This diagram explains what values should be specified when adding Media Broker configuration to a FCSDK installation:
Local Address CIDR - is the address range the Media Broker will bind to for RTP communications on the SIP Network.
If you have 2 network interfaces on the box don't use 'all' as the CIDR but target the internal interface only For example X.X.X.X/32
Source CIDR Address - is the address range on which the Gateway will receive WebRTC traffic from clients
If all external traffic comes via a single ReverseProxy you can create a rule with the ReverseProxy internal address as the Source CIDR (X.X.X.X/32) with the Public address as the external firewall address. Then to allow internal clients to connect directly to the Gateway you can create a 2nd rule with 'all' as the Source CIDR with the Public address as the internal Media Broker address.
When the X-Forwarded-For header is not present, the Web Gateway uses the source-address of the incoming WebSocket to select the public IP and port the client uses to send media to the Media Broker. Typically, when acting as a NAT, a WAF or Reverse Proxy presents its internal source address to the Gateway.
When a X-Forwarded-For header is present on a client's requests, the Web Gateway will the value of the last header to select the public IP and port the client must use.
Public Address - is the address the client must send RTP traffic to; typically the front of a firewall.
Local Address - is the address the Media Broker will bind to in order to receive RTP traffic
Configuring Multiple Media Broker Ports
Media Brokers of FCSDK 2.1.31 introduces simultaneous rtp-proxy processes for managing calls. This impacts how ports are allocated between these processes.
- SIP port Range - These ports are distributed across the rtp-proxy instances, in groups of 4.
- Number of SIP-Ports to allocated = (4 ports for every WEB-RTC Client per call)x( Maximum Number of Concurrent calls on a Media Broker) + (a small contingency [eg: 10%]).
- Ports are not reallocated immediately when a call is ended, so on smaller systems the contingency should be a larger percentage.
- WEB-RTC Port Range:
- Number of WEB-RTC Ports to Allocated = (Number of rtp-proxy processes [default is 5]).
- It is necessary to allocate the same number of ports to each Source CIDR Address to ensure that each rtp-proxy process can assign the correct interface/port pair to a call.
Above is an example configuration for 1 Media Broker with 5 rtp-proxy processes. It is intended to be used with Live Assist™; where a consumer's media is sent to a public IP address, but Agent media is sent to an internal interface.
It is possible to allocate the same local port and interface (eg: 172.31.252.111:16000) against each CIDR.
When modifications to the ports are made all rtp-proxy processes will restart to acquire their new config. This will terminate any calls in progress.
In case of a public Internet or ISP outage, some installations require that a Media Broker supports more than a single public Media Broker Address. This can be done by:
- Defining 2 (or more) Source Addresses for each ISP.
- Allocating disjoint sets of public addresses against each source address.
If an ISP becomes unavailable the Media Broker will stop receiving requests from the ISP; as a result the set of public addresses will never be allocated.