snom technology AG • 13
[
S N O M
4 S N A T F
I L T E R
]
devices that have been designed without having NAT in mind. These
devices can register only for a short period of time, so that the REG-
ISTER messages keep the port association open (the SIP messages
are used to keep the port association). Also, these devices need a
NAT-aware media server or other device that forward the RTP pack-
ets of these devices.
•
Symmetrical NAT devices. These devices may be NAT-aware; how-
ever, because they operate behind symmetrical NAT, there is little
that they can do. They essentially behave like non NAT-aware SIP
devices and hope for the support of the proxy.
2.2.6 Probing Media Paths
ICE is a method that has been proposed recently in the IETF [4].
The algorithm is simple: A user agent that supports ICE lists the possible
addresses where it could possibly be reached. These addresses may in-
clude the private address, an address allocated via STUN, one or more
addresses allocated with the TURN protocol or an address allocated with
UPnP. Because in practice it is hard to predict which of these addresses
are visible to the other user agent, all of the possible addresses are pro-
posed to the other user agent.
The other user agent sends test packets to the possible addresses.
Picking the first reply on the test packet will establish a working media
path and it will also probably be the fastest connection. STUN is being
used for these test packets.
2.2.7 The Role of the NAT Filter
When a user agent is not able to allocate a globally routable
address or it is not sure if it found enough possible addresses, the NAT
Filter can help out.
Again, the way the NAT Filter works is simple. For the signalling,
the NAT Filter keeps the NAT alive with bogus messages (which can be SIP
messages or other non-SIP message). It patches the messages in such a
way that other user agents will address the NAT Filter instead of the user
agent when they want to deliver a message. The NAT Filter then forwards
the message to the user agent using the connection which is kept open
with the keep-alive messages.
2.