"The ALG fixed everything!" -- said nobody, ever. But ALGs are increasingly meddling in TCP streams too. Some of them even do insidious fingerprinting to where switching ports won't throw them. For those pathological cases, TLS is the only solution. On Tue, Dec 17, 2019 at 06:34:43PM -0500, Paul Timmins wrote:
On 12/17/19 6:24 PM, Alex Balashov wrote:
There are many other reasons why SIP messages are getting bigger and bigger, of which STIR/SHAKEN is not the first, second or fifth: other standards, WebRTC interop, more/wideband codecs in SDP bodies, SRTP(-SDES/DTLS), support for other features and standards, etc. So, this problem needs to be dealt with one way or another and is pervasive irrespectively of STIR/SHAKEN.
The solution, of course, is to use SIP over TCP.
-- Alex
Hell, it's worth it for the avoidance of cheap, stupid SIP ALGs* all by itself.
* Is there any other type? For that matter, is there actually someone who went HOT DAMN THANK GOD THIS ROUTER HAS SIP ALG let alone "THANK GOD ITS ON BY DEFAULT WITH THE SWITCH SNAPPED OFF"
_______________________________________________ VoiceOps mailing list VoiceOps at voiceops.org https://puck.nether.net/mailman/listinfo/voiceops
-- Alex Balashov | Principal | Evariste Systems LLC Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/