[Freeswitch-users] TURN Configuration under CGN (RFC6598)

Brian West brian at freeswitch.org
Fri Aug 4 16:16:00 UTC 2017


Any provider using RFC1918 space for CGN should be beat to death.  They
have 100.64.0.0/10 set aside or JUST this purpose.

/b


On Fri, Aug 4, 2017 at 2:14 AM, Nandy Dagondon <nandy1925 at gmail.com> wrote:

> Yes, Mike, they're NAT'ing the public IP addresses. So, there are 2 NATs
> to reach the public IP network.
>
> /Nandy
>
>
> On Thu, Aug 3, 2017 at 6:09 PM, Michael Jerris <mike at jerris.com> wrote:
>
>> They are natting one set of their public addresses to another?
>>
>> On Thu, Aug 3, 2017 at 1:07 AM Tihomir Culjaga <tculjaga at gmail.com>
>> wrote:
>>
>>> yes, they are using these ranges for CGN
>>>
>>> On 3 August 2017 at 04:15, Michael Jerris <mike at jerris.com> wrote:
>>>
>>>> is that OPTIMA-TELEKOM
>>>>
>>>> if so, that is their ip blockā€¦
>>>>
>>>> On Aug 2, 2017, at 2:27 AM, Tihomir Culjaga <tculjaga at gmail.com> wrote:
>>>>
>>>> another carrier is using  :=)
>>>> 89.201.184.0
>>>> 89.201.185.0
>>>> 89.201.186.0
>>>> 89.201.187.0
>>>>
>>>> this is just wrong ... :=)
>>>>
>>>>
>>>>
>>>> On 1 August 2017 at 22:01, Tihomir Culjaga <tculjaga at gmail.com> wrote:
>>>>
>>>>> some private segment....10.x.x.x something on some carriers and
>>>>> 172.31.x.x on others
>>>>>
>>>>> no idea about others
>>>>>
>>>>> On 1 August 2017 at 14:26, Brian West <brian at freeswitch.org> wrote:
>>>>>
>>>>>> What IP range did they use for CGNAT?
>>>>>>
>>>>>> On Mon, Jul 31, 2017 at 9:23 PM Nandy Dagondon <nandy1925 at gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> My Internet provider just implemented CGN. So, my WAN IP is no
>>>>>>> longer public.  With CGN, NAT is setup for outbound packets initiated from
>>>>>>> my end.  But for inbound packets, when remote Vertp clients connect to my
>>>>>>> FS, CGN blocks them. Therefore, I can no longer experiment with Verto.
>>>>>>>
>>>>>>> That's why I need to try TURN/ICE service which is open to public to
>>>>>>> relay media to my FS.  I understand STUN can only help in signalling.
>>>>>>>
>>>>>>> Thanks for the additional inputs.
>>>>>>>
>>>>>>> /Nandy
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Jul 31, 2017 at 3:42 PM, Tihomir Culjaga <tculjaga at gmail.com
>>>>>>> > wrote:
>>>>>>>
>>>>>>>> TURN helps in Symmetric NAT scenarios only
>>>>>>>>
>>>>>>>> you should always try to get a direct connection first ( using STUN
>>>>>>>> ) and if everything else fails, you can use TURN.
>>>>>>>>
>>>>>>>> to check your NAT type, you can use stunclient program from
>>>>>>>> stunprotocol.org
>>>>>>>>
>>>>>>>> e.g.:  /stunclient --mode full stun.ekiga.net 3479
>>>>>>>>
>>>>>>>> On 31 July 2017 at 02:44, Brian West <brian at freeswitch.org> wrote:
>>>>>>>>
>>>>>>>>> What issue are you trying to solve with turn?
>>>>>>>>>
>>>>>>>>> On Sat, Jul 29, 2017 at 1:42 AM Tihomir Culjaga <
>>>>>>>>> tculjaga at gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> FS doesn't use turn... but verto client can use it if you pass
>>>>>>>>>> the parameter in init function ... like that:
>>>>>>>>>>
>>>>>>>>>>    iceServers: [
>>>>>>>>>>       {url: 'turn:numb.viagenie.ca',credential: 'pass',
>>>>>>>>>> username: 'user'},
>>>>>>>>>>       {url: 'stun:ripslinger.undo.it',},
>>>>>>>>>>       {url: 'stun:stun.schlund.de',},
>>>>>>>>>>       {url: 'stun:stun.ekiga.net',},
>>>>>>>>>>       {url: 'stun:stun01.sipphone.com',},
>>>>>>>>>>    ],
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On 28 July 2017 at 15:54, Brian West <brian at freeswitch.org>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> TURN is not needed with FreeSWITCH, plus we do not support it.
>>>>>>>>>>>
>>>>>>>>>>> /b
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Thu, Jul 27, 2017 at 8:55 PM, Nandy Dagondon <
>>>>>>>>>>> nandy1925 at gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi folks,
>>>>>>>>>>>>
>>>>>>>>>>>> I just learned that our Internet provider implemented CGN when
>>>>>>>>>>>> I'm about to experiment WebRTC/mod_verto.  I already signed up a free TURN
>>>>>>>>>>>> server account at http://numb.viagenie.ca/ to proceed.   Where
>>>>>>>>>>>> do I place turn:numb.viagenie.ca in the config files? Is this
>>>>>>>>>>>> correct?
>>>>>>>>>>>>
>>>>>>>>>>>> sip_profiles/external.xml:
>>>>>>>>>>>> <param name="ext-rtp-ip" value="turn:numb.viagenie.ca"/>
>>>>>>>>>>>> <param name="ext-sip-ip" value="turn:numb.viagenie.ca"/>
>>>>>>>>>>>>
>>>>>>>>>>>> /Nandy
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>
>>>> ____________________________________________________________
>>>> _____________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/
>>>> freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>> ____________________________________________________________
>>> _____________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail> Virus-free.
> www.avast.com
> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail>
> <#m_3783642860855104660_DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2>
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>



-- 

*Brian West*
brian at freeswitch.org

*Twitter: @FreeSWITCH , @briankwest*

http://www.freeswitchbook.com
http://www.freeswitchcookbook.com

Book a phone call (CST) <https://freeswitch.com/appointment>

Allison prompts for FreeSWITCH:

*https://www.gofundme.com/allison-prompts-for-freeswitch*
<https://www.gofundme.com/allison-prompts-for-freeswitch>

Got Bugs? Report them here <https://freeswitch.org/jira>! | Reddit:
/r/freeswitch <https://www.reddit.com/r/freeswitch>

*T:*+19184209001 | *F:*+19184209002 | *M:*+1918424WEST (9378)
*Skype:*briankwest
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20170804/cb811067/attachment-0001.html>


More information about the FreeSWITCH-users mailing list