[Freeswitch-users] FS uses private rtp address in the SDP

afshin afzali a.afzali2003 at gmail.com
Mon Aug 18 09:43:06 MSD 2014


Hi,
Yes, you pointed out to the exact result that I reached. In outbound calls
Freeswitch puts correct (public) IP in SDP. But in a inbound call
Freeswitch receives INVITE from a local router / firewall (Mikrotik).

The trace shows that the INVITE received from for example 192.168.10.1
(router's local IP address) ( Freeswitch's private IP is 192.168.10.58)
although I have public address of my client in Via, Contact and SDP portion
of INVITE message. It obvious that Freeswitch selects it's local IP address
for SDP portion of it's 200 OK. My question is WHY? :)

It knows that is on a NAT session so uses it's public address in Contact
header. How can I change Freeswitch's behavior ? How can I give the INVITE
message to Freeswitch that does not show it receives from a local IP?

BEST,

Afshin


On Mon, Aug 18, 2014 at 6:38 AM, Miguel Oyarzo <miguelaustro at gmail.com>
wrote:

> Hi,
> When I told you about ACL, it  was because this is a normal
> misunderstanding.
> ACL helps to determinate what is considered as a local and external
> address.
>
> Have you checked if the INVITE arrives with an IP address within your
> local network?
> If so, that will produce a 200 OK response with an local IP into the SDP
> message .
>
> use tcpdump, ngrep or any other tool to determinate IP addresses involved
> in your scenario.
>
> Regard,
>
>
>
>
> On Sun, Aug 17, 2014 at 3:26 PM, afshin afzali <a.afzali2003 at gmail.com>
> wrote:
>
>> mod_commands.c:642 nat_map API called while NAT not initialized
>>
>> Is that my problem?
>>
>>
>> On Sat, Aug 16, 2014 at 9:15 PM, afshin afzali <a.afzali2003 at gmail.com>
>> wrote:
>>
>>> Appreciate that,
>>> You used stun protocol to detect external IP address although I'm using
>>> the exact address so I think it makes no difference.
>>>
>>> I would appreciate if I know in which conditions FreeSWITCH uses public
>>> IP address in SDP protocol.
>>>
>>>
>>> On Saturday, August 16, 2014, Douglas Adami <
>>> webmaster.rumodigital at gmail.com> wrote:
>>>
>>>> Hi Afshin,
>>>>
>>>> I have the same scenario as you and 100% functional, this is my setup.
>>>>
>>>> <X-PRE-PROCESS cmd="set" data="external_rtp_ip=stun:stun.freeswitch.org
>>>> "/>
>>>> <X-PRE-PROCESS cmd="set" data="external_sip_ip=stun:stun.freeswitch.org
>>>> "/>
>>>>
>>>> <param name="apply-nat-acl" value="nat.auto"/>
>>>>
>>>> <param name="rtp-ip" value="$${local_ip_v4}"/>
>>>> <param name="sip-ip" value="$${local_ip_v4}"/>
>>>> <param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
>>>> <param name="ext-sip-ip" value="$${external_sip_ip}"/>
>>>>
>>>> I'm new around here, so let's wait for a response from some expert.
>>>>
>>>> good settings
>>>>
>>>> Doug
>>>>
>>>>
>>>> On Sat, Aug 16, 2014 at 2:02 PM, afshin afzali <a.afzali2003 at gmail.com>
>>>> wrote:
>>>>
>>>>> Hi Douglas,
>>>>>
>>>>> Thanks for your reply,
>>>>> I)
>>>>>
>>>>> In my scenario both of FreeSWITCH and client are behind the firewall.
>>>>>
>>>>> II)
>>>>>
>>>>> <X-PRE-PROCESS cmd="set" data="bind_server_ip=auto"/>
>>>>> <X-PRE-PROCESS cmd="set" data="external_rtp_ip=X.Y.Z.W"/>
>>>>> <X-PRE-PROCESS cmd="set" data="external_sip_ip=X.Y.Z.W"/>
>>>>>
>>>>> I have a static public IP (for Freeswitch) and I know what it is so I
>>>>> specified it explicitly.
>>>>>
>>>>> Do I have to set bind_server_ip to a specific IP in case of NAT
>>>>> traversal as I specified local IP addresses for sip and rtp?
>>>>>
>>>>> III)
>>>>> in the SIP profile
>>>>> <param name="sip-ip" value="192.168.10.59"/>
>>>>> <param name="rtp-ip" value="192.168.10.59"/>
>>>>> <param name="ext-sip-ip" value="X.Y.Z.W"/>
>>>>> <param name="ext-rtp-ip" value="X.Y.Z.W"/>
>>>>> for apply-nat-acl I examined nat.auto, rfc1918, ... :(
>>>>>
>>>>> I did not refer to external_sip_ip / external_rtp_ip vaiables in the
>>>>> SIP profile and explicitly defined external static IP.
>>>>>
>>>>>
>>>>> BEST,
>>>>>
>>>>> Afshin
>>>>>
>>>>>
>>>>>
>>>>> On Sat, Aug 16, 2014 at 5:01 PM, Douglas Adami <
>>>>> webmaster.rumodigital at gmail.com> wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> NAT scenario, correct?
>>>>>> https://confluence.freeswitch.org/display/FREESWITCH/NAT+Traversal
>>>>>>
>>>>>> try this:
>>>>>>
>>>>>> vars.xml
>>>>>> <X-PRE-PROCESS cmd="set" data="bind_server_ip=my.domain.com"/>
>>>>>> <X-PRE-PROCESS cmd="set" data="external_sip_ip=stun:
>>>>>> stun.freeswitch.org"/>
>>>>>> <X-PRE-PROCESS cmd="set" data="external_rtp_ip=stun:
>>>>>> stun.freeswitch.org"/>
>>>>>>
>>>>>>
>>>>>> sip_profiles:
>>>>>>
>>>>>> sipinterface_1.xml
>>>>>> <param name="apply-nat-acl" value="nat.auto"/>
>>>>>> <param name="ext-sip-ip" value="$${external_sip_ip}"/>
>>>>>> <param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
>>>>>>
>>>>>> Doug
>>>>>>
>>>>>>
>>>>>> On Sat, Aug 16, 2014 at 7:26 AM, afshin afzali <
>>>>>> a.afzali2003 at gmail.com> wrote:
>>>>>>
>>>>>>> Hi Miguel,
>>>>>>>
>>>>>>> I do not understand how the ACL (if you mean apply-nat-acl) can
>>>>>>> effects on using public IP in SDP when I specified both ext-sip-ip and
>>>>>>> ext-rtp-ip in sip profile!
>>>>>>>  I changed the apply-nat-acl to a "always allow" and "rfc1918" but
>>>>>>> does not make difference.
>>>>>>>
>>>>>>> Afshin
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Aug 14, 2014 at 3:18 PM, Miguel Oyarzo <
>>>>>>> miguelaustro at gmail.com> wrote:
>>>>>>>
>>>>>>>>
>>>>>>>> Wrong ACL?
>>>>>>>>
>>>>>>>>
>>>>>>>> On Wed, Aug 13, 2014 at 10:06 PM, afshin afzali <
>>>>>>>> a.afzali2003 at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hi FreeSWITCHers:
>>>>>>>>>
>>>>>>>>> I configured a sip profile as bellow:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> =================================================================================================
>>>>>>>>> Name                    sipinterface_1
>>>>>>>>> Domain Name             N/A
>>>>>>>>> Auto-NAT                false
>>>>>>>>> DBName                  sofia_reg_sipinterface_1
>>>>>>>>> Pres Hosts
>>>>>>>>> Dialplan                XML
>>>>>>>>> Context                 context_1
>>>>>>>>> Challenge Realm         auto_to
>>>>>>>>> RTP-IP                  192.168.10.59
>>>>>>>>> Ext-RTP-IP              X.Y.Z.W
>>>>>>>>> SIP-IP                  192.168.10.59
>>>>>>>>> Ext-SIP-IP               X.Y.Z.W
>>>>>>>>> URL                     sip:mod_sofia at X.Y.Z.W:5060
>>>>>>>>> BIND-URL                sip:mod_sofia at X.Y.Z.W
>>>>>>>>> :5060;maddr=192.168.10.59;transport=udp,tcp
>>>>>>>>> HOLD-MUSIC              N/A
>>>>>>>>> OUTBOUND-PROXY          N/A
>>>>>>>>> CODECS IN               G722,PCMU,PCMA,GSM
>>>>>>>>> CODECS OUT              G722,PCMU,PCMA,GSM
>>>>>>>>> TEL-EVENT               101
>>>>>>>>> DTMF-MODE               rfc2833
>>>>>>>>> CNG                     13
>>>>>>>>> SESSION-TO              0
>>>>>>>>> MAX-DIALOG              0
>>>>>>>>> NOMEDIA                 false
>>>>>>>>> LATE-NEG                false
>>>>>>>>> PROXY-MEDIA             false
>>>>>>>>> ZRTP-PASSTHRU           false
>>>>>>>>> AGGRESSIVENAT           true
>>>>>>>>> CALLS-IN                0
>>>>>>>>> FAILED-CALLS-IN         0
>>>>>>>>> CALLS-OUT               0
>>>>>>>>> FAILED-CALLS-OUT        0
>>>>>>>>> REGISTRATIONS           1
>>>>>>>>>
>>>>>>>>> for every INVITE that comes in via this profile, FS replys with
>>>>>>>>> this SDP:
>>>>>>>>>
>>>>>>>>>    v=0
>>>>>>>>>    o=FreeSWITCH 1407905843 1407905844 IN IP4 192.168.10.59
>>>>>>>>>    s=FreeSWITCH
>>>>>>>>>    c=IN IP4 192.168.10.59
>>>>>>>>>    t=0 0
>>>>>>>>>    m=audio 25142 RTP/AVP 0 101
>>>>>>>>>    a=rtpmap:0 PCMU/8000
>>>>>>>>>    a=rtpmap:101 telephone-event/8000
>>>>>>>>>    a=fmtp:101 0-16
>>>>>>>>>    a=ptime:20
>>>>>>>>>
>>>>>>>>> Although the Contact header of 200 OK is correct :
>>>>>>>>> Contact: <sip:4000 at X.Y.Z.W:5060;transport=udp>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Appreciate all comments,
>>>>>>>>> -- Afshin
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _________________________________________________________________________
>>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>>> consulting at freeswitch.org
>>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>>
>>>>>>>>> 
>>>>>>>>> 
>>>>>>>>>
>>>>>>>>> Official FreeSWITCH Sites
>>>>>>>>> http://www.freeswitch.org
>>>>>>>>> http://wiki.freeswitch.org
>>>>>>>>> http://www.cluecon.com
>>>>>>>>>
>>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>>> UNSUBSCRIBE:
>>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> "Efficiency is doing things right; effectiveness is doing the right
>>>>>>>> things (Peter Drucker)"
>>>>>>>>
>>>>>>>> Miguel Oyarzo
>>>>>>>> DevOps & VoIP Engineer
>>>>>>>> Linux User: # 483188 - counter.li.org
>>>>>>>> http://au.linkedin.com/in/mikeaustralia
>>>>>>>> Melbourne, Australia
>>>>>>>>
>>>>>>>>
>>>>>>>> _________________________________________________________________________
>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>> consulting at freeswitch.org
>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>
>>>>>>>> 
>>>>>>>> 
>>>>>>>>
>>>>>>>> Official FreeSWITCH Sites
>>>>>>>> http://www.freeswitch.org
>>>>>>>> http://wiki.freeswitch.org
>>>>>>>> http://www.cluecon.com
>>>>>>>>
>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>> UNSUBSCRIBE:
>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>> http://www.freeswitch.org
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _________________________________________________________________________
>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>> consulting at freeswitch.org
>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>
>>>>>>> Official FreeSWITCH Sites
>>>>>>> http://www.freeswitch.org
>>>>>>> http://confluence.freeswitch.org
>>>>>>> http://www.cluecon.com
>>>>>>>
>>>>>>>
>>>>>>> 
>>>>>>> 
>>>>>>>
>>>>>>> FreeSWITCH-users mailing list
>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>> UNSUBSCRIBE:
>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>> http://www.freeswitch.org
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _________________________________________________________________________
>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>> consulting at freeswitch.org
>>>>>> http://www.freeswitchsolutions.com
>>>>>>
>>>>>> Official FreeSWITCH Sites
>>>>>> http://www.freeswitch.org
>>>>>> http://confluence.freeswitch.org
>>>>>> http://www.cluecon.com
>>>>>>
>>>>>> 
>>>>>> 
>>>>>>
>>>>>> FreeSWITCH-users mailing list
>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>> UNSUBSCRIBE:
>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>> http://www.freeswitch.org
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> _________________________________________________________________________
>>>>> Professional FreeSWITCH Consulting Services:
>>>>> consulting at freeswitch.org
>>>>> http://www.freeswitchsolutions.com
>>>>>
>>>>> Official FreeSWITCH Sites
>>>>> http://www.freeswitch.org
>>>>> http://confluence.freeswitch.org
>>>>> http://www.cluecon.com
>>>>>
>>>>> 
>>>>> 
>>>>>
>>>>> FreeSWITCH-users mailing list
>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>> UNSUBSCRIBE:
>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>> http://www.freeswitch.org
>>>>>
>>>>
>>>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>> 
>> 
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
> --
> "Efficiency is doing things right; effectiveness is doing the right things
> (Peter Drucker)"
>
> Miguel Oyarzo
> DevOps & VoIP Engineer
> Linux User: # 483188 - counter.li.org
> http://au.linkedin.com/in/mikeaustralia
> Melbourne, Australia
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
> 
> 
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140818/99c6f4fb/attachment-0001.html 


Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users mailing list