[Freeswitch-users] [Q] nat is not detected, when running freeswitch in docker from local machine.

Ruslan Shevchenko ruslan at shevchenko.kiev.ua
Wed Jul 29 09:37:11 UTC 2020 

Hi, colleagues.

I discovered a strange problem when running Freeswitch from docker on the
local machine,

I have my machine API:  192.168.88.236
and docker with internal ip. 172.17.0.2. (local_ip_v4)

With the next changes relative to vanilla install:
valr.xml :
      external_rtp_ip=stun:stun.freeswitch.org  - changed to
external_rtp_ip=192.168.88.236
      external_sip_ip=stun:stun.freeswitch.org   - same

autoload_configs/switch.conf.xml  --- a narrow set of RTP ports.

sip_profiles:
    internal.xml -- change ext-rtp-ip and ext-sip-ip to 192.168.88.236
   external.xml -- same

Then I trying to run docker from macos which publish ports:
docker run -d -p 5060:5060/udp -p 5060:5060/tcp -p5061:5061/tcp -p
5080:5080/udp -p 5080:5080/tcp -p 5066:5066/tcp -p 7443:7443/tcp -p
63535-63635:63535-63635/tcp  -p63535-64535:63535-64535/udp  -p5555:5555
-p5050:5050 -p8000:8000  --hostname zaka-voice
 zaka-freeswitch-recognition:0.0.1

And then when I try to call Freeswitch from linphone from the local net, I
can hear an answer, but looks like  IVR on the Freeswitch side not receive
RTP stream.

I can't understand why.

One hypothesizes -- that  FreeSWITCH not determinate existence of
external_ip as NAT mode (?)  and ask the phone to send RTP to 172.17.0.2.

How to verify this?    Maybe exists some ideas, how to debug such situation
behind a sip trace?

Thanks.

P.S.  Additional info, if anybody found this interesting:

I.e. I see SIP invite from FreeSWITCH

SIP/2.0 100 Trying
Via: SIP/2.0/TCP 192.168.88.238:50091
;branch=z9hG4bK.rNrD-0O~i;rport=51208;received=172.17.0.1
From: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
To: "33332220" <sip:33332220 at 192.168.88.236>
Call-ID: 7At9kxIfv2
CSeq: 21 INVITE
User-Agent: FreeSWITCH-mod_sofia/1.10.4-dev-2421-8a5850ff26~64bit
Content-Length: 0

then  Ok and Acc from linphone (which freeswitch see as on 172.17.0.2)

recv 354 bytes from tcp/[172.17.0.1]:51208 at 09:20:26.099724:
------------------------------------------------------------------------
SIP/2.0 200 Ok
Via: SIP/2.0/TCP 192.168.88.236;branch=z9hG4bK8502eXUvmSKyN
From: <sip:1002 at 172.17.0.2>;tag=mrr024e5DH57Q
To: <sip:1002 at 172.17.0.2>;tag=ftaVWOB
Call-ID: 940c69ac-4c1f-1239-4cb1-0242ac110002
CSeq: 23453420 NOTIFY
User-Agent: LinphoneiOS/4.3.1 (iPad Ruslan) LinphoneSDK/4.4.0
Supported: replaces, outbound, gruu
Content-Length: 0

recv 640 bytes from tcp/[172.17.0.1]:51208 at 09:20:26.514163:
------------------------------------------------------------------------
ACK sip:33332220 at 192.168.88.236:5060;transport=tcp SIP/2.0
Via: SIP/2.0/TCP 192.168.88.238:50091;rport;branch=z9hG4bK.iYrbMWTLP
From: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
To: "33332220" <sip:33332220 at 192.168.88.236>;tag=N1HS4ZZ8atUtK
CSeq: 21 ACK
Call-ID: 7At9kxIfv2
Max-Forwards: 70
Proxy-Authorization:  Digest realm="192.168.88.236",
nonce="44104e4a-30cb-4277-8c31-61e437b6cbd1", algorithm=MD5,
username="1002",  uri="sip:33332220 at 192.168.88.236",
response="756a3d3e3a76996988afa09a5544f1d1", cnonce="CWKOLtHm9Z8eVYIm",
nc=00000001, qop=auth
User-Agent: LinphoneiOS/4.3.1 (iPad Ruslan) LinphoneSDK/4.4.0
Content-Length: 0

Then  freeswitch not see any activity and says BYE:
BYE sip:1002 at 172.17.0.1:51208;transport=tcp SIP/2.0
Via: SIP/2.0/TCP 192.168.88.236;branch=z9hG4bK9etUgrc0H29gH
Max-Forwards: 70
From: "33332220" <sip:33332220 at 192.168.88.236>;tag=N1HS4ZZ8atUtK
To: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
Call-ID: 7At9kxIfv2
CSeq: 23453425 BYE
User-Agent: FreeSWITCH-mod_sofia/1.10.4-dev-2421-8a5850ff26~64bit
Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE, REGISTER,
REFER, NOTIFY, PUBLISH, SUBSCRIBE
Supported: timer, path, replaces
Reason: Q.850;cause=16;text="NORMAL_CLEARING"
Content-Length: 0

---
  status of Sofia profile:

---

freeswitch at zaka-voice> sofia status profile internal
=================================================================================================
Name             internal
Domain Name       N/A
Auto-NAT         false
DBName           sofia_reg_internal
Pres Hosts       172.17.0.2,172.17.0.2
Dialplan         XML
Context           public
Challenge Realm   auto_from
RTP-IP           172.17.0.2
Ext-RTP-IP       192.168.88.236
SIP-IP           172.17.0.2
Ext-SIP-IP       192.168.88.236
URL               sip:mod_sofia at 192.168.88.236:5060
BIND-URL         sip:mod_sofia at 192.168.88.236:5060
;maddr=172.17.0.2;transport=udp,tcp
WS-BIND-URL     sip:mod_sofia at 172.17.0.2:5066;transport=ws
WSS-BIND-URL     sips:mod_sofia at 172.17.0.2:7443;transport=wss
HOLD-MUSIC       local_stream://moh
OUTBOUND-PROXY   N/A
CODECS IN         OPUS,G722,PCMU,PCMA,H264,VP8
CODECS OUT       OPUS,G722,PCMU,PCMA,H264,VP8
TEL-EVENT         101
DTMF-MODE         rfc2833
CNG               13
SESSION-TO       0
MAX-DIALOG       0
NOMEDIA           false
LATE-NEG         true
PROXY-MEDIA       false
ZRTP-PASSTHRU     true
AGGRESSIVENAT     false
CALLS-IN         0
FAILED-CALLS-IN   0
CALLS-OUT         0
FAILED-CALLS-OUT 0
REGISTRATIONS     0



-- 
Ruslan Shevchenko
Software Engineer.
http://ua.linkedin.com/in/ruslanshevchenko
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20200729/a54c2b93/attachment.html>

More information about the FreeSWITCH-users mailing list