Is the kamailio behind nat communicating with another kamailio on a public IP?
Cheers, DAniel On Thu, Jan 14, 2016 at 1:33 PM, Nelson Migliaro <eng.migli...@gmail.com> wrote: > Thank you Daniel for your answer, > > As you mention, there is a symmetric nat and router does not allow a > static NAT. > > By sniffing traffic I can see the port is using new but in case it change, > how can automate the process of advertising the correct port? > > Cheers! > > > ---------- Forwarded message ---------- > From: Daniel-Constantin Mierla <mico...@gmail.com> > Date: 2016-01-13 23:28 GMT+01:00 > Subject: Re: [SR-Users] Kamailio and NAT > To: "Kamailio (SER) - Users Mailing List" <sr-users@lists.sip-router.org> > > > Hello, > > it looks like you have a symmetric nat router, so the allocated port is > randomly selected. > > If you don't control the nat router to set a static forwarding rule or it > doesn't provide the option to set static forwarding, then you are pretty > much left with sniffing the traffic to discover the external port and > advertise it. > > Cheers, > Daniel > > > > > On 13/01/16 20:31, Nelson Migliaro wrote: > > Hello, > > I finally were able to run my Kamailio behind NAT but in order to > accomplish that I included: > > listen=udp:SOURCE-IP:5060 advertise PUBLIC-IP:52548 > > 52548 is the port my internet router change when doing NAT (5060->52548). > I found this port sniffing traffic > > Conclusions at this point are: > > > ---------------------------------------------1-------------------------------------------------------------------------------------------------- > If I use this line: > > listen=udp:SOURCE-IP:5060 advertise PUBLIC-IP:5060 it does not work :( > > When I dial a call, INVITE / ACK / Trying / OK goes fine because they are > part of the same transaction > When remote party disconnects the call, BYE goes to PUBLIC-IP port 5060 > and router blocks de request. I assume vendor sends BYE to 5060 because it > is a new transaction > > -----------------------------------------------2-------------------------------------------------------------------------------------------------- > > If I use this line: > > listen=udp:SOURCE-IP:5060 advertise PUBLIC-IP:52548 it work !!!!!! > > When I dial a call, INVITE / ACK / Trying / OK goes fine because they are > part of the same transaction > When remote party disconnects the call, BYE goes to PUBLIC-IP port 52548 > and router forward the request to Kamailio. Since there is an open > connection. > > I need to find the way to find the way to advertise the public port > internet router is doing NAT (PAT). > > > --------------------------------------------------------------------------------------------------------------------------------------------------- > This trace is a call that worked fine because I included line: > > listen=udp:SOURCE-IP:5060 advertise PUBLIC-IP:52548 > > > This trace is an INVITE with this line: listen=udp:SOURCE-IP:5060 > advertise PUBLIC-IP:52548 > 2016/01/13 20:10:15.793568 PRIVATE-IP-KAMAILIO:5060 -> VENDOR-IP:5060 > INVITE sip:NUM-DESTINATION@VENDOR-IP SIP/2.0 > Record-Route: < > sip:PUBLIC-IP:52548;lr=on;ftag=as3b72a453;vsf=AAAAAAEECQkCAgsNAXBeL0NPXVQfU0suMTY5LjIzMQ--;vst=AAAAAAAAAAAAAAAAAABCUEIAX1lKWF5MF0tB > A-;nat=yes> > Via: SIP/2.0/UDP > PUBLIC-IP:52548;branch=z9hG4bKdd74.992e238037882e809653f713a5a580a9.0 > Via: SIP/2.0/UDP > PRIVATE-IP-SOFTPHONE:5060;received=PRIVATE-IP-SOFTPHONE;branch=z9hG4bK2f4e76ba;rport=5060 > Max-Forwards: 69 > From: NUM-SOURCE <sip:NUM-SOURCE@PRIVATE-IP-KAMAILIO>;tag=as3b72a453 > To: <sip:NUM-DESTINATION@sip.VENDOR-IP> > Contact: <sip:NUM-SOURCE@PRIVATE-IP-SOFTPHONE:5060;alias=PUBLIC-IP~5060~1> > Call-ID: 329950447629810f7bdeaeed0cc034e1@PRIVATE-IP-SOFTPHONE:5060 > CSeq: 102 INVITE > User-Agent: Kamailio > Date: Wed, 13 Jan 2016 19:10:15 GMT > Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, > PUBLISH, MESSAGE > Supported: replaces, timer > Content-Type: application/sdp > Content-Length: 255 > > > Trying..... > > 2016/01/13 20:10:15.842055 VENDOR-IP:5060 -> PRIVATE-IP-KAMAILIO:5060 > SIP/2.0 100 trying -- your call is important to us > Via: SIP/2.0/UDP > PUBLIC-IP:52548;branch=z9hG4bKdd74.992e238037882e809653f713a5a580a9.1;rport=52548 > Via: SIP/2.0/UDP > PRIVATE-IP-SOFTPHONE:5060;received=PRIVATE-IP-SOFTPHONE;branch=z9hG4bK2f4e76ba;rport=5060 > From: NUM-SOURCE <sip:NUM-SOURCE@PRIVATE-IP-KAMAILIO>;tag=as3b72a453 > To: <sip:NUM-DESTINATION@VENDOR-IP> > Call-ID: 329950447629810f7bdeaeed0cc034e1@PRIVATE-IP-SOFTPHONE:5060 > CSeq: 102 INVITE > Server: kamailio > Content-Length: 0 > > > > > And finally a BYE > > 2016/01/13 20:10:28.545526 VENDOR-IP:5060 -> PRIVATE-IP-KAMAILIO:5060 > BYE sip:34982298000@PRIVATE-IP-SOFTPHONE:5060;alias=PUBLIC-IP~5060~1 > SIP/2.0 > Via: SIP/2.0/UDP > VENDOR-IP;branch=z9hG4bK26d8.847e6e14eef37e2cfc8b5e81d33de73d.0 > From: <sip:675896262@PRIVATE-IP-KAMAILIO>;tag=gK0293ed93 > To: "NUM-SOURCE" <sip:NUM-SOURCE@ <sip%3anum-sou...@norvoz.es>VENDOR-IP > >;tag=as3b72a453 > Call-ID: 329950447629810f7bdeaeed0cc034e1@PRIVATE-IP-SOFTPHONE:5060 > CSeq: 28731 BYE > Max-Forwards: 69 > Route: < > sip:PUBLIC-IP:52548;lr=on;ftag=as3b72a453;vsf=AAAAAAEECQkCAgsNAXBeL0NPXVQfU0suMTY5LjIzMQ--;vst=AAAAAAAAAAAAAAAAAABCUEIAX1lKWF5MF0tBMzA-;na > yes> > Reason: Q.850;cause=16 > Content-Length: 0 > > > > > ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- > > Finally, It is finally working because I hardcoded NAT´d port. > I would like to find a way to avoid setting the port in "hard". > > Thank you > > > > > > -- > Daniel-Constantin Mierlahttp://twitter.com/#!/miconda - > http://www.linkedin.com/in/miconda > Book: SIP Routing With Kamailio - http://www.asipto.comhttp://miconda.eu > > > _______________________________________________ > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list > sr-users@lists.sip-router.org > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users > > > > _______________________________________________ > SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list > sr-users@lists.sip-router.org > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users > > -- Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/micond <http://www.linkedin.com/in/miconda>
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
