[Freeswitch-users] Issue with changing phone SIP port

Steven Ayre steveayre at gmail.com
Wed Jun 5 07:54:43 MSD 2013


"decreasing the session timers or the keepalives to the UAs"

That definitely suggests that the issue is the NAT router losing its port
mapping and assigning a new one. Keepalives are one way to force it to stay
open.

Explicit port mapping or UPnP may be another.

-Steve





On 4 June 2013 22:47, Daniel Ivanov <sertys at gmail.com> wrote:

> I have noticed the same behaviour on behind-nat devices. It really is the
> router's causing the mess here. There are 2 workarounds - the nldb way with
> the connectile disfunction( this breaks at least one thing - SIMPLE
> messaging) and decreasing the session timers or the keepalives to the UAs.
> This will keep the portholes in tact. Both have pros and cons. And i still
> would suggest leaving stun enabled.
> On Jun 4, 2013 9:28 PM, "Michael Jerris" <mike at jerris.com> wrote:
>
>>
>> On Jun 3, 2013, at 11:57 PM, Steven Ayre <steveayre at gmail.com> wrote:
>>
>> 1. Why does FreeSWITCH initially send "Unauthorized" reply?
>>
>>
>> It's required. SIP authentication is similar to HTTP authentication, it's
>> based on challenge response. The first request fails and the response
>> contains a nonce. The 2nd request sends a digest of the password combined
>> with that nonce. That means you authenticate without sending your password
>> over the internet plaintext and since the nonce is time-limited without
>> that digest being able to be reused by an attacker.
>>
>> If you see yourself calling into FS without that then you are either a)
>> authenticating via IP address not password or b) calling into a SIP profile
>> that doesn't require authentication (eg one for receiving calls).
>>
>>
>>
>> This is not 100% correct.  If the other end already has a nonce, it can
>> send the auth headers in the request and not be challenged.
>>
>>
>> 2. Does anyone know why some phones change their port during registration
>>> from behind a NAT?
>>
>>
>> That could be your NAT router changing the port mapping between requests
>> (each REGISTER and INVITE is a separate SIP dialog).
>>
>> SIP with NAT can work, but will be messy. Mostly because not everything
>> supports it, supports it well, or does it in the same way. You can also
>> encounter situations where the phone and router are both trying to
>> workaround the NAT issues which causes more problems than it solves.
>>
>> Generally FS does a good job of working around many of the issues, and
>> has a few NDLB options for handling devices that don't handle NAT well. See
>> http://wiki.freeswitch.org/wiki/NAT_Traversal
>>
>> For starters you should disable SIP ALG on your router and enable STUN in
>> the SIP client, if it's supported.
>>
>>
>> 3. Should I file a Jira ticket to have FreeSWITCH change UA's registered
>>> contact info when the UA sends a message with a different Contact header?
>>
>>
>> But what would it change it to?
>>
>> For handling broken devices there are some NDLB options, some do try
>> rewriting the Contact to where the packet came from. That's not correct in
>> all cases, but perhaps is in many. http://wiki.freeswitch.org/wiki/NDLB
>>
>>
>> -Steve
>>
>>
>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> 
>> 
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://wiki.freeswitch.org
>> http://www.cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> 
> 
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20130605/85d5d498/attachment.html 


Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list