ietf
[Top] [All Lists]

Re: Number of Firewall/NAT Users

2001-01-20 21:20:03
There are two somewhat separable issues:

- Unless you only want to make outbound calls, SIP user agents have to
be "servers" as well as "clients". Without per-application hacks, NATs
don't work with inbound connections, so SIP gets bitten by that. (There
are kludges around that, such as a permanent connection to an
outside-the-NAT box that serves as the point of contact.) This is an
example of the general problem of the NAT worldview that users behind
NATs only run clients.

- Real-time media applications use UDP, but without being a
request-response protocol. Without an ALG, NATs don't work here. (One
should be somewhat careful to distinguish streaming and real-time media
applications, as their requirements and protocol useage differ.)

Valdis(_dot_)Kletnieks(_at_)vt(_dot_)edu wrote:

On Sat, 20 Jan 2001 21:32:35 EST, Richard Shockey said:
The Net as we know is has always been application driven. SMTP, HTTP, FTP
etc. These applications can transverse NAT's but real forms of streaming
media cannot.

OK.. I'll admit that streaming stuff isn't my strong point, and I'm down with
the flu to boot, so my clue level is pretty low here.. but...

Is it SIP that cannot work across a NAT, or is there a generic reason that
*no* streaming-media protocol can work across a NAT?

                                Valdis Kletnieks
                                Operating Systems Analyst
                                Virginia Tech

-
This message was passed through ietf+censored(_at_)alvestrand(_dot_)no, which
is a sublist of ietf(_at_)ietf(_dot_)org(_dot_) Not all messages are passed.
Decisions on what to pass are made solely by Harald Alvestrand.



<Prev in Thread] Current Thread [Next in Thread>