On 08/21/2010 02:36 PM, Darren Schreiber wrote:
The one thing that's a bit different about our service is we want to stay out of the media path and, "under the hood", send the customer direct to the carrier for most calls. That's the point of our "router" - it's also a SIP proxy.
Sure, we mostly deploy proxy-based ITSP solutions. I definitely understand the idea here. Unfortunately, for far-end NAT traversal vis-a-vis media streams, it simply doesn't work. You're going to have to relay media for the reason I mentioned. There's no way around it - *unless* you can get *ALL* of your vendors to turn on COMEDIA-style media source port detection on their edge equipment/SBCs. The likelihood of that, in our experience, is virtually zero.
The problem is that, in our tests, our SIP Proxy properly "fixes" NAT packets from phones, but then when they hit the DSL router w/ SIP ALG, it goes and mucks them up again. At which point we've lost control cause the packet is on it's way to the carrier directly. We DO NOT want to proxy or take on media if we can avoid it - this is critical to our design, and probably the fundamental root of our problems :-) I suspect the reality is Packet8 takes on all media so #2 is possible, where-as we must do this at the proxy level BEFORE it leaves the network.
Yep, yep and yep.
I am trying to take an alternative approach and having our router/proxy get smarter. I think we may just start ignoring everything after the @ symbol when re-mapping devices and calls from the outside. I'm otherwise out of ideas for this strategy without constantly turning off SIP ALG...
You don't really have a choice in this area. Trust me, we are in the proxy-based service delivery element business full time. Proxies are all we do. When it comes to solving NAT traversal for media, there is no other way but to take the media. -- Alex Balashov - Principal Evariste Systems LLC 1170 Peachtree Street 12th Floor, Suite 1200 Atlanta, GA 30309 Tel: +1-678-954-0670 Fax: +1-404-961-1892 Web: http://www.evaristesys.com/