[asterisk-dev] chan_sip: auto_force_rport, auto_comedia: IPv6 and Firewalls?

[Alexander Traud]

In Asterisk 11, two auto_* values were added to the configuration parameter "nat". Those are about IPv4. Recently, I added IPv6 to my Asterisk. Because IPv6 does not have any NAT (normally), those auto_* disable both "force_rport" and "comedia". Therefore for IPv6 traffic, "nat=auto_force_rport,auto_comedia" is the same as "nat=no".

In one of my cases (mobile phone in the 3G network of Telekom Deutschland), neither SIP nor RTP work with auto_*, because there is a Firewall between my Asterisk and that phone. The IPv4+NAT saga moves to IPv6+Firewall.

Consequently, I need
IPv4: nat=auto_force_rport,auto_comedia
IPv6: nat=force_rport,comedia

Or stated differently:
After adding IPv6 to my Asterisk, I got issues with a configuration setting called "nat". This is counter-intuitive because IPv6 does not have NAT issues.

My proposal:
What about disabling the auto mechanisms, when IPv6 is involved?

That is a rather trivial change in channels/chan_sip.c:check_for_nat(.). However, before I submit such a change, I would like to know the opinion of the community. Perhaps, I have a misunderstanding. For example, while reading [1][2][3], I do not understand the purpose of these auto values, actually. Even if my phone is local to my network, I want "comedia". Currently, I solved my issue by going for "nat=force_rport,comedia" for both IPv6 and IPv4. Which scenario do I miss, by not going for auto_*?

[1] <http://issues.asterisk.org/jira/browse/ASTERISK-17860>
[2] <http://reviewboard.asterisk.org/r/1698/>
[3] <http://lists.digium.com/pipermail/asterisk-dev/2012-February/053568.html>