Hi Jan, Thanks so much! That worked. We now have two LifeSize systems being able to call each other, both behind NAT and Firewall, and both registered at the external GK. Video quality is not quite there yet, but that has most probably nothing to do with the GK since it just passes on the RTP stream. Thanks so much for the help guys! :-) Regards, Siet -----Original Message----- From: Jan Willamowius [mailto:jan@xxxxxxxxxxxxxx] Sent: Tuesday, January 05, 2010 12:00 PM To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Subject: Re: NAT issues with H245 Adding the switch [Gatekeeper::Main] Home=64.120.171.128 should solve that connection problem. Regards, Jan Siet Toorman wrote: > Hi Jan, thanks for the help. > > Perhaps this re-sending of the registration is what I am seeing. It > happens more often than once per 30 seconds however, about once every 10 > seconds. (Per endpoint). Telnet does indeed show me that the endpoints > are registered. > > When I place a call from LifeSize1 to LifeSize2, both through NAT, using > h460.18, the caller hangs in 'dailing' status and then aborts with an > unavailable message. The log shows me the following: > > http://upload.xandrios.net/gnugk_write_error.log > > The interesting part is this: > > GK Call 3 proxy enabled (H.460.18/.19) > Q931s Call 3 is NAT type 1 > Call 3: h245Routed=1 proxy=1 > GK Call 3 proxy enabled > Q931d Could not open/connect Q.931 socket at 127.0.0.1:0 - error 6/22: > Invalid argument > Q931 92.67.128.132:1720 DIDN'T ACCEPT THE CALL > > This looks a lot like the issue that Andrew Struiksma is having (Posted > December 21, 2009). Is there any reason why the GK would try to connect > to 127.0.0.1:0? > > The 'invalid argument' might have something to do with the port, 0, that > it tries to connect to. From what I understand port 0 is supposed to let > the OS choose a free port, but it is not supported on all OSes. I am > using Ubuntu 9.04, could that be the cause? > > Thank you, > Siet > > > -----Original Message----- > From: Jan Willamowius [mailto:jan@xxxxxxxxxxxxxx] > Sent: Tuesday, January 05, 2010 2:40 AM > To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > Subject: Re: NAT issues with H245 > > Hi Siet, > > what do you mean by "registration loop" ? > H.460.18 requires that the endpoints res-sends its registration every > ~30 seconds to keep the pin-hole open. Thats normal. > > Regards, > Jan > > > Siet Toorman wrote: > > Hi Simon, > > > > Thanks, much appreciated! This now works indeed as expected for > Mirial, > > rejecting the registrationRequest. > > > > LifeSize still gets in a registration loop somehow. It does support > > H460.18, so is not rejected. However the registration does not > 'stick'. > > H460.18 does not require any ports to be forwarded at the NAT router, > > correct? There is a firewall present but it allows all outgoing TCP > > connections from the endpoints, which I guess H460.18 uses for > > tunneling. > > > > Is there any way to debug this in more detail? > > > > Thanks, > > Siet > > > > -----Original Message----- > > From: Simon Horne [mailto:s.horne@xxxxxxxxxxxxxx] > > Sent: Monday, January 04, 2010 1:12 PM > > To: 'GNU Gatekeeper Users' > > Subject: Re: NAT issues with H245 > > > > > > Siet > > > > For Mirial > > The switch should be NATStdMin=18 not NATMinStd=18 Sorry that was my > > typo in > > the previous email. Try again with correct switch. > > > > For the LifeSize endpoint there is no nonstandard field (this is used > > for > > GnuGK NatMethod and omitted if using H.460.18) so this is correct. > > 2010/01/04 13:53:18.449 3 RasSrv.cxx(2061) H46018 > EP on > > 92.67.128.131 supports H.460.18 > > > > Simon > > > > -----Original Message----- > > From: Siet Toorman [mailto:siet.toorman@xxxxxxxxxxxx] > > Sent: Monday, 4 January 2010 9:16 PM > > To: GNU Gatekeeper Users > > Subject: Re: NAT issues with H245 > > > > Hi Simon, Jan, thank you for the help and happy new year! > > > > I did a checkout of the latest GK source and compiled the binary. > > Resulting in: > > Gatekeeper(GNU) Version(2.3.2) > > > Ext(pthreads=1,radius=1,mysql=1,pgsql=0,firebird=0,odbc=0,sqlite=0,large > > _fdset=0,crypto/ssl=0,h46018=1,h46023=1) Build(Jan 4 2010, 11:40:34) > > Sys(Linux i686 2.6.18-164.2.1.el5.028stab066.7) > > > > And to the RoutedMode config I added NATMinStd=18, which resulted in: > > > > [RoutedMode] > > GKRouted=1 > > H245Routed=1 > > EnableH46018=1 > > NATMinStd=18 > > SupportNATedEndpoints=1 > > > > However Mirial, which does not support H.460.18, still receives a > > registrationConfirm when the GK is on the public internet and Mirial > > endpoint behind closed NAT. > > The registrationRequest states 0 nonStandardUsageTypes and no > featureSet > > field. The registrationConfirm includes the NAT=publicIP field in the > > nonStandardData. > > Does this indeed mean that Mirial indicates that h460.18 is not > > supported, > > and that the GK knows the Endpoint is behind NAT? In that case the new > > NATMinStd config field seems to not be working. > > The log of this registration can be found here: > > http://upload.xandrios.net/gnugk_h460_mirial.log > > > > For LifeSize, H460 seems to indeed be supported. The > registrationRequest > > includes SupportedFeatures id=standard 18. However it seems that NAT > is > > not > > detected, the nonStandardData field does not include the NAT=publicIP > > field. > > The log of this registration can be found here: > > http://upload.xandrios.net/gnugk_h460_lifesize.log > > > > So the issues seem to not have been resolved completely. Something > does > > not > > work quite right yet, however I am unable to pinpoint the exact cause > > other > > than that perhaps for LifeSize NAT is not detected..? > > > > What is your view on this? > > > > Thank you, > > Siet > > > > > > -----Original Message----- > > From: Simon Horne [mailto:s.horne@xxxxxxxxxxxxxx] > > Sent: Monday, December 28, 2009 1:50 AM > > To: 'GNU Gatekeeper Users' > > Subject: Re: NAT issues with H245 > > > > > > Siet > > > > It is unfortunate that more vendors do not support H.460.18/.19. > > Hopefully > > now that it is available in open source then there might be further > > impotus > > to do so. > > > > I have added a new switch in the CVS to require all registrations that > > are > > detected as being behind a NAT to support a NAT standard. > > > > [RoutedMode] > > NATMinStd=18 > > > > This will require all registrations to support H.460.18/.19 (a value > of > > 23 > > means must support H.460.23/.24) if the endpoint does not then it will > > receive an RRJ with reason requiredFeatureNotSupported. > > > > Thanks > > > > Simon > > > > -----Original Message----- > > From: Siet Toorman [mailto:siet.toorman@xxxxxxxxxxxx] > > Sent: Monday, 28 December 2009 1:43 AM > > To: GNU Gatekeeper Users > > Subject: Re: NAT issues with H245 > > > > Hi Simon, thanks for your help! > > > > I see, too bad that a giant like lifesize (Or is it Logitech these > > days?) > > does not put any effort in NAT traversal now that pretty much every > > workstation in the world is behind a NAT gateway. > > > > Is there a way for GnuGK to detect that the Endpoint does not support > > NAT > > traversal? Because I would expect the gatekeeper to Reject the > > registration > > if something is not supported. Right now the gatekeeper accepts the > > registration, and the endpoints think they are registered. When > actually > > placing a call however, it becomes clear at the endpoint that the > > registration does not exist. It would be preferable if the GK would > > reject > > the registration so that the endpoint knows something does not work, > and > > write a logline indicating that the Endpoint was rejected due to > > non-support > > for NAT. > > > > When I disable H460.18 in the config (EnableH46018) the same issue > > happens > > by the way. This did not used to occur with a previous version of the > > GK. > > Previously i was able to register (altho not place calls). Now, even > if > > H460.18 disabled, the endpoints keep trying to register every 10 > > seconds. Is > > this expected behavior? > > > > Thanks & happy holidays! > > -Siet > > > > -----Original Message----- > > From: Simon Horne [mailto:s.horne@xxxxxxxxxxxxxx] > > Sent: Fri 12/25/2009 10:52 PM > > To: 'GNU Gatekeeper Users' > > Subject: Re: NAT issues with H245 > > > > > > Siet > > > > The issue is that the lifesize (you are using) and marial do not > support > > H.460.18/.19 > > > > You need to see this in the trace of the RRQ > > > > featureSet = { > > replacementFeatureSet = false > > supportedFeatures = 1 entries { > > [0]={ > > id = standard 18 > > > > Neither of them do so neither of them are able to work behind a NAT. > > > > Xmeeting does not support H.460.18/.19 however it is using STUN to > open > > pinhole in the NAT and register with gatekeeper using the detected > > external > > IP address and port hence the RCF with data=NoNat in the nonStandard > > field. > > The use of STUN only works with some NAT and not all and some of the > > calls > > will fail. > > > > There are a quite a few hardware however very few software devices > that > > I > > know of (other than PacPhone) that actually supports H.460.18/.19. > > > > Simon > > > > -----Original Message----- > > From: Siet Toorman [mailto:siet.toorman@xxxxxxxxxxxx] > > Sent: Thursday, 24 December 2009 10:37 PM > > To: GNU Gatekeeper Users > > Subject: Re: NAT issues with H245 > > > > Hi Jan, thanks again for the help! > > > > I realized that H.460.18 is only supported in the latest release > (2.3.1) > > so > > that is why I compiled my own version of 2.3.1. This version however > has > > the > > issues described in my previous email: Registration of endpoints end > up > > in a > > loop. > > > > > However registration for LifeSize and Merial does not go through. > The > > > NATed endpoints send a registrationrequest, receive a positive > > > registrationConfirm...but try to register again after about 10 > seconds > > > > Thanks! > > -Siet > > > > -----Original Message----- > > From: Jan Willamowius [mailto:jan@xxxxxxxxxxxxxx] > > Sent: Thursday, December 24, 2009 1:13 PM > > To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > > Subject: Re: NAT issues with H245 > > > > Hi Siet, > > > > support for H.460.18 was added in 2.3.0 and significatly improved in > > 2.3.1, > > it won't work in 2.2.7. > > > > Sorry, > > Jan > > > > Siet Toorman wrote: > > > Hi Jan, thank you for the help. > > > > > > Reason for using 2.2.7 is that this is the packaged version with > > Ubuntu. > > > Compiling the libraries from SVN/CVS head did not work, however the > > > 'known good' lib combinations from Nov 16 compiles and runs cleanly. > > > > > > With this version I am having registration issues unfortunately. I > > used > > > the following Routed/proxy config: > > > > > > [RoutedMode] > > > GKRouted=1 > > > H245Routed=1 > > > EnableH46018=1 > > > SupportNATedEndpoints=1 > > > > > > [Proxy] > > > Enable=1 > > > ProxyForNAT=1 > > > ProxyForSameNAT=1 > > > > > > However registration for LifeSize and Merial does not go through. > The > > > NATed endpoints send a registrationrequest, receive a positive > > > registrationConfirm...but try to register again after about 10 > > seconds. > > > I confirmed this using a packet sniffer at the Endpoint (Wireshark: > > > http://upload.xandrios.net/gnugk_2.3.1_reregistration_loop.pcap). > > > > > > I noticed that a Xmeeting endpoint does get registered. The > difference > > > > > between Xmeeting and LifeSize is that Xmeeting receives a data=noNAT > > in > > > the nonStandardData field. Also, Xmeeting receives a serviceControl > > > field with a sessionId=0, while Lifesize does not. > > > > > > A trace from a successful xmeeting registration from behind NAT can > be > > > > > found here: > > > http://upload.xandrios.net/gnugk_2.3.1_registration_xmeeting.pcap > > > > > > Any advice on how to continue? > > > > > > Thank you! > > > -Siet > > > > > > > > > -----Original Message----- > > > From: Jan Willamowius [mailto:jan@xxxxxxxxxxxxxx] > > > Sent: Wednesday, December 23, 2009 5:38 PM > > > To: openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > > > Subject: Re: NAT issues with H245 > > > > > > Hi Siet, > > > > > > your first step should be to upgrade to GnuGk 2.3.1 and then enable > > > H.460.18 in GnuGk and all your endpoints. > > > The only problem will be the Mirial since it doesn't support any NAT > > > > traversal method as far as I know. > > > > > > Regards, > > > Jan > > > > > > > > > Siet Toorman wrote: > > > > Hi, > > > > > > > > I'm trying to create a test setup with GnuGK and Lifesize > > > conferencing. > > > > I have the following available: > > > > > > > > - GnuGK server on public internet, no NAT no Firewall. > > > > - Endpoint Lifesize Conference / passport behind NAT > > > > - Endpoint Lifesize passport behind NAT > > > > - Endpoint Mirial behind NAT > > > > - Endpoint PacPhone behind NAT > > > > > > > > My Goal is to allow each device to call each other, without the > need > > > to > > > > open/forward ports at the Endpoint's NAT router. > > > > > > > > This works only in case of PacPhone since this supports the NAT > > > > Traversal functionality. However Mirial is supposed to support > H245 > > > and > > > > I expected it to be able to overcome the NAT issues that way (?) > > > > > > > > I'm using GnuGK v2.2.7 with the following (very basic) config: > > > > > > > > [Gatekeeper::Main] > > > > Fortytwo=42 > > > > > > > > [RoutedMode] > > > > GKRouted=1 > > > > H245Routed=1 > > > > SupportNATedEndpoints=1 > > > > > > > > [Proxy] > > > > Enable=1 > > > > ProxyForNAT=1 > > > > ProxyForSameNAT=1 > > > > > > > > >From what I understand this should route all data (control > messages > > + > > > > media) through the GK. However when I place a call the GK still > > tries > > > to > > > > connect outwards to the public IP of the Endpoint(s). Since these > > > ports > > > > are not forwarded the call fails. > > > > > > > > Am I missing something? I would have expected all traffic to be > > routed > > > > over the one connection that is setup from the endpoint to the GK. > > The > > > > GK connecting to the endpoints does not work due to the NAT router > > in > > > > front of them. > > > > > > > > All help is greatly appreciated! > > > > > > > > Thank you, > > > > Siet > > -- > Jan Willamowius, jan@xxxxxxxxxxxxxx, http://www.gnugk.org/ > > ------------------------------------------------------------------------ > ------ > This SF.Net email is sponsored by the Verizon Developer Community > Take advantage of Verizon's best-in-class app development support > A streamlined, 14 day to market process makes app distribution fast and > easy > Join now and get one step closer to millions of Verizon customers > http://p.sf.net/sfu/verizon-dev2dev > _______________________________________________________ > > Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > Archive: > http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users > Unsubscribe: > http://lists.sourceforge.net/lists/listinfo/openh323gk-users > Homepage: http://www.gnugk.org/ > > ------------------------------------------------------------------------ ------ > This SF.Net email is sponsored by the Verizon Developer Community > Take advantage of Verizon's best-in-class app development support > A streamlined, 14 day to market process makes app distribution fast and easy > Join now and get one step closer to millions of Verizon customers > http://p.sf.net/sfu/verizon-dev2dev > _______________________________________________________ > > Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx > Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users > Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users > Homepage: http://www.gnugk.org/ > -- Jan Willamowius, jan@xxxxxxxxxxxxxx, http://www.gnugk.org/ ------------------------------------------------------------------------ ------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/ ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
