[Freeswitch-users] [Q] nat is not detected, when running freeswitch in docker from local machine.

Ruslan Shevchenko ruslan at shevchenko.kiev.ua
Wed Jul 29 20:50:09 UTC 2020 

  oops,  reviewing a docker run I discovered a silly typo in -p ... [
63535-63635:63535-63635/tcp  -p63535-64535:63535-64535/udp    ]
maybe this was an issue.  (will check now).


On Wed, Jul 29, 2020 at 11:27 PM Ruslan Shevchenko <
ruslan at shevchenko.kiev.ua> wrote:

>
>
> On Wed, Jul 29, 2020 at 9:03 PM Jurijs Ivolga <jurijs.ivolga at gmail.com>
> wrote:
>
>> Hi Ruslan,
>>
>> First of all you need to map UDP ports to ones that are configured in
>> Freeswitch config file switch.conf.xml. By default it is 16384-32768 for
>> media.
>>
>> In your case you are trying to map -p63535-64535:63535-64535/udp, which
>> probably is inconsistent with ports inside switch.conf.xml and that is why
>> audio does not go through.
>>
>>
> Yes, I changed port range appropriately.  Sorry if this was not clear in
> the description of the configuration changes:
>   //  autoload_configs/switch.conf.xml  --- a narrow set of RTP ports.
>
>
>> Additionally I would not recommend to use big range as it by default,
>> because as far as I know, when docker maps port-range it inserts ip
>> iptables not one rule for range, but separate rule per each port and for me
>> it was hanging up docker, so use it with caution.
>>
>> https://github.com/moby/moby/issues/11185  -- seems still not fixed, it
>> is a couple of years already.
>>
>> Probably using Freeswitch with docker default bridge is not a good idea
>> and easy to do, better to use a host network or your own bridge.
>>
>>
> Hmm.... host network is not an option for macOS,
>
>   yes, I understand that better have a Linux server with public IP,  but
> in today-s system development ability to run and test all components
> locally is a 'new normal'.
>  Good thing,  that for local development we don't need to support
> thousands of simultaneous connections,
>
> Jurijs
>>
>>
>> On Wed, Jul 29, 2020 at 8:48 PM David Villasmil <
>> david.villasmil.work at gmail.com> wrote:
>>
>>> Run the container with —network=host
>>>
>>>
>>> On Wed, 29 Jul 2020 at 16:35, Ruslan Shevchenko <
>>> ruslan at shevchenko.kiev.ua> wrote:
>>>
>>>>
>>>> Hi, colleagues.
>>>>
>>>> I discovered a strange problem when running Freeswitch from docker on
>>>> the local machine,
>>>>
>>>> I have my machine API:  192.168.88.236
>>>> and docker with internal ip. 172.17.0.2. (local_ip_v4)
>>>>
>>>> With the next changes relative to vanilla install:
>>>> valr.xml :
>>>>       external_rtp_ip=stun:stun.freeswitch.org  - changed to
>>>> external_rtp_ip=192.168.88.236
>>>>       external_sip_ip=stun:stun.freeswitch.org   - same
>>>>
>>>> autoload_configs/switch.conf.xml  --- a narrow set of RTP ports.
>>>>
>>>> sip_profiles:
>>>>     internal.xml -- change ext-rtp-ip and ext-sip-ip to 192.168.88.236
>>>>    external.xml -- same
>>>>
>>>> Then I trying to run docker from macos which publish ports:
>>>> docker run -d -p 5060:5060/udp -p 5060:5060/tcp -p5061:5061/tcp -p
>>>> 5080:5080/udp -p 5080:5080/tcp -p 5066:5066/tcp -p 7443:7443/tcp -p
>>>> 63535-63635:63535-63635/tcp  -p63535-64535:63535-64535/udp  -p5555:5555
>>>> -p5050:5050 -p8000:8000  --hostname zaka-voice
>>>>  zaka-freeswitch-recognition:0.0.1
>>>>
>>>> And then when I try to call Freeswitch from linphone from the local
>>>> net, I can hear an answer, but looks like  IVR on the Freeswitch side not
>>>> receive RTP stream.
>>>>
>>>> I can't understand why.
>>>>
>>>> One hypothesizes -- that  FreeSWITCH not determinate existence of
>>>> external_ip as NAT mode (?)  and ask the phone to send RTP to 172.17.0.2.
>>>>
>>>> How to verify this?    Maybe exists some ideas, how to debug such
>>>> situation behind a sip trace?
>>>>
>>>> Thanks.
>>>>
>>>> P.S.  Additional info, if anybody found this interesting:
>>>>
>>>> I.e. I see SIP invite from FreeSWITCH
>>>>
>>>> SIP/2.0 100 Trying
>>>> Via: SIP/2.0/TCP 192.168.88.238:50091
>>>> ;branch=z9hG4bK.rNrD-0O~i;rport=51208;received=172.17.0.1
>>>> From: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
>>>> To: "33332220" <sip:33332220 at 192.168.88.236>
>>>> Call-ID: 7At9kxIfv2
>>>> CSeq: 21 INVITE
>>>> User-Agent: FreeSWITCH-mod_sofia/1.10.4-dev-2421-8a5850ff26~64bit
>>>> Content-Length: 0
>>>>
>>>> then  Ok and Acc from linphone (which freeswitch see as on 172.17.0.2)
>>>>
>>>> recv 354 bytes from tcp/[172.17.0.1]:51208 at 09:20:26.099724:
>>>> ------------------------------------------------------------------------
>>>> SIP/2.0 200 Ok
>>>> Via: SIP/2.0/TCP 192.168.88.236;branch=z9hG4bK8502eXUvmSKyN
>>>> From: <sip:1002 at 172.17.0.2>;tag=mrr024e5DH57Q
>>>> To: <sip:1002 at 172.17.0.2>;tag=ftaVWOB
>>>> Call-ID: 940c69ac-4c1f-1239-4cb1-0242ac110002
>>>> CSeq: 23453420 NOTIFY
>>>> User-Agent: LinphoneiOS/4.3.1 (iPad Ruslan) LinphoneSDK/4.4.0
>>>> Supported: replaces, outbound, gruu
>>>> Content-Length: 0
>>>>
>>>> recv 640 bytes from tcp/[172.17.0.1]:51208 at 09:20:26.514163:
>>>> ------------------------------------------------------------------------
>>>> ACK sip:33332220 at 192.168.88.236:5060;transport=tcp SIP/2.0
>>>> Via: SIP/2.0/TCP 192.168.88.238:50091;rport;branch=z9hG4bK.iYrbMWTLP
>>>> From: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
>>>> To: "33332220" <sip:33332220 at 192.168.88.236>;tag=N1HS4ZZ8atUtK
>>>> CSeq: 21 ACK
>>>> Call-ID: 7At9kxIfv2
>>>> Max-Forwards: 70
>>>> Proxy-Authorization:  Digest realm="192.168.88.236",
>>>> nonce="44104e4a-30cb-4277-8c31-61e437b6cbd1", algorithm=MD5,
>>>> username="1002",  uri="sip:33332220 at 192.168.88.236",
>>>> response="756a3d3e3a76996988afa09a5544f1d1", cnonce="CWKOLtHm9Z8eVYIm",
>>>> nc=00000001, qop=auth
>>>> User-Agent: LinphoneiOS/4.3.1 (iPad Ruslan) LinphoneSDK/4.4.0
>>>> Content-Length: 0
>>>>
>>>> Then  freeswitch not see any activity and says BYE:
>>>> BYE sip:1002 at 172.17.0.1:51208;transport=tcp SIP/2.0
>>>> Via: SIP/2.0/TCP 192.168.88.236;branch=z9hG4bK9etUgrc0H29gH
>>>> Max-Forwards: 70
>>>> From: "33332220" <sip:33332220 at 192.168.88.236>;tag=N1HS4ZZ8atUtK
>>>> To: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
>>>> Call-ID: 7At9kxIfv2
>>>> CSeq: 23453425 BYE
>>>> User-Agent: FreeSWITCH-mod_sofia/1.10.4-dev-2421-8a5850ff26~64bit
>>>> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE,
>>>> REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
>>>> Supported: timer, path, replaces
>>>> Reason: Q.850;cause=16;text="NORMAL_CLEARING"
>>>> Content-Length: 0
>>>>
>>>> ---
>>>>   status of Sofia profile:
>>>>
>>>> ---
>>>>
>>>> freeswitch at zaka-voice> sofia status profile internal
>>>>
>>>> =================================================================================================
>>>> Name             internal
>>>> Domain Name       N/A
>>>> Auto-NAT         false
>>>> DBName           sofia_reg_internal
>>>> Pres Hosts       172.17.0.2,172.17.0.2
>>>> Dialplan         XML
>>>> Context           public
>>>> Challenge Realm   auto_from
>>>> RTP-IP           172.17.0.2
>>>> Ext-RTP-IP       192.168.88.236
>>>> SIP-IP           172.17.0.2
>>>> Ext-SIP-IP       192.168.88.236
>>>> URL               sip:mod_sofia at 192.168.88.236:5060
>>>> BIND-URL         sip:mod_sofia at 192.168.88.236:5060
>>>> ;maddr=172.17.0.2;transport=udp,tcp
>>>> WS-BIND-URL     sip:mod_sofia at 172.17.0.2:5066;transport=ws
>>>> WSS-BIND-URL     sips:mod_sofia at 172.17.0.2:7443;transport=wss
>>>> HOLD-MUSIC       local_stream://moh
>>>> OUTBOUND-PROXY   N/A
>>>> CODECS IN         OPUS,G722,PCMU,PCMA,H264,VP8
>>>> CODECS OUT       OPUS,G722,PCMU,PCMA,H264,VP8
>>>> TEL-EVENT         101
>>>> DTMF-MODE         rfc2833
>>>> CNG               13
>>>> SESSION-TO       0
>>>> MAX-DIALOG       0
>>>> NOMEDIA           false
>>>> LATE-NEG         true
>>>> PROXY-MEDIA       false
>>>> ZRTP-PASSTHRU     true
>>>> AGGRESSIVENAT     false
>>>> CALLS-IN         0
>>>> FAILED-CALLS-IN   0
>>>> CALLS-OUT         0
>>>> FAILED-CALLS-OUT 0
>>>> REGISTRATIONS     0
>>>>
>>>>
>>>>
>>>> --
>>>> Ruslan Shevchenko
>>>> Software Engineer.
>>>> http://ua.linkedin.com/in/ruslanshevchenko
>>>>
>>>> _________________________________________________________________________
>>>>
>>>> The FreeSWITCH project is sponsored by SignalWire
>>>> https://signalwire.com
>>>> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
>>>> services.
>>>> Build your next product on our scalable cloud platform.
>>>>
>>>> Join our online community to chat in real time
>>>> https://signalwire.community
>>>>
>>>> Professional FreeSWITCH Services
>>>> sales at freeswitch.com
>>>> https://freeswitch.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> https://freeswitch.com/oss
>>>> https://freeswitch.org/confluence
>>>> https://cluecon.com
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:
>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> https://freeswitch.com
>>>
>>> --
>>> Regards,
>>>
>>> David Villasmil
>>> email: david.villasmil.work at gmail.com
>>> phone: +34669448337
>>> _________________________________________________________________________
>>>
>>> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
>>> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
>>> services.
>>> Build your next product on our scalable cloud platform.
>>>
>>> Join our online community to chat in real time
>>> https://signalwire.community
>>>
>>> Professional FreeSWITCH Services
>>> sales at freeswitch.com
>>> https://freeswitch.com
>>>
>>> Official FreeSWITCH Sites
>>> https://freeswitch.com/oss
>>> https://freeswitch.org/confluence
>>> https://cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> https://freeswitch.com
>>
>> _________________________________________________________________________
>>
>> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
>> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
>> services.
>> Build your next product on our scalable cloud platform.
>>
>> Join our online community to chat in real time
>> https://signalwire.community
>>
>> Professional FreeSWITCH Services
>> sales at freeswitch.com
>> https://freeswitch.com
>>
>> Official FreeSWITCH Sites
>> https://freeswitch.com/oss
>> https://freeswitch.org/confluence
>> https://cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> https://freeswitch.com
>
>
>
> --
> Ruslan Shevchenko
> Software Engineer.
> http://ua.linkedin.com/in/ruslanshevchenko
>


-- 
Ruslan Shevchenko
Software Engineer.
http://ua.linkedin.com/in/ruslanshevchenko
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20200729/91fd0109/attachment-0001.html>

More information about the FreeSWITCH-users mailing list