Wrong NAT detection with pjstun_client

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Benny,

Benny Prijono wrote:
> On Tue, Apr 22, 2008 at 3:23 PM, Alain Totouom <alain.totouom at gmx.de> wrote:
>> Hi,
>>
>>
>>  Helmut Wolf wrote:
>>  > Hi Benny,
>>  >
>>  > In RFC 3489 the situation is not described if we got no response from the alternate server. I think this is a special network
>>  > configuration I have tested :-)
>>  >
>>
>>  IMHO this assertion is not correct.
>>  In such a case you might have 3 possible NAT types
>>  - a port restricted (Test #1 & #3)
>>  - a restricted (Test #1 & #3)
>>  - or a symmetric NAT (Test #1)
>>
>>  depending on one (Test#1) or two (Test #1 & #3) additional tests you'll have to
>>  perform after Test#2 has failed. Please check rfc.3489 page 21 for clarity.
>>
> 
> This may not be possible since test 1B failed with no response.
> Perhaps at best what we can do is something like this:
> 
>  if (test 1B failed with no response) {
>    if (test 3 is successful)
>       Type=Restricted;
>    else
>       Type=unknown (can't distinguish between Port Rest. and Symmetric).
>  }
> 
didn't dig too deep in PJNATH's code by now ;o)
But this is really bizarre since 1A has been successfully passed and 1B is just 
the same test using the CHANGED-ADDRESS from the 1A response !?!
Either we have a mis-configured STUN-Server or we should better retry 1A to be 
pretty sure the CHANGED-ADDRESS is still the same and the topology hasn't 
changed between both requests what is unlikely to be the case!



> What do you think?
> 
Your proposal is perfect, another but time consuming approach could be
if (test 1B failed with no response) {
   if (test 3 is successful)
     Type=Restricted;
   else {
     if (test 1A is successful) {
       if (CHANGED-ADDRESS from 1. Test 1A == CHANGED-ADDRESS from 2. Test 1A *OR*
           test 1B with CHANGED-ADDRESS from 2. Test 1A failed with no response)
	Type=unknown (can't distinguish between Port Rest. and Symmetric)
       else {
	if (ip is the same ) {
	  type = symmetric;
	} else {
	  type = port restricted;
	}
       }
     } else {
	Type=unknown (voodoo network)
       }
     }
}

But i would rather go for your proposal
Cheers
Alain

-- 
                             ""
                           (o)(o)
                 _____o00o__(__)__o00o_____
1024D/A9F85A52  2000-01-18   Alain Totouom  <totouom at gmx.de>
PGP FingerPrint DA180DF2 FBD25F67 0656452D E3A27531 A9F85A52
[Index of Archives]     [Asterisk Users]     [Asterisk App Development]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [Linux API]
  Powered by Linux