[VoiceOps] "...but it works with Packet8"
Alex Balashov
abalashov at evaristesys.com
Sat Aug 21 14:27:57 EDT 2010
The formula for successful far-end NAT traversal is:
1. CPE with symmetric NAT capability (most CPE these days).
2. Far-end media relay and draft-comedia style media source port
detection.
This one is really key. It is critical for the service provider to
ignore the media ports advertised in the customer-side SDP and
"listen" to the media stream for the "actual" source port that is
translated by the NAT gateway. This requires a media gateway and/or
relay that has the intelligence to wait at least one packetisation
cycle for RTP received from the customer end before sending media back
to it, and does assume symmetric RTP.
Most higher-end commercial SBCs can do this, but the option has to be
explicitly turned on. The default behaviour here may account for the
difference you see.
There is pretty much no way to solve this problem without media relay
at the service provider end, i.e. in case you were hoping for a purely
proxy-based solution.
3. Yes, force rport.
4. Yes, aggressive override of network and transport-layer identifying
information in SIP headers.
5. Disable all SIP ALGs on any firewalls and routers on the customer side.
--
Alex Balashov - Principal
Evariste Systems LLC
1170 Peachtree Street
12th Floor, Suite 1200
Atlanta, GA 30309
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/
More information about the VoiceOps
mailing list