[Freeswitch-users] registration fails after several hours - FS problem?
Mario G
mario_fs at mgtech.com
Wed Oct 27 09:50:03 PDT 2010
Thanks so much! I am sure many others will find this info invaluable. I will try the static route again but have one question: When I started with FS I found a "sip scanner" in FS and someone on this group said not to use port mapping since it was a security risk. Is that true?
On Oct 27, 2010, at 9:10 AM, Anthony Minessale wrote:
> you are completely guessing at things.
> I want you to understand that the only reason you are having problems
> with this is because you don't understand how it works enough to know
> what you are doing 100%
>
> Its a given that the pnp stuff is only for your dynamic IP.
> aggressive-nat-detection and sip-force-expires are all related to
> inbound calls when the things who are registering to you may be behind
> nat.
>
> You need to learn the difference between which nat tools are
> *) designed for your FS to run behind nat
> *) designed for FS to run public and accept connections from devices behind nat.
>
> If you have a static IP, you don't need the pnp stuff so -nonat is fine
> What you need to do is set
>
> 1) set the params ext-sip-ip and ext-rtp-ip to your external static IP
> 2) map the sip ports and all of the rtp ports from your static IP to FS lan addr
> 3) set sip-ip and rtp-ip to the lan addr you forwarded through.
>
> If you don't do this: your outbound registration will use NAT to your
> provider and if there is no activity for the expire time on your NAT
> mapping the reverse port mapping from your provider back to you is
> lost. This is why you set your register expires to a very low number,
> (you need to make sure the provider does not turn the expires back up
> in the reply because it will beat your choice *see sip trace) if this
> is the case then you need the "ping" option set to 30, to continuously
> send an options to your provider.
>
> The static mapping is obviously the better, easier and more reliable solution.
>
> So I want you to understand that the only way to keep a nat mapped
> port alive is to continuously send traffic, all the other methods that
> you are mentioning are to detect that phones registered to your are
> behind nat, I gave you that force-expires option before because your
> trace was full of inbound reg so I thought that is what you wanted
> help with.
>
>
>
>
>
>
>
>
> On Wed, Oct 27, 2010 at 10:43 AM, Mario G <mario_fs at mgtech.com> wrote:
>> I should mention that I did not have this problem with an SPA9000 PBX
>> (asterisk based) for over two years so FS may be pickier about upnp and/or
>> nat, or just better at it exposing a problem in the router.
>> I made different changes to the gateways to test different things. One
>> failed after 17 hours, the other two stayed up. What did not work:
>> added <variable name="sip-force-expires" value="30"/> to the directory
>> entries as suggested.
>> set the gateway expire times to 30 seconds.
>> What worked (could be coincidental) for the two gateways that stayed up:
>> I Added <param name="aggressive-nat-detection" value="true"/>
>> I originally setup FS to use the static ip by setting external sip/rtp to
>> just the static ip (no autonat:) and ran with -nonat but I could not get
>> incoming calls. The only way it worked was to use autonat:1.2.3.4. The
>> router has 1 static public address and 1 dynamic external IP, this is the
>> root of the problem, upnp only tells FS about the dynamic ip Will keep this
>> thread up-to-date for anyone who may be in the same boat someday. Thanks
>> again for looking at the trace.
>> Mario
>>
>> You should be setting the req freq to a low number on the outbound gateways
>>
>> The examples you showed had a series of inbound reg
>>
>> also set expire-seconds to 30 in your gateway xml
>>
>>
>> The problem is if you are not constantly sending traffic to the box
>>
>> the nat mapping will go away.
>>
>> If you are in production you should be using a static ip with a static
>>
>> mapping, any trouble you are having is your own fault for playing with
>>
>> fire. The best we can do is tell you how to keep it contained.
>>
>>
>>
>>
>> On Tue, Oct 26, 2010 at 12:34 PM, Mario G <mario_fs at mgtech.com> wrote:
>>
>> I made the change. I had no idea the settings for the inside phones effected
>> nat for the outside sip accounts. I was looking into aggressive-nat-
>> detection since the internal profile status always shows the right external
>> static IP but the nat_ap status always shows the dynamic ip. Crossing
>> fingers/etc since this problem is 85% of time (weeks!) into FS changeover.
>> Thanks!
>>
>> Mario
>>
>> On Oct 26, 2010, at 10:15 AM, Anthony Minessale wrote:
>>
>> add
>>
>> <variable name="sip-force-expires" value="30"/>
>>
>> to the <variables> section of your <user>
>>
>> you have it at 600 and the nat mapping is timing out while the 600
>>
>> seconds is ticking away
>>
>>
>>
>> On Tue, Oct 26, 2010 at 12:01 PM, Mario G <mario_fs at mgtech.com> wrote:
>>
>> From the TSP:
>>
>> "I have enabled the SIP trace on your account. We are not currently seeing
>>
>> any registration attempts to your account within the last 15 minutes. Please
>>
>> restart FreeSwitch so that registration attempts begin again. Thank you. ".
>>
>> So FS is not getting past router.
>>
>> On Oct 26, 2010, at 9:09 AM, Mario G wrote:
>>
>> I ran the global trace during the problem and it is
>>
>> at http://pastebin.freeswitch.org/14324 . You can find "rnktel", "acctone",
>>
>> "accttwo", "acct3". The trace includes phones since it was global. I am
>>
>> using:
>>
>> <param name="ext-rtp-ip" value="autonat:my-static.ip"/>
>>
>> <param name="ext-sip-ip" value="autonat:my-static.ip"/>
>>
>> I tried dumping nat and removing the autonat: above and using -nonat but
>>
>> that did not work, registration proceeded but no calls inbound.
>>
>> On Oct 25, 2010, at 4:11 PM, Mario G wrote:
>>
>> Whoops, I am using an IP address for at least one gateway so that is not the
>>
>> problem:
>>
>> They look outbound to me and I am using dns for 2 and an IP for one so that
>>
>> is not the issue. I was able to get FS to clear this up by doing "nat_map
>>
>> reinit" which is why I think this is a nat problem. I will do the trace you
>>
>> mentioned. I will plug an ip address into one of the gateways to see what
>>
>> happens, they all fail at once. Thanks for responding!
>>
>> Mario
>>
>> On Oct 25, 2010, at 3:26 PM, Mario wrote:
>>
>> I really need help on this as I have weeks into this problem. I thought I
>>
>> had it nailed but I guess not. After 5.5 hours I get:
>>
>> 2010-10-25 15:05:43.407272 [WARNING] sofia_reg.c:387 mguuid Failed
>>
>> Registration, setting retry to 15 seconds.
>>
>> 2010-10-25 15:05:49.557478 [NOTICE] sofia_reg.c:342 Registering mvuuid
>>
>> 2010-10-25 15:05:59.206273 [NOTICE] sofia_reg.c:342 Registering mguuid
>>
>> 2010-10-25 15:06:04.923157 [WARNING] sofia_reg.c:387 mynum777 Failed
>>
>> Registration, setting retry to 30 seconds.
>>
>> 2010-10-25 15:06:05.358321 [WARNING] sofia_reg.c:387 mvuuid Failed
>>
>> Registration, setting retry to 15 seconds.
>>
>> 2010-10-25 15:06:16.125060 [WARNING] sofia_reg.c:387 mguuid Failed
>>
>> Registration, setting retry to 15 seconds.
>>
>> 2010-10-25 15:06:21.151240 [NOTICE] sofia_reg.c:342 Registering mvuuid
>>
>> 2010-10-25 15:06:33.060421 [NOTICE] sofia_reg.c:342 Registering mguuid
>>
>> 2010-10-25 15:06:35.392655 [NOTICE] sofia_reg.c:342 Registering mynum777
>>
>> and no way to make/get calls until I restart FS. I did this:
>>
>> 1. log 7
>>
>> 2. sofia profile xxxx siptrace on for each profile/gateway
>>
>> 3. restarted router
>>
>> All three did not solve the problem. The trace and log produced no
>>
>> additional lines which is why I am wondering if FS has a problem since the
>>
>> trace shows no SIP activity.
>>
>> 3 gateways with 2 ITSPs
>>
>> 2 DSL/WAN lines, 1 static and 1 dynamic
>>
>> I am using autonat:1.2.3.4 in internal and external profiles. 1.2.3.4 is the
>>
>> external static ip.
>>
>> sofia status profile ... has the right ext ip
>>
>> nat_map status shows the dynamic (wrong) IP
>>
>> I tried starting with -nonat but that was worse
>>
>> the only way to fix is restart FS.
>>
>> I read the wiki on external nat, auto_nat and everything else many times.
>>
>> Thanks Mario
>>
>>
>> _______________________________________________
>>
>> FreeSWITCH-users mailing list
>>
>> FreeSWITCH-users at lists.freeswitch.org
>>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>
>> http://www.freeswitch.org
>>
>>
>> _______________________________________________
>>
>> FreeSWITCH-users mailing list
>>
>> FreeSWITCH-users at lists.freeswitch.org
>>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>
>> http://www.freeswitch.org
>>
>> _______________________________________________
>>
>> FreeSWITCH-users mailing list
>>
>> FreeSWITCH-users at lists.freeswitch.org
>>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>
>> http://www.freeswitch.org
>>
>>
>> _______________________________________________
>>
>> FreeSWITCH-users mailing list
>>
>> FreeSWITCH-users at lists.freeswitch.org
>>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>
>> http://www.freeswitch.org
>>
>>
>>
>>
>>
>> --
>>
>> Anthony Minessale II
>>
>> FreeSWITCH http://www.freeswitch.org/
>>
>> ClueCon http://www.cluecon.com/
>>
>> Twitter: http://twitter.com/FreeSWITCH_wire
>>
>> AIM: anthm
>>
>> MSN:anthony_minessale at hotmail.com
>>
>> GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com
>>
>> IRC: irc.freenode.net #freeswitch
>>
>> FreeSWITCH Developer Conference
>>
>> sip:888 at conference.freeswitch.org
>>
>> googletalk:conf+888 at conference.freeswitch.org
>>
>> pstn:+19193869900
>>
>> _______________________________________________
>>
>> FreeSWITCH-users mailing list
>>
>> FreeSWITCH-users at lists.freeswitch.org
>>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>
>> http://www.freeswitch.org
>>
>>
>> _______________________________________________
>>
>> FreeSWITCH-users mailing list
>>
>> FreeSWITCH-users at lists.freeswitch.org
>>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>
>> http://www.freeswitch.org
>>
>>
>>
>>
>> --
>>
>> Anthony Minessale II
>>
>> FreeSWITCH http://www.freeswitch.org/
>>
>> ClueCon http://www.cluecon.com/
>>
>> Twitter: http://twitter.com/FreeSWITCH_wire
>>
>> AIM: anthm
>>
>> MSN:anthony_minessale at hotmail.com
>>
>> GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com
>>
>> IRC: irc.freenode.net #freeswitch
>>
>> FreeSWITCH Developer Conference
>>
>> sip:888 at conference.freeswitch.org
>>
>> googletalk:conf+888 at conference.freeswitch.org
>>
>> pstn:+19193869900
>>
>> _______________________________________________
>>
>> FreeSWITCH-users mailing list
>>
>> FreeSWITCH-users at lists.freeswitch.org
>>
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>
>> http://www.freeswitch.org
>>
>>
>> _______________________________________________
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>> _______________________________________________
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
>
>
>
> --
> Anthony Minessale II
>
> FreeSWITCH http://www.freeswitch.org/
> ClueCon http://www.cluecon.com/
> Twitter: http://twitter.com/FreeSWITCH_wire
>
> AIM: anthm
> MSN:anthony_minessale at hotmail.com
> GTALK/JABBER/PAYPAL:anthony.minessale at gmail.com
> IRC: irc.freenode.net #freeswitch
>
> FreeSWITCH Developer Conference
> sip:888 at conference.freeswitch.org
> googletalk:conf+888 at conference.freeswitch.org
> pstn:+19193869900
>
> _______________________________________________
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
More information about the FreeSWITCH-users
mailing list