Re: Subject: Re: gnugk behind router problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

the RTP errors mean your firewall traversal isn't working and GnuGk
has trouble sending RTP. The last number in those lines is the Linux
errno.

You can ignore the errors after the ReleaseComplete.

Regards,
Jan

-- 
Jan Willamowius, Founder of the GNU Gatekeeper Project
EMail  : jan@xxxxxxxxxxxxxx
Website: http://www.gnugk.org
Support: http://www.willamowius.com/gnugk-support.html

Relaxed Communications GmbH
Frahmredder 91
22393 Hamburg
Geschäftsführer: Jan Willamowius
HRB 125261 (Amtsgericht Hamburg)
USt-IdNr: DE286003584


Oliver.Pabst@xxxxxx wrote:
> Hi together,
> 
> I have difficulties to interpret these lines:
> 
> 
> 2015/07/01 10:31:29.002 3 ProxyChannel.cxx(7992) H245 Connected from 109.44.3.126:21059 on 192.168.178.155:41002
> 
> 2015/07/01 10:31:29.003 3 ProxyChannel.cxx(8025) H245 Connect to 192.168.178.166:5678 from 192.168.178.155:41003 successful
> 
> 2015/07/01 10:31:29.545 3 ProxyChannel.cxx(11674) Received Input:
> 
> 2015/07/01 10:31:31.347 3 ProxyChannel.cxx(9804) RTP 10.177.52.56:3232<=>0.0.0.0:50010<=>192.168.178.166:2424 Error(0): Input/output error (12:113)
> 
> 2015/07/01 10:31:32.364 3 ProxyChannel.cxx(9804) RTP 10.177.52.56:3232<=>0.0.0.0:50010<=>192.168.178.166:2424 Error(0): Input/output error (12:113)
> 
> 2015/07/01 10:31:32.870 3 ProxyChannel.cxx(9804) RTP 10.177.52.56:3230<=>0.0.0.0:50008<=>192.168.178.166:2422 Error(0): Input/output error (12:113)
> 
> 2015/07/01 10:31:33.284 3 ProxyChannel.cxx(1723) Q931s Received: ReleaseComplete CRV=24315 from 109.44.3.126:1578
> 
> 2015/07/01 10:31:33.285 1       RasTbl.cxx(5111) CDR|2|90 5e ac 7d 64 00 00 1f 13 32 83 00 39 7e df 2d|5|Wed, 01 Jul 2015 10:31:28 +02:00|Wed, 01 Jul 2015 10:31:33 +02:00|109.44.3.126:1578| |192.168.178.166:1720|5530_endp|101:url_ID||OpenH323GK;
> 
> 
> 2015/07/01 10:31:33.285 2       gkacct.cxx(964) GKACCT Successfully logged event 2 for call no. 2
> 
> 2015/07/01 10:31:33.289 3     yasocket.cxx(789) ProxyRTP(0) Select read error: 10
> 
> 2015/07/01 10:31:33.296 3     yasocket.cxx(789) ProxyRTP(0) Select read error: 10
> 
> 2015/07/01 10:31:33.296 3     yasocket.cxx(789) ProxyRTP(0) Select read error: 10
> 
> 2015/07/01 10:31:33.297 3     yasocket.cxx(789) ProxyRTP(0) Select read error: 10
> 
> 2015/07/01 10:31:33.620 2       RasSrv.cxx(174) RAS Read from 192.168.178.166:1719
> 
> 
> What is the meaning gf the errors on ProxyChannel.cxx RTP with input/output and then on yasocket.cxx with Select read error: 10 ?
> 
> Von: Robert Edeker <idxman01@xxxxxxxxx<mailto:idxman01@xxxxxxxxx>>
> Antworten an: GNU Gatekeeper Users <openh323gk-users@xxxxxxxxxxxxxxxxxxxxx<mailto:openh323gk-users@xxxxxxxxxxxxxxxxxxxxx>>
> Datum: Mittwoch, 1. Juli 2015 09:25
> An: GNU Gatekeeper Users <openh323gk-users@xxxxxxxxxxxxxxxxxxxxx<mailto:openh323gk-users@xxxxxxxxxxxxxxxxxxxxx>>
> Betreff: Re:  Subject: Re: gnugk behind router problem
> 
> 
> At this time we're in a similar situation.  Although we have a block of public IP's they all have to go through the firewall.  Otherwise we would need to purchase more equipment and make more network changes than we need to at this time.
> 
> To refresh my memory I did test a few calls tonight with a similar setup.  I disabled all port forwarding where endpoint A is, though did ensure the unit was setup in NAT mode.  Worked fine for outbound though naturally I needed the forwarding for inbound (B-to-A calls)
> 
> The network in this scenario looks like:
> 
> Endpoint A (Polycom QDX6000) -- Residential Router -- [[ internet ]] -- corporate firewall -- forward to GNUGK -- Endpoint B
> 
> The QDX is set to auto NAT, no fixed ports.  H.460 and H.323 compatible are both unchecked.
> 
> Endpoint B (polycom hdx 6000) does not have any special NAT setup since it's behind the gatekeeper and firewall.  Fixed ports are also left unchecked.
> 
> Hope that helps.
> 
> 
> On Wed, Jul 1, 2015 at 1:34 AM <Oliver.Pabst@xxxxxx<mailto:Oliver.Pabst@xxxxxx>> wrote:
> Hi Jan and Robert,
> 
> Unfortunately, i do only have one ip on the internet side and this one is taken by the router. The router does forward all these ports to the gatekeeper.
> 
> I will try to test your config today.
> 
> Thanks so far...
> 
>   -- op
> 
> 
> 
> 
> On 1. Juli 2015 02:14:59 MESZ, openh323gk-users-request@xxxxxxxxxxxxxxxxxxxxx<mailto:openh323gk-users-request@xxxxxxxxxxxxxxxxxxxxx> wrote:
> 
> Date: Wed, 01 Jul 2015 00:14:36 +0000
> From: Robert Edeker <idxman01@xxxxxxxxx<mailto:idxman01@xxxxxxxxx>>
> Subject: Re:  gnugk behind router problem
> To: GNU Gatekeeper Users <openh323gk-users@xxxxxxxxxxxxxxxxxxxxx<mailto:openh323gk-users@xxxxxxxxxxxxxxxxxxxxx>>
> Message-ID:
>         <CANVo9ar_LyfreACXvM6Sff_bYg5-eHvU5zjD+MDbSrMJmUZzyw@xxxxxxxxxxxxxx<mailto:CANVo9ar_LyfreACXvM6Sff_bYg5-eHvU5zjD%2BMDbSrMJmUZzyw@xxxxxxxxxxxxxx>>
> Content-Type: text/plain; charset="utf-8"
> 
> Hi Oliver,
> 
> I agree with Jan as it does add more complexity and moving parts to the
> equation.  However, this is the route we took in May/June and it's working
> well.  [so far]
> 
> I'm certainly not an expert on h323 or networking, but you may want to try
> removing ExternalIP from the config.  gnugk cannot bind to a network
> adapter with that address which i believe I had issues with as well.
> 
> Also, is there anything in front of EndPoint A that would cause issues?
> 
> My config is similar, though very minimal for the most part.
> 
> Is effectively the below settings, via [ModeSelection] based on IP.
> 
> [RoutedMode]
> GKRouted=1
> CallSignalPort=1720
> H245Routed=1
> AcceptUnregisteredCalls=1
> AcceptNeighborsCalls=1
> 
> [RoutingPolicy]
> default=explicit,internal,enum,srv,dns,internal,parent,neighbor
> 
> [Proxy]
> Enable=0
> 
> ;;;(certain IP's are proxied due to how a neighbor gatekeeper operates,
> etc..)
> 
> Everything else is for routing prefixes to openmcu, logging and accounting.
> 
> Though I will say that I did try quite a few other settings especially with
> hardcoding port ranges.  Ultimately I did not go this route since the
> firewall was smart enough to handle h323 and forward only the required
> ports per call.  I didn't want a number of blocks sitting out there in the
> open being ported in.  You may or may not be able to go this route, check
> the router.
> 
> Only TCP 1720, 1503 and UDP 1719 go in directly. (thinking I can remove
> 1503 as well)
> 
> We may change this down the road and put gnugk to the side of the firewall,
> but it probably won't be anytime soon.
> 

------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________________

Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx
Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users
Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users
Homepage: http://www.gnugk.org/




[Index of Archives]     [SIP]     [Open H.323]     [Gnu Gatekeeper]     [Asterisk PBX]     [ISDN Cause Codes]     [Yosemite News]

  Powered by Linux