[Asterisk-Users] Re: Media Path Optimization & NAT

Rich Adamson radamson at routers.com
Wed Jan 19 08:21:23 MST 2005


> >>>>>>>>Now, I would very much like to remove the "canreinvite=no" from the 
> >>>>>>>>provider's definition on sip.conf, but doing so causes Asterisk to send 
> >>>>>>>>a re-invite to the provider pointing to a private IP. I thought that 
> >>>>>>>>correct localnet entries would solve this...
> >>>>>>>
> >>>>>>>By changing to canreinvite=yes, are you expecting the asterisk box to
> >>>>>>>act as a router, passing rtp traffic from your sip provider through
> >>>>>>>the box to a sip phone with a private address (without passing
> >>>>>>>asterisk code in the middle of the rtp session)?
> >>>>>>
> >>>>>>No, sorry. I'm looking for Asterisk to not issue the re-invites if the 
> >>>>>>two devices can't see each other. Think of mobile users who are often 
> >>>>>>behind the corporate firewall but also travel. I'm trying to avoid 
> >>>>>>having the media path be "user->corporate lan->pstn provider". I want it 
> >>>>>>to be "user->pstn provider".
> >>>>
> >>>>>When a user is in the office, his phone registers with asterisk, and he
> >>>>>places calls through asterisk to the sip provider. But, when he's
> >>>>>out of the office, he takes his phone with him, and you are wanting
> >>>>>him to make use of the canreinvite=yes to allow his phone to connect
> >>>>>directly to the sip provider avoiding asterisk (from an rtp perspective). 
> >>>>>Is that right?
> >>>>
> >>>I don't believe what you want is possible. The issue is in how sip
> >>>handles reinvites and nating (or lack thereof). What will further
> >>>complicate this is the laptop, when out of the office, is likely to
> >>>be behind yet a different nat box and the addressing used behind
> >>>that box may be completely different from your office nat.
> 
> It is my understanding that an intelligent soft-phone using STUN should 
> look like a system with a public IP when connecting to Asterisk. Thus, a 
> re-invite between the provider and the soft-phone would work.
> 
> However, there is no way for me to be selective and allow re-invites 
> between remote users and the provider, but not between local (NATed) 
> users and anyone else. I could have the local users go through an 
> "Outbound Proxy": would this solve the problem? I don't think so, since 
> then the mobile users would have trouhle when in the office.
> 
> Let me restate my problem. I have a group of users behind a constrained 
> pipe to the public network. There are a few mobile users that will 
> mostly be working from their home offices. I *really* want to avoid 
> having a call from a mobile user to a public number cause double the 
> traffic on the corporate link. Am I making any kind of sense?

You're making sense, but trying to use the canreinvite=yes is not going
to be the answer in my opinion. As stated previously, for that to work
as you'd like, the sip provider would need to initiate the reinvite and
its certainly not in their best interest to do that (not to mention the
time they would consume trying to make it work with unknown nat 
functions at your user's multiple locations).

There are lots of other ways to address the issue, but in my opinion
each approach will require spending additional funds. You really need
to identify the different ways to handle the requirement and the costs
associated with each. Don't know of any way around that.





More information about the asterisk-users mailing list