On 02/03/2012 02:52 PM, Josh wrote:
At this stage, after reading for the past couple of days, my two main
concerns are NAT handling of SIP as both the Asterisk & my clients will
be behind a firewall on a private net,
That's not entirely unusual. Unfortunate as it is, NAT abounds.
and multitasking - the latter
*may* be solved by going with AGI (not sure yet as Asterisk is still
completely new to me).
I don't really follow you.
If so, I am not completely clear on whether I need to explicitly specify
my public IP address (via externip/externhost) or whether Asterick is
able to find it without this option?
As I understand it, that depends on your router. If you have a Linux
router with the ip_nat_sip module, it'll "fix" your SIP packets so
that you don't need to use the externip setting. However, you'll need
to test to verify that.
Nope! My eth0 interface is not facing the public Internet directly - it
takes its IP address from my ISP's DHCP (which is private!) even though
it can forward/pass traffic through the public internet via that
interface, that is the problem.
In this case, "your" router is the one that your ISP provided or is
using, which performs NAT for your hosts. If it is Linux with
ip_nat_sip, I believe that it'll "fix" packets without requiring you to
configure your Asterisk host.
One final question about binding: in order to be able to use both tun0
and eth1 interfaces so that Asterick serves the calls from both eth1 and
tun0, do I have to use "bind 0.0.0.0"? Is there an alternative, like
specifying "bind 10.1.1.1" for eth1 and then "bind 10.1.2.1" for the
tun0 interface - is this possible?
Start with binding to 0.0.0.0.
That was my initial intention as I was hoping Linux will map each
request/response using the appropriate interface (i.e. on which
interface it comes from), I realise binding on 0.0.0.0. is not ideal
from a security point of view (I'd rather issue separate udpbind
statements for the interfaces I want to use), but for now it have to do
if there isn't an alternative.
Linux *can* do that, but it requires a bit of configuration for route
selection. I usually use Shorewall for multi-ISP (or multi-interface)
configurations.
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello
asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
