<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=Windows-1252">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
span.EmailStyle19
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body lang="EN-US" link="blue" vlink="purple" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The acme/oracle way of doing Hosted NAT Traversal is to set the expire time down to 30 seconds and have the phones REGISTER every 30 seconds. The SBC eats the registration so it doesn’t overload the switch. If the CGN NAT drops the
entry it gets recreated with the new registration in 30 seconds.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">We have had very good results with the acme/oracle approach<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal" style="margin-bottom:12.0pt"><b><span style="font-size:12.0pt;color:black">From:
</span></b><span style="font-size:12.0pt;color:black">VoiceOps <voiceops-bounces@voiceops.org> on behalf of Pete Mundy <pete@mac.geek.nz><br>
<b>Date: </b>Thursday, June 10, 2021 at 5:11 PM<br>
<b>To: </b>VoiceOps <voiceops@voiceops.org><br>
<b>Subject: </b>Re: [VoiceOps] "Timeout" on VoIP call traversing Verizon data<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal">CAUTION: This email originated from outside of Crocker. Do not click links or open attachments unless you recognize the sender and know the content is safe.<br>
<br>
<br>
Precisely. And those "NAT table entries" eventually time out. On CG-NAT they often time out aggressively; <60 seconds. Hence sending OPTIONS over SIP over UDP regularly keeps the NAT table entries refreshed and active and therefore the UDP 'connection' open.
I've come across firewalls with 30 second timeouts, so we use 25 second keepalives (OPTIONS).<br>
<br>
Pete<br>
<br>
>> On 11/06/2021, at 8:24 AM, Alex Balashov <abalashov@evaristesys.com> wrote:<br>
>><br>
>> Not to muddy the waters here with needless pedantry, but:<br>
>><br>
>> While UDP may be "connectionless", the only way UDP, and in particular, symmetric SIP signalling, can work through NAT is if a stateful firewall + NAT gateway has some awareness (that is, state) of UDP "flows", or groups of packets flowing between ports
consistently in some kind of temporary logical association--one might say, the endpoints have a "connection" of sorts...<br>
>><br>
>> -- Alex<br>
>><br>
> On 6/10/21 4:07 PM, Peter Beckman wrote:<br>
> uhhhh.... SIP here is UDP, no?<br>
> There's no connection to close for UDP.<br>
> The source port for UDP doesn't matter. It's not part of the whole<br>
> conversation, unless your switch cares that all communications continue to<br>
> come from the source port. It's connectionless.<br>
> TCP 5060 isn't even listening on our switches.<br>
> So, maybe you're doing SIP over TCP?<br>
> On Thu, 10 Jun 2021, Mark Wiles wrote:<br>
_______________________________________________<br>
VoiceOps mailing list<br>
VoiceOps@voiceops.org<br>
<a href="https://puck.nether.net/mailman/listinfo/voiceops">https://puck.nether.net/mailman/listinfo/voiceops</a><o:p></o:p></p>
</div>
</div>
</body>
</html>