Google "rfc stun". It explains different types of NAT and how to detect them. Some are friendly to VOIP and some are not...
--- Brian Chee <[EMAIL PROTECTED]> wrote: > We also need to keep in mind that NAT according to > the RFC has been > implemented loosely by many vendors. NAT on the > el'cheapo firewalls is NOT a > full implementation like that in Linux. True NAT > must keep track of state so > that things like VOIP and video conferencing can get > a reply back to their > ack messages when the session is setup. SIP is > especially sensitive to such > things (thusly why Vonage is being eaten alive by > tech support calls) and > why firewall vendors are struggling to do a full > implementation that also > keeps track of state. RTCP used for things like > H.323 video conferencing and > many SIP implementations MUST have a reply back on > session setup or you get > weird things like calls that ring forever on the > caller side, but never ring > answer on the destination. > > NATD (aka masquerading) is supposed to be a fuller > implementation, but so > far results have been mixed. I'm trying to find > enough time to get some > different firewalls built to utilize the VOIP test > gear coming in for my > july IP-PBX shootout for Infoworld...I'm especially > interested in seeing how > well the new versions of NATD work as well as Zebra. > GateD has sold out and > is no longer open source...MITRE corp seems to want > a serious pound of flesh > for what started out opensource. > > So while this wasn't very helpful (sorry), but I did > want to point out that > many folks are considering VOIP and video > conferencing while they mumble > under their breath about NAT...and unless you take > care, you may find both > leaving you feeling unsatisfied.... > > /brian chee > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On > Behalf Of Vince Hoang > Sent: Tuesday, June 01, 2004 9:40 PM > To: Linux/Unix Advocates/Users Hawaiian community > discussion list > Subject: Re: [LUAU] VPN > > On Fri, May 28, 2004 at 08:58:33PM -1000, Randall > Oshita wrote: > > But I was just wondering if port translation is > the same as > > port redirection. Is it safe to say that the nat > daemon does > > port translation as well as address. > > Maybe. I tried natd 5 years ago. It did what I > needed it to do at > the time, but I quickly moved to ipf as soon as I > had the chance. > If you need help with it, contact me offlist. > > > If so then NAT = NAPT. Wonder why lots of ppl use > it in > > different context. > > NAPT? My googling mentions NAPT as a means to > translate IPV4 to IPV6. > > I generally see NAT and masquerading/overloading/PAT > referred to > collectively as NAT. > > -Vince > _______________________________________________ > [email protected] mailing list > http://lists.hosef.org/cgi-bin/mailman/listinfo/luau > > _______________________________________________ > [email protected] mailing list > http://lists.hosef.org/cgi-bin/mailman/listinfo/luau __________________________________ Do you Yahoo!? Friends. Fun. Try the all-new Yahoo! Messenger. http://messenger.yahoo.com/
