[prev in list] [next in list] [prev in thread] [next in thread]
List: leaf-user
Subject: Re: [leaf-user] Using a Sip phone with Dachstein 1.02
From: Robert Chambers <ka9yhd () covad ! net>
Date: 2003-11-25 13:16:45
[Download RAW message or body]
Ray:
In my discussions about Kphone on another forum, I was informed about an
app called siproxd from siproxd.sf.net which works with Kphone and
Linphone. A short explanation of siproxd copied from the sipoxd.sf.net
website:
Siprox is an proxy/masquerading daemon for the SIP protocol.
It handles registrations of SIP clients on a private IP network
and performs rewriting of the SIP message bodies to make SIP
connections possible via an masquerading firewall.
It allows SIP clients (like kphone, linphone) to work behind
an IP masquerading firewall or router.
Robert Chambers
Ray Olszewski wrote:
> At 08:33 PM 11/24/2003 -0600, Robert Chambers wrote:
>
>> I am trying to use a Sip phone with Dachstein 1.02 and according to
>> support@sipphone.com I must open ports in the range of 5004 and 5060
>> - 65534 UDP. But according to an email that I received from their
>> support, the phone will not work with Linux routers because they are
>> NAT type is symmetric.
>>
>> Here is a copy of one of the emails:
>>
>> "Open ports range 5004 and 5060-65534 UDP in your firewall to allow
>> SIPphone calls. You might want to check first to see if you are
>> behind asymetric NAT. Dial '*0' and wait for the announcement. If you
>> hear the message "You are behind a NAT" then you won't be able to
>> make any calls no matter how you set up your firewall. In this case
>> you might want to try updating the firmware on your router. If that
>> doesn't work then you will need to try a different router."
>
>
> I've only started seeing the terms "symmetric NAT" and "asymmetric
> NAT" very recently, and I had to Google them to find out what they
> (probably) mean. If I've misunderstood the terms, than the rest of my
> reply is nonsense, and I apologize for wasting your time.
>
> What I found (at
> http://www.kanga.nu/archives/MUD-Dev-L/2000Q1/msg00539.php; much more
> informative than the bafflegab on the sipphone.com Website) says that
> asymmetric NAT refers to situations where the number of internal IP
> addresses being NAT'd is greater than the number of external addresses
> they are being NAT'd to. Or, in terms more familiar to us old timers,
> "symmetric NAT" refers to the one-to-one NAT'ing of private to public
> IP addresses that I used to call static NAT, while "asymmetric NAT"
> refers to the many-to-one NAT'ing of private addresses to a single
> public address that I used to call dynamic NAT. (This simplifies
> things a bit too much, but not, I think, in ways that matter to the
> immediate problem.)
>
> Linux (LEAF and other) routers can do both kinds of NAT'ing. (Even
> ipchains could do static NAT'ing, and iptables is only better at it.)
> But to do symmetric NAT'ing, you need multiple public IP addresses,
> and LEAF routers are often used in settings where the goal is to share
> a single public address over all the hosts in a network. If you have a
> separate public IP address you can assign to the SIP device, your LEAF
> router is quite able to static-NAT it for you.
>
> But usually this sort of problem comes up in settings where only the
> single public address is available, and with peer-to-peer services
> like Kazaa and some multiplayer games. SIP is no different in
> principle from these other cases.
>
> The usual workaround for this sort of problem is to port-forward the
> required ports to the host you want to run the service on.
> Unfortunately, as far as I can find out, there are no standards for
> the ports that SIP phones use, so you get nonsense advice like
> requiring 60000 ports (5060 to 65534) to be available to the SIP host.
> (Similarly, I've seen docs for a Cisco SIP phone that requires
> forwarding of ~32000 ports.)
>
> If anyone knows a more comforting answer, I would love to see it. But
> I *believe* the problem here is not with Linux (or Linksys or Netgear
> or ... routers, all of which would also have this problem) but with a
> poor implementation of SIP by the vendor.
>
> FYI, the latest version of the Linux app kphone allows the user to
> specify the port range that its SIP connections will use. I don't have
> that working yet ... I started working on getting it and FWD running
> but got distracted ... but it might be the basis for a workaround that
> involves forwarding only a handful of ports (a dozen of so) to a
> sensible VoIP/SIP provider.
>
> In any case, the limitation you face derives not from Linux or LEAF,
> but from the availability of a single public IP address. Get a second
> address and the problem is easily handled by Linux. Without a second
> IP address ... you probably need to try a different VoIP supplier.
>
>
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: SF.net Giveback Program.
> Does SourceForge.net help you be more productive? Does it
> help you create better code? SHARE THE LOVE, and help us help
> YOU! Click Here: http://sourceforge.net/donate/
> ------------------------------------------------------------------------
> leaf-user mailing list: leaf-user@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/leaf-user
> SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
>
>
-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
Does SourceForge.net help you be more productive? Does it
help you create better code? SHARE THE LOVE, and help us help
YOU! Click Here: http://sourceforge.net/donate/
------------------------------------------------------------------------
leaf-user mailing list: leaf-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic