As it turns out, GnuGk 2.3.2 didn't always use the right sending IP for Martin's various networks and and update to the CVS fixed the issue. In addition to that, there was a bug that prevented GnuGk from properly handling all [ModeSelection] rules. This bug is fixed in the CVS now. The new code also simplifies the logic when we proxy and when not: When you don't specify [ModeSelection] rules, GnuGk's old heuristic rules kick in (unless you set ProxyAlways=1). If you do specify [ModeSelection] rules, the old magic is completely off now. Until now GnuGk would try to merge both, which could lead to rather mysterious results if you have a non-trivial network setup. Regards, Jan Martin Vogt wrote: > Finally I had time to test your suggestions today with no luck. > > Simon, I agree that my setup is quite simple, therefore I'm wondering > about the problems with proxying between two interfaces. > > > Removing all extra settings first, as well as defining a loopback > interface in "Bind=" parameter in a second test as David had suggested > had no positive effect. Instead now there is no RTP traffic in both > directions. A check with iptraf shows me that on both interfaces UDP > packets are coming in but no packet is leaving other side. > > > in debug level 6 now I see repeating messages when a connection between > endpoints is established successful. > > ... > yasocket.cxx(842) ProxyRTP(0) waiting... > yasocket.cxx(842) ProxyH(2) waiting... > yasocket.cxx(842) ProxyH(4) waiting... > yasocket.cxx(842) ProxyH(3) waiting... > yasocket.cxx(842) ProxyH(1) waiting... > yasocket.cxx(842) ProxyH(0) waiting... > > ... > > > Are there any known side effects on os or kernel level that can > interfere with proxying, such as loaded security frameworks like > apparmor or selinux? Has anti-spoofing controlled by rp_filter impacts > on proxy mode? Deactivating rp_filter had no effect so far. > > > > When I close the connection between my endpoints I can see that needed > sockets were established successful. But monitoring the loopback > interface shows no traffic passing by. > > ... > yasocket.cxx(577) RTP Delete socket > 171.42.1.67:60100<=>127.0.0.1:53004<=>175.193.73.14:60334 > yasocket.cxx(577) RTCP Delete socket > 171.42.1.67:60101<=>127.0.0.1:53005<=>175.193.73.14:60335 > yasocket.cxx(577) RTP Delete socket > 171.42.1.67:60096<=>127.0.0.1:53000<=>175.193.73.14:60330 > yasocket.cxx(577) RTCP Delete socket > 171.42.1.67:60097<=>127.0.0.1:53001<=>175.193.73.14:60331 > yasocket.cxx(577) RTP Delete socket > 171.42.1.67:60098<=>127.0.0.1:53002<=>175.193.73.14:60332 > yasocket.cxx(577) RTCP Delete socket > 171.42.1.67:60099<=>127.0.0.1:53003<=>175.193.73.14:60333 > yasocket.cxx(577) H245d Delete socket 171.42.1.67:60394 > yasocket.cxx(577) H245s Delete socket 175.193.73.14:61363 > > > David Dahlberg wrote: > > Am Donnerstag, den 04.11.2010, 08:13 +1000 schrieb Simon Horne: > > > > -----Original Message----- > >> From: Martin Vogt [mailto:dekkart@xxxxxxxxx] > >> Sent: Wednesday, November 03, 2010 7:39 PM > >> To: GNU Gatekeeper Users > >> Subject: dual-homed proxy but only unidirectional > >> RTP streams > > > > I had nearly the same problem only yesterday, so maybe I may share some > > insight. > > > > Depending on the configuration I got different "Q931d Could not > > open/connect socket at a.b.c.d:e" errors. > > I had checked but there were no Q931d on my system. Log seems OK beside > of mentioned "waiting" messages. > > > > Strangely yesterday with these lines it did not work for me (error on > > Q931 channel setup), without it did not work either (RTP channel > > negotiation failed). Today it works with or without those settings ... > > Oh how I love those non-reproducible problems :-( > > as much as I do... :) > > > What worked even yesterday was setting the "Bind" address to the > > Loopback address, while not setting the "Home" parameter. Which leads to > > the question what differences there are between "Home", "Bind" and > > "Network Interfaces" and how they interact. > > > > My understanding is as follows: > > Home: Listen and accept calls from there. > > Bind: Use this as source address for outgoing connections. > > I agree > > >> [Proxy] > >> ;;InternalNetwork=171.42.0.0/16 > > > > I used "InternalNetwork" and "ProxyAlways". > > "InternalNetwork" not set > "ProxyAlways" on -- Jan Willamowius, jan@xxxxxxxxxxxxxx, http://www.gnugk.org/ ------------------------------------------------------------------------------ Lotusphere 2011 Register now for Lotusphere 2011 and learn how to connect the dots, take your collaborative environment to the next level, and enter the era of Social Business. http://p.sf.net/sfu/lotusphere-d2d _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
