Media relays also need to begin receiving media before they start sending. Then locks (latches) the Port:IP from which the RTP came with its internal address. SBC will replace the IP:ports in SDP by its own address and then waits for the RTP data sent from the UEs. In IMS we typically use the SBC which performs the ‘latching’ also called Hosted Nat Traversal (HNT). Another example is when a SIP SBC sends an SDP Offer in a SIP INVITE to a residential customer’s UE and receives back SDP in a 18x response, the SBC may decide, for policy reasons, not to send media to that customer UE until a SIP 200 response has been received (e.g., to prevent toll- fraud). For example if a SIP SDP Offer originally came from a UE behind a NAT, the SIP SBC cannot send media to it until an SDP Answer is given to the UE and ‘latching’ occurs. In practice such media may or may not be received, depending on the implementations participating in a given session, local policies, and call scenario. The offer/answer media negotiation model is such that once an offer is sent, the client generating the offer needs to be prepared to receive media on the advertised address/ports. How to deal with NAT in IMS is described in the RFC 7362 and RFC 6314. Moreover the SBC also provides a way how to deal with a NAT within the access network – NAT Traversal Functionality. That is a job for Session Border Controller (SBC). But because the SIP/SDP contain numeric IP addresses and Ports, we have to be able to provide NAT functionality on the Service/Application layer too. So far we’ve been talking about a NAT implemented on IP layer. Hence we need to use some kind of proxy and use its IP:port in SDP instead. In case of Symmetric NAT this is not possible as the NAT will assign this IP:port dynamically. For now it is important that for Cone NATs we can find a ‘reflexive’ address – the public IP:port which can be put in the SDP for the future RTP communication. It is either possible to find a fixed public IP:port address which can be used for communication over the public internet or we can’t predict what public IP:port tuple will be assigned by the NAT a new communication stream. Some NATs apply endpoint dependent filtering on incoming packets, as described in RFC4787 and thus a UE may only be able to receive packets from the same remote peer IP:port as it sends packets out to.http client as this one always initiates the communication.) The policies performed by NATs, and explicit in Firewalls, are such that packets from outside the NAT cannot reach the UE until the UE sends packets out first.As mentioned the IP:port encoded in SDP bodies by NATed UEs can’t be used across the Internet, because they represent the private network addressing information of the UE rather than the addresses/ports that will be mapped to/from by the NAT.There are 3 basic issues with NAT traversal for SIP/SDP: The media communication is then established on these IP:ports. As the addresses and ports are private the other clients can’t use them as they don’t see each other. These IP addresses are in the SIP body in the SDP content. It means we’re exchanging IP addresses of the originator and recipient which will be then used for (e.g. Let’s remind that the SIP+SDP are used to establish a media session. Why we care about the NAT anyway? And what’s wrong with the SIP? The traffic then can originate only from the private network (private IP space is not directly addressable from the public network). Typically we can found NATs which mask behind one public IP a whole private network (one-to-many NAT). The basic functionality of NAT is to translate one IP into another. topology hiding, port and IP restrictions etc. These days the NAT is used also for security reasons e.g. NAT is technique which became in conjunction with IP masquerading a popular as an essential tool in conserving global address space allocations in face of IPv4 address exhaustion. In 2015 we still use the NATs and I’d think (! the same mistake again) that we’ll use it for a couple more years. But they also believed the the Network Address Translation (NAT) is only a temporary solution which will be obsolete once everyone will use IPv6. The authors of SIP and SDP designed (1996) a great concept which really addressed the needs of not just real-time communication for the next two decades.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |