[VoiceOps] What does an ALG actually do?

Tim Bray tim at kooky.org
Thu Feb 28 06:44:56 EST 2013


On 27/02/13 21:33, John Levine wrote:
> I realize that an ALG is a hack in a router that is supposed to allow
> SIP packets to go through a NAT router.  I also realize that for
> modern SIP equipment, ALG usually causes more problems than it solves,
> and that it's described in RFCs 2663, 3424, and others.
>
> What I can't find anywhere is what a SIP ALG actually does to the
> packets.  Is that written down anywhere, or is it just network
> folklore?
>

The simple answer is `break stuff`.

The marketing answer is `Sip is the next big thing, and we want to say 
we are "SIP READY" so we put an ALG in`.

Technically.

The OKish ALGs are passive and sniff the ports for Qos etc.

Most NAT passing ones just search and replace the IP addresses in the 
SIP and SDP.   Mainly though, I've seen them swap one IP, but not the 
other.  Or misread the port number.  Very basic search and replace 
rather than properly parsing the messages.  Bad idea.




-- 
Tim Bray
tim at kooky.org | +44 7966 479015 | http://www.kooky.org
Huddersfield, UK



More information about the VoiceOps mailing list