Ekiga don't work behind NAT in Karmic

Hi,

Please do:
1- upgrade to 3.2.6:
http://wiki.ekiga.org/index.php/HowTo_install_Ekiga_packages#9.10_Karmic_Koala

2- if the issue remains, please attach a debug output here:
http://wiki.ekiga.org/index.php/Debugging_Ekiga#How_to_get_a_debug_output

Best regards,
Yannick

Hello,

I had upgrade to 3.2.6 before reporting this bug.

Required log attached.

- just making one call to <sip:<email address hidden>>
-result:

RTP goes out, not in - reason I thing is as I wrote

ADSL modem with NAT reports:

-------
Firewall default policy: UDP (W to W/PRESTIGE) 86.64.162.35:19544 88.83.176.70:5062 ACCESS BLOCK
-------
-> see the bad port "5062" (not changed by Ekiga)

If I use e.g. twinkle, correct STUNed "in" port is used and modem reports "(W to LAN)" while used NAT table - and it works.

FYI is attached also wireshark(tcpdum) from start of ekiga to call hag up.

--kapetr

I have test this problem in CentOS 5.3 - Ekiga 2.0.2

with the same result:

- RTP IP address (in INVITE request or OK) is STUNed OK, but port stays LOCAL (e.g. 5030) => no audio (RTP) transfer possible.

Thats mean:

NOBOBY behind NAT can use Ekiga - this is old and unfortunately still persistent great bug.

Am I only man behind NAT ?-)

--kapetr

Hi,

I finally get some time to dig into this. As you are in the ekiga mailing list too, i'll respond there first.

Would you be kind enough to attach here a wireshark log using twinkle and a call to <email address hidden> with it just as you did using ekiga in post #3 ? I'll give details about how ekiga works in the ekiga ml, and once we figured all this out, I'll provide explanation here too.

Best regards,
Yannick

I did it.

twinke:
- behind NAT
- no port forwarding, ...
- ekiga account (just this one)
- STUN allowed (stun.ekiga.net in account settings)
- no proxy

wireshark started just before start of twinkle, so You can see:

- DNS queries from my local bind
- resolving of type of NAT (STUN requests) ->resolved as "port restricted"
- SIP - register and public

- and ... finally packet #84:

INVITE (call to <email address hidden>) with STUNed IP/PORT is SDP

- and sound is ok - RTP comes out and in ok
- ending call
- ending capture

Attachments:
1. wireshark output
2. twikle log (easy to read)

I hope it will help

Thank You

--kapetr

Hi,

The reporter is aware of this, but as a reference for other users : we have a patch wich modify the network part of the audio and video streams when behind a NAT. As this is the case here (after a quick look), this patch might solve the issue. Would you be kind enough to test it?

Get Ekiga 3.2.6 for Karmic with this patch here (same code as Ekiga 3.2.6 with just the patch which is a small one):
https://launchpad.net/~sevmek/+archive/ppa

Best regards,
Yannick

Thank You Yannick !

I have test it and ...

IT WORKS!

With this patch Ekiga 3.2.6 (but not 3.2.5 by me) works behind NAT.

The port of RTP contact in SDP body in INVITE packet is finally correct - it is set to value of by STUN server reported.

Just one remark: with one ADSL modem with NAT (ZyXEL 660RU) Ekiga things now, that this is SYMMETRIC NAT and in this case Ekiga gives up and still makes previous "things" (sends in INVITE packet (RTP contact) publicIP:localPORT).

But I don't thing, this modem has symetric NAT (<= Twinkle works) - so please could You make last little modification:

-------------------------------
lets Ekiga to send publicIP:publicPORT, even if Ekiga things, that NAT is symmetric and it will not help - then maybe it will/could work, but with publicIP:localPORT for a certainty not.
-------------------------------

Thank You and all for good work

--kapetr

This bug is fixed in the latest GNOME development snapshot 2.31.3 which includes ekiga 3.2.7. From the release notes:

* Changes in ekiga 3.2.7 (2010-05-29)
** User-visible fixes
- Use NAT ports instead of local ports for RTP, fixing many connection issues