729,PCMU,PCMA
>>>> CODECS OUT G729,PCMU,PCMA
>>>> TEL-EVENT 101
>>>> DTMF-MODE none
>>>> CNG 13
>>>> SESSION-TO 0
>>>> MAX-DIALOG 0
>>>> NOMEDIA false
>>>> LATE-NEG true
>>>> PROXY-MEDIA false
>>>> ZRTP-PASSTHRU true
>>>> AGGRESSIVENAT false
>>>> CALLS-IN 2
>>>> FAILED-CALLS-IN 2
>>>> CALLS-OUT 0
>>>> FAILED-CALLS-OUT 0
>>>> REGISTRATIONS 0
>>>>
>>>>
>>>>
>>>> but when a call is placed i seems to be incorrect in the SDP
>>>>
>>>> 2016-04-06 16:29:49.011107 [DEBUG] mod_sofia.c:2353 Ring SDP:
>>>> v=0
>>>> o=FreeSWITCH 1459942605 1459942606 IN IP4 172.17.0.5
>>>> s=FreeSWITCH
>>>> c=IN IP4 172.17.0.5
>>>> t=0 0
>>>> m=audio 17584 RTP/AVP 8 101
>>>> a=rtpmap:8 PCMA/8000
>>>> a=rtpmap:101 telephone-event/8000
>>>> a=fmtp:101 0-16
>>>> a=ptime:20
>>>> a=sendrecv
>>>>
>>>> Shouldn’t the SDP reflect the Ext-RTP-IP ?
>>>>
>>>> Im sure i’ve missed some sort of config setting or have gone snow blind!.
>>>> fs version is FreeSWITCH (Version 1.6.7 -14-d38d065 64bit)
>>>>
>>>> Any ideas will be greatly received.
>>>> Thanks
>>>> Oz.
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>>>> http://www.freeswitchsolutions.com <http://www.freeswitchsolutions.com/>
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org <mailto:consulting at freeswitch.org>
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>
>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>

-- 
------------------------------------------------------------
Nathan Neulinger                       nneul at mst.edu
Missouri S&T Information Technology    (573) 612-1412
System Administrator - Architect