[Home]

Summary:ASTERISK-21225: [patch] Setting nat=force_rport in [general] sip.conf will never work
Reporter:Alexandre Vezina (avezina@ubikvoip.com)Labels:
Date Opened:2013-03-08 07:18:36.000-0600Date Closed:2013-04-08 17:09:20
Priority:MinorRegression?Yes
Status:Closed/CompleteComponents:Channels/chan_sip/General
Versions:11.2.1 Frequency of
Occurrence
Constant
Related
Issues:
must be completed before resolvingASTERISK-21374 [patch] One-way Audio With auto_* NAT Settings When SIP Calls Initiated By PBX
is duplicated byASTERISK-20674 nat=force_rport,comedia does not behave the same as nat=yes
is related toASTERISK-20904 RFC1918 NAT Issue On Prune
is related toASTERISK-20674 nat=force_rport,comedia does not behave the same as nat=yes
is related toASTERISK-21243 [patch] Backport Appropiate NAT Setting Cleanups To 1.8
Environment:Attachments:( 0) asterisk-21225-handle-options-default-prob_1.8_v4.diff
( 1) asterisk-21225-handle-options-default-prob_v4.diff
Description:I noticed that it was impossible to set nat=force_rport in the general section of sip.conf. It actually has no effect when issuing cli command "sip show settings" (result is Force rport: Auto (No).

The function to reload configurations in chan_sip.c sets the flag SIP_PAGE3_NAT_AUTO_RPORT in the global flags and the function sip_parse_nat_option in config_parser.c will only add the flag SIP_NAT_FORCE_RPORT if SIP_PAGE3_NAT_AUTO_RPORT is not present.

So, it seems impossible to raise the flag SIP_NAT_FORCE_RPORT in the [general] section of sip.conf.

Comments:By: Michael L. Young (elguero) 2013-03-08 10:21:22.553-0600

Give this patch a try.

Basically, it uses a temporary ast_flags structure to send to handle_common_options.  Then later on we apply those settings to the global_flags.  This way, we override the default settings.

This is what we do in build_peer().

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-08 12:35:35.693-0600

If I issue:

> module unload sip
> module load sip

I get Auto (Yes) from sip show settings. Will it force it?


If I try:

> sip reload

force rport goeas back to Auto (No)

By: Michael L. Young (elguero) 2013-03-08 13:22:29.250-0600

Auto(Yes) means that auto_force_rport is set and that Asterisk detected that force_rport was needed (NAT involved) so it has turned on force_rport.  Auto(No) means that auto_force_rport is set but force_rport is not turned on.

If you are setting in the [general] section, "nat=force_rport", then you should be getting simply "Yes" rather than "Auto(Yes)".

I will have to take another look at this.  When I tested it yesterday, it was working with sip reload I thought, but today I am seeing the same behavior that you just posted.  Perhaps I missed that and did just a plain asterisk restart.  Let me check further into what I am missing.

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-08 14:20:19.957-0600

All right.

I am also having the same issue with Symmetric RTP (comedia) which is always yes if I don't set it in the [general].

Moreover, DirectMedia is always Yes when I set to nonat in both general and peer config. (Direct RTP Setup is no if it is related).

Do you want me to file another bug or provide you more details?

By: Michael L. Young (elguero) 2013-03-08 15:16:33.230-0600

Before we get too far ahead of ourselves, let me double check what is going on first.

Can you please provide your exact sip.conf settings for the [general] section?  What version of Asterisk did you try this on?  11 or the 11 branch?

I just did some cleanup in regards to the new NAT settings which are in the Asterisk 11 branch but the focus was more on the peer settings.

Thanks

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-08 15:23:46.304-0600

[generat]
bindaddr=0.0.0.0
port=5060

allowguest=no

callerid=Unknown

allow=all

dtmfmode=auto

directmedia=nonat
nat=force_rport
qualify=yes

rtcachefriends=yes
rtautoclear=yes

disallow = all
allow = ulaw
allow = alaw
allow = gsm

I am on Asterisk 11.2.1 (the .tar.gz was downlaoded from http://www.asterisk.org/downloads

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-08 18:32:20.937-0600

Ok so... for the directmedia thing. I found on a forum that you can set it to no (directmedia=no). I could not find it in sip.conf.sample

By: Michael L. Young (elguero) 2013-03-09 23:01:51.273-0600

Okay.  Looks like this patch should take care of it... also, I think we are taking care of the directmedia problem you were having as well with this patch.

Let me know if that solves it.  Also, just an FYI... I did some cleanup to the NAT settings and dealing with realtime peers as well.  That patch is in the 11 branch and is not in 11.2.1.  The patch on ASTERISK-20904 (https://issues.asterisk.org/jira/secure/attachment/46557/asterisk-20904-nat-auto-and-rt-peersv2.diff) has those changes.

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-11 11:38:23.233-0500

Good job. This patch works great. I tested upon 'restart', 'module reload chan_sip.so' and 'sip reload' and everything works great.

I will have a look a your fix in NAT. Thank you.

I reverted the production to Asterisk 1.8.15 this weekend and I noticed the nat=force_rport,comedia only set the 'Force rport' param and not the 'Symmertric RTP'. So I set nat=yes to fix this. Is your patch compatible with 1.8?

-- May be another case

Also, in 1.8, setting directmedia=nonat sets "DirectMedia : No" and "DirectMedia : Yes" in 11.2.1. I don't know which one is good, but there's a problem there I think.

Last thing, do you think you could add this patch? It would have saved me a lot of time :P. Sorry, I am waiting for my License Agreement:  [edit - patch link removed by elguero]

Thanks again

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-11 11:42:20.942-0500

Sorry for the typo. Here's a new patch:  [edit - patch link removed by elguero]

By: Walter Doekes (wdoekes) 2013-03-11 11:43:08.234-0500

@elguero: what's that ipv6 check doing in the patch? Does it belong in the same commit? Does it need a comment?

By: Michael L. Young (elguero) 2013-03-11 12:15:29.483-0500

@Alexandre: 1.8 handles the NAT setting differently than 11 does.  In 1.8, the valid settings are "yes" (equivalent to force_rport and comedia), "no", "force_rport", or "comedia"; not a mix of those settings.  In 11, "yes" was deprecated and the ability to combine the settings was added as well as the new auto_force_rport and auto_comedia settings were added.

This patch is not really written for 1.8.  I was actually looking at 1.8 and I do see that 1.8 could benefit from this patch as well but it is going to have to be a different patch due to the differences in the handling of this setting.  Not a major difference but enough to warrant a separate patch.

Yes, the idea is to add these fixes into Asterisk and once approved be added to the releases.

@wdoekes: my thinking was that IPv6 shouldn't have NAT involved at all and therefore "natdetected" should not be turned on for the peer.  I saw in my testing of this patch that a client that was connecting over IPv6 had force_rport being turned on when it was set to auto_force_rport as the NAT setting for the peer or if that was the default global setting.  Do you recommend handling this a different way or would a comment be sufficient?  Should I save that for another patch?

By: Walter Doekes (wdoekes) 2013-03-11 14:28:41.253-0500

@elguero: Thanks for the explanation. Well yes. I think you should save that for a different patch.
(a) There is no problem in this bug that that change solves, and
(b) I would think that ast_sockaddr_cmp(&tmp, &p->recv) does what it's supposed to do.

If the cmp returns non-true then something would be wrong in the Via sent-by, and it's not at all bad that it goes into auto-rport mode. I'd file a different bug so we could examine why the first check doesn't catch the problem or decide that it's an UAC problem.

By: Michael L. Young (elguero) 2013-03-11 21:40:34.122-0500

This patch removes the IPv6 check that I added in the last patch.

By: Michael L. Young (elguero) 2013-03-11 22:09:55.933-0500

Here is a patch for 1.8, [^asterisk-21225-handle-options-default-prob_1.8.diff].

Alexandre, can you test this out on your 1.8 box and report back?

Thanks

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-11 22:16:43.939-0500

I'll be out of office tomorrow. I will test it on 1.8 on Wednesday. Sorry for the delays...

By: Michael L. Young (elguero) 2013-03-11 22:31:45.512-0500

Okay, no problem.  We appreciate the help with testing.

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-13 10:15:00.588-0500

The test worked. directmedia=nonat gives Yes upon restart, module reload, config reload.

Though I had to edit chan_sip.c to make it compile. This one (http://pastebin.com/AiU38wGn) works for me, but ouputs

chan_sip.c: In function ‘reload_config’:
chan_sip.c:29375:2: warning: array subscript is above array bounds [-Warray-bounds]
chan_sip.c:29375:2: warning: array subscript is above array bounds [-Warray-bounds]
chan_sip.c:29375:2: warning: array subscript is above array bounds [-Warray-bounds]

I tried to find the reason of this, but didn't get a clue after 10 minutes. I guess you will find it faster than I will.

By: Michael L. Young (elguero) 2013-03-13 10:38:37.846-0500

I see the problem... Its funny too because I recall thinking that something wasn't right when creating the patch (not what I changed but what was already there) and moved on forgetting to double check it.

Updated patch on the way... really appreciate your feedback and testing.

By: Michael L. Young (elguero) 2013-03-13 10:46:11.228-0500

Okay, give this one a try, [^asterisk-21225-handle-options-default-prob_1.8_v2.diff].

Thanks

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-13 10:52:23.609-0500

I always have this:

chan_sip.c:27492:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27517:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27521:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27528:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27531:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27539:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27543:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27551:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27554:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27557:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27577:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27580:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27583:4: error: expected identifier or ‘(’ before ‘else’
chan_sip.c:27586:2: error: expected identifier or ‘(’ before ‘return’
chan_sip.c:27587:1: error: expected identifier or ‘(’ before ‘}’ token

At line 27484, the if block starts with an "else if".

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-13 10:55:42.537-0500

Fixing the else if compiles great and still have DirectMedia=Yes when setting directmedia=nonat (again with all the reload possibilities)

By: Michael L. Young (elguero) 2013-03-13 11:30:27.493-0500

Lets see if I can get this right on the third try!

[^asterisk-21225-handle-options-default-prob_1.8_v3.diff]

By: Alexandre Vezina (avezina@ubikvoip.com) 2013-03-13 11:38:00.231-0500

All good. Thanks a lot.

By: Michael L. Young (elguero) 2013-03-13 11:39:29.072-0500

Thank you for sticking with this and giving quick feedback and testing.

I will work on getting this into the code base.

By: Michael L. Young (elguero) 2013-03-28 11:05:16.876-0500

@Alexandr Gordeev

{quote}Why media traffic going to 192.168.5.17 ?{quote}

This current issue is about applying configuration settings that have been set in the config file.  It looks like your configuration settings are being applied properly.  Your question would be another issue.

I think you have a configuration problem and not a bug.  Please check out other support forums (forum, mailing list, irc) first before opening a bug report for this issue that you are asking about.  (http://www.asterisk.org/community)

Also, we no longer support bug fixes in Asterisk 10.x.  If you are unable to solve your issue through the support forums, by using the latest version of Asterisk 11 and it is determined to be a bug, please open a new bug report with all the required debug information.  (https://wiki.asterisk.org/wiki/display/AST/Collecting+Debug+Information)

Thanks

By: Aleksandr Gordeev (axonaro) 2013-03-29 00:33:48.513-0500

Okey.

By: Aleksandr Gordeev (axonaro) 2013-04-01 01:34:30.895-0500

With patch work as expected. Thanks.

By: Aleksandr Gordeev (axonaro) 2013-04-22 02:49:10.241-0500

This path will be included into further version of asterisk ?

By: Michael L. Young (elguero) 2013-04-22 10:42:02.116-0500

Alexandr, correct.  I believe it would be in 11.5.

By: Stefan Hellmann (shell) 2013-07-16 04:34:12.436-0500

I applied this patch for my 11.4.0

But sip show settings still says:
{quote}Force rport: Auto (No){quote}

By: Private Name (falves11) 2013-08-09 12:57:20.241-0500

In certain business scenarios you need not to have peers, but all the options should be global.
Asterisk SVN-branch-11-r396441M
The issue, it seems, is that "nat=yes" is deprecated, but it works.
if instead we use "force_rport,comedia", it seems to work, but it does not in real life.







By: mounaf ahmad (mounaf) 2016-09-01 06:51:39.266-0500

hi every body
i have the same problem
the option: nat= force_rport doesn't behave as supposed.
i hope  this patch solve this issue.

can any one show me how to apply those .diff files in my asterisk sever?

the asterisk version is 11, i installed it to my machine by compiling the source code.

i really looking for your helps
best regards.