2003/12/5 Jinsong <jinsong_hu(a)hotmail.com>om>:
Hi, There:
I have been wondering that , if client/phone has stun support, does kamailio still needs
to support NAT/rtpproxy ?
in theory, when the client has stun support, it can find out its own public address and
port, and from kamailio's point of view,
it just looks like the client is in the public internet. so kamailio should have no need
to do NAT/rtpproxy. without NAT/rtpproxy,
the bandwidth requirement on the kamailio is drastically cut down, because kamailio only
needs to handle signal.
What I am not sure is , for the clients with sip support, will it constantly send out
requests, say, every 2 minutes,
so the firewall won't expire the mapping of private/public address and port on the
firewall itself. in case the client
doesn't send out requests constantly, then the mapping may expire and that may
present a problem. in that case,
if we let kamailio send out OPTIONS every 1 minute to the client, then the mapping can be
kept alive. if that is true,
then we will still don't need rtpproxy, thus saving bandwidth on the server and
scales much better.
Is that I described true ?
As you said, a client supporting STUN behaves as a client with public
IP. In fact, a proxy *cannot* differenciate between a client with real
public address and other client doing STUN.
However, note that STUN doesn't work behind symmetric NAT routers. The
client detects this kind of NAT when performing the initial STUN test.
Also, a client doing STUN already knows that it is behind NAT so it
mantains open the UDP "connection" by sending keepalives (OPTIONS
i.e.).
--
Iñaki Baz Castillo
<ibc(a)aliax.net>