[Asterisk-Users] multiple nics and internet
Mario
mario.pandolfi at octotelematics.com
Mon Feb 7 04:20:13 MST 2005
Hi all,
recently i've posted a request about a big problem i have.
I was trying to configure asterisk & iax to serve a double ADSL connection and internal network, but even if i've used the default configuration for bindaddr ( 0.0.0.0 ) i had a very strange behaviour.
here is my conf.:
from ifconfig :
eth0 : 192.168.3.1
eth1 : 192.168.4.1
defualt gateway 192.168.3.254.
from iax.conf :
bindaddr = 0.0.0.0
Well, when i use the first address for iax registration everything goes fine, but when i try to use the second ip address, i will receive a reg ack from the first ip address and my client discard it ( right !! ).
client server
x.x.x.x ----> REG REQ ----> 192.168.3.1
x.x.x.x <---- REG ACK <---- 192.168.3.1
OK !
x.x.x.x ----> REG REQ ----> 192.168.4.1
x.x.x.x <---- REG ACK <---- 192.168.3.1
NOK!
I've made a full search for a solution of this problem and i found few informations ( i hope correct )
1. Asterisk uses kernel 2.0 based routing ( strange ! ) and it reach the destination based on default gateway. So if i use the same subnet of the second ip address it should work, else it uses the first address that is directly connected to the default gateway.
2. Someone point me to the use of iproute2 as a packet shaper. But if i've understood well, it can only use the destination address of the client and not the source address of the server for routing decision.
See below :
ip rule add to x.x.x.x lookup Table 1 ( where table 1 has a different default gw )
This is possible but useless when i have internet in the other side ( i couldn't predetermine all the class of subnet ! )
This is not possible
ip rule add from 192.168.4.1 lookup Table 1 ( because the source address has to be assigned before the routing decision )
3. Someone else said that the only solution is to install a second asterisk server to serve the second ADSL link and bind themselves with iax trunk.
At the end of this long listing you would know if i've had a solution ?
My answer is yes !
here is how.
look at this simple iptables command
iptables -t nat -A POSTROUTING -i eth2 -o eth0 -d 192.168.4.1 -j SNAT --to-source 192.168.4.2-192.168.4.253
eth2 is the ADSL connection
eth0 is the Asterisk connection
With this command i force the source ip address of a client from internet to be natted to a dynamic ip address in the right subnet and thus asterisk would use the right ip address to send packet back.
Simple !!
The only thing to remember is to assign the ip addresses of the pool to the mac-address of the firewall with this command
arp -f /etc/ethers
where /etc/ethers is:
x.x.x.2 AA:BB:CC:DD:EE:FF pub
x.x.x.3 AA:BB:CC:DD:EE:FF pub
...
x.x.x.253 AA:BB:CC:DD:EE:FF pub
if a class C is not enough for you ( you're a lucky boy ) simply use a class B or higher.
I've made some testing with iax2 ( it hasn't NAT issue ) and it works fine.
If someone else has a better solution Id be happy to hear from you, that's my best.
Mario
Hopefully it will be useful to someone else.
More information about the asterisk-users
mailing list