Parkin, Tyler wrote:
Has anybody used the STUN functionality of the Acme SD? I posed the following questions to our SE and engineer, but if anybody has actual experience with it I?d be curious to know how it works.
-Does it work? J
-Re: performance, is STUN less costly than a very short registration refresh rate (<30 seconds)? Some impact on performance of a fully loaded SD 4000 would be appreciated.
-Is it a better solution than their hosted NAT traversal?
No, you'd be better off doing far-end NAT traversal on the Acme. You don't necessarily need to use frequent re-registrations for this if you think that it taxes the registrar; the Acme can, as most SIP network elements, send periodic OPTIONS pings to peers to determine if they're reachable, which also has the side effect of renewing the expiration timer on NAT gateways' state mappings for the UDP pinholes created by the registration and/or other activity. STUN is a giant science project, unless you have tight control over the CPE that the customers will use and it is very simple to provision it for STUN. Far-end NAT traversal, on the other hand, will work with almost anything. It is almost certain that the Acme can also do draft-comedia style media port detection[1], which is also necessary for far-end NAT traversal. Don't know about the performance metrics, but the ease of configurability and standardisation argument points solidly in favour of not using STUN, IMHO. STUN is not a common approach to this problem anymore for most service providers - at least, in my experience. I don't think most of my ITSP customers even remember what STUN is anymore. -- Alex [1] This is where the RTP port advertised in the SDP body received from the NAT'd endpoint is ignored, and the media relay agent instead waits to see what the *actual* source port of incoming media is before sending any of it sown, because that's where media needs to be sent in order to reach the endpoint. The SDP body will advertise the local source port (if the endpoint does symmetric RTP, which is generally the case), but the NAT gateway will remap it to some other port on the external interface. -- Alex Balashov - Principal Evariste Systems Web : http://www.evaristesys.com/ Tel : (+1) (678) 954-0670 Direct : (+1) (678) 954-0671