[ previous ] [ next ] [ threads ]
 To :  yate@v...
 From :  Etoile =?iso-8859-15?q?Di=E8se?= <support@e...>
 Subject :  Re: [yate] NAT support for SIP RTP
 Date :  Fri, 18 Aug 2006 19:54:16 +0200
Yes. It works when the router does symetric NAT.
If the router is not symetric, I can see the RTP port declared by the client 
in the Yate logs, example :

INVITE sip:0123456789@v...:5060 SIP/2.0
From: bewan ;tag=a0a0a0a-13c4-bb7-2dc63a-57eb
To: 
Call-ID: b2aa00-a0a0a0a-13c4-bb7-2dc63a-6665@v...
CSeq: 601 INVITE
Via: SIP/2.0/UDP 10.10.10.10:5060;branch=z9hG4bK-bb7-2dc63a-3948
Max-Forwards: 70
Supported: replaces
Contact: 
Content-Type: application/SDP
Content-Length: 318

v=0
o=Conexant 2890844526 2890842807 IN IP4 10.10.10.10
s=SIP ATA
c=IN IP4 10.10.10.10
t=0 0
m=audio 7092 RTP/AVP 18 8 0 101 13
a=rtcp:7093 IN IP4 10.10.10.10
a=rtpmap:18 G729/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:13 CN/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=sendrecv

Here port 7092, and I can immediately see the logs of the firewall dropping 
UDP packets on this port.

In fact, in this example, the router translated the RTP port from the internal 
7092 to an external 10002 so Yate should have sent the RTP packets to 10002.

Le Vendredi 18 Août 2006 19:49, vous avez écrit :
> Hello Etoile,
>
> Does your client open up the hole or not?
>
> Diana Cionoiu
>
> Etoile Dièse wrote:
> >Hello,
> >
> >You gave recently an URL : http://freshmeat.net/articles/view/2079/ that
> >explains how Yate can contact SIP phones inside a NATed network.
> >I use a Linux+iptables router. It does symetric NATing so the port given
> > in SDP header is the same as the port really opened on the public
> > interface of the router :
> >
> >LAN 7080 <------> router 7080 <------> Yate
> >
> >So no problem in this case. I forced the router to be non symetric by
> > forcing a translation of all UDP port between 10000 and 20000 :
> >
> >LAN 7080 <------> router 10001 <-------> Yate
> >
> >But it does not work as you describe in the article. In fact, Yate seems
> > to trust the port given in the SDP header instead of the origin port it
> > detects :
> >
> >LAN 7080 <------> router 10001 --------> Yate
> >                                          7080 <-------
> >
> >and all the RTP packets from Yate to this external 7080 port which is
> > closed are dropped by the firewall. This behavior is not what you
> > describe in the article, why does it happen ?
> >Is there any configuration parameter I missed ?
> >
> >Regards,

-- 
Support Etoile Dièse