I have a network with a Debian router, using iptables for NAT and firewalling. Connected to it via a Wi-fi acces point is, among other things, an Android phone. This is mosty relevant in that I cannot vary its settings very much, other than by changing them on the router.
I have IPv6 on the network, and, were all the apps I need to use on the phone enabled, there would not be a problem, however some of them require IPv4. I have both public and private networks - let's say they are 192.0.2.48/28 and 192.168.0.0/24. My network includes several physical machines that act as servers, and all such machines have addresses in both IPv4 ranges, statically assigned. Machines not used as servers have private addresses only, assigned by DHCP. radvd is in use to assign IPv6 addresses and DNS servers. It is probably most notable that one server is running Asterisk, as it is partially herein that the problem lies. I am trying to connect Zoiper on the Android phone to it using IAX. The router has addresses 192.0.2.49 and 192.168.0.1. The Asterisk box has 192.0.2.51 and 192.168.0.4. The phone has been assigned 192.168.0.130 on this occasion. The router has NAT set up on 192.0.2.62 to enabre the private address only systems to access the Internet. If I set up Zoiper to use the FQDN of the Asterisk box, it connects just fine when I am not at home. However, when I am at home, it still uses the public IP address (192.0.2.51) of the Asterisk box, which, because it can see the phone directly, then responds using its own private address (192.168.0.4) - this causes Zoiper to fail to register. (it is clear from a tcpdump that this is happening) At no point does the router get involved in the communication between the phone and the Asterisk box. To do so might make things easier, or could just add an unnecessary layer of complexity. The answer to the problem could lie in several places: - If I could somehow get the phone to use the NAT to communicate with the Asterisk box, that would probably work. - If I could get the phone to pick up the private address of the Asterisk box rather than the public one, that would probably work. I have tried setting up to do this with dnsmasq, but the IPv6 settings for DNS cause this to be overridden. If I could somehow change the priority of this on the phone, it would help. - If I could persuade the Asterisk box to respond on its public address rather than its private one, that would probably work. - If I could find an IPv6-enabled equivalent of Zoiper, that would probably work. - If I could find an equivalent of Zoiper that would work registered to the private IP address when at home and the public one elsewhere, that would work. The first three, if possible, should be possible on the Debian side of things. The others are clearly outside Debian. I am happy to do whatever it takes to investigate this further, but am a bit at a loss on how to proceed from here. Does anyone have any suggestions on how I might proceed? -- Phil Reynolds mail: phil-deb...@tinsleyviaduct.com Web: http://phil.tinsleyviaduct.com/
