VoIP Mailing List Archives

[clive at lansink.co.nz]

Hi everyone.

I have a need to run two separate Freeswitch PCs behind my router and I'm trying to figure out the best way to do this.

For the first PC, in vars.xml I have set external_sip_port to 5060 and its TLS equivalent to 5061, and in switch.conf.xml I have set rtp-start-port to 17408 and rtp-end-port to 17920.
For the second PC, in vars.xml I have set external_sip_port to 5040 and its TLS equivalent to 5041, and in switch.conf.xml I have set rtp-start-port to 16384 and rtp-end-port to 16896.
On the router I have opened up UDP port 5060 and UDP ports 17408 to 17920 to the IP address of the first PC. I have opened up UDP port 5040 and UDP ports 16384 to 16896 to the IP address of the second PC.
Things are half working. But when I phone in on a number that should connect to the first PC, the call goes through and I can answer it, but I'm only getting audio one way.

Is there more I have to do to get Freeswitch to only use a certain range of ports for RTP so I can route correctly and avoid clashes? What am I missing here.

Cheers.


Clive Lansink
Email: Clive@Lansink.Co.NZ
Phone: +64 9 520-4242
Mobile: +64 21 663-999
Fax: +64 21 789-150

_________________________________________________________________________

The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
Build your next product on our scalable cloud platform.

Join our online community to chat in real time https://signalwire.community

Professional FreeSWITCH Services
sales@freeswitch.com
https://freeswitch.com

Official FreeSWITCH Sites
https://freeswitch.com/oss
https://freeswitch.org/confluence
https://cluecon.com

FreeSWITCH-users mailing list
FreeSWITCH-users@lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
https://freeswitch.com

[kaduww at gmail.com]

Hey Clive,

According to what you said, you didn't set the external ip params on your profile. Try adding this:


<param name="ext-rtp-ip" value="auto-nat"/>
<param name="ext-sip-ip" value="auto-nat"/>



With this, your FS servers will send the correct IP on SIP and SDP and the audio should work both ways.


Regards,






Em ter., 1 de jun. de 2021 às 01:02, Clive Lansink <clive@lansink.co.nz (clive@lansink.co.nz)> escreveu:

[clive at lansink.co.nz]

Hi Carlos.

Thanks for that. I thought before I change this, I'd let you know the current settings.

So in one server, in the file SIP profiles\external.xml, there is:
<param name="rtp-ip" value="$${local_ip_v4}"/>
<param name="sip-ip" value="$${local_ip_v4}"/>
<param name="ext-rtp-ip" value="<static IP address>"/>
<param name="ext-sip-ip" value="<static IP address>"/>
So that appears to be correct. I think at some stage I must have hard coded those static public IP addresses.

For the other server, that same file shows:
<param name="rtp-ip" value="$${local_ip_v4}"/>
<param name="sip-ip" value="$${local_ip_v4}"/>
<param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
<param name="ext-sip-ip" value="$${external_sip_ip}"/>
So this file is picking up the global variables. I've found these defined in vars.xml:
<X-PRE-PROCESS cmd="stun-set" data="external_rtp_ip=stun:stun.freeswitch.org"/>
<X-PRE-PROCESS cmd="stun-set" data="external_sip_ip=stun:stun.freeswitch.org"/>
I presume the STUN server would return the same static IP address.

So do you think it would make any difference setting these to auto-nat?

Cheers.


Clive Lansink
Email: Clive@Lansink.Co.NZ
Phone: +64 9 520-4242
Mobile: +64 21 663-999
Fax: +64 21 789-150

-----Original message-----
From: Carlos Eduardo <kaduww@gmail.com>
To: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Subject: Re: [Freeswitch-users] Two Freeswitch installations
Reply-to: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Date: Tue, 1 Jun 2021 01:10:26 -0300

Hey Clive,

According to what you said, you didn't set the external ip params on your
profile. Try adding this:

<param name="ext-rtp-ip" value="auto-nat"/>
<param name="ext-sip-ip" value="auto-nat"/>

With this, your FS servers will send the correct IP on SIP and SDP and the
audio should work both ways.

Regards,



Em ter., 1 de jun. de 2021 às 01:02, Clive Lansink <clive@lansink.co.nz>
escreveu:

[botelist at gmail.com]

"auto-nat" employs UPnP to communicate with your router and which is widely considered a security hole.

This wiki page discusses NAT pretty well:
https://freeswitch.org/confluence/display/FREESWITCH/NAT

Keep in mind that those X-PRE-PROCESS lines are only processed at start time.

Also, check that you do not have the -nonat switch on the freeswitch process start command.


John Boteler
BnC Group U.S.A.



-----Original Message-----
From: FreeSWITCH-users <freeswitch-users-bounces@lists.freeswitch.org> On Behalf Of Clive Lansink
Sent: Tuesday, 1 June, 2021 02:05
To: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Subject: Re: [Freeswitch-users] Two Freeswitch installations

Hi Carlos.

Thanks for that. I thought before I change this, I'd let you know the current settings.

So in one server, in the file SIP profiles\external.xml, there is:
<param name="rtp-ip" value="$${local_ip_v4}"/>
<param name="sip-ip" value="$${local_ip_v4}"/>
<param name="ext-rtp-ip" value="<static IP address>"/>
<param name="ext-sip-ip" value="<static IP address>"/> So that appears to be correct. I think at some stage I must have hard coded those static public IP addresses.

For the other server, that same file shows:
<param name="rtp-ip" value="$${local_ip_v4}"/>
<param name="sip-ip" value="$${local_ip_v4}"/>
<param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
<param name="ext-sip-ip" value="$${external_sip_ip}"/> So this file is picking up the global variables. I've found these defined in vars.xml:
<X-PRE-PROCESS cmd="stun-set" data="external_rtp_ip=stun:stun.freeswitch.org"/>
<X-PRE-PROCESS cmd="stun-set" data="external_sip_ip=stun:stun.freeswitch.org"/>
I presume the STUN server would return the same static IP address.

So do you think it would make any difference setting these to auto-nat?

Cheers.


Clive Lansink
Email: Clive@Lansink.Co.NZ
Phone: +64 9 520-4242
Mobile: +64 21 663-999
Fax: +64 21 789-150

-----Original message-----
From: Carlos Eduardo <kaduww@gmail.com>
To: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Subject: Re: [Freeswitch-users] Two Freeswitch installations
Reply-to: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Date: Tue, 1 Jun 2021 01:10:26 -0300

Hey Clive,

According to what you said, you didn't set the external ip params on your profile. Try adding this:

<param name="ext-rtp-ip" value="auto-nat"/> <param name="ext-sip-ip" value="auto-nat"/>

With this, your FS servers will send the correct IP on SIP and SDP and the audio should work both ways.

Regards,



Em ter., 1 de jun. de 2021 às 01:02, Clive Lansink <clive@lansink.co.nz>
escreveu:

[s.safarov at gmail.com]

one way audio because RTP packets to from phone do not reach your FreeSwitch.

Looks as you have allowed call signaling and RTP packets to pass on the router. But need to "forward all UDP packets from RANGE1 to FS1 and from RANGE2 to FS2".


you need to use iptables DNAT.


On Tue, Jun 1, 2021 at 7:47 AM Carlos Eduardo <kaduww@gmail.com (kaduww@gmail.com)> wrote:

[clive at lansink.co.nz]

OK following on from previous messages, can someone clarify exactly how Freeswitch RTP parameters work, rtp-start-port and rtp-end-port in switch.conf.xml.

I only know the basics of SIP negotiation but I understand the two end points need to agree on RTP ports to use. That means each side must transmit RtP UDP packets to a port the other side has designated it will receive on. I presume these parameters determine the range of ports Freeswitch could listen on. When the remote end point is somewhere else on the internet, I presume the external profile does an address translation so the negotiation is done in terms of the public IP address Freeswitch knows about.

So I have two Freeswitch servers behind the router. I've set these parameters to ranges that don't clash. And I've set the servers to use different external SIP ports. I've set the router to forward UDP packets from the outside so each range of ports goes to the appropriate server.

I should point out that until recently, I've only had the one Freeswitch server and I never changed these RTP parameters. I simply opened up UDP ports 16384 to 32767 on the router to go to the Freeswitch server and everything worked properly so I haven't had to give this any thought. It's only because I now have a need to run a separate Freeswitch server that I now have this problem.

More thoughts much appreciated.


Clive Lansink
Email: Clive@Lansink.Co.NZ
Phone: +64 9 520-4242
Mobile: +64 21 663-999
Fax: +64 21 789-150

-----Original message-----
From: "Bote Man" <botelist@gmail.com>
To: "'FreeSWITCH Users Help'" <freeswitch-users@lists.freeswitch.org>
Subject: Re: [Freeswitch-users] Two Freeswitch installations
Reply-to: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Date: Tue, 1 Jun 2021 03:07:09 -0400

"auto-nat" employs UPnP to communicate with your router and which is widely considered a security hole.

This wiki page discusses NAT pretty well:
https://freeswitch.org/confluence/display/FREESWITCH/NAT

Keep in mind that those X-PRE-PROCESS lines are only processed at start time.

Also, check that you do not have the -nonat switch on the freeswitch process start command.


John Boteler
BnC Group U.S.A.



-----Original Message-----
From: FreeSWITCH-users <freeswitch-users-bounces@lists.freeswitch.org> On Behalf Of Clive Lansink
Sent: Tuesday, 1 June, 2021 02:05
To: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Subject: Re: [Freeswitch-users] Two Freeswitch installations

Hi Carlos.

Thanks for that. I thought before I change this, I'd let you know the current settings.

So in one server, in the file SIP profiles\external.xml, there is:
<param name="rtp-ip" value="$${local_ip_v4}"/>
<param name="sip-ip" value="$${local_ip_v4}"/>
<param name="ext-rtp-ip" value="<static IP address>"/>
<param name="ext-sip-ip" value="<static IP address>"/> So that appears to be correct. I think at some stage I must have hard coded those static public IP addresses.

For the other server, that same file shows:
<param name="rtp-ip" value="$${local_ip_v4}"/>
<param name="sip-ip" value="$${local_ip_v4}"/>
<param name="ext-rtp-ip" value="$${external_rtp_ip}"/>
<param name="ext-sip-ip" value="$${external_sip_ip}"/> So this file is picking up the global variables. I've found these defined in vars.xml:
<X-PRE-PROCESS cmd="stun-set" data="external_rtp_ip=stun:stun.freeswitch.org"/>
<X-PRE-PROCESS cmd="stun-set" data="external_sip_ip=stun:stun.freeswitch.org"/>
I presume the STUN server would return the same static IP address.

So do you think it would make any difference setting these to auto-nat?

Cheers.


Clive Lansink
Email: Clive@Lansink.Co.NZ
Phone: +64 9 520-4242
Mobile: +64 21 663-999
Fax: +64 21 789-150

-----Original message-----
From: Carlos Eduardo <kaduww@gmail.com>
To: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Subject: Re: [Freeswitch-users] Two Freeswitch installations
Reply-to: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Date: Tue, 1 Jun 2021 01:10:26 -0300

Hey Clive,

According to what you said, you didn't set the external ip params on your profile. Try adding this:

<param name="ext-rtp-ip" value="auto-nat"/> <param name="ext-sip-ip" value="auto-nat"/>

With this, your FS servers will send the correct IP on SIP and SDP and the audio should work both ways.

Regards,



Em ter., 1 de jun. de 2021 às 01:02, Clive Lansink <clive@lansink.co.nz>
escreveu:

[mike at freeswitch.org]

Ports are negotiated, the config is for the local ports offered in that negotiation.

[clive at lansink.co.nz]

Thanks Mike. That is what I thought. So for the two instances of Freeswitch I want to run, by setting these parameters to ranges that don't overlap, you're saying I can be confident that each instance will not offer local ports that clash with the other instance. Each instance will only listen on an RTP port that is within the range set by rtp-start-port and rtp-end-port.

So that means I just need to ensure the router routes those ports correctly. I think I've done that but I will look at that more closely.

Cheers.


Clive Lansink
Email: Clive@Lansink.Co.NZ
Phone: +64 9 520-4242
Mobile: +64 21 663-999
Fax: +64 21 789-150

-----Original message-----
From: Mike Jerris <mike@freeswitch.org>
To: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Subject: Re: [Freeswitch-users] Two Freeswitch installations
Reply-to: FreeSWITCH Users Help <freeswitch-users@lists.freeswitch.org>
Date: Tue, 1 Jun 2021 09:37:58 -0600

Ports are negotiated, the config is for the local ports offered in that negotiation.