[Spce-user] NAT Handeling for 2 UAs behind same NAT device

Deon Vermeulen vermeulen.deon at gmail.com
Thu Jan 6 14:57:14 EST 2011


Hi Daniel

Thank you for the info and answering my question.

I am just trying to take as much load of the proxy and save on bandwidth and improve/"guarantee" call quality as much as possible by not having to proxy RTP for these type of scenarios.
Even if the the UAs are on different subnets they should have communication between them, because of the "default gateway" knowing where to reach each of the respective private networks. I know that the gateway could be a firewall or there could be a firewall in between the subnets somewhere, but that issue can be easily resolved internally by allowing RTP traffic between the UAs.


Would I be correct, if I want to have RTP traffic flowing between the 2 UAs, in doing the following in the default /etc/kamailio/proxy.cfg?


>>>>>>>>>> LOCATION >>>>>>>>>>>>>>
        if(!lookup("location"))
        {
                if($avp(s:callee_base_user) != $null)
                {
                        $rU = $var(orig_ruri_user);
                }

                xlog("L_INFO", "Local user offline - M=$rm R=$ru F=$fu T=$tu IP=$si:$sp ID=$ci\n");
                if($avp(s:callee_cfna) != $null)
                {
                        xlog("L_INFO", "CFNA to '$avp(s:callee_cfna)' found - M=$rm R=$ru F=$fu T=$tu IP=$si:$sp ID=$ci\n");
                        route(ROUTE_ACC_CFU);
                        avp_delete("$avp(s:caller_uuid)/g");
                        avp_copy("$avp(s:callee_uuid)", "$avp(s:caller_uuid)/d");
                        avp_pushto("$ru", "$avp(s:callee_cfna)");

                        $var(forward) = 1;
                        $(avp(s:cf_depth)[*]) = $avp(s:cf_depth) + 1;
                        route(ROUTE_LOAD_CALLER_PREF);
                        route(ROUTE_FIND_CALLEE);
                        exit;
                }

                $avp(s:acc_callee_user) = $avp(s:callee_user);
                $avp(s:acc_callee_domain) = $avp(s:callee_domain);

                route(ROUTE_ACC_FAILURE);
                sl_send_reply("404", "User Offline");
        }
        else
        {
                if($avp(s:has_extension) != $null && $avp(s:has_extension) == 1)
                {
                        # if there's an extension, first send dialed number; on 404, send
                        # real user
                        $rU = $avp(s:acc_callee_user_in);
                        xlog("L_INFO", "Local user online, using extension as user - M=$rm R=$ru F=$fu T=$tu IP=$si:$sp ID=$ci\n");
                }
                else
                {
                        if($avp(s:callee_base_user) != $null)
                        {
                                if($avp(s:callee_base_cli) != $null && $avp(s:callee_extension) != $null)
                                {
                                        $rU = $avp(s:callee_base_cli) + $avp(s:callee_extension);
                                }
                                else
                                {
                                        $rU = $var(orig_ruri_user);
                                }
                        }
                        xlog("L_INFO", "Local user online, using base as user - M=$rm R=$ru F=$fu T=$tu IP=$si:$sp ID=$ci\n");
                }
		else
		{
			if ( $si==$dd || $si==rd) {
                                xlog("L_INFO", "Detected Two Clients Behind the Same NAT - Disabling RTPproxy");
           
                                # Do not use rtpproxy as the clients seem to be behind the same NAT
                                 resetflag(6);
		                 route(ROUTE_STOP_RTPPROXY);  ./ I could leave this out, but I think just to make 100% sure RTPProxy is disabled */
                          }
                }

                t_on_failure("FAILURE_ROUTE_LOCAL");
                route(ROUTE_OUTBOUND);
        }
        exit;

}
>>>>>>>>>> SNIP >>>>>>>>>>>>>>



Thank you again

Regards
Deon



On Jan 6, 2011, at 8:10 PM, Daniel Tiefnig wrote:

> On 01/06/2011 01:59 PM, Deon Vermeulen wrote:
>> The kamailio scripts are a bit over my head, so I'm trying to 
>> understand how the scripts handle NAT, especially when 2 UAs are 
>> behind the same NAT Device.
>> 
>> Will mediaproxy be used or will the RTP stream go from UA to UA?
> 
> The media stream will be routed via the media proxy, 'cause we can't
> know whether the devices are in the same subnet. Even if they are behind
> the same NAT gateway, there can be several subnets behind it and we
> don't know how big these are and whether traffic is routed/allowed
> between them.
> 
> br,
> daniel
> 
> _______________________________________________
> Spce-user mailing list
> Spce-user at lists.sipwise.com
> http://lists.sipwise.com/listinfo/spce-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sipwise.com/pipermail/spce-user_lists.sipwise.com/attachments/20110106/26be0ea3/attachment-0001.html>


More information about the Spce-user mailing list