VoIP Mailing List Archives

[62mkv at mail.ru]

Hi everyone

I would like to get some help and clarification from the experienced
ones, upon the following:

- we're using Asterisk 13.7.0, that is deployed on a host, that has a
public IP *and* a couple of gray IPs (192.168.x.x & 10.10.x.x)

- we're using WebRTC web-page (jsSIP) as a client

Which is the proper setup of ICE/STUN related config (on the Asterisk
and on the client) for the most reliable work in most cases ?

For example, now we're trying to use our own STUN server (from Debian's
"stund" package), whose documentation says "You have to have 2 different
public IPs on the same server in order to run STUN server"

Is it really so? and what are the implications of using it with only one
IP (which is possible, at least it runs seemingly well without that)

On the client side, we've configured jsSIP.UA to use our own STUN server
via "pcConfig" object

On Asterisk, we have icesupport=yes both in sip.conf and rtp.conf. We've
also enabled stunaddr=stun.l.google.com:19302 in rtp.conf.

Is it proper solution for this case ?

When I inspect SIP packets, I see that there are ICE candidates in both
offers and answers. BUT: SDP bodies in the packets from server to client
contain "gray" IPs of the Asterisk host:

a=ice-ufrag:636c49c84158d2b45840291c6724c0f9
a=ice-pwd:6b012c01092ec01275964eaa55a8784b
a=candidate:H904cc6da 1 UDP 2130706431 144.76.x.y 51604 typ host
a=candidate:Ha0a0202 1 UDP 2130706431 10.10.2.2 51604 typ host
a=candidate:S904cc6da 1 UDP 1694498815 144.76.x.y 51604 typ srflx raddr
144.76.x.y rport 51604
a=candidate:H904cc6da 2 UDP 2130706430 144.76.x.y 51605 typ host
a=candidate:Ha0a0202 2 UDP 2130706430 10.10.2.2 51605 typ host
a=candidate:S904cc6da 2 UDP 1694498814 144.76.x.y 51605 typ srflx raddr
144.76.x.y rport 51605

I am afraid it might be a potential problem, when a client will have his
private IP in similar subnets. Or am I wrong here ?

So far we are not experiencing any issues, but this seems to be alarming..

Can this behaviour (namely, which IP addresses does Asterisk include
into SDPs body) be configured somehow ?

Many thanks for any help with this question..

Kirill Marchuk

--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users

[62mkv at mail.ru]

Well, after a more specific research I came to 2 conclusions:

1) no need to specify "stunaddr" option in Asterisk configs in this
case, as we know that host definitely has a public IP

2) as of the inclusion of all local IP-addresses as candidates, this is
(apparently) done in "rtp_add_candidates_to_ice" function of
res_rtp_asterisk.c, where it has a code:
/* Add all the local interface IP addresses */
..

And as fas as I can tell from basic ICE overview [1], this should NOT
prevent proper session functioning, as long as candidate pairs
(local/remote) are checked for connectivity first.

Still, I would think it to be useful, to have an option to EXCLUDE local
IP-addresses from using as local candidates.

What does the community think on this ?

Thanks

Kirill Marchuk

[1] https://trac.pjsip.org/repos/wiki/Using_Standalone_ICE

18.03.2016 14:37, Kirill Marchuk пишет: