10 • Architecture
[
S N O M
4 S N A T F
I L T E R
]
local data structure representing the user agents. It will make sure
that the connection to the user agents stays alive. It will also make
sure that requests destined to the user agents will be forwarded
properly.
•
The second exception is an SDP attachment. The filter checks if the
user agent needs support (or must be recorded) and, in that case,
will add a local contact to the SDP that can be used for media re-
lay.
•
The third exception occurs when the filter queries a web server for
routing information. In this case, it will send a provisional response
to stop the UAC from repeating messages.
These three exceptions make sure that all user agents will work
behind NAT, no matter what NAT-type or how many NAT-levels are being
used. If user agents support ICE, they will automatically find the shortest
media path to the other party (peer-to-peer).
2.2 NAT
Network Address Translation (NAT) is a reality in today’s networks.
Many operators save IP addresses by providing only one IP address for a
number of devices, sometimes companies. Firewall manufacturers make
NAT a feature by performing inspection of packets that go though NAT.
Even for IPv6 networks, the fundamental problem will remain as there will
also be a need for firewalls and private networks.
The Session Initiation Protocol (SIP) has neglected this problem
in the beginning. However, in some recent RFC there have been useful
proposals on how to deal with the problem. This document shows how the
snom 4S filter can be used to solve the problems.
Although snom also makes user agents, the snom 4S filter works
with most SIP user agents from other companies. The requirements on
these user agents are described below.
If you want to use the filter just for recording purposes, you don’t
need to bother about NAT. The filter also works when no NAT is present.
2.