Presentation is loading. Please wait.

Presentation is loading. Please wait.

NAT Traversal Speaker: Chin-Chang Chang Date:2007.4.9.

Published byGervase Weaver Modified over 8 years ago

Similar presentations

Presentation on theme: "NAT Traversal Speaker: Chin-Chang Chang Date:2007.4.9."— Presentation transcript:

1 NAT Traversal Speaker: Chin-Chang Chang Date:2007.4.9

2 Outline What is NAT?  Private IP address Handling of NAT with SIP?  Nathelper module  Process Register Invite Bye/Cancel  RTPproxy Reference

3 What is NAT?(1/2) NAT (Network Address Translation) Re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall. Using NAT enables multiple hosts on a private network to access the Internet using a single public IP address.

4 What is NAT?(2/2) http://www.microsoft.com/china/windowsxp/pro/techinfo/planning/networking/nattraversal.asp

5 Private IP address Defined in RFC 1918 Address Range 10.0.0.0 - 10.255.255.255 172.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255 Routers on the Internet are normally configured to discard any traffic using private IP addresses.

6 Handling of NAT with SIP?(1/3) SIP Server UA Internet SIP Server RTP SIP Request Message SIP Response Message

7 Handling of NAT with SIP?(2/3) SIP Server NAT UA Internet SIP Server 192.168.0.2 192.168.0.3 163.22.16.33 RTP 163.22.16.40 163.22.16.35

8 Handling of NAT with SIP?(3/3) We handle NAT with NAThelper module. There are two solutions for SER. One is RTPproxy, and the other is mediaproxy. We handle all aspects of NAT at the SIP Proxy location. RTPproxy is called by NAThelper.

9 Nathelper Module(1/7) This is a module to help with NAT traversal. Check whether the client is NATed. If it’s NATed, SIP proxy would rewrite the content of SIP and SDP. The module must be loaded before usrloc module - only if the NATed contacts are to be pinged.

10 Nathelper Module(2/7) natping_interval  Period of time in seconds between sending the NAT pings to all currently registered UAs to keep their NAT bindings alive. Default value is 0.  Ex. modparam("nathelper", "natping_interval", 10) ping_nated_only  If this variable is set then only contacts that have "behind_NAT" flag in user location database set will get ping. Default value is 0.  Ex. modparam("nathelper", "ping_nated_only", 1)

11 Nathelper Module(3/7) rtpproxy_sock  Socket used to connect to RTPProxy. Ex.modparam("nathelper", "rtpproxy_sock", " unix:/var/run/rtpproxy.sock ")

12 Nathelper Module(4/7) nat_uac_test(flags) Tries to guess if client's request originated behind a nat. Meaning of the flags is as follows:  1 - Contact header field is searched for occurrence of RFC1918 addresses.  2 - the "received" test is used: address in Via is compared against source IP address of signaling  4 - Top Most VIA is searched for occurrence of RFC1918 addresses  8 - SDP is searched for occurrence of RFC1918 addresses  16 - test if the source port is different from the port in Via

13 Nathelper Module(5/7) All flags can be bitwise combined. The test returns true if any of the tests identified a NAT. Ex. If(nat_uac_test(“19”)) setflag(6);

14 Nathelper Module(6/7) force_rtp_proxy()  Rewrites SDP body to ensure that media is passed through an RTP proxy. unforce_rtp_proxy()  Tears down the RTPProxy session for the current call fix_nated_contact()  Rewrites Contact HF to contain request's source address:port.

15 Nathelper Module(7/7) fix_nated_register()  The function creates a URI consisting of the source IP, port, and protocol and stores the URI. The URI will be appended as "received" parameter to Contact in 200 OK and registrar will store it in the user location database.

16 Process-REGISTER nat_uac_test ……. setflag(6) fix_nate_register() Force_rport() …… REGISTER YES UA When SIP client attempt to REGISTER with our SIP proxy, we need a way to tell the registrar module to store NAT information of this particular UA. Via:SIP/2.0/UDP 192.168.0.2:8345;rport=3 2770;received=10.10.61.1 07;branch=z9hG4bK- d87543- b50cb4161d357529-1-- d87543- Contact: ;expires= 3600;received="sip:10.10. 61.107:32787"

17 Process-INVITE Isflagset(6) ……. force_rport() fix_nate_contact() force_rtp_proxy() …… INVITE YES UA Nathelper will then communicate to rtpproxy, which will allocate RTP ports and the SDP payload of the INVITE will be rewritting. Connection Information (c): IN IP4 163.22.16.40

18 Process-BYE/CANCEL Signal is BYE or CANCEL? ……. Unforce_rtp_proxy() …… BYE or CANCEL YES UA Ensure that the call is torn down when a call is hung up (BYE) or cancelled (CANCEL).

19 RTPproxy(1/2) RTPProxy NAT UA RTP 163.22.16.33 10.10.61.107 192.168.0.2 192.168.0.7 163.22.16.40

20 RTPproxy(2/2)

21 Reference RTPproxy http://ftp.iptel.org/pub/rtpproxy/ SER - Getting Started Document http://www.iptel.org/ser/doc/gettingstarted http://www.iptel.org/ser/doc/gettingstarted Nathelper module http://www.openser.org/docs/modules/1.2.x/n athelper.html

Download ppt "NAT Traversal Speaker: Chin-Chang Chang Date:2007.4.9."

Similar presentations

SIP(Session Initiation Protocol) - SIP Messages

SIP(Session Initiation Protocol) - SIP Messages
SIP, Presence and Instant Messaging

SIP, Presence and Instant Messaging
SIP, Firewalls and NATs Oh My!. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.
www.dynamicsoft.com Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.

Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.
NETW-250 Troubleshooting Last Update 2014.02.19 1.0.1 Copyright 2012-2014 Kenneth M. Chipps Ph.D. www.chipps.com 1.

NETW-250 Troubleshooting Last Update Copyright Kenneth M. Chipps Ph.D. 1.
SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.

SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.
NAT/Firewall Traversal April 2009. NAT revisited – “port-translating NAT”

NAT/Firewall Traversal April NAT revisited – “port-translating NAT”
STUN Date: 2011-05-25 Speaker: Hui-Hsiung Chung 1.

STUN Date: Speaker: Hui-Hsiung Chung 1.
1 NAT Traversal for VoIP Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University.

1 NAT Traversal for VoIP Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University.
January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.

January 23-26, 2007 Ft. Lauderdale, Florida An introduction to SIP Simon Millard Professional Services Manager Aculab.
1 SIP-based VoIP Lab. 2 Step 1: Connect Your PC to The Network Get your laptop connected to the campus WLAN. –Run ipconfig to show your own IP address.

1 SIP-based VoIP Lab. 2 Step 1: Connect Your PC to The Network Get your laptop connected to the campus WLAN. –Run ipconfig to show your own IP address.
H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.
1 Internet Networking Spring 2004 Tutorial 13 LSNAT - Load Sharing NAT (RFC 2391)

1 Internet Networking Spring 2004 Tutorial 13 LSNAT - Load Sharing NAT (RFC 2391)
NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.
1 Comnet 2010 Communication Networks Recitation 7 Lookups & NAT.

1 Comnet 2010 Communication Networks Recitation 7 Lookups & NAT.
Session Initiation Protocol (SIP) By: Zhixin Chen.

Session Initiation Protocol (SIP) By: Zhixin Chen.
1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.

1 Network Address Translation (NAT) Relates to Lab 7. Module about private networks and NAT.
CSc 461/561 CSc 461/561 Multimedia Systems Part C: 2. SIP.

CSc 461/561 CSc 461/561 Multimedia Systems Part C: 2. SIP.
SIP, NAT, Firewall SIP NAT Firewall How to Traversal NAT/Firewall for SIP.

SIP, NAT, Firewall SIP NAT Firewall How to Traversal NAT/Firewall for SIP.
SIP, Session Initiation Protocol Internet Draft, IETF, RFC 2543.

SIP, Session Initiation Protocol Internet Draft, IETF, RFC 2543.

Similar presentations

Ads by Google