felipecrs
January 5, 2022, 4:36pm
1
We are creating a new Asterisk SIP server add-on for helping setting up doorbell calls through Home Assistant. There, however, it’s needed to forward a range of ports for RTP communication.
What we are doing today is this:
Which is far from ideal. Also, Asterisk recommends a bigger range, which could not be achieved adding all (let’s say, 100) ports in the UI.
It would be awesome if this new feature could be supported. If any hints about its implementation (like where things should go, I think I can send a PR as well).
ludeeus
January 5, 2022, 5:46pm
2
Honestly… if you need all that just run the addon on the host network.
hi, when running on host network , the add-on still gets an ip of the 172.x range, so thats still an issue then ?
it would be great if we could enable “macvlan”, so the container gets an direct IP address of the dhcp server on local lan ?
is that possible with add-ons.?
ludeeus
January 5, 2022, 8:27pm
4
When you use host network the ports are reachable on the host IP.
felipecrs
January 5, 2022, 8:39pm
5
No way, there are many discouragements of doing that:
I don’t need to expose all the ports of the service, some can be accessed through docker internal network using the add-on hostname
Ports could potentially overlap, with network host there is no option to map one port to another
Very dangerous for such a simple case… This is a feature of docker anyway.
felipecrs
January 5, 2022, 8:40pm
6
pergola.fabio:
hi, when running on host network , the add-on still gets an ip of the 172.x range, so thats still an issue then ?
There is no problem in the add-on receiving the 172.x IP internally. Is there?
host_network can indeed do the trick for us, but it’s very discouraged.
felipecrs
January 5, 2022, 8:41pm
7
ludeeus
January 5, 2022, 8:44pm
8
The traccar addon also has an enormous amount of ports, it uses host network
no, that isnt a problem
but how to make port forwarding rules from a router ? will that work?
opening ports in router to 192.168.0.100 , will that work then?
felipecrs
January 5, 2022, 8:48pm
10
Yes, all normal, the way you do today. Just use the IP of your HA host.
felipecrs
January 5, 2022, 8:52pm
11
For example, Asterisk opens way more ports than we actually need. Without host_network they don’t actually get exposed to the outside network, which is a good thing.
Yeah, but it’s still not a huge problem, because you still have to forward the port range from the router, and you can forward less ports than are actually exposed.
felipecrs
January 5, 2022, 9:12pm
13
Well… you are considering that the local network is a safe place. What if it’s not? lol.
felipecrs
January 5, 2022, 9:14pm
14
By the way, we switched to host_network for now . Thank you for the suggestion.
But, it would be very welcome the ability of mapping port ranges. I think there isn’t any single drawback of adding such a feature. Is there?
Well obviously the answer to “what if it’s not” - is that there are much bigger problems, if your local network is not “safe”.
TECHFox
January 5, 2022, 10:29pm
16
It’s a option in docker for a reason. This is quite a simple and basic feature and would be very useful for certain use cases.
1 Like
