El Fri, Aug 03 de 2007 a las 20:24 +0500, Rizwan Hisham comentaba: > I'm sure there was a perfectly good reason for encoding the devices IP > address inside the SIP data when they invented it, but right now, I can't > think why > one thing i still dont understnd. if the device we are using is a computer, > and we r running a softphone on it. and side by side we are also surfing the > net. then why is it so that web content is coming into the computer without > any problem but rtp data is not. i think both the web application and > softphone are using computer's local ip address in their requests. So whats > the reason for this?
Simple, web content uses TCP while RTP uses UDP to carry the data. In TCP your computer needs to establish a connection with the remote side before each one can send any data, the device which is doing the NAT realizes that and creates a bridge between your computer's IP/Port and the remote site IP/Port. In the case of SIP/RTP over UDP is different. Your softphone sends the signaling over a UDP port, the remote site receives the data and responses back to the IP/Port it recived it from (the IP/Port of the NATing device), the device which is doing the NAT knows that you have recently send data over that IP/Port and routes it back to you. Thats why SIP signaling can work fine even behind a NAT (nat=yes). RTP flow is also different. Your softphone specify it wants to receive RTP in a IP/Port (private IP/Port), when the remote site wants to send you RTP data it cannot be routed because that address is private, it cannot send the data to the address of the NATing device because the port this device is using for your outgoing RTP is different than the port you specified. So the RTP that is destinated to you gets lost. > > I understand how stun works but thanx for explaining it in so simple and > concise way. > > One other question which has been bothering me is: > If the client phone is behind nat, that means there is NATTING going on > between public internet and local net. Then why do we need stun? NATTING > should handle the problem itself as it does for other applications running > on the same computer where softphone is also running. NATting can, in someway, handle the problem when you originate the call, but it cannot do it when someone wants to reach you later. The SIP header "Contact" is used for this, when someone wants to reach you it uses the address you specified in that header, so it must be a public IP address which you obtained from the STUN server or another mean. _______________________________________________ --Bandwidth and Colocation Provided by http://www.api-digital.com-- asterisk-users mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-users
