Hi Bogdan Thank you for your help.
The nated client does register to opensips. It is set to register every 3600 sec, min time is 20 s and max time is 1800 s. It is default xLite setting. Here is the 200OK I captured from my nated client box: !'DVVEGTeEd=3SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.101 ;branch=z9hG4bKbf91.9b9bad57.0;received=233.32.345.5 Via: SIP/2.0/UDP 233.32.345.5:5800;received=233.32.345.5;rport=5800;branch=z9hG4bKNj4y6pUrS49FF Record-Route: <sip:192.168.1.101;lr;ftag=UD1K6e2FpUgNj> Contact: <sip:[EMAIL PROTECTED]:33756> To: "1000"<sip:[EMAIL PROTECTED]:5060>;tag=194ddb10 From: "0"<sip:[EMAIL PROTECTED]:5060>;tag=UD1K6e2FpUgNj Call-ID: MGUzMzZjNGNhNGM3MzY4ZDVjMjg3M2I2OGI2OTc0OWE. CSeq: 107790129 BYE User-Agent: X-Lite release 1011s stamp 41150 Content-Length: 0 Here is the INVITE request: !'DVVEMKd=*INVITE sip:[EMAIL PROTECTED]:5060 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.100:33756 ;branch=z9hG4bK-d87543-8e2c20026843651b-1--d87543-;rport Max-Forwards: 70 Contact: <sip:[EMAIL PROTECTED]:33756> To: "0"<sip:[EMAIL PROTECTED]:5060> From: "1000"<sip:[EMAIL PROTECTED]:5060>;tag=194ddb10 Call-ID: MGUzMzZjNGNhNGM3MzY4ZDVjMjg3M2I2OGI2OTc0OWE. CSeq: 1 INVITE Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO Content-Type: application/sdp User-Agent: X-Lite release 1011s stamp 41150 Content-Length: 423 v=0 o=- 9 2 IN IP4 192.168.1.100 s=CounterPath X-Lite 3.0 c=IN IP4 192.168.1.100 t=0 0 m=audio 26258 RTP/AVP 107 119 100 106 0 105 98 8 101 a=alt:1 1 : LGfU4oal SL5N8UZJ 192.168.1.100 26258 a=fmtp:101 0-15 a=rtpmap:107 BV32/16000 a=rtpmap:119 BV32-FEC/16000 a=rtpmap:100 SPEEX/16000 a=rtpmap:106 SPEEX-FEC/16000 a=rtpmap:105 SPEEX-FEC/8000 a=rtpmap:98 iLBC/8000 a=rtpmap:101 telephone-event/8000 a=sendrecv On Thu, Nov 27, 2008 at 1:53 AM, Bogdan-Andrei Iancu <[EMAIL PROTECTED] > wrote: > Hi Juan, > > I need to see the request part also to figure out if the flow through the > NAT is ok or not. > > As a side note - could you check if the device behind the nat is actually > receiving the 200 OK?. Because a typical reason for a missing ACK is a > missing 200 OK. > > Another question - the device placing the call (from behind the nat) is > registered or not? what is the estimated setup time in this case (time > between invite and 200 OK) ? > > Regards, > Bogdan > > Juan Backson wrote: > >> Hi, >> >> I am having problem with configuring opensips to work with NATed clients. >> In my configuration, I am using a B2BUA and Opensips as the sip proxy. >> The problem I am having is that when the B2BUA(233.32.345.5:5800) sends >> out 200 OK, Opensips (192.168.1.101:5060)is able to proxy it to the NATed >> client ( 116.24.163.21:2751 <http://116.24.163.21:2751>), but the NATed >> client is not sending back any ACK, so the B2BUA hangs up after 30 second. >> Could someone give me any suggestion on what may be wrong in my config? >> >> Thanks in advance for all the help. >> >> >> U 233.32.345.5:5800 -> 192.168.1.101:5060 <http://192.168.1.101:5060> >> SIP/2.0 200 OK. >> Via: SIP/2.0/UDP 192.168.1.101 <http://192.168.1.101 >> >;branch=z9hG4bK3ab5.9b17c4a1.0;received=233.32.345.5. >> Via: SIP/2.0/UDP 192.168.1.100:26682;received=116.24.163.21 < >> http://116.24.163.21 >> >;branch=z9hG4bK-d87543-1a09c008b901bc5c-1--d87543-;rport=2751. >> Record-Route: <sip:192.168.1.101 >> <http://192.168.1.101>;lr=on;ftag=b81a6b5e;nat=yes>. >> >> >> From: "1000" <sip:[EMAIL PROTECTED]:5060>;tag=b81a6b5e. >> To: "0" <sip:[EMAIL PROTECTED]:5060>;tag=Sy7K9eUFg61tB. >> Call-ID: ODRiMGUzMGFiZDg2OGU0OGNiYmE0MWY5OWRkMTMxOTA.. >> CSeq: 2 INVITE. >> Contact: <sip:[EMAIL PROTECTED]:5800;transport=udp>. >> User-Agent: FreeSWITCH-mod_sofia/1.0.trunk-10454M. >> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, PRACK, MESSAGE, SUBSCRIBE, >> NOTIFY, REFER, UPDATE, REGISTER, INFO. >> Supported: timer, precondition, path, replaces. >> Allow-Events: talk. >> Session-Expires: 120;refresher=uas. >> Min-SE: 120. >> Content-Type: application/sdp. >> Content-Disposition: session. >> Content-Length: 269. >> . >> v=0. >> o=FreeSWITCH 5494423604621376967 2638962022927722250 IN IP4 233.32.345.5. >> s=FreeSWITCH. >> c=IN IP4 233.32.345.5. >> t=0 0. >> m=audio 10272 RTP/AVP 0 101. >> a=rtpmap:0 PCMU/8000. >> a=rtpmap:101 telephone-event/8000. >> a=fmtp:101 0-16. >> a=silenceSupp:off - - - -. >> a=ptime:20. >> >> >> U 192.168.1.101:5060 <http://192.168.1.101:5060> -> 116.24.163.21:2751 < >> http://116.24.163.21:2751> >> SIP/2.0 200 OK. >> Via: SIP/2.0/UDP 192.168.1.100:26682;received=116.24.163.21 < >> http://116.24.163.21 >> >;branch=z9hG4bK-d87543-1a09c008b901bc5c-1--d87543-;rport=2751. >> Record-Route: <sip:192.168.1.101 >> <http://192.168.1.101>;lr=on;ftag=b81a6b5e;nat=yes>. >> >> >> From: "1000" <sip:[EMAIL PROTECTED]:5060>;tag=b81a6b5e. >> To: "0" <sip:[EMAIL PROTECTED]:5060>;tag=Sy7K9eUFg61tB. >> Call-ID: ODRiMGUzMGFiZDg2OGU0OGNiYmE0MWY5OWRkMTMxOTA.. >> CSeq: 2 INVITE. >> Contact: <sip:[EMAIL PROTECTED]:5800;transport=udp>. >> User-Agent: FreeSWITCH-mod_sofia/1.0.trunk-10454M. >> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, PRACK, MESSAGE, SUBSCRIBE, >> NOTIFY, REFER, UPDATE, REGISTER, INFO. >> Supported: timer, precondition, path, replaces. >> Allow-Events: talk. >> Session-Expires: 120;refresher=uas. >> Min-SE: 120. >> Content-Type: application/sdp. >> Content-Disposition: session. >> Content-Length: 269. >> . >> v=0. >> o=FreeSWITCH 5494423604621376967 2638962022927722250 IN IP4 233.32.345.5. >> s=FreeSWITCH. >> c=IN IP4 233.32.345.5. >> t=0 0. >> m=audio 10272 RTP/AVP 0 101. >> a=rtpmap:0 PCMU/8000. >> a=rtpmap:101 telephone-event/8000. >> a=fmtp:101 0-16. >> a=silenceSupp:off - - - -. >> a=ptime:20. >> >> >> U 192.168.1.101:5800 <http://192.168.1.101:5800> -> 233.32.345.5:5060 >> BYE sip:[EMAIL PROTECTED]:2751 <http://sip:[EMAIL PROTECTED]:2751> >> SIP/2.0. >> Via: SIP/2.0/UDP 233.32.345.5:5800;rport;branch=z9hG4bK01H0jSevQ2Nmc. >> Route: <sip:192.168.1.101 >> <http://192.168.1.101>;lr=on;ftag=b81a6b5e;nat=yes>. >> >> >> Max-Forwards: 70. >> From: "0" <sip:[EMAIL PROTECTED]:5060>;tag=Sy7K9eUFg61tB. >> To: "1000" <sip:[EMAIL PROTECTED]:5060>;tag=b81a6b5e. >> Call-ID: ODRiMGUzMGFiZDg2OGU0OGNiYmE0MWY5OWRkMTMxOTA.. >> CSeq: 107702524 BYE. >> Contact: <sip:[EMAIL PROTECTED]:5800;transport=udp>. >> User-Agent: FreeSWITCH-mod_sofia/1.0.trunk-10454M. >> Allow: INVITE, ACK, BYE, CANCEL, OPTIONS, PRACK, MESSAGE, SUBSCRIBE, >> NOTIFY, REFER, UPDATE, REGISTER, INFO. >> Supported: timer, precondition, path, replaces. >> Reason: SIP;cause=408;text="ACK Timeout". >> Content-Length: 0. >> . >> >> >> >> >> # >> # $Id: openser.cfg 1676 2007-02-21 13:16:34Z bogdan_iancu $ >> # >> #simple quick-start config script >> #Please refer to the Core CookBook at >> http://www.openser.org/dokuwiki/doku.php >> #for a explanation of possible statements, functions and parameters. >> # >> # ----------- global configuration parameters ------------------------ >> debug=3 # debug level (cmd line: -dddddddddd) >> fork=no >> log_stderror=yes # (cmd line: -E) >> children=4 >> port=5060 >> mpath="/usr/local/lib64/opensips/modules/" >> loadmodule "db_mysql.so" >> loadmodule "sl.so" >> loadmodule "tm.so" >> loadmodule "rr.so" >> loadmodule "maxfwd.so" >> loadmodule "usrloc.so" >> loadmodule "registrar.so" >> loadmodule "textops.so" >> loadmodule "mi_fifo.so" >> loadmodule "uri.so" >> loadmodule "uri_db.so" >> loadmodule "domain.so" >> loadmodule "xlog.so" >> loadmodule "permissions.so" >> loadmodule "auth.so" >> loadmodule "auth_db.so" >> loadmodule "dispatcher.so" >> loadmodule "nathelper.so" >> loadmodule "mediaproxy.so" >> >> >> >> >> >> >> >> >> modparam("mi_fifo", "fifo_name", "/tmp/opensips_fifo") >> modparam("usrloc", "db_mode", 2) >> >> modparam("rr", "enable_full_lr", 1) >> >> >> modparam("auth_db|usrloc|domain|uri_db|permissions|dispatcher","db_url","mysql:// >> root:[EMAIL PROTECTED]/app <http://root:[EMAIL PROTECTED]/app>") >> modparam("auth_db","calculate_ha1",yes) >> modparam("auth_db","password_column","password") >> modparam("auth_db","user_column","sip_user") >> modparam("auth_db","load_credentials","agent_id") >> modparam("uri_db","db_table","agent") >> modparam("uri_db","user_column","sip_user") >> modparam("uri_db","use_uri_table",0) >> modparam("auth_db","use_domain",0) >> modparam("permissions", "db_mode", 1) >> modparam("permissions", "trusted_table", "server") >> modparam("permissions","source_col","server_ip") >> modparam("permissions","proto_col","transport") >> modparam("permissions","from_col","from_pattern") >> modparam("permissions","tag_col","peer_tag") >> modparam("dispatcher","table_name","dispatcher") >> modparam("dispatcher","setid_col","setid") >> modparam("dispatcher","destination_col","destination") >> modparam("dispatcher","flags_col","flags") >> modparam("dispatcher","flags",3) >> modparam("auth_db","load_credentials","enable") >> >> >> modparam("nathelper","received_avp", "$avp(i:42)") >> >> modparam("nathelper","received_avp", "$avp(i:42)") >> modparam("nathelper", "rtpproxy_sock", "udp:127.0.0.1:7890 < >> http://127.0.0.1:7890>") >> modparam("nathelper", "natping_interval", 30) >> modparam("nathelper", "ping_nated_only", 0) >> modparam("nathelper", "sipping_bflag", 7) >> modparam("nathelper", "sipping_from", "sip:[EMAIL PROTECTED]<[EMAIL >> PROTECTED]><mailto: >> [EMAIL PROTECTED] <[EMAIL PROTECTED]>>") >> >> >> listen=udp:192.168.1.101:5060 <http://192.168.1.101:5060> >> listen=tcp:192.168.1.101:5060 <http://192.168.1.101:5060> >> >> listen=udp:233.32.345.5:5060 >> listen=tcp:233.32.345.5:5060 >> # ------------------------- request routing logic ------------------- >> # main routing logic >> route{ >> xlog("method <$rm> from-header <$fu>\n"); >> # initial sanity checks -- messages with >> # max_forwards==0, or excessively long requests >> if (!mf_process_maxfwd_header("10")) { >> sl_send_reply("483","Too Many Hops"); >> exit; >> }; >> if (msg:len >= 2048 ) { >> sl_send_reply("513", "Message too big"); >> exit; >> }; >> # we record-route all messages -- to make sure that >> # subsequent messages will go through our proxy; that's >> # particularly good if upstream and downstream entities >> # use different transport protocol >> >> ## NAT Detection # >> force_rport(); >> if (nat_uac_test("19")) { >> if (method=="REGISTER") { >> fix_nated_register(); >> } else { >> fix_nated_contact(); >> }; >> setflag(5); >> }; >> >> if(!is_method("REGISTER")){ >> if(nat_uac_test("19")){ >> record_route(";nat=yes"); >> } else { >> record_route(); >> }; >> }; >> >> if (has_totag()) { >> if (loose_route()) { >> >> if(method=="INVITE" && (!allow_trusted())) { >> if (!proxy_authorize("","auth")) { >> proxy_challenge("","0"); >> exit; >> } else if (!check_from()) { >> sl_send_reply("403", "Forbidden, use >> From=ID"); >> exit; >> }; >> if ($avp(s:enable)=="0") { >> sl_send_reply("403", "Forbidden, use From=ID"); >> exit; >> } >> }; >> route(1); >> } else { >> sl_send_reply("404","Not here"); >> } >> route(1); >> exit; >> } >> if (is_method("CANCEL")) { >> if (t_check_trans()) t_relay(); >> exit; >> } >> if (method=="REGISTER") { >> route(2); >> } else { >> route(3); >> }; >> } >> route[1] { >> >> >> # send it out now; use stateful forwarding as it works >> # reliably even for UDP2TCP >> t_on_reply("1"); >> t_on_failure("1"); >> if (!t_relay()) { >> sl_reply_error(); >> }; >> exit; >> } >> route[2] { >> # >> # -- Register request handler -- >> # >> if (is_uri_host_local()) { >> if (!www_authorize("", "auth")) { >> www_challenge("", "0"); >> exit; >> >> }; >> if (!check_to()) { >> sl_send_reply("403", "Forbidden"); >> exit; >> }; >> >> if ($avp(s:enable)=="0") { >> sl_send_reply("403", "Forbidden, >> use From=ID"); >> exit; >> } >> save("location"); >> exit; >> } else if { >> sl_send_reply("403", "Forbidden"); >> }; >> } >> route[3] { >> >> if (is_from_local()){ >> # From an internal domain -> check the credentials and the FROM >> if (!proxy_authorize("","auth")) { >> proxy_challenge("","0"); >> exit; >> } else if (!check_from()) { >> sl_send_reply("403", "Forbidden, use >> From=ID"); >> exit; >> }; >> consume_credentials(); >> # Verify aliases >> if (is_uri_host_local()) { >> # -- Inbound to Inbound >> route(10); >> } else { >> # -- Inbound to outbound >> route(11); >> }; >> } else { >> if (is_uri_host_local()) { >> #-- Outbound to inbound >> route(12); >> } else { >> # -- Outbound to outbound >> route(13); >> }; >> }; >> } >> route[4] { >> revert_uri(); >> rewritehostport("233.32.345.5:5800"); >> route(1); >> >> >> >> >> } >> >> >> route[6] { >> if (is_method("BYE")) { >> } else if ((is_method("INVITE"))){ >> append_hf("P-hint: Route[6]: Rtpproxy \r\n"); >> t_on_failure("3"); >> }; >> } >> route[10] { >> append_hf("P-hint: inbound->inbound \r\n"); >> route(4); >> } >> route[11] { >> append_hf("P-hint: inbound->outbound \r\n"); >> route(1); >> } >> route[12] { >> lookup("aliases"); >> if (!lookup("location")) { >> sl_send_reply("404", "Not Found"); >> exit; >> }; >> route(1); >> } >> route[13] { >> append_hf("P-hint: outbound->inbound \r\n"); >> sl_send_reply("403", "Forbidden"); >> exit; >> } >> onreply_route[1] { >> xlog("L_INFO", "Reply - S=$rs D=$rr F=$fu T=$tu IP=$si ID=$ci\n"); >> search_append('Contact:.*sip:[^>[:cntrl:]]*', ';nat=yes'); >> fix_nated_contact(); >> exit; >> >> } >> failure_route[1] { >> append_hf("P-hint: (4)passed thru failure_route[1]\r\n"); >> >> >> >> >> >> >> if (t_was_cancelled()) { >> exit; >> }; >> if (t_check_status("486")) { >> revert_uri(); >> prefix("b"); >> xlog("L_ERR","Stepped into the 486 ruri=<$ru>"); >> #ds_select_dst("2", "4"); >> rewritehostport("233.32.345.5:5800"); >> append_branch(); >> route(1); >> exit; >> }; >> if (t_check_status("408") || t_check_status("480")) { >> revert_uri(); >> prefix("u"); >> xlog("L_ERR","Stepped into the 480 ruri=<$ru>"); >> #ds_select_dst("2", "4"); >> rewritehostport("233.32.345.5:5800"); append_branch(); >> route(1); >> exit; >> }; >> } >> >> >> failure_route[3] { >> if (isbflagset(6) || isflagset(5)) { >> } >> } >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Users mailing list >> Users@lists.opensips.org >> http://lists.opensips.org/cgi-bin/mailman/listinfo/users >> >> > >
_______________________________________________ Users mailing list Users@lists.opensips.org http://lists.opensips.org/cgi-bin/mailman/listinfo/users