anyrtpproxy(8) ============== NAME ---- anyrtpproxy - anycast rtpproxy SYNOPSIS -------- .... anyrtpproxy [ -h|--help ] [ -D|--nodaemonize ] [ -C|--chroot ] [ -u|--username ] [ -H|--chroot-dir ] [ -P|--write-pid ] [ -i|--interface ] [ -s|--control [:] ] [ -p|--port-range ] [ -n|--nat ] [ -o|--no-nat-once ] [ -S|--sync-port port> ] [ -M|--sync-hosts :[,:[...]] ] .... DESCRIPTION ----------- *anyrtpproxy* is a rtpproxy which can be used in combination with anycast. It uses the same control protocol than rtpproxy though it can be controled through the nathelper plugin of openser. *anyrtpproxy* uses the same synchronisation protocol than *Anytun* to sync the session information among all anycast instances. OPTIONS ------- *-D, --nodaemonize*:: This option instructs *anyrtpproxy* to run in the foreground instead of becoming a daemon. *-C, --chroot*:: chroot and drop privileges *-u, --username *:: if chroot change to this user *-H, --chroot-dir *:: chroot to this directory *-P, --write-pid *:: write pid to this file *-i, --interface *:: The local interface to listen on for RTP packets *-s, --control [:]*:: The local address and port to listen on for control messages from openser *-p, --port-range *:: A pool of ports which should be used by *anyrtpproxy* to relay RTP packets. The range may not overlap between the anycast instances *-n, --nat*:: Allow to learn the remote address and port in order to handle clients behind nat. This option should only be enabled if the source is authenticated (i.e. through *anytun*) *-o, --no-nat-once*:: Disable learning of remote address and port in case the first packet does not come from the client which is specified by openser during configuration. Invoking this parameter increases the security level of the system but in case of nat needs a working nat transversal such as stun. *-S, --sync-port *:: local unicast(sync) port to bind to + This port is used by anycast hosts to synchronize information about tunnel endpoints. No payload data is transmitted via this port. + It is possible to obtain a list of active connections by telnetting into this port. This port is read-only and unprotected by default. It is advised to protect this port using firewall rules and, eventually, IPsec. *-M, --sync-hosts :,[:[...]]*:: remote hosts to sync with + Here, one has to specify all unicast IP addresses of all other anycast hosts that comprise the anycast tunnel endpoint. EXAMPLES -------- Anycast Setup with 3 instances: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ On the host with unicast hostname unicast1.anycast.anytun.org and anycast hostname anycast.anytun.org: -------------------------------------------------------------------------------------- # anyrtpproxy -i anycast.anytun.org -p 20000 25000 -S 2342 \ -M unicast2.anycast.anytun.org:2342,unicast3.anycast.anytun.org:2342 -------------------------------------------------------------------------------------- On the host with unicast hostname unicast2.anycast.anytun.org and anycast hostname anycast.anytun.org: -------------------------------------------------------------------------------------- # anyrtpproxy -i anycast.anytun.org -p 25000 30000 -S 2342 \ -M unicast1.anycast.anytun.org:2342,unicast3.anycast.anytun.org:2342 -------------------------------------------------------------------------------------- On the host with unicast hostname unicast3.anycast.anytun.org and anycast hostname anycast.anytun.org: -------------------------------------------------------------------------------------- # anyrtpproxy -i anycast.anytun.org -p 30000 35000 -S 2342 \ -M unicast1.anycast.anytun.org:2342,unicast2.anycast.anytun.org:2342 -------------------------------------------------------------------------------------- BUGS ---- Most likely there are some bugs in *anyrtpproxy*. If you find a bug, please let the developers know at satp@anytun.org. Of course, patches are preferred. SEE ALSO -------- anytun(8) AUTHORS ------- Othmar Gsenger Erwin Nindl Christian Pointner RESOURCES --------- Main web site: http://www.anytun.org/ COPYING ------- Copyright \(C) 2007-2014 Markus Grüneis, Othmar Gsenger, Erwin Nindl and Christian Pointner. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or any later version.