NAT/ALG Use the hyperlinks to dive deeper Use the arrow keys below to navigate  Start off your Journey … Use Q&A  links fo...
Preface: The home/office VoIP problem ( Sound alert! ) Jeng is sitting at home in front of her PC.  She has just installed...
NAT/ALG - Content Note: Voice Narrations appear in the SIP Illustrated eLearning only in places where extra emphasize or c...
Intro: What NAT is <ul><li>NAT  stands for &quot; N etwork  A ddress  T ranslator&quot;.  It is a network layer creature w...
Why we need ALG <ul><li>Seemingly, so far so good… However NAT and private IP domains introduce serious traversal problem ...
How ALG works <ul><li>ALG  ( A pplication  L ayer  G ateway) is one of the offered solutions to that problem.  It is a pie...
How ALG works - continue <ul><li>ALG and NAT therefore can be viewed as two components of the same solution.  Normally the...
ALG Built in the phone – a detailed example <ul><li>ALG may be also built-in a ‘smart’ SIP phone.  The SIP phone in such a...
ALG Built in the phone – a detailed example - overview <ul><li>The example includes the following steps: </li></ul><ul><li...
step 1 - resolving the host name of the web server <ul><li>Step 1 : SIP phone, A, is configured with the Host name of HTTP...
step 2 - receiving the IP address of the web server <ul><li>Step 2 :  The DNS server responds with the IP address of the w...
step 3 - asking the web server for the NAT address <ul><li>Step 3 :  The SIP client, A, establishes a TCP connection with ...
step 4 - receiving the “NATTed” IP address of the PC <ul><li>Step 4 :  The web server responds with the IP address of the ...
step 5 – Sending an INVITE req. to the outbound SIP proxy <ul><li>Step 5 :  The Xten SIP client sends an INVITE request de...
step 6 – Forwarding the INVITE to user B ( Sound alert! ) <ul><li>Step 6 :  The SIP proxy ( looks up user B in its registr...
step 7 – Stop (potential) retransmissions at A (100 Trying) <ul><li>Step 7 :  The SIP proxy sends ‘100 Trying’ back to A, ...
step 8 – Letting user A know that user B’s phone is ringing <ul><li>Step 8 :  B sends ‘180 Ringing’ back ( to indicate tha...
step 9 - user A’s phone plays a Ring Back Tone ( Sound alert! ) <ul><li>Step 9 :  The SIP proxy forwards the ‘180 Ringing’...
step 10 - user B has picked up the phone <ul><li>Step 10 :  B sends ‘200 OK’ back ( to indicate that the user has picked u...
step 11 - user A’s phone receives an answer indication <ul><li>Step 9 :  The SIP proxy forwards the ‘200 OK’ back to A, ( ...
step 12  - Completing the SIP signaling handshake (ACK) <ul><li>Step 12 :  The Xten SIP client sends an ACK request destin...
step 13 – Forwarding the ACK to user B <ul><li>Step 13 :  The SIP proxy forwards the ACK to endpoint B  (Note: this can be...
step 14  - Conversation time (first RTP - “Hello”) ( Sound alert! ) <ul><li>Step 14 :  User B says “hello”.  SIP client B ...
Post mortem – a surprise! <ul><li>Taking the approach of “do not confuse me with the facts…” we cheated a little bit… </li...
Help/about Next Page Prev Page Last Page First Page HELP (In case you haven’t noticed how you got here… :-)) Last Page Vie...
Upcoming SlideShare
Loading in …5
×

View the powerpoint tutorial here

1,963 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,963
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
15
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

View the powerpoint tutorial here

  1. 1. NAT/ALG Use the hyperlinks to dive deeper Use the arrow keys below to navigate Start off your Journey … Use Q&A links for follow up Q. Make sure you run in a… … slide show mode (F5) Taken from SIP Illustrated – Advanced Topics Module
  2. 2. Preface: The home/office VoIP problem ( Sound alert! ) Jeng is sitting at home in front of her PC. She has just installed a new (SIP-based) soft phone (Xten) on the PC. She can’t wait to use it to call her professor at school (on his soft phone) and tell him the good news… She locates the professor’s contact in her address book and clicks on it... You can try it yourself by clicking the red circle below. Looks like this is going to work. Is that so...? Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router 68.87.66.196 IP
  3. 3. NAT/ALG - Content Note: Voice Narrations appear in the SIP Illustrated eLearning only in places where extra emphasize or clarifications are needed! This demo has no Voice Narrations. <ul><li>Intro …………………………………………………………………………………………………………………………………… 2-5 </li></ul><ul><ul><li>What NAT is ……………………………………………………………..………………………………………………... 4 </li></ul></ul><ul><ul><li>Why we need ALG …………………………………………………………………………………………………....... 5 </li></ul></ul><ul><ul><li>How ALG works ……………………………………………………………………………………………………...... 6-7 </li></ul></ul><ul><li>ALG built in the phone – a detailed example ……………………………………………………………………………… 8 </li></ul><ul><ul><li>Overview ………………………………………………………………………………………………………………….... 9 </li></ul></ul><ul><ul><li>Step 1 - resolving the host name of the web server …………………………………………………………. 10 </li></ul></ul><ul><ul><li>Step 2 - receiving the IP address of the web server ………………………………………………………... 11 </li></ul></ul><ul><ul><li>Step 3 - asking the web server for the NAT address ……………………………………………………….. 12 </li></ul></ul><ul><ul><li>Step 4 - receiving the “NATTed” IP address of the PC ……………………………………………………. 13 </li></ul></ul><ul><ul><li>Step 5 - Sending an INVITE req. to the outbound SIP proxy ………………………………………….. 14 </li></ul></ul><ul><ul><li>Step 6 - Forwarding the INVITE to user B ……………………………………………………………………. 15 </li></ul></ul><ul><ul><li>Step 7 - Stop (potential) retransmissions at A (100 Trying) ………………….............................. 16 </li></ul></ul><ul><ul><li>Step 8 - user B’s phone is ringing ………………………………………………………………………………… 17 </li></ul></ul><ul><ul><li>Step 9 - user A’s phone plays a Ring Back Tone …………………………………………………………….. 18 </li></ul></ul><ul><ul><li>Step 10 - user B has picked up the phone ……………………………………………………………………… 19 </li></ul></ul><ul><ul><li>Step 11 - user A’s phone receives an answer indication …………………………………………………… 20 </li></ul></ul><ul><ul><li>Step 12 - Completing the SIP signaling handshake (ACK) ……………………………………………….. 21 </li></ul></ul><ul><ul><li>Step 13 - Forwarding the ACK to user B ……………………………………………………………............... 22 </li></ul></ul><ul><ul><li>Step 14 - Conversation time (first RTP - “Hello”) …………………………….................................... 23 </li></ul></ul>play stop
  4. 4. Intro: What NAT is <ul><li>NAT stands for &quot; N etwork A ddress T ranslator&quot;. It is a network layer creature whose job in life is to &quot;hide&quot; hosts on a corporate or home private sub network by granting them on-the-fly &quot;external&quot; IP addresses when they send packets to the external IP world. The motivation behind this trick is to enable private networks reuse expensive and rare IPV4 addresses, which might be in &quot;official&quot; use by hosts on the public Internet or on other private networks. The NAT accomplishes the “hiding” task by mapping the internal IP address of the host (and port) to a public/routable one. In figure 1 below the NAT server maps the private IP address of user-A (10.1.1.1) to a public one, 157.55.0.1. User-B will therefore see incoming IP packets (from A) with the address 157.55.0.1. User-B will send IP packets back to A by using destination address of 157.55.0.1. The NAT server (based on its internal mapping/binding) will translate the IP address 157.55.0.1 back to the original private address, 10.1.1.1, and will then forward the packet to user-A. </li></ul>Figure 1: A typical NAT server NAT server Private IP Public IP Public IP
  5. 5. Why we need ALG <ul><li>Seemingly, so far so good… However NAT and private IP domains introduce serious traversal problem for SIP networks. For instance, SIP endpoint, which “hides” in the private domain behind a NAT, would naturally populate the address related fields in a SIP message it generates with private IP address values (e.g. Contact: SIP:user-A@10.1.1.1:5060)! Same for the address fields in the SDP element (e.g. C = IN IP4 10.1.1.1). These values are not routable, meaning both SIP messages and RTP packets sent back to these addresses would not be able to reach these destinations. The figure below illustrates this problematic situation. </li></ul>INVITE sip:User-B@there.edu SIP/2.0 Via : SIP/2.0/UDP 10.1.1.1 ; branch=z9hG4bK1; <CRLF> Max-Forwards: 70 From : BigGuy <sip:User-A@ 10.1.1.1:5060 > ; tag=b66ks127ha To: LittleGuy <sip:User-B@there.edu> <CRLF> Call-ID: 12345601@a.here.edu CSeq: 1 INVITE <CRLF> Contact : BigGuy <sip:User-A@ 10.1.1.1:5060 > Content-Type: application/sdp <CRLF> Content-Length: 179 v= 0 o= User-A 2890844526 2890844526 IN IP4 a.here.edu s= A simple SDP Session c= IN IP4 10.1.1.1 m= audio 49172 RTP/AVP 0 98 Private IP-address:port embedded in the SIP/SDP INVITE request.
  6. 6. How ALG works <ul><li>ALG ( A pplication L ayer G ateway) is one of the offered solutions to that problem. It is a piece of hardware or/and (application layer) software, which works together with the NAT. It replaces the private IP:port addresses in an outgoing SIP/SDP message with public ones. It then instructs the NAT to create public-private mapping accordingly. The incoming SIP and RTP packets will thus carry public IP addresses:ports, which will get mapped-back by the NAT to the original private IP addresses:ports of the SIP endpoint behind it. In the example below the private IP address of user-A, 10.1.1.1, is mapped to 157.55.0.1, and the private ports 5060 (SIP) and 49172 (RTP) are mapped to 2222 and 3333 respectively. </li></ul>INVITE sip:User-B@there.edu SIP/2.0 Via : SIP/2.0/UDP 157.55.0.1:2222 ;branch=z9hG4bK1; Max-Forwards: 70 From : BigGuy <sip:User-A@ 157.55.0.1 :2222 > ; tag=b66ks127ha To: LittleGuy <sip:User-B@there.edu> <CRLF> Call-ID: 12345601@a.here.edu CSeq: 1 INVITE <CRLF> Contact : BigGuy <sip:User-A@ 157.55.0.1 :2222 > Content-Type: application/sdp <CRLF> Content-Length: 179 v= 0 o= User-A 2890844526 2890844526 IN IP4 a.here.edu s= A simple SDP Session c= IN IP4 157.55.0.1 3333 m= audio 49172 RTP/AVP 0 98 The Private IP-address:port, which is embedded in the SIP/SDP INVITE request, gets translated by the ALG to the NAT public ones.
  7. 7. How ALG works - continue <ul><li>ALG and NAT therefore can be viewed as two components of the same solution. Normally they would be implemented by two applications sharing the same machine. The SIP signaling must always go through the ALG component. This will ensure it gets the right translation. The RTP media does NOT have to go through the ALG component, but can go directly through the NAT component. The NAT will make sure it correctly redirects/maps incoming RTP packets back to the end point (e.g. user-A in our example). Same for incoming SIP packets. </li></ul>Figure 4: A typical NAT server + ALG NAT server ALG SIP RTP Private IP Public IP
  8. 8. ALG Built in the phone – a detailed example <ul><li>ALG may be also built-in a ‘smart’ SIP phone. The SIP phone in such a case can learn by various means about being located behind a NAT. These means include running the STUN protocol or other proprietary solutions (e.g. obtaining the public IP address of the NAT from a ‘special’ web server). What follows is a detailed example of a SIP call initiated by such a smart phone. The ‘smart’ phone, A, is used by a student (Jeng) from her home to call her Professor, who uses his SIP phone, B, at school. As can be seen below Jeng’s home is connected to the Internet via cable modem. Her home router acts as a NAT (since the IP addresses of the home devices are allocated by it locally). She uses SIP Xten soft phone on her PC (AKA CounterPath). The Call (signaling) goes via SIP proxy, which is located at the school domain. </li></ul>“ brands.xten.net” Web server Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router 68.87.66.196 64.69.76.10 Xten.com domain IP
  9. 9. ALG Built in the phone – a detailed example - overview <ul><li>The example includes the following steps: </li></ul><ul><li>Steps 1–4 - NAT discovery </li></ul><ul><li>Steps 5–13 - Call setup (INVITE transaction utilizing the NAT info obtained in steps 1-4) </li></ul><ul><li>Step 14 - Conversation (over RTP) </li></ul><ul><li>Next is a detailed breakdown of each step. </li></ul>“ brands.xten.net” Web server Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router 68.87.66.196 64.69.76.10 Xten.com domain IP
  10. 10. step 1 - resolving the host name of the web server <ul><li>Step 1 : SIP phone, A, is configured with the Host name of HTTP (web) server in the Internet (brands.xten.net). It received via DHCP the IP address of the DNS server (along with its own IP address). It sends the DNS server a query for resolving the Host name of the web server to an IP address. (Note: The IP packet below was captured by a sniffer sitting on the LAN of the DNS server. That’s why the source IP address is the IP address of the NAT) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 24.15.254.243 Dst add: 68.87.66.196 UDP: Src port: 1026 Dst port: 53 DNS: (brands.xten.net; IP address = ?) 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain IP
  11. 11. step 2 - receiving the IP address of the web server <ul><li>Step 2 : The DNS server responds with the IP address of the web server. (Note: The DNS server saw source address of 24.15.254.243. i.e. the IP address of the home NAT. Thus it sends its response there. It does not know neither care that the source of the query sits behind a NAT. The NAT forwards the IP packet, which encapsulates the DNS response back to the PC, based on the mapping it created between the PC IP address (192.168.1.101) and the IP address of the DNS server (68.87.66.196)) => Click HERE to play the animation (and look below…) <= </li></ul>Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 68.87.66.196 Dst add: 24.15.254.243 UDP: Src port: 53 Dst port: 1026 DNS: (IP address is: 64.69.76.10) 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain IP
  12. 12. step 3 - asking the web server for the NAT address <ul><li>Step 3 : The SIP client, A, establishes a TCP connection with the web server and sends over it an HTTP GET request. (Note: This is a non-standard trick used by Xten to implement the STUN idea.) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 24.15.254.243 Dst add: 64.69.76.10 TCP: Src port: 1082 Dst port: 80 HTTP: GET (“My NATTed IP address”) 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain IP
  13. 13. step 4 - receiving the “NATTed” IP address of the PC <ul><li>Step 4 : The web server responds with the IP address of the NAT. (Note: next the PC will use this information to set up correctly the address related fields in the SIP INVITE and its SDP payload (and by doing so it practically implements ALG functionality!)) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 64.69.76.10 Dst add: 24.15.254.243 TCP: Src port: 80 Dst port: 1082 DNS: (NAT IP address is: 24.15.154.243) 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain IP
  14. 14. step 5 – Sending an INVITE req. to the outbound SIP proxy <ul><li>Step 5 : The Xten SIP client sends an INVITE request destined to the SIP proxy (Note: The PC Xten client is configured with the IP address of the SIP proxy (located at school). Every outgoing SIP request will be sent therefore to the proxy on/to the well known port) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 24.15.254.243 Dst add: 1 29.119.110.17 UDP: Src port: 5060 Dst port: 5060 SIP: INVITE (user B) 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain IP SIP : Request-URI: sip:prof@129.119.110.17; Via: SIP/2.0/UDP 24.15.254.243:5060 Contact:<sip:jeng@24.15.254.243:5060>; SDP : c= IN IP4 24.15.254.243; media port=8000
  15. 15. step 6 – Forwarding the INVITE to user B ( Sound alert! ) <ul><li>Step 6 : The SIP proxy ( looks up user B in its registry table and based on that ) forwards the INVITE to endpoint B (Note: The school IP network is in the public domain (129.119.x.x)) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Proxy 129.119.110.17 Home Comcast School DNS A B 192.168.1.101 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 129.119.110.17 Dst add: 1 29.119.110.19 UDP: Src port: 1039 Dst port: 5060 SIP: INVITE (user B) 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain SIP : Request-URI: sip:prof@129.119.110.19 ; Via: SIP/2.0/UDP 129.119.110.17:5060 ; Via: SIP/2.0/UDP 24.15.254.243:5060; Record Route: <sip:129.119.110.17:5060> Contact:<sip:jeng@24.15.254.243:5060>; SDP : c= IN IP4 24.15.254.243; media port=8000 IP
  16. 16. step 7 – Stop (potential) retransmissions at A (100 Trying) <ul><li>Step 7 : The SIP proxy sends ‘100 Trying’ back to A, ( so A can now advance its state machine to the next state and halts potential retransmissions of the INVITE ) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Proxy 129.119.110.17 Home Comcast School DNS A B 192.168.1.101 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 129.119.110.17 Dst add: 24 .15.254.243 UDP: Src port: 1039 Dst port: 5060 SIP: 100 Trying 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain SIP : SIP/2.0 100 Trying Via: SIP/2.0/UDP 24.15.254.243:5060 IP
  17. 17. step 8 – Letting user A know that user B’s phone is ringing <ul><li>Step 8 : B sends ‘180 Ringing’ back ( to indicate that is has alerted the user ) to the proxy ( based on the top most Via header ) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Proxy 129.119.110.17 Home Comcast School DNS A B 192.168.1.101 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 129.119.110.19 Dst add: 1 29.119.110.17 UDP: Src port: 5060 Dst port: 5060 SIP: 180 Ringing 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain SIP : SIP/2.0 180 Ringing; Via: SIP/2.0/UDP 129.119.110.17:5060;Via: SIP/2.0/UDP 24.15.254.243:5060; Record-Route: <sip:129.119.110.17:5060>; Contact:<sip:prof@129.119.110.17> IP
  18. 18. step 9 - user A’s phone plays a Ring Back Tone ( Sound alert! ) <ul><li>Step 9 : The SIP proxy forwards the ‘180 Ringing’ back to A, ( so based on that A knows it can play now a Ring Back Tone (RBT) to the user ) Note: The NAT doesn’t touch the UDP header. </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Proxy 129.119.110.17 Home Comcast School DNS A B 192.168.1.101 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 129.119.110.17 Dst add: 24 .15.254.243 UDP: Src port: 1039 Dst port: 5060 SIP: 180 Ringing 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain SIP : SIP/2.0 180 Ringing; Via: SIP/2.0/UDP 24.15.254.243:5060; Record-Route: <sip:129.119.110.17:5060>; Contact:<sip:prof@129.119.110.17> IP
  19. 19. step 10 - user B has picked up the phone <ul><li>Step 10 : B sends ‘200 OK’ back ( to indicate that the user has picked up the phone ) to the proxy ( based on the top most Via header ) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Proxy 129.119.110.17 Home Comcast School DNS A B 192.168.1.101 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 129.119.110.19 Dst add: 1 29.119.110.17 UDP: Src port: 5060 Dst port: 5060 SIP: 200 OK 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain SIP : SIP/2.0 200 OK; Via: SIP/2.0/UDP 129.119.110.17:5060 Via: SIP/2.0/UDP 24.15.254.243:5060; Record-Route: <sip:129.119.110.17:5060>; Contact:<sip:prof@129.119.110.19>; SDP : c= IN IP4 129.119.110.19; media port =8386 IP
  20. 20. step 11 - user A’s phone receives an answer indication <ul><li>Step 9 : The SIP proxy forwards the ‘200 OK’ back to A, ( so based on that A knows it can display/sound an answer indication to the user ) Note: The NAT doesn’t touch the UDP header. </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Proxy 129.119.110.17 Home Comcast School DNS A B 192.168.1.101 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 129.119.110.17 Dst add: 24 .15.254.243 UDP: Src port: 1039 Dst port: 5060 SIP: 200 OK 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain SIP : SIP/2.0 200 OK; Via: SIP/2.0/UDP 24.15.254.243:5060; Record-Route: <sip:129.119.110.17:5060>; Contact:<sip:prof@129.119.110.17>; SDP : c= IN IP4 129.119.110.19; media port =8386 IP
  21. 21. step 12 - Completing the SIP signaling handshake (ACK) <ul><li>Step 12 : The Xten SIP client sends an ACK request destined to the SIP proxy (Note: The proxy has Record Routed itself, so now by definition every request got to go via it regardless of the initial configuration) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 24.15.254.243 Dst add: 1 29.119.110.17 UDP: Src port: 5060 Dst port: 5060 SIP: ACK (user B) 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain IP SIP : Request-URI: sip:prof@129.119.110.17; Via: SIP/2.0/UDP 24.15.254.243:5060 Contact:<sip:jeng@24.15.254.243:5060>; Route: sip:129.119.110.17, sip:prof@129.119.110.19
  22. 22. step 13 – Forwarding the ACK to user B <ul><li>Step 13 : The SIP proxy forwards the ACK to endpoint B (Note: this can be done either based on the Route header or based on registry table lookup) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Proxy 129.119.110.17 Home Comcast School DNS A B 192.168.1.101 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 129.119.110.17 Dst add: 1 29.119.110.19 UDP: Src port: 1039 Dst port: 5060 SIP: ACK (user B) 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain SIP : Request-URI: sip:prof@129.119.110.19 ; Via: SIP/2.0/UDP 129.119.110.17:5060 ; Via: SIP/2.0/UDP 24.15.254.243:5060; Route: <sip:prof@129.119.110.19> Contact:<sip:jeng@24.15.254.243:5060>; IP
  23. 23. step 14 - Conversation time (first RTP - “Hello”) ( Sound alert! ) <ul><li>Step 14 : User B says “hello”. SIP client B encapsulates the bits, which represent the user’s voice in G.711 over RTP, and sends it directly to A (i.e. the proxy is not in the media loop) (Note: check out the port numbers below. Compare them with the ones, which were advertised in the SDP payloads!) </li></ul><ul><li>=> Click HERE to play the animation (and look below…) <= </li></ul>Home Comcast School DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router MAC IP: Src add: 129.119.110.19 Dst add: 24.15.254.243 UDP: Src port: 8386 Dst port: 8000 RTP: “Hello” 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain IP
  24. 24. Post mortem – a surprise! <ul><li>Taking the approach of “do not confuse me with the facts…” we cheated a little bit… </li></ul><ul><li>In our Lab experiment the first RTP packet was really sent by B right after step 12. i.e. before receiving the ACK. Commercial SIP clients have a tendency of doing that. The idea is to reduce call setup time. This phenomena is known as “early media”. The draw back is the possibility of running into an embarrassing case when the ‘200 OK’ gets lost, and client A has no way yet to send media back (nor RTCP receiver reports) to B (as the SDP is part of the ‘200 OK’). However in general things seem to work. </li></ul>DNS A B Proxy 192.168.1.101 129.119.110.17 129.119.110.19 192.168.1.1/24.15.254.243 NAT/ Router 68.87.66.196 “ brands.xten.net” 64.69.76.10 Web server Xten.com domain IP “ Please, do not confuse me with the facts…”
  25. 25. Help/about Next Page Prev Page Last Page First Page HELP (In case you haven’t noticed how you got here… :-)) Last Page Viewed Edition: 3.0 ; By: sipknowledge. Web: www.sipknowledge.com Mail: [email_address] return to last page viewed

×