[Freeswitch-users] FS uses private rtp address in the SDP
afshin afzali
a.afzali2003 at gmail.com
Mon Aug 18 13:40:54 MSD 2014
Thank you so much Miguel :)
On Mon, Aug 18, 2014 at 1:51 PM, Miguel Oyarzo <miguelaustro at gmail.com>
wrote:
>
>
> One more time: spend a bit of time on ACL understanding.
> However, think more about your design. If you provide a public IP/SDP to
> the other end, the remote device will try to open a media session to the
> IP/Port announced into this SDP (from the 200 OK sip response).
>
>
> Cheers,
>
>
>
> On Mon, Aug 18, 2014 at 3:43 PM, afshin afzali <a.afzali2003 at gmail.com>
> wrote:
>
>> Hi,
>> Yes, you pointed out to the exact result that I reached. In outbound
>> calls Freeswitch puts correct (public) IP in SDP. But in a inbound call
>> Freeswitch receives INVITE from a local router / firewall (Mikrotik).
>>
>> The trace shows that the INVITE received from for example 192.168.10.1
>> (router's local IP address) ( Freeswitch's private IP is 192.168.10.58)
>> although I have public address of my client in Via, Contact and SDP portion
>> of INVITE message. It obvious that Freeswitch selects it's local IP address
>> for SDP portion of it's 200 OK. My question is WHY? :)
>>
>> It knows that is on a NAT session so uses it's public address in Contact
>> header. How can I change Freeswitch's behavior ? How can I give the INVITE
>> message to Freeswitch that does not show it receives from a local IP?
>>
>> BEST,
>>
>> Afshin
>>
>>
>> On Mon, Aug 18, 2014 at 6:38 AM, Miguel Oyarzo <miguelaustro at gmail.com>
>> wrote:
>>
>>> Hi,
>>> When I told you about ACL, it was because this is a normal
>>> misunderstanding.
>>> ACL helps to determinate what is considered as a local and external
>>> address.
>>>
>>> Have you checked if the INVITE arrives with an IP address within your
>>> local network?
>>> If so, that will produce a 200 OK response with an local IP into the SDP
>>> message .
>>>
>>> use tcpdump, ngrep or any other tool to determinate IP addresses
>>> involved in your scenario.
>>>
>>> Regard,
>>>
>>>
>>>
>>>
>>> On Sun, Aug 17, 2014 at 3:26 PM, afshin afzali <a.afzali2003 at gmail.com>
>>> wrote:
>>>
>>>> mod_commands.c:642 nat_map API called while NAT not initialized
>>>>
>>>> Is that my problem?
>>>>
>>>>
>>>> On Sat, Aug 16, 2014 at 9:15 PM, afshin afzali <a.afzali2003 at gmail.com>
>>>> wrote:
>>>>
>>>>> Appreciate that,
>>>>> You used stun protocol to detect external IP address although I'm
>>>>> using the exact address so I think it makes no difference.
>>>>>
>>>>> I would appreciate if I know in which conditions FreeSWITCH uses
>>>>> public IP address in SDP protocol.
>>>>>
>>>>>
>>>>> On Saturday, August 16, 2014, Douglas Adami <
>>>>> webmaster.rumodigital at gmail.com> wrote:
>>>>>
>>>>>> Hi Afshin,
>>>>>>
>>>>>> I have the same scenario as you and 100% functional, this is my setup.
>>>>>>
>>>>>> <X-PRE-PROCESS cmd="set" data="external_rtp_ip=stun:
>>>>>> stun.freeswitch.org"/>
>>>>>> <X-PRE-PROCESS cmd="set" data="external_sip_ip=stun:
>>>>>> stun.freeswitch.org"/>
>>>>>>
>>>>>> <param name="apply-nat-acl" value="nat.auto"/>
>>>>>>
>>>>>> <param name="rtp-ip" value="$${local_ip_v4}"/>
>>>>>> <param name="sip-ip" value="$${local_ip_v4}"/>
>>>>>> <param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
>>>>>> <param name="ext-sip-ip" value="$${external_sip_ip}"/>
>>>>>>
>>>>>> I'm new around here, so let's wait for a response from some expert.
>>>>>>
>>>>>> good settings
>>>>>>
>>>>>> Doug
>>>>>>
>>>>>>
>>>>>> On Sat, Aug 16, 2014 at 2:02 PM, afshin afzali <
>>>>>> a.afzali2003 at gmail.com> wrote:
>>>>>>
>>>>>>> Hi Douglas,
>>>>>>>
>>>>>>> Thanks for your reply,
>>>>>>> I)
>>>>>>>
>>>>>>> In my scenario both of FreeSWITCH and client are behind the firewall.
>>>>>>>
>>>>>>> II)
>>>>>>>
>>>>>>> <X-PRE-PROCESS cmd="set" data="bind_server_ip=auto"/>
>>>>>>> <X-PRE-PROCESS cmd="set" data="external_rtp_ip=X.Y.Z.W"/>
>>>>>>> <X-PRE-PROCESS cmd="set" data="external_sip_ip=X.Y.Z.W"/>
>>>>>>>
>>>>>>> I have a static public IP (for Freeswitch) and I know what it is so
>>>>>>> I specified it explicitly.
>>>>>>>
>>>>>>> Do I have to set bind_server_ip to a specific IP in case of NAT
>>>>>>> traversal as I specified local IP addresses for sip and rtp?
>>>>>>>
>>>>>>> III)
>>>>>>> in the SIP profile
>>>>>>> <param name="sip-ip" value="192.168.10.59"/>
>>>>>>> <param name="rtp-ip" value="192.168.10.59"/>
>>>>>>> <param name="ext-sip-ip" value="X.Y.Z.W"/>
>>>>>>> <param name="ext-rtp-ip" value="X.Y.Z.W"/>
>>>>>>> for apply-nat-acl I examined nat.auto, rfc1918, ... :(
>>>>>>>
>>>>>>> I did not refer to external_sip_ip / external_rtp_ip vaiables in the
>>>>>>> SIP profile and explicitly defined external static IP.
>>>>>>>
>>>>>>>
>>>>>>> BEST,
>>>>>>>
>>>>>>> Afshin
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Sat, Aug 16, 2014 at 5:01 PM, Douglas Adami <
>>>>>>> webmaster.rumodigital at gmail.com> wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> NAT scenario, correct?
>>>>>>>> https://confluence.freeswitch.org/display/FREESWITCH/NAT+Traversal
>>>>>>>>
>>>>>>>> try this:
>>>>>>>>
>>>>>>>> vars.xml
>>>>>>>> <X-PRE-PROCESS cmd="set" data="bind_server_ip=my.domain.com"/>
>>>>>>>> <X-PRE-PROCESS cmd="set" data="external_sip_ip=stun:
>>>>>>>> stun.freeswitch.org"/>
>>>>>>>> <X-PRE-PROCESS cmd="set" data="external_rtp_ip=stun:
>>>>>>>> stun.freeswitch.org"/>
>>>>>>>>
>>>>>>>>
>>>>>>>> sip_profiles:
>>>>>>>>
>>>>>>>> sipinterface_1.xml
>>>>>>>> <param name="apply-nat-acl" value="nat.auto"/>
>>>>>>>> <param name="ext-sip-ip" value="$${external_sip_ip}"/>
>>>>>>>> <param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
>>>>>>>>
>>>>>>>> Doug
>>>>>>>>
>>>>>>>>
>>>>>>>> On Sat, Aug 16, 2014 at 7:26 AM, afshin afzali <
>>>>>>>> a.afzali2003 at gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Hi Miguel,
>>>>>>>>>
>>>>>>>>> I do not understand how the ACL (if you mean apply-nat-acl) can
>>>>>>>>> effects on using public IP in SDP when I specified both ext-sip-ip and
>>>>>>>>> ext-rtp-ip in sip profile!
>>>>>>>>> I changed the apply-nat-acl to a "always allow" and "rfc1918" but
>>>>>>>>> does not make difference.
>>>>>>>>>
>>>>>>>>> Afshin
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Thu, Aug 14, 2014 at 3:18 PM, Miguel Oyarzo <
>>>>>>>>> miguelaustro at gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Wrong ACL?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Wed, Aug 13, 2014 at 10:06 PM, afshin afzali <
>>>>>>>>>> a.afzali2003 at gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi FreeSWITCHers:
>>>>>>>>>>>
>>>>>>>>>>> I configured a sip profile as bellow:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> =================================================================================================
>>>>>>>>>>> Name sipinterface_1
>>>>>>>>>>> Domain Name N/A
>>>>>>>>>>> Auto-NAT false
>>>>>>>>>>> DBName sofia_reg_sipinterface_1
>>>>>>>>>>> Pres Hosts
>>>>>>>>>>> Dialplan XML
>>>>>>>>>>> Context context_1
>>>>>>>>>>> Challenge Realm auto_to
>>>>>>>>>>> RTP-IP 192.168.10.59
>>>>>>>>>>> Ext-RTP-IP X.Y.Z.W
>>>>>>>>>>> SIP-IP 192.168.10.59
>>>>>>>>>>> Ext-SIP-IP X.Y.Z.W
>>>>>>>>>>> URL sip:mod_sofia at X.Y.Z.W:5060
>>>>>>>>>>> BIND-URL sip:mod_sofia at X.Y.Z.W
>>>>>>>>>>> :5060;maddr=192.168.10.59;transport=udp,tcp
>>>>>>>>>>> HOLD-MUSIC N/A
>>>>>>>>>>> OUTBOUND-PROXY N/A
>>>>>>>>>>> CODECS IN G722,PCMU,PCMA,GSM
>>>>>>>>>>> CODECS OUT G722,PCMU,PCMA,GSM
>>>>>>>>>>> TEL-EVENT 101
>>>>>>>>>>> DTMF-MODE rfc2833
>>>>>>>>>>> CNG 13
>>>>>>>>>>> SESSION-TO 0
>>>>>>>>>>> MAX-DIALOG 0
>>>>>>>>>>> NOMEDIA false
>>>>>>>>>>> LATE-NEG false
>>>>>>>>>>> PROXY-MEDIA false
>>>>>>>>>>> ZRTP-PASSTHRU false
>>>>>>>>>>> AGGRESSIVENAT true
>>>>>>>>>>> CALLS-IN 0
>>>>>>>>>>> FAILED-CALLS-IN 0
>>>>>>>>>>> CALLS-OUT 0
>>>>>>>>>>> FAILED-CALLS-OUT 0
>>>>>>>>>>> REGISTRATIONS 1
>>>>>>>>>>>
>>>>>>>>>>> for every INVITE that comes in via this profile, FS replys with
>>>>>>>>>>> this SDP:
>>>>>>>>>>>
>>>>>>>>>>> v=0
>>>>>>>>>>> o=FreeSWITCH 1407905843 1407905844 IN IP4 192.168.10.59
>>>>>>>>>>> s=FreeSWITCH
>>>>>>>>>>> c=IN IP4 192.168.10.59
>>>>>>>>>>> t=0 0
>>>>>>>>>>> m=audio 25142 RTP/AVP 0 101
>>>>>>>>>>> a=rtpmap:0 PCMU/8000
>>>>>>>>>>> a=rtpmap:101 telephone-event/8000
>>>>>>>>>>> a=fmtp:101 0-16
>>>>>>>>>>> a=ptime:20
>>>>>>>>>>>
>>>>>>>>>>> Although the Contact header of 200 OK is correct :
>>>>>>>>>>> Contact: <sip:4000 at X.Y.Z.W:5060;transport=udp>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Appreciate all comments,
>>>>>>>>>>> -- Afshin
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> _________________________________________________________________________
>>>>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>>>>> consulting at freeswitch.org
>>>>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Official FreeSWITCH Sites
>>>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>>> http://wiki.freeswitch.org
>>>>>>>>>>> http://www.cluecon.com
>>>>>>>>>>>
>>>>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>>>>> UNSUBSCRIBE:
>>>>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> "Efficiency is doing things right; effectiveness is doing the
>>>>>>>>>> right things (Peter Drucker)"
>>>>>>>>>>
>>>>>>>>>> Miguel Oyarzo
>>>>>>>>>> DevOps & VoIP Engineer
>>>>>>>>>> Linux User: # 483188 - counter.li.org
>>>>>>>>>> http://au.linkedin.com/in/mikeaustralia
>>>>>>>>>> Melbourne, Australia
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> _________________________________________________________________________
>>>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>>>> consulting at freeswitch.org
>>>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Official FreeSWITCH Sites
>>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>> http://wiki.freeswitch.org
>>>>>>>>>> http://www.cluecon.com
>>>>>>>>>>
>>>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>>>> UNSUBSCRIBE:
>>>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> _________________________________________________________________________
>>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>>> consulting at freeswitch.org
>>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>>
>>>>>>>>> Official FreeSWITCH Sites
>>>>>>>>> http://www.freeswitch.org
>>>>>>>>> http://confluence.freeswitch.org
>>>>>>>>> http://www.cluecon.com
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>>> UNSUBSCRIBE:
>>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>>> http://www.freeswitch.org
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> _________________________________________________________________________
>>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>>> consulting at freeswitch.org
>>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>>
>>>>>>>> Official FreeSWITCH Sites
>>>>>>>> http://www.freeswitch.org
>>>>>>>> http://confluence.freeswitch.org
>>>>>>>> http://www.cluecon.com
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> FreeSWITCH-users mailing list
>>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>>> UNSUBSCRIBE:
>>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>>> http://www.freeswitch.org
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _________________________________________________________________________
>>>>>>> Professional FreeSWITCH Consulting Services:
>>>>>>> consulting at freeswitch.org
>>>>>>> http://www.freeswitchsolutions.com
>>>>>>>
>>>>>>> Official FreeSWITCH Sites
>>>>>>> http://www.freeswitch.org
>>>>>>> http://confluence.freeswitch.org
>>>>>>> http://www.cluecon.com
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> FreeSWITCH-users mailing list
>>>>>>> FreeSWITCH-users at lists.freeswitch.org
>>>>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>>>>> UNSUBSCRIBE:
>>>>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>>>>> http://www.freeswitch.org
>>>>>>>
>>>>>>
>>>>>>
>>>>
>>>>
>>>> _________________________________________________________________________
>>>> Professional FreeSWITCH Consulting Services:
>>>> consulting at freeswitch.org
>>>> http://www.freeswitchsolutions.com
>>>>
>>>> Official FreeSWITCH Sites
>>>> http://www.freeswitch.org
>>>> http://confluence.freeswitch.org
>>>> http://www.cluecon.com
>>>>
>>>>
>>>>
>>>>
>>>> FreeSWITCH-users mailing list
>>>> FreeSWITCH-users at lists.freeswitch.org
>>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>>> UNSUBSCRIBE:
>>>> http://lists.freeswitch.org/mailman/options/freeswitch-users
>>>> http://www.freeswitch.org
>>>>
>>>
>>>
>>>
>>> --
>>> "Efficiency is doing things right; effectiveness is doing the right
>>> things (Peter Drucker)"
>>>
>>> Miguel Oyarzo
>>> DevOps & VoIP Engineer
>>> Linux User: # 483188 - counter.li.org
>>> http://au.linkedin.com/in/mikeaustralia
>>> Melbourne, Australia
>>>
>>> _________________________________________________________________________
>>> Professional FreeSWITCH Consulting Services:
>>> consulting at freeswitch.org
>>> http://www.freeswitchsolutions.com
>>>
>>> Official FreeSWITCH Sites
>>> http://www.freeswitch.org
>>> http://confluence.freeswitch.org
>>> http://www.cluecon.com
>>>
>>>
>>>
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> http://www.freeswitch.org
>>>
>>
>>
>> _________________________________________________________________________
>> Professional FreeSWITCH Consulting Services:
>> consulting at freeswitch.org
>> http://www.freeswitchsolutions.com
>>
>> Official FreeSWITCH Sites
>> http://www.freeswitch.org
>> http://confluence.freeswitch.org
>> http://www.cluecon.com
>>
>>
>>
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> http://www.freeswitch.org
>>
>
>
>
> --
> "Efficiency is doing things right; effectiveness is doing the right things
> (Peter Drucker)"
>
> Miguel Oyarzo
> DevOps & VoIP Engineer
> Linux User: # 483188 - counter.li.org
> http://au.linkedin.com/in/mikeaustralia
> Melbourne, Australia
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://confluence.freeswitch.org
> http://www.cluecon.com
>
>
>
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20140818/c4f26fdb/attachment-0001.html
Join us at ClueCon 2016 Aug 8-12, 2016
More information about the FreeSWITCH-users
mailing list