[Freeswitch-users] [Q] nat is not detected, when running freeswitch in docker from local machine.

Wed Jul 29 18:02:21 UTC 2020

Hi Ruslan,

First of all you need to map UDP ports to ones that are configured in
Freeswitch config file switch.conf.xml. By default it is 16384-32768 for
media.

In your case you are trying to map -p63535-64535:63535-64535/udp, which
probably is inconsistent with ports inside switch.conf.xml and that is why
audio does not go through.

Additionally I would not recommend to use big range as it by default,
because as far as I know, when docker maps port-range it inserts ip
iptables not one rule for range, but separate rule per each port and for me
it was hanging up docker, so use it with caution.

https://github.com/moby/moby/issues/11185  -- seems still not fixed, it is
a couple of years already.

Probably using Freeswitch with docker default bridge is not a good idea and
easy to do, better to use a host network or your own bridge.

Jurijs

On Wed, Jul 29, 2020 at 8:48 PM David Villasmil <
david.villasmil.work at gmail.com> wrote:

> Run the container with —network=host
>
>
> On Wed, 29 Jul 2020 at 16:35, Ruslan Shevchenko <ruslan at shevchenko.kiev.ua>
> wrote:
>
>>
>> Hi, colleagues.
>>
>> I discovered a strange problem when running Freeswitch from docker on the
>> local machine,
>>
>> I have my machine API:  192.168.88.236
>> and docker with internal ip. 172.17.0.2. (local_ip_v4)
>>
>> With the next changes relative to vanilla install:
>> valr.xml :
>>       external_rtp_ip=stun:stun.freeswitch.org  - changed to
>> external_rtp_ip=192.168.88.236
>>       external_sip_ip=stun:stun.freeswitch.org   - same
>>
>> autoload_configs/switch.conf.xml  --- a narrow set of RTP ports.
>>
>> sip_profiles:
>>     internal.xml -- change ext-rtp-ip and ext-sip-ip to 192.168.88.236
>>    external.xml -- same
>>
>> Then I trying to run docker from macos which publish ports:
>> docker run -d -p 5060:5060/udp -p 5060:5060/tcp -p5061:5061/tcp -p
>> 5080:5080/udp -p 5080:5080/tcp -p 5066:5066/tcp -p 7443:7443/tcp -p
>> 63535-63635:63535-63635/tcp  -p63535-64535:63535-64535/udp  -p5555:5555
>> -p5050:5050 -p8000:8000  --hostname zaka-voice
>>  zaka-freeswitch-recognition:0.0.1
>>
>> And then when I try to call Freeswitch from linphone from the local net,
>> I can hear an answer, but looks like  IVR on the Freeswitch side not
>> receive RTP stream.
>>
>> I can't understand why.
>>
>> One hypothesizes -- that  FreeSWITCH not determinate existence of
>> external_ip as NAT mode (?)  and ask the phone to send RTP to 172.17.0.2.
>>
>> How to verify this?    Maybe exists some ideas, how to debug such
>> situation behind a sip trace?
>>
>> Thanks.
>>
>> P.S.  Additional info, if anybody found this interesting:
>>
>> I.e. I see SIP invite from FreeSWITCH
>>
>> SIP/2.0 100 Trying
>> Via: SIP/2.0/TCP 192.168.88.238:50091
>> ;branch=z9hG4bK.rNrD-0O~i;rport=51208;received=172.17.0.1
>> From: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
>> To: "33332220" <sip:33332220 at 192.168.88.236>
>> Call-ID: 7At9kxIfv2
>> CSeq: 21 INVITE
>> User-Agent: FreeSWITCH-mod_sofia/1.10.4-dev-2421-8a5850ff26~64bit
>> Content-Length: 0
>>
>> then  Ok and Acc from linphone (which freeswitch see as on 172.17.0.2)
>>
>> recv 354 bytes from tcp/[172.17.0.1]:51208 at 09:20:26.099724:
>> ------------------------------------------------------------------------
>> SIP/2.0 200 Ok
>> Via: SIP/2.0/TCP 192.168.88.236;branch=z9hG4bK8502eXUvmSKyN
>> From: <sip:1002 at 172.17.0.2>;tag=mrr024e5DH57Q
>> To: <sip:1002 at 172.17.0.2>;tag=ftaVWOB
>> Call-ID: 940c69ac-4c1f-1239-4cb1-0242ac110002
>> CSeq: 23453420 NOTIFY
>> User-Agent: LinphoneiOS/4.3.1 (iPad Ruslan) LinphoneSDK/4.4.0
>> Supported: replaces, outbound, gruu
>> Content-Length: 0
>>
>> recv 640 bytes from tcp/[172.17.0.1]:51208 at 09:20:26.514163:
>> ------------------------------------------------------------------------
>> ACK sip:33332220 at 192.168.88.236:5060;transport=tcp SIP/2.0
>> Via: SIP/2.0/TCP 192.168.88.238:50091;rport;branch=z9hG4bK.iYrbMWTLP
>> From: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
>> To: "33332220" <sip:33332220 at 192.168.88.236>;tag=N1HS4ZZ8atUtK
>> CSeq: 21 ACK
>> Call-ID: 7At9kxIfv2
>> Max-Forwards: 70
>> Proxy-Authorization:  Digest realm="192.168.88.236",
>> nonce="44104e4a-30cb-4277-8c31-61e437b6cbd1", algorithm=MD5,
>> username="1002",  uri="sip:33332220 at 192.168.88.236",
>> response="756a3d3e3a76996988afa09a5544f1d1", cnonce="CWKOLtHm9Z8eVYIm",
>> nc=00000001, qop=auth
>> User-Agent: LinphoneiOS/4.3.1 (iPad Ruslan) LinphoneSDK/4.4.0
>> Content-Length: 0
>>
>> Then  freeswitch not see any activity and says BYE:
>> BYE sip:1002 at 172.17.0.1:51208;transport=tcp SIP/2.0
>> Via: SIP/2.0/TCP 192.168.88.236;branch=z9hG4bK9etUgrc0H29gH
>> Max-Forwards: 70
>> From: "33332220" <sip:33332220 at 192.168.88.236>;tag=N1HS4ZZ8atUtK
>> To: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
>> Call-ID: 7At9kxIfv2
>> CSeq: 23453425 BYE
>> User-Agent: FreeSWITCH-mod_sofia/1.10.4-dev-2421-8a5850ff26~64bit
>> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE,
>> REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
>> Supported: timer, path, replaces
>> Reason: Q.850;cause=16;text="NORMAL_CLEARING"
>> Content-Length: 0
>>
>> ---
>>   status of Sofia profile:
>>
>> ---
>>
>> freeswitch at zaka-voice> sofia status profile internal
>>
>> =================================================================================================
>> Name             internal
>> Domain Name       N/A
>> Auto-NAT         false
>> DBName           sofia_reg_internal
>> Pres Hosts       172.17.0.2,172.17.0.2
>> Dialplan         XML
>> Context           public
>> Challenge Realm   auto_from
>> RTP-IP           172.17.0.2
>> Ext-RTP-IP       192.168.88.236
>> SIP-IP           172.17.0.2
>> Ext-SIP-IP       192.168.88.236
>> URL               sip:mod_sofia at 192.168.88.236:5060
>> BIND-URL         sip:mod_sofia at 192.168.88.236:5060
>> ;maddr=172.17.0.2;transport=udp,tcp
>> WS-BIND-URL     sip:mod_sofia at 172.17.0.2:5066;transport=ws
>> WSS-BIND-URL     sips:mod_sofia at 172.17.0.2:7443;transport=wss
>> HOLD-MUSIC       local_stream://moh
>> OUTBOUND-PROXY   N/A
>> CODECS IN         OPUS,G722,PCMU,PCMA,H264,VP8
>> CODECS OUT       OPUS,G722,PCMU,PCMA,H264,VP8
>> TEL-EVENT         101
>> DTMF-MODE         rfc2833
>> CNG               13
>> SESSION-TO       0
>> MAX-DIALOG       0
>> NOMEDIA           false
>> LATE-NEG         true
>> PROXY-MEDIA       false
>> ZRTP-PASSTHRU     true
>> AGGRESSIVENAT     false
>> CALLS-IN         0
>> FAILED-CALLS-IN   0
>> CALLS-OUT         0
>> FAILED-CALLS-OUT 0
>> REGISTRATIONS     0
>>
>>
>>
>> --
>> Ruslan Shevchenko
>> Software Engineer.
>> http://ua.linkedin.com/in/ruslanshevchenko
>> _________________________________________________________________________
>>
>> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
>> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
>> services.
>> Build your next product on our scalable cloud platform.
>>
>> Join our online community to chat in real time
>> https://signalwire.community
>>
>> Professional FreeSWITCH Services
>> sales at freeswitch.com
>> https://freeswitch.com
>>
>> Official FreeSWITCH Sites
>> https://freeswitch.com/oss
>> https://freeswitch.org/confluence
>> https://cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> https://freeswitch.com
>
> --
> Regards,
>
> David Villasmil
> email: david.villasmil.work at gmail.com
> phone: +34669448337
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20200729/1e9ca9f3/attachment.html>