On Mon, Apr 12, 2010 at 01:11, Rod Whitworth <glis...@witworx.com> wrote: > On Mon, 12 Apr 2010 00:18:31 -0300, Hugo Osvaldo Barrera wrote: > 8>< snip long message. My reply would be easy to miss in all that and > it doesn't address lots of the thread. > > Caveat: I don't do pidgin etc BUT I do VoIP behind NAT with multiple > ATAs and the audio uses RTP. > > I use sipproxy from packages and it handles all of the RTP NAT > traversals without any fuss and I'd expect that you would need > something like that. > > Does pidgin use SIP to set up a session? If not, what does it use? > > I saw http://en.wikipedia.org/wiki/Jingle_(protocol) linked from > http://en.wikipedia.org/wiki/Pidgin_(software) but I don't know how > their details fit your case. > > IAC all these protocols that don't play nice with NAT are a royal PITA, > introducing complexities where none are needed if you begin the design > with the recognition that: > a> NAT is out there in force and won't go away soon. > b> Not everybody has enough routable addresses to have one per user. > c> IPv6 will fix the address shortage in the future BUT you need to > make sure you have catered for it NOW. > > Good luck - maybe you can use a (modified?) sip-proxy or get somebody > to write one for pidgin. > > R/ > > *** NOTE *** Please DO NOT CC me. I <am> subscribed to the list. > Mail to the sender address that does not originate at the list server is tarpitted. The reply-to: address is provided for those who feel compelled to reply off list. Thankyou. > > Rod/ > --- > This life is not the real thing. > It is not even in Beta. > If it was, then OpenBSD would already have a man page for it. > > >
If I've understood these days' reading correctly, a SIP proxy will not help. However, I'll seriously consider installing a TURN (http://en.wikipedia.org/wiki/TURN) server in my gateway. TURN is *ALMOST* an UDP proxy in practical terms, and since I'm using an external one, why not just use an internal one? I'd have no external dependency nor the latency added by an external TURN server. It's a shame I could not solve my problem using PF, but NAT is know to have these sort of issues. I believe you've helped me reach the best solution, so thank you, and thank everyone else who gave me a hand :D I'll post back if I have any luck with a local TURN server, in case anyone is interested, or in case anyone may need to know this in future :) -- Hugo Osvaldo Barrera
