[Freeswitch-users] [Q] nat is not detected, when running freeswitch in docker from local machine.

Ruslan Shevchenko ruslan at shevchenko.kiev.ua
Wed Jul 29 20:27:37 UTC 2020


On Wed, Jul 29, 2020 at 9:03 PM Jurijs Ivolga <jurijs.ivolga at gmail.com>
wrote:

> Hi Ruslan,
>
> First of all you need to map UDP ports to ones that are configured in
> Freeswitch config file switch.conf.xml. By default it is 16384-32768 for
> media.
>
> In your case you are trying to map -p63535-64535:63535-64535/udp, which
> probably is inconsistent with ports inside switch.conf.xml and that is why
> audio does not go through.
>
>
Yes, I changed port range appropriately.  Sorry if this was not clear in
the description of the configuration changes:
  //  autoload_configs/switch.conf.xml  --- a narrow set of RTP ports.


> Additionally I would not recommend to use big range as it by default,
> because as far as I know, when docker maps port-range it inserts ip
> iptables not one rule for range, but separate rule per each port and for me
> it was hanging up docker, so use it with caution.
>
> https://github.com/moby/moby/issues/11185  -- seems still not fixed, it
> is a couple of years already.
>
> Probably using Freeswitch with docker default bridge is not a good idea
> and easy to do, better to use a host network or your own bridge.
>
>
Hmm.... host network is not an option for macOS,

  yes, I understand that better have a Linux server with public IP,  but in
today-s system development ability to run and test all components
locally is a 'new normal'.
 Good thing,  that for local development we don't need to support thousands
of simultaneous connections,

Jurijs
>
>
> On Wed, Jul 29, 2020 at 8:48 PM David Villasmil <
> david.villasmil.work at gmail.com> wrote:
>
>> Run the container with —network=host
>>
>>
>> On Wed, 29 Jul 2020 at 16:35, Ruslan Shevchenko <
>> ruslan at shevchenko.kiev.ua> wrote:
>>
>>>
>>> Hi, colleagues.
>>>
>>> I discovered a strange problem when running Freeswitch from docker on
>>> the local machine,
>>>
>>> I have my machine API:  192.168.88.236
>>> and docker with internal ip. 172.17.0.2. (local_ip_v4)
>>>
>>> With the next changes relative to vanilla install:
>>> valr.xml :
>>>       external_rtp_ip=stun:stun.freeswitch.org  - changed to
>>> external_rtp_ip=192.168.88.236
>>>       external_sip_ip=stun:stun.freeswitch.org   - same
>>>
>>> autoload_configs/switch.conf.xml  --- a narrow set of RTP ports.
>>>
>>> sip_profiles:
>>>     internal.xml -- change ext-rtp-ip and ext-sip-ip to 192.168.88.236
>>>    external.xml -- same
>>>
>>> Then I trying to run docker from macos which publish ports:
>>> docker run -d -p 5060:5060/udp -p 5060:5060/tcp -p5061:5061/tcp -p
>>> 5080:5080/udp -p 5080:5080/tcp -p 5066:5066/tcp -p 7443:7443/tcp -p
>>> 63535-63635:63535-63635/tcp  -p63535-64535:63535-64535/udp  -p5555:5555
>>> -p5050:5050 -p8000:8000  --hostname zaka-voice
>>>  zaka-freeswitch-recognition:0.0.1
>>>
>>> And then when I try to call Freeswitch from linphone from the local net,
>>> I can hear an answer, but looks like  IVR on the Freeswitch side not
>>> receive RTP stream.
>>>
>>> I can't understand why.
>>>
>>> One hypothesizes -- that  FreeSWITCH not determinate existence of
>>> external_ip as NAT mode (?)  and ask the phone to send RTP to 172.17.0.2.
>>>
>>> How to verify this?    Maybe exists some ideas, how to debug such
>>> situation behind a sip trace?
>>>
>>> Thanks.
>>>
>>> P.S.  Additional info, if anybody found this interesting:
>>>
>>> I.e. I see SIP invite from FreeSWITCH
>>>
>>> SIP/2.0 100 Trying
>>> Via: SIP/2.0/TCP 192.168.88.238:50091
>>> ;branch=z9hG4bK.rNrD-0O~i;rport=51208;received=172.17.0.1
>>> From: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
>>> To: "33332220" <sip:33332220 at 192.168.88.236>
>>> Call-ID: 7At9kxIfv2
>>> CSeq: 21 INVITE
>>> User-Agent: FreeSWITCH-mod_sofia/1.10.4-dev-2421-8a5850ff26~64bit
>>> Content-Length: 0
>>>
>>> then  Ok and Acc from linphone (which freeswitch see as on 172.17.0.2)
>>>
>>> recv 354 bytes from tcp/[172.17.0.1]:51208 at 09:20:26.099724:
>>> ------------------------------------------------------------------------
>>> SIP/2.0 200 Ok
>>> Via: SIP/2.0/TCP 192.168.88.236;branch=z9hG4bK8502eXUvmSKyN
>>> From: <sip:1002 at 172.17.0.2>;tag=mrr024e5DH57Q
>>> To: <sip:1002 at 172.17.0.2>;tag=ftaVWOB
>>> Call-ID: 940c69ac-4c1f-1239-4cb1-0242ac110002
>>> CSeq: 23453420 NOTIFY
>>> User-Agent: LinphoneiOS/4.3.1 (iPad Ruslan) LinphoneSDK/4.4.0
>>> Supported: replaces, outbound, gruu
>>> Content-Length: 0
>>>
>>> recv 640 bytes from tcp/[172.17.0.1]:51208 at 09:20:26.514163:
>>> ------------------------------------------------------------------------
>>> ACK sip:33332220 at 192.168.88.236:5060;transport=tcp SIP/2.0
>>> Via: SIP/2.0/TCP 192.168.88.238:50091;rport;branch=z9hG4bK.iYrbMWTLP
>>> From: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
>>> To: "33332220" <sip:33332220 at 192.168.88.236>;tag=N1HS4ZZ8atUtK
>>> CSeq: 21 ACK
>>> Call-ID: 7At9kxIfv2
>>> Max-Forwards: 70
>>> Proxy-Authorization:  Digest realm="192.168.88.236",
>>> nonce="44104e4a-30cb-4277-8c31-61e437b6cbd1", algorithm=MD5,
>>> username="1002",  uri="sip:33332220 at 192.168.88.236",
>>> response="756a3d3e3a76996988afa09a5544f1d1", cnonce="CWKOLtHm9Z8eVYIm",
>>> nc=00000001, qop=auth
>>> User-Agent: LinphoneiOS/4.3.1 (iPad Ruslan) LinphoneSDK/4.4.0
>>> Content-Length: 0
>>>
>>> Then  freeswitch not see any activity and says BYE:
>>> BYE sip:1002 at 172.17.0.1:51208;transport=tcp SIP/2.0
>>> Via: SIP/2.0/TCP 192.168.88.236;branch=z9hG4bK9etUgrc0H29gH
>>> Max-Forwards: 70
>>> From: "33332220" <sip:33332220 at 192.168.88.236>;tag=N1HS4ZZ8atUtK
>>> To: <sip:1002 at 192.168.88.236>;tag=4bI6NNSIi
>>> Call-ID: 7At9kxIfv2
>>> CSeq: 23453425 BYE
>>> User-Agent: FreeSWITCH-mod_sofia/1.10.4-dev-2421-8a5850ff26~64bit
>>> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, MESSAGE, INFO, UPDATE,
>>> REGISTER, REFER, NOTIFY, PUBLISH, SUBSCRIBE
>>> Supported: timer, path, replaces
>>> Reason: Q.850;cause=16;text="NORMAL_CLEARING"
>>> Content-Length: 0
>>>
>>> ---
>>>   status of Sofia profile:
>>>
>>> ---
>>>
>>> freeswitch at zaka-voice> sofia status profile internal
>>>
>>> =================================================================================================
>>> Name             internal
>>> Domain Name       N/A
>>> Auto-NAT         false
>>> DBName           sofia_reg_internal
>>> Pres Hosts       172.17.0.2,172.17.0.2
>>> Dialplan         XML
>>> Context           public
>>> Challenge Realm   auto_from
>>> RTP-IP           172.17.0.2
>>> Ext-RTP-IP       192.168.88.236
>>> SIP-IP           172.17.0.2
>>> Ext-SIP-IP       192.168.88.236
>>> URL               sip:mod_sofia at 192.168.88.236:5060
>>> BIND-URL         sip:mod_sofia at 192.168.88.236:5060
>>> ;maddr=172.17.0.2;transport=udp,tcp
>>> WS-BIND-URL     sip:mod_sofia at 172.17.0.2:5066;transport=ws
>>> WSS-BIND-URL     sips:mod_sofia at 172.17.0.2:7443;transport=wss
>>> HOLD-MUSIC       local_stream://moh
>>> OUTBOUND-PROXY   N/A
>>> CODECS IN         OPUS,G722,PCMU,PCMA,H264,VP8
>>> CODECS OUT       OPUS,G722,PCMU,PCMA,H264,VP8
>>> TEL-EVENT         101
>>> DTMF-MODE         rfc2833
>>> CNG               13
>>> SESSION-TO       0
>>> MAX-DIALOG       0
>>> NOMEDIA           false
>>> LATE-NEG         true
>>> PROXY-MEDIA       false
>>> ZRTP-PASSTHRU     true
>>> AGGRESSIVENAT     false
>>> CALLS-IN         0
>>> FAILED-CALLS-IN   0
>>> CALLS-OUT         0
>>> FAILED-CALLS-OUT 0
>>> REGISTRATIONS     0
>>>
>>>
>>>
>>> --
>>> Ruslan Shevchenko
>>> Software Engineer.
>>> http://ua.linkedin.com/in/ruslanshevchenko
>>> _________________________________________________________________________
>>>
>>> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
>>> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
>>> services.
>>> Build your next product on our scalable cloud platform.
>>>
>>> Join our online community to chat in real time
>>> https://signalwire.community
>>>
>>> Professional FreeSWITCH Services
>>> sales at freeswitch.com
>>> https://freeswitch.com
>>>
>>> Official FreeSWITCH Sites
>>> https://freeswitch.com/oss
>>> https://freeswitch.org/confluence
>>> https://cluecon.com
>>>
>>> FreeSWITCH-users mailing list
>>> FreeSWITCH-users at lists.freeswitch.org
>>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>>> https://freeswitch.com
>>
>> --
>> Regards,
>>
>> David Villasmil
>> email: david.villasmil.work at gmail.com
>> phone: +34669448337
>> _________________________________________________________________________
>>
>> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
>> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
>> services.
>> Build your next product on our scalable cloud platform.
>>
>> Join our online community to chat in real time
>> https://signalwire.community
>>
>> Professional FreeSWITCH Services
>> sales at freeswitch.com
>> https://freeswitch.com
>>
>> Official FreeSWITCH Sites
>> https://freeswitch.com/oss
>> https://freeswitch.org/confluence
>> https://cluecon.com
>>
>> FreeSWITCH-users mailing list
>> FreeSWITCH-users at lists.freeswitch.org
>> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
>> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
>> https://freeswitch.com
>
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com



-- 
Ruslan Shevchenko
Software Engineer.
http://ua.linkedin.com/in/ruslanshevchenko
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20200729/6260e6a0/attachment-0001.html>


More information about the FreeSWITCH-users mailing list