Re: [Asterisk-Users] A solution for SIP and NAT

Wed, 02 Jul 2003 06:20:10 -0700

Instead of this make notes of some of the faults in SIP that cause you problems and start working towards SIP/2.1 or SIP/3.0. Just because you weren't one of the people involved in designing the existing protocol doesn't mean you can't work to change it.

SIP 2.0 has some unbeleivably braindead concepts in it. It is so loose that you can find one peice of info in half a dozen places in a SIP packet. It has no tightly defined structure and has no concept of how to work in a real-world network. Security wasn't truly even an afterthought which in the modern Internet environment is disgraceful and then there are the reasons you've given below.

This should not mean we just kludge everything together. A lot of stuff can be tidied up significantly and at least some of it can be thrown out. As such we should be working towards getting a new draft out that doesn't mean throwing out existing infrastructure but does allow for SIP/VoIP to move forward on the Internet not just corporate intranets.

Of course getting IAX accepted as an Internet draft and moving everyone on it would probably be easier than fixing SIP :-) but you fight the (small) battles you can win. Sorry if this sounds like a rant.

Regards,

Andrew Radke

Michael Kane wrote:

At the end of the day we all probably can get SIP and NAT to work together
if we spend  TIME configuring our NAT boxes and SIP devices to negotiate the
traversal of a NAT.  In the end result, the WAN IP must be is correctly
added to the contact table(sipd) or location table(SER), allowing the proxy
to route a call destined for that UA.  Now, my delima as a service provider,
is how do I document this for every SIP device out there where my mother can
purchase a UA device, plug it in, and start placing calls without putting on
a poodle suit and jump through flaming hoops.  That's why(for me) it becomes
an operational nightmare, not only to document vendor configs(if they
support NAT traversal), but, then support the end user on how to config
their devices.  That why I have looked into(implemented) such technologies
like STUN and probably will be forced to purchase a SIP aware firewall that
will spoof and re-arrange SIP messages destined for my proxy server.



Michael Kane
To-Talk Communications LLC.
37 Sandusky Dr.
Wareham, Ma. 02571
www.to-talk.com
508-295-2826


_______________________________________________
Asterisk-Users mailing list
[EMAIL PROTECTED]
http://lists.digium.com/mailman/listinfo/asterisk-users

Reply via email to