G'day Todd and Jimmy
Some other things to consider, which might help is: · (Disclaimer, I am not 100% sure if I am correct here [or my terminology], but I have seen instances that leads me to believe this is the case.) RAT uses the same port for both sending and receiving audio. Therefore, if you are using a "stateful" firewall (ie, allows traffic in on the same port as going out), then this might explain why Rat works. Whereas, in simple terms, vic uses to different ports for incoming and outgoing traffic. This is why, if using a stateful firewall, vic doesn't work correctly! · The other thing that I have seen with "some" NAT'ed networks is: o Traffic would only be received, if you are transmitting. IE, no-one in rat would appear unless the talk button is enabled. This also occurred in vic as well. o Because of a "Nat'ed" network, each AG would appear as the same single ipaddress connecting to a Bridge. Because of the way unicast works (ie, only one ipaddress/port can connect at a single time), only a single AG site can connect to each bridge to work properly. Therefore, have you tried connecting using separate bridges? § I have seen this issue at a particular site, where if person A connects to Bridge X, person B can connect to Bridge X, but the traffic isn't being sent or received correctly. I hope some of this makes sense and helps. Cheers, Jason. -----Original Message----- From: Todd Zimmerman [mailto:[email protected]] Sent: Saturday, 1 November 2008 04:25 AM To: Jimmy Miklavcic Cc: [email protected] Subject: Re: [AG-TECH] AG and NAT'ed networks. On Tue, 2008-10-28 at 11:12 -0600, Jimmy Miklavcic wrote: > I'm working with Kansas University Medical Center and we've been > having troubles connecting via AG. They have a NAT'ed network and we > are using unicast. We connect and communicate via RAT but we are > unable to exchange video. The strange thing is that I a seeing their > private IP address in the RAT, I assume that I should be seeing a more > public address. Not necessarily. When you say "in the RAT" I assume you mean listed on the RAT gui?? This ip comes from the RTCP and RAT settings and does not necessarily reflect what is actually happen at the network level. To see where the packets are actually being sent would probably require a tcpdump. > I'm trying to understand the bridges' process flow. If two sites are > connected to a bridge via unicast, does the unicast/multicast bridge > process convert my unicast traffic to multicast then back to unicast > before sending the stream to the other site? If that is the case then > I can understand why we can't exchange video. Multicast can't handle > private IP space. But then, why does RAT work? If two sites are connected to the same bridge, then I don't think there is a double conversion. I can't guarantee that, but it wouldn't really make sense. I assume incoming unicast is redistributed to all existing unicast connections - then sent to the multicast address as required. My guess is that your suspicion of the bridge is not where the problem lies - my guess it is the NAT'ing and/or firewall. Correct me if I'm wrong experts!! but I believe for NAT'd networks, you have to port forward the required AG ports (video anyway) to the designated internal computer. Cheers, Todd -- Collaboration & Visualization Specialist UBC Okanagan - http://web.ubc.ca/okanagan WestGrid - www.westgrid.ca Ph. 250-807-9979 Todd Zimmerman - [email protected]
