blob: a867631ade5081c6d4f56c5ffbb8b93e54170219 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
anyrtpproxy(8)
==============
NAME
----
anyrtpproxy - anycast rtpproxy
SYNOPSIS
--------
*anyrtpproxy*
[ *-h|--help* ]
[ *-D|--nodaemonize* ]
[ *-C|--chroot* ]
[ *-u|--username* <username> ]
[ *-H|--chroot-dir* <directory> ]
[ *-P|--write-pid* <filename> ]
[ *-i|--interface* <ip-address> ]
[ *-s|--control* <hostname|ip>[:<port>] ]
[ *-p|--port-range* <start> <end> ]
[ *-n|--nat* ]
[ *-o|--no-nat-once* ]
[ *-S|--sync-port* port> ]
[ *-M|--sync-hosts* <hostname|ip>:<port>[,<hostname|ip>:<port>[...]] ]
DESCRIPTION
-----------
*anyrtpproxy* is a rtpproxy which can be used in combination with anycast. It uses
the same control protocol than rtpproxy though it can be controled through the nathelper
plugin of openser. *anyrtpproxy* uses the same synchronisation protocol than *anytun*
to sync the session information among all anycast instances.
OPTIONS
-------
-D|--nodaemonize
~~~~~~~~~~~~~~~~
This option instructs *anyrtpproxy* to run in the foreground
instead of becoming a daemon.
-C|--chroot
~~~~~~~~~~~
chroot and drop privileges
-u|--username <username>
~~~~~~~~~~~~~~~~~~~~~~~~
if chroot change to this user
-H|--chroot-dir <directory>
~~~~~~~~~~~~~~~~~~~~~~~~~~~
chroot to this directory
-P|--write-pid <filename>
~~~~~~~~~~~~~~~~~~~~~~~~~
write pid to this file
-i|--interface <ip address>
~~~~~~~~~~~~~~~~~~~~~~~~~~~
The local interface to listen on for RTP packets
-s|--control <hostname|ip>[:<port>]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The local address and port to listen on for control messages from openser
-p|--port-range <start> <end>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A pool of ports which should be used by *anyrtpproxy* to relay RTP packets.
The range may not overlap between the anycast instances
-n|--nat
~~~~~~~~
Allow to learn the remote address and port in order to handle clients behind nat.
This option should only be enabled if the source is authenticated (i.e. through
*anytun*)
-o|--no-nat-once
~~~~~~~~~~~~~~~~
Disable learning of remote address and port in case the first packet does not
come from the client which is specified by openser during configuration. Invoking
this parameter increases the security level of the system but in case of nat needs
a working nat transversal such as stun.
-S|--sync-port <port>
~~~~~~~~~~~~~~~~~~~~~
local unicast(sync) port to bind to
This port is used by anycast hosts to synchronize information about tunnel
endpoints. No payload data is transmitted via this port.
It is possible to obtain a list of active connections by telnetting into
this port. This port is read-only and unprotected by default. It is advised
to protect this port using firewall rules and, eventually, IPsec.
-M|--sync-hosts <hostname|ip>:<port>,[<hostname|ip>:<port>[...]]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
remote hosts to sync with
Here, one has to specify all unicast IP addresses of all
other anycast hosts that comprise the anycast tunnel endpoint.
EXAMPLES
--------
Anycast Setup with 3 instances:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
On the host with unicast hostname unicast1.anycast.anytun.org and anycast
hostname anycast.anytun.org:
--------------------------------------------------------------------------------------
# anyrtpproxy -i anycast.anytun.org -p 20000 25000 -S 2342 \
-M unicast2.anycast.anytun.org:2342,unicast3.anycast.anytun.org:2342
--------------------------------------------------------------------------------------
On the host with unicast hostname unicast2.anycast.anytun.org and anycast
hostname anycast.anytun.org:
--------------------------------------------------------------------------------------
# anyrtpproxy -i anycast.anytun.org -p 25000 30000 -S 2342 \
-M unicast1.anycast.anytun.org:2342,unicast3.anycast.anytun.org:2342
--------------------------------------------------------------------------------------
On the host with unicast hostname unicast3.anycast.anytun.org and anycast
hostname anycast.anytun.org:
--------------------------------------------------------------------------------------
# anyrtpproxy -i anycast.anytun.org -p 30000 35000 -S 2342 \
-M unicast1.anycast.anytun.org:2342,unicast2.anycast.anytun.org:2342
--------------------------------------------------------------------------------------
BUGS
----
Most likely there are some bugs in *anyrtpproxy*. If you find a bug, please let
the developers know at satp@anytun.org. Of course, patches are preferred.
SEE ALSO
--------
anytun(8)
AUTHORS
-------
Design of SATP and wizards of this implementation:
Othmar Gsenger <otti@anytun.org>
Erwin Nindl <nine@anytun.org>
Christian Pointner <equinox@anytun.org>
Debian packaging:
Andreas Hirczy <ahi@itp.tu-graz.ac.at>
Manual page:
Alexander List <alex@debian.org>
RESOURCES
---------
Main web site: http://www.anytun.org/
COPYING
-------
Copyright \(C) 2007-2008 Othmar Gsenger, Erwin Nindl and Christian
Pointner. This program is free software; you can redistribute
it and/or modify it under the terms of the GNU General Public License
version 2 as published by the Free Software Foundation.
|