<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=big5">
<META content="MSHTML 6.00.2800.1491" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face="Times New Roman">Please ignore my previous email. Here is the
correct one. Thank you.</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV style="FONT: 10pt 新細明體">----- Original Message -----
<DIV style="BACKGROUND: #e4e4e4; font-color: black"><B>From:</B> <A
title=support@cybertel.biz href="mailto:support@cybertel.biz">support</A> </DIV>
<DIV><B>To:</B> <A title=serusers@lists.iptel.org
href="mailto:serusers@lists.iptel.org">serusers@lists.iptel.org</A> </DIV>
<DIV><B>Sent:</B> Thursday, February 17, 2005 11:59 AM</DIV>
<DIV><B>Subject:</B> STUN, rtpproxy problem</DIV></DIV>
<DIV><BR></DIV>
<DIV><FONT face="Times New Roman">Hi,</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">I am running ser-0.8.14 with rtpproxy and
nathelper. I have also enabled STUN on the same server.</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">My SIP UA supports STUN, but my PSTN
gateway does not.</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">If I don't enable STUN on SIP UA, I can route
the call to PSTN gateway successfully using rtpproxy.</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">If I enable STUN on SIP UA, I cannot route the
call out to PSTN gateway. On ringing sound is heard on callie, but no voice
passing through.</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">I use t_relay_to_udp to forward the call to
PSTN gateway. It seems that if STUN is supported on SIP UA, the call cannot
be routed to PSTN gateway.</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">Hope someone could fix this
problem.</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">Best wishes,</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">Thomas</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">My ser.cfg is as follows:</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman"><FONT face=新細明體>
<DIV><FONT face="Times New Roman">#<BR># $Id: ser.cfg,v 1.21.4.1 2003/11/10
15:35:15 andrei Exp $<BR>#<BR># simple quick-start config
script<BR>#</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># ----------- global configuration parameters
------------------------</FONT></DIV>
<DIV> </DIV>
<DIV><FONT
face="Times New Roman">debug=3 #
debug level (cmd line: -dddddddddd)<BR>fork=yes<BR>log_stderror=no # (cmd
line: -E)</FONT></DIV>
<DIV><FONT face="Times New Roman"></FONT> </DIV>
<DIV><FONT face="Times New Roman">check_via=no # (cmd. line:
-v)<BR>dns=no #
(cmd. line: -r)<BR>rev_dns=no # (cmd. line:
-R)</FONT></DIV>
<DIV> </DIV>
<DIV><FONT
face="Times New Roman">listen=""<BR>port=5060<BR>#children=4<BR>fifo_mode=0666<BR>fifo="/tmp/ser_fifo"</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># ------------------ module loading
----------------------------------</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># Uncomment this if you want to use SQL
database<BR>loadmodule "/usr/local/lib/ser/modules/mysql.so"</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman">loadmodule
"/usr/local/lib/ser/modules/sl.so"<BR>loadmodule
"/usr/local/lib/ser/modules/tm.so"<BR>loadmodule
"/usr/local/lib/ser/modules/rr.so"<BR>loadmodule
"/usr/local/lib/ser/modules/maxfwd.so"<BR>loadmodule
"/usr/local/lib/ser/modules/usrloc.so"<BR>loadmodule
"/usr/local/lib/ser/modules/registrar.so"<BR>loadmodule
"/usr/local/lib/ser/modules/textops.so"</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># Uncomment this if you want digest
authentication<BR># mysql.so must be loaded !<BR>loadmodule
"/usr/local/lib/ser/modules/auth.so"<BR>loadmodule
"/usr/local/lib/ser/modules/auth_db.so"</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># Nathelper<BR>loadmodule
"/usr/local/lib/ser/modules/nathelper.so"<BR># ----------------- setting
module-specific parameters ---------------</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># -- usrloc params --</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman">#modparam("usrloc", "db_mode",
0)</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># Uncomment this if you want to use SQL
database <BR># for persistent storage and comment the previous
line<BR>modparam("usrloc", "db_mode", 2)</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># -- auth params --<BR># Uncomment if you are
using auth module<BR>#<BR>modparam("auth_db", "calculate_ha1", yes)<BR>#<BR># If
you set "calculate_ha1" parameter to yes (which true in this config), <BR>#
uncomment also the following parameter)<BR>#<BR>modparam("auth_db",
"password_column", "password")</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># -- rr params --<BR># add value to ;lr param
to make some broken UAs happy<BR>modparam("rr", "enable_full_lr",
1)</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># -- Nathelper params
--<BR>modparam("registrar", "nat_flag", 6)<BR>modparam("nathelper",
"natping_interval", 30) # Ping interval<BR>modparam("nathelper",
"ping_nated_only", 1) # Ping only clients behind NAT</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># ------------------------- request
routing logic -------------------</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># main routing logic</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman">route{</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> # initial sanity checks -- messages
with<BR> # max_forwards==0, or excessively long requests<BR> if
(!mf_process_maxfwd_header("10")) {<BR> sl_send_reply("483","Too Many
Hops");<BR> break;<BR> };<BR> if ( msg:len > max_len )
{<BR> sl_send_reply("513", "Message too
big");<BR> break;<BR> };</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> # Nathelper<BR> if
(nat_uac_test("3")) {<BR> # Allow RR-ed requests, as these may
indicate that<BR> # a NAT-enabled proxy takes care of it; unless it
is<BR> # a REGISTER<BR> <BR> if (method ==
"REGISTER" || ! search("^Record-Route:")) {<BR>
log("LOG: Someone trying to register from private IP,
rewriting\n");</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> # This will
work only for user agents that support
symmetric<BR> # communication. We tested quite
many of them and majority is<BR> # smart enough to
be symmetric. In some phones it takes a
configuration<BR> # option. With Cisco 7960, it is
called NAT_Enable=Yes, with kphone it is<BR> #
called "symmetric media" and "symmetric signalling".</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman">
fix_nated_contact(); # Rewrite contact with source IP of
signalling<BR> if (method == "INVITE")
{<BR> fix_nated_sdp("1");
# Add direction=active to SDP<BR>
};<BR> force_rport(); # Add rport parameter to
topmost Via<BR> setflag(6); #
Mark as NATed<BR> };<BR> };</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> # we record-route all messages -- to
make sure that<BR> # subsequent messages will go through our proxy;
that's<BR> # particularly good if upstream and downstream
entities<BR> # use different transport protocol<BR> if
(!method=="REGISTER") record_route(); </FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> # subsequent messages withing a dialog
should take the<BR> # path determined by record-routing<BR> if
(loose_route()) {<BR> # mark routing logic in
request<BR> append_hf("P-hint: rr-enforced\r\n");
<BR> route(1);<BR> break;<BR> };</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> if (!uri==myself) {<BR> #
mark routing logic in request<BR> append_hf("P-hint: outbound\r\n");
<BR> route(1);<BR> break;<BR> };</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> # if the request is for other domain use
UsrLoc<BR> # (in case, it does not work, use the following
command<BR> # with proper names and addresses in it)<BR> if
(uri==myself) {</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> if (method=="REGISTER")
{</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># Uncomment this if you want to use digest
authentication<BR> if (!www_authorize("", "subscriber"))
{<BR> www_challenge("",
"0");<BR> break;<BR> };</FONT></DIV>
<DIV> </DIV>
<DIV><FONT
face="Times New Roman"> save("location");<BR> break;<BR> };<BR> <BR> if
(uri=~"^sip:866*") {<BR> log(1, "going to PSTN
route\n");<BR> route(2);<BR> break;<BR> };<BR> <BR> lookup("aliases");<BR> <BR> if
(!uri==myself) {<BR> append_hf("P-hint: outbound alias\r\n");
<BR> route(1);<BR> break;<BR> };<BR> <BR> #
native SIP destinations are handled using our USRLOC DB<BR> if
(!lookup("location")) {<BR> sl_send_reply("404", "Not
Found");<BR> break;<BR> };<BR> };<BR> append_hf("P-hint:
usrloc applied\r\n");<BR> route(1);</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman">}</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman">route[1] <BR>{<BR> # !!
Nathelper<BR> if
(uri=~"[@:](192\.168\.|10\.|172\.(1[6-9]|2[0-9]|3[0-1])\.)" &&
!search("^Route:")){<BR> sl_send_reply("479", "We don't
forward to private IP addresses");<BR>
break;<BR> };</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> # if client or server know to be behind
a NAT, enable relay<BR> if (isflagset(6)) {<BR>
force_rtp_proxy();<BR> };</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> # NAT processing of replies; apply to
all transactions (for example,<BR> # re-INVITEs from public to private UA
are hard to identify as<BR> # NATed at the moment of request processing);
look at replies<BR> t_on_reply("1");<BR> <BR> <BR> # send it
out now; use stateful forwarding as it works reliably<BR> # even for
UDP2TCP<BR> if (!t_relay())
{<BR> sl_reply_error();<BR> break;<BR> };<BR>}</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman">route[2]
{<BR> force_rtp_proxy();<BR> t_on_reply("1");<BR> t_relay_to_udp("<U><EM>T1 gateway
IP</EM></U>","<EM><U>T1 Gateway UDP port</U></EM>");<BR>}</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"># !! Nathelper<BR>onreply_route[1]
{<BR> # NATed transaction ?<BR> if
(isflagset(6) && status =~ "(183)|2[0-9][0-9]")
{<BR>
fix_nated_contact();</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face="Times New Roman"> # Not all 2xx messages have a content
body so here we make sure<BR> # out Content-Length > 0 to avoid a parse
error<BR> if (!search("^Content-Length:\0"))
{<BR> force_rtp_proxy();<BR>
};<BR> # otherwise, is it a transaction behind a NAT and we
did not<BR> # know at time of request processing ? (RFC1918
contacts)<BR> } else if (nat_uac_test("1"))
{<BR>
fix_nated_contact();<BR>
};<BR>}</FONT></DIV></FONT></DIV></FONT></BODY></HTML>