[asterisk-users] problems with natted phones

Sat Sep 4 16:16:39 CDT 2021

Hi Marek

The way it works is that the sip message will carry the sdp and in that will be the instructions for where to route the rtp

If systems don’t know their external address or are misconfigured they send an internal address that is not reachable from the far end. This is where lack of audio issues occur 

The main thing to show are the sip to/from addresses, anonymised but consistent, and the sdp data particularly the c and the media attributes

Here is some background 

https://support.yeastar.com/hc/en-us/articles/360009806434-Brief-Introduction-of-SIP-and-SDP-Protocol-?mobile_site=true

If the c attribute has an address that is not routeable from the device that received it then you won’t get any audio

It’s confusing at this stage but once you get a little more familiar it will start to make a lot of sense

> On 5/09/2021, at 8:16 AM, Marek Greško <mgresko8 at gmail.com> wrote:
> 
> Hello,
> 
> I agree my knowledge of SIP itself is poor, but I have quite well
> general tcp/ip understanding. What sip parameters should be
> anonymized? How about tag, branch, call-id, cseq values?
> 
> Thanks
> 
> Marek
> 
> 
> 2021-09-04 12:36 GMT+02:00, Duncan Turnbull <duncan at turnbull.co.nz>:
>> 
>> 
>>>> On 4/09/2021, at 8:55 PM, Marek Greško <mgresko8 at gmail.com> wrote:
>>> 
>>> Ok,
>>> 
>>> let substitute lan for 192.168.100.235, provider with 192.0.2.1 and
>>> asterisk with 198.51.100.1.
>> 
>> Can you provide the previous packet details with these addresses filled in
>>> 
>>> In the working scenario understand that asterisk is not aware of the
>>> providers ip address
>> If the call goes provider - asterisk - phone then asterisk is absolutely
>> aware of the provider ip. I think you need to get more familiar with sip and
>> rtp
>> 
>>> 192.0.2.1 in the sip protocol, and it should pick
>>> it from the network layer. It is harder to calcutale port, so it
>>> should probably listen for incoming rtp stream?
>> 
>> The sdp in the sip packet tells the rtp ip and port to connect to
>>> Until then it is just
>>> sending to private address? But I thing it is futile, since it is
>>> known from the sip protocol there is nat involved and thus the packets
>>> are destined to nowhere.
>> 
>> You need to realise that this works normally everyday all over the place so
>> what you are imagining is incorrect
>>> 
>>> But I still cannot imagine what goes wrong in non working scenario and
>>> how the asterisk reboot (not every one and not sure this is the real
>>> trigger). The sip communication seems identical to me. The provider's
>>> router does not touch SIP now as observed after disabling SIP ALG.
>> 
>> It is very unclear as to how you are justifying these statements. You don’t
>> yet understand how sip and call setup with media works. If you provide the
>> whole sip packet capture with the substituted ips it should be easier to
>> point out where the error is
>> 
>> You need to be really clear on what’s ip
>> is what and where the conversations are captured
>> 
>> It will become clear once you provide all the details
>> 
>> 
>>> 
>>> Thanks
>>> 
>>> Marek
>>> 
>>> 2021-09-04 0:40 GMT+02:00, Antony Stone
>>> <Antony.Stone at asterisk.open.source.it>:
>>>> On Saturday 04 September 2021 at 00:34:49, Duncan Turnbull wrote:
>>>> 
>>>>>>> On 4/09/2021, at 7:53 AM, Marek Greško <mgresko8 at gmail.com> wrote:
>>>>>>> 
>>>>>>> So you suspect something is messing up SIP protocol? Maybe the phone
>>>>>>> itself is not working properly. The phone itself is not aware of the
>>>>>>> internet address, so is sending lan private address in the sip
>>>>>>> protocol.
>>>>> 
>>>>> I doubt it’s the phone. You need to check your data again and ideally
>>>>> explain what you mean by the names you have substituted for the ip
>>>>> addresses
>>>> 
>>>> My advice (regarding the IP addresses) is:
>>>> 
>>>> - where you have https://tools.ietf.org/html/rfc1918 addresses, leave
>>>> them
>>>> as
>>>> they are - you're not giving away any sensitive information by telling us
>>>> about your internal addresses which can't be routed over the Internet
>>>> 
>>>> - where you have public addresses and would prefer not to reveal what
>>>> these
>>>> are, substitute with https://tools.ietf.org/html/rfc5737 addresses
>>>> instead.
>>>> 
>>>> - always ensure that you substitute address A in the same way each time,
>>>> and
>>>> address B, etc.
>>>> 
>>>> 
>>>> Antony.
>>>> 
>>>> --
>>>> You can spend the whole of your life trying to be popular,
>>>> but at the end of the day the size of the crowd at your funeral
>>>> will be largely dictated by the weather.
>>>> 
>>>> - Frank Skinner
>>>> 
>>>>                                                  Please reply to the
>>>> list;
>>>>                                                        please *don't* CC
>>>> me.
>>>> 
>>>> --
>>>> _____________________________________________________________________
>>>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>>> 
>>>> Check out the new Asterisk community forum at:
>>>> https://community.asterisk.org/
>>>> 
>>>> New to Asterisk? Start here:
>>>>     https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>>> 
>>>> asterisk-users mailing list
>>>> To UNSUBSCRIBE or update options visit:
>>>>  http://lists.digium.com/mailman/listinfo/asterisk-users
>>> 
>>> --
>>> _____________________________________________________________________
>>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>>> 
>>> Check out the new Asterisk community forum at:
>>> https://community.asterisk.org/
>>> 
>>> New to Asterisk? Start here:
>>>     https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>>> 
>>> asterisk-users mailing list
>>> To UNSUBSCRIBE or update options visit:
>>>  http://lists.digium.com/mailman/listinfo/asterisk-users
>> 
>> --
>> _____________________________________________________________________
>> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
>> 
>> Check out the new Asterisk community forum at:
>> https://community.asterisk.org/
>> 
>> New to Asterisk? Start here:
>>      https://wiki.asterisk.org/wiki/display/AST/Getting+Started
>> 
>> asterisk-users mailing list
>> To UNSUBSCRIBE or update options visit:
>>   http://lists.digium.com/mailman/listinfo/asterisk-users
> 
> -- 
> _____________________________________________________________________
> -- Bandwidth and Colocation Provided by http://www.api-digital.com --
> 
> Check out the new Asterisk community forum at: https://community.asterisk.org/
> 
> New to Asterisk? Start here:
>      https://wiki.asterisk.org/wiki/display/AST/Getting+Started
> 
> asterisk-users mailing list
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20210905/e1c1c9a3/attachment.html>