Send VoiceOps mailing list submissions to
[email protected]
To subscribe or unsubscribe via the World Wide Web, visit
https://puck.nether.net/mailman/listinfo/voiceops
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of VoiceOps digest..."
Today's Topics:
1. Re: What does an ALG actually do? (Richard Barnes)
2. Re: What does an ALG actually do? (Moises Silva)
3. Re: What does an ALG actually do? (Jay Hennigan)
4. Re: What does an ALG actually do? (Mark Holloway)
5. Re: What does an ALG actually do? (Tim Bray)
----------------------------------------------------------------------
Message: 1
Date: Wed, 27 Feb 2013 17:43:02 -0500
From: Richard Barnes <[email protected]>
To: John Levine <[email protected]>
Cc: "[email protected]" <[email protected]>
Subject: Re: [VoiceOps] What does an ALG actually do?
Message-ID:
<CACB24MuGXf6wqxtQUvtAmf4MZqcGXK+PtYDU8Ym08xd=ijg...@mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"
If you look for "SBC" or "B2BUA" as synonyms for "SIP ALG", I expect you'll
find lots of thing people think they're good for.
On Wednesday, February 27, 2013, John Levine wrote:
> I realize that an ALG is a hack in a router that is supposed to allow
> SIP packets to go through a NAT router. I also realize that for
> modern SIP equipment, ALG usually causes more problems than it solves,
> and that it's described in RFCs 2663, 3424, and others.
>
> What I can't find anywhere is what a SIP ALG actually does to the
> packets. Is that written down anywhere, or is it just network
> folklore?
>
> _______________________________________________
> VoiceOps mailing list
> [email protected] <javascript:;>
> https://puck.nether.net/mailman/listinfo/voiceops
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://puck.nether.net/pipermail/voiceops/attachments/20130227/893f1c0a/attachment-0001.html>
------------------------------
Message: 2
Date: Wed, 27 Feb 2013 17:44:30 -0500
From: Moises Silva <[email protected]>
To: John Levine <[email protected]>
Cc: "[email protected]" <[email protected]>
Subject: Re: [VoiceOps] What does an ALG actually do?
Message-ID:
<caa4nhybzk9j0nfdzx482zfe+xwws5vat33or3hcg7wpy8wk...@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
On Wed, Feb 27, 2013 at 4:33 PM, John Levine <[email protected]> wrote:
> I realize that an ALG is a hack in a router that is supposed to allow
> SIP packets to go through a NAT router. I also realize that for
> modern SIP equipment, ALG usually causes more problems than it solves,
> and that it's described in RFCs 2663, 3424, and others.
>
> What I can't find anywhere is what a SIP ALG actually does to the
> packets. Is that written down anywhere, or is it just network
> folklore?
>
>
I am unaware if there is any RFC stating exactly what a SIP ALG should do.
Most likely, just like with SBCs it is a term that can mean different
things to different people and there is not a "spec" to follow (although
for SBCs there is RFC 5853 which has very general guide lines), but rather
some general functionality that is expected from it.
>From what I remember the Linux kernel for example has some SIP ALG
functionality (which probably breaks more things than it fixes) which will
modify the SDP to "fix" the IP addresses for the media streams, patching
the IP when you're behind NAT (and using the public IP in the SDP), you can
expect other routers (some incidentally based on Linux) to perform similar
tricks.
I've never met someone who has good things to say about SIP ALGs :)
*Moises Silva
**Manager, Software Engineering***
[email protected]
Sangoma Technologies
100 Renfrew Drive, Suite 100, Markham, ON L3R 9R6 Canada
t. +1 800 388 2475 (N. America)
t. +1 905 474 1990 x128
f. +1 905 474 9223
**<http://www.sangoma.com/contact?utm_source=signature&utm_medium=email&utm_campaign=email+signatures>
Products<http://sangoma.com/products?utm_source=signature&utm_medium=email&utm_campaign=email%2Bsignatures>
|
Solutions<http://sangoma.com/solutions?utm_source=signature&utm_medium=email&utm_campaign=email%2Bsignatures>
|
Events<http://sangoma.com/about_us/events?utm_source=signature&utm_medium=email&utm_campaign=email%2Bsignatures>
|
Contact<http://www.sangoma.com/contact?utm_source=signature&utm_medium=email&utm_campaign=email%2Bsignatures>
|
Wiki<http://wiki.sangoma.com/?utm_source=signature&utm_medium=email&utm_campaign=email%2Bsignatures>
|
Facebook<http://www.facebook.com/pages/Sangoma-VoIP-Cards/43578453335?utm_source=signature&utm_medium=email&utm_campaign=email%2Bsignatures>
|
Twitter<http://www.twitter.com/sangoma?utm_source=signature&utm_medium=email&utm_campaign=email%2Bsignatures>`|
|
YouTube<http://www.youtube.com/sangomatechnologies?utm_source=signature&utm_medium=email&utm_campaign=email%2Bsignatures>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://puck.nether.net/pipermail/voiceops/attachments/20130227/159fe35a/attachment-0001.html>
------------------------------
Message: 3
Date: Wed, 27 Feb 2013 14:48:40 -0800
From: Jay Hennigan <[email protected]>
To: [email protected]
Subject: Re: [VoiceOps] What does an ALG actually do?
Message-ID: <[email protected]>
Content-Type: text/plain; charset=ISO-8859-1
On 2/27/13 1:33 PM, John Levine wrote:
> I realize that an ALG is a hack in a router that is supposed to allow
> SIP packets to go through a NAT router. I also realize that for
> modern SIP equipment, ALG usually causes more problems than it solves,
> and that it's described in RFCs 2663, 3424, and others.
>
> What I can't find anywhere is what a SIP ALG actually does to the
> packets. Is that written down anywhere, or is it just network
> folklore?
A lot of this depends on what the ALG vendor is selling, but it
typically functions like a stateful packet inspection firewall for SIP.
To make it more interesting, different vendors use their own
proprietary terms to describe similar or identical functions making
apples-to-apples comparisons challenging.
Some ALG functions (not every ALG does all of these):
* NAT including fixup of source IP address embedded in payload.
* SIP proxy, B2BUA or some combination.
* Registration pacing
* Other header manipulation (which can break things that aren't broken
as well as fix things that are).
* Various flavors of QoS.
* Various flavors of survivability including PSTN backup.
--
Jay Hennigan - CCIE #7880 - Network Engineering - [email protected]
Impulse Internet Service - http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV
------------------------------
Message: 4
Date: Wed, 27 Feb 2013 20:46:48 -0500
From: Mark Holloway <[email protected]>
To: John Levine <[email protected]>
Cc: [email protected]
Subject: Re: [VoiceOps] What does an ALG actually do?
Message-ID: <[email protected]>
Content-Type: text/plain; charset=us-ascii
Most ALG's cause one way audio. :)
If you don't mind filling out a form there is a good doc from Acme Packet
comparing SBC's to ALG's.
http://lphs.acmepacket.com/comparing-sbcs-to-firewalls/
On Feb 27, 2013, at 4:33 PM, John Levine <[email protected]> wrote:
> I realize that an ALG is a hack in a router that is supposed to allow
> SIP packets to go through a NAT router. I also realize that for
> modern SIP equipment, ALG usually causes more problems than it solves,
> and that it's described in RFCs 2663, 3424, and others.
>
> What I can't find anywhere is what a SIP ALG actually does to the
> packets. Is that written down anywhere, or is it just network
> folklore?
>
> _______________________________________________
> VoiceOps mailing list
> [email protected]
> https://puck.nether.net/mailman/listinfo/voiceops
------------------------------
Message: 5
Date: Thu, 28 Feb 2013 11:44:56 +0000
From: Tim Bray <[email protected]>
To: [email protected]
Subject: Re: [VoiceOps] What does an ALG actually do?
Message-ID: <[email protected]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
On 27/02/13 21:33, John Levine wrote:
> I realize that an ALG is a hack in a router that is supposed to allow
> SIP packets to go through a NAT router. I also realize that for
> modern SIP equipment, ALG usually causes more problems than it solves,
> and that it's described in RFCs 2663, 3424, and others.
>
> What I can't find anywhere is what a SIP ALG actually does to the
> packets. Is that written down anywhere, or is it just network
> folklore?
>
The simple answer is `break stuff`.
The marketing answer is `Sip is the next big thing, and we want to say
we are "SIP READY" so we put an ALG in`.
Technically.
The OKish ALGs are passive and sniff the ports for Qos etc.
Most NAT passing ones just search and replace the IP addresses in the
SIP and SDP. Mainly though, I've seen them swap one IP, but not the
other. Or misread the port number. Very basic search and replace
rather than properly parsing the messages. Bad idea.
--
Tim Bray
[email protected] | +44 7966 479015 | http://www.kooky.org
Huddersfield, UK
------------------------------
_______________________________________________
VoiceOps mailing list
[email protected]
https://puck.nether.net/mailman/listinfo/voiceops
End of VoiceOps Digest, Vol 44, Issue 22
****************************************
