| Author |
Message |
Rick Merrill
Guest
|
 Posted:
Fri Feb 04, 2005 8:44 pm Post subject:
The Trouble with NAT and VOIP |
|
|
This may shed some light for those who are trying to estabilish VOIP
behind a NAT router. - RM
from http://www.voip-info.org/wiki-NAT+and+VOIP
:
The Trouble with NAT and VOIP
"In addition, the way in which conventional VoIP protocols are designed
is also posing a problem to VoIP traffic passing through NAT.
Conventional VoIP protocols only deal with the signalling of a telephone
connection. The audio traffic is handled by another protocol and to make
matters worse, the port on which the audio traffic is sent is random.
The NAT router may be able to handle the signalling traffic, but it has
no way of knowing that the audio traffic is related to the signalling
and should hence be passed to the same device the signalling traffic is
passed to. As a result, the audio traffic is simply discarded.
"At first, for both the calling and the called party everything will
appear just fine. The called party will see the calling party's Caller
ID and the telephone will ring while the calling party will hear a
ringing feedback tone at the other end. When the called party picks up
the telephone, both the ringing and the associated ringing feedback tone
at the other end will stop as one would expect. However, the calling
party will not hear the called party (one way audio) and the called
party may not hear the calling party either (no audio).
"The issue of NAT Traversal is a major problem for the widespread
deployment of VOIP. Yet, the issue is non-trivial and there are no
simple solutions." |
|
| Back to top |
|
 |
Jim Hatfield
Guest
|
| Posted:
Fri Feb 04, 2005 10:28 pm Post subject:
Re: The Trouble with NAT and VOIP |
|
|
On Fri, 04 Feb 2005 10:44:44 -0500, Rick Merrill <RickMerrill@comcastTHROW.net> wrote:
| Quote: | "The issue of NAT Traversal is a major problem for the widespread
deployment of VOIP. Yet, the issue is non-trivial and there are no
simple solutions."
|
UDP hole-punching seems to work pretty well.
See: http://www.pdos.lcs.mit.edu/~baford/nat/draft-ford-natp2p-00.txt
--
Jim Hatfield |
|
| Back to top |
|
|
Dilbert2004
Guest
|
| Posted:
Sat Feb 05, 2005 2:31 am Post subject:
Re: The Trouble with NAT and VOIP (solution) |
|
|
There is a simple solution! Edgewater Networks has a "box" that enables
you to put your phones on private / NAT addresses. You don't have to
punch holes in your firewall !
http://www.edgewaternetworks.com
Dilbert!
Jim Hatfield wrote:
|
|
| Back to top |
|
|
Arnold Ligtvoet
Guest
|
| Posted:
Sat Feb 05, 2005 3:07 am Post subject:
Re: The Trouble with NAT and VOIP |
|
|
Rick Merrill wrote:
| Quote: | "The issue of NAT Traversal is a major problem for the widespread
deployment of VOIP. Yet, the issue is non-trivial and there are no
simple solutions."
|
'Simple Traversal of UDP Through NATs' (STUN) is pretty basic to
configure. See
http://www.zyxel.com/support/supportnote/p2002/app/ata_nat.htm
for example.
Arnold. |
|
| Back to top |
|
|
Peter Gradwell
Guest
|
| Posted:
Sat Feb 05, 2005 4:13 am Post subject:
Re: The Trouble with NAT and VOIP (solution) |
|
|
On 4 Feb 2005 13:31:25 -0800, "Dilbert2004" <dilbert2004@gmail.com>
wrote:
| Quote: | There is a simple solution! Edgewater Networks has a "box" that enables
you to put your phones on private / NAT addresses. You don't have to
punch holes in your firewall !
http://www.edgewaternetworks.com
|
It's just a little bit expensive. Per user, it seems to be cheaper to
replace the end user's ATA with one on a public IP.
There are no universal, cheap solutions. Even stuff like STUN and pin
holing doesn't work for all.
peter
--
peter gradwell. gradwell dot com Ltd. http://www.gradwell.com/
-- engineering & hosting services for email, web and voip --
-- http://www.peter.me.uk/ -- http://www.voip.org.uk/ -- |
|
| Back to top |
|
|
stephen
Guest
|
| Posted:
Sat Feb 05, 2005 6:51 pm Post subject:
Re: The Trouble with NAT and VOIP |
|
|
"Rick Merrill" <RickMerrill@comcastTHROW.net> wrote in message
news:GLednU0ms_j5BZ7fRVn-uA@comcast.com...
| Quote: | This may shed some light for those who are trying to estabilish VOIP
behind a NAT router. - RM
from http://www.voip-info.org/wiki-NAT+and+VOIP
:
The Trouble with NAT and VOIP
"In addition, the way in which conventional VoIP protocols are designed
is also posing a problem to VoIP traffic passing through NAT.
Conventional VoIP protocols only deal with the signalling of a telephone
connection. The audio traffic is handled by another protocol and to make
matters worse, the port on which the audio traffic is sent is random.
The NAT router may be able to handle the signalling traffic, but it has
no way of knowing that the audio traffic is related to the signalling
and should hence be passed to the same device the signalling traffic is
passed to. As a result, the audio traffic is simply discarded.
|
not true. the signalling protocol carries the info about which ports the
specific connections will use - otherwise how is the call going to get
connected correctly to the end point?
for example, cisco PIX has a fixup protocol that does this for you for H323
and SIP:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00801fc74a.shtml
| Quote: |
"At first, for both the calling and the called party everything will
appear just fine. The called party will see the calling party's Caller
ID and the telephone will ring while the calling party will hear a
ringing feedback tone at the other end. When the called party picks up
the telephone, both the ringing and the associated ringing feedback tone
at the other end will stop as one would expect. However, the calling
party will not hear the called party (one way audio) and the called
party may not hear the calling party either (no audio).
"The issue of NAT Traversal is a major problem for the widespread
deployment of VOIP. Yet, the issue is non-trivial and there are no
simple solutions."
|
this is actually an issue for a firewall software supplier who cannot be
bothered to write code to handle this particular protocol rather than a
problem with the protocol.
the long term fix is simple - if your firewall cant handle the voice
protocol you need - take it back, and / or complain to the supplier.
a year or 2 of that and the software will get fixed.
--
Regards
Stephen Hope - return address needs fewer xxs |
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in