2011/6/22 Klaus Darilion klaus.mailinglists@pernau.at:
Just a small survey: Are you still using NAT detection checks? I prefer to apply NAT traversal always (never trust the contact header) which of course only works if all the clients are symmetric.
I would like to tell a recent issue I've suffered in my company:
- Kamailio with public IP and optional rtpproxy server. - Two users behind same NAT. - Both users use STUN so announce public IP:ports in headers and SDP. - User A calls to B. - Kamailio does not detect NAT (due to STUN) so doesn't apply rtpproxy, neither when routes the call to user B. - So user A sends RTP to the public IP of its NAT router, same as user B. - In some routers this work, but in this case it does not properly perform NAT port forwarding and there is no audio.
Solutions: 1) Remove STUN from clients (not always feasible). 2) Always use RtpProxy. Easier.
Thus - do you still see asymmetric SIP clients?
Yes, I've seen some Alcatel OXO using asymmetric SIP. A pain if you do "force_rport".
Solution: - Just perform "force_rport" if the client is detected as behind NAT (note that assymetric SIP clients can ***NEVER*** run behind NAT).