Changes

Jump to: navigation, search

VoIP NAT

725 bytes added, 15:37, 14 November 2020
Add a little more explanation
==How does SIP work?==
 
VoIP using SIP has a control channel, which is used for registering with the VoIP server and for initiating outgoing calls and notification of incoming calls. The VoIP server normally listens on UDP port 5060. When a call is being setup and when the call is active, an additional audio channel is used.
When your VoIP phone places a call, a message is sent on a control channel - this will conventionally be to the VoIP server's IP address on port 5060. When the call is answered, the two ends of the link have a conversation to agree on how to do the audio link (and video link too, if supported). The two ends of the link will agree on audio codecs to use (how the audio will be transmitted), and each end tells the other end where to send the audio packets to. The audio travels on a different channel from the control channel (using Real Time Protocol - RTP), and your VoIP phone will send something like "send your audio to this IP address, I'm listening for RTP on (for example) ports 5008 - 5012". Each end agrees, and you have a successful phone call.
 
When your VoIP phone places a call, a message is sent on a control channel - this will conventionally be to the VoIP server's IP address on port 5060. When the call is answeredbeing setup, the two ends of the link have a conversation to agree on how to do the audio link (and video link too, if supported). The two ends of the link will agree on audio codecs to use (how the audio will be transmitted), and each end tells the other end where to send the audio packets to. The audio travels on a different channel from the control channel (using Real Time Protocol - RTP), and your VoIP phone will send something like "send your audio to this IP address, I'm listening for RTP on (for example) ports 5008 - 5012". Each end agrees, and you have a successful phone call.
 
An incoming call works the same way. It's important to note that the VoIP server will send control messages to your local SIP port,
and your firewall connection tracker may have timed out the control channel if you haven't re-registered recently, or made an outgoing call recently - you either need to provide firewall rules to accept this control channel traffic, or send SIP Keep-Alives every (say) 120 seconds
 
The section below on "Why is SIP a problem" explains how NAT breaks things.
379
edits

Navigation menu