Presentation is loading. Please wait.

Presentation is loading. Please wait.

SDP & RTP & NAT Christian Huitema. What NAT do Map ports –TCP connection –UDP stream (activity) Firewall variants –One port, any peer –One port, any “authorized”

Published bySandra Carter Modified over 9 years ago

Similar presentations

Presentation on theme: "SDP & RTP & NAT Christian Huitema. What NAT do Map ports –TCP connection –UDP stream (activity) Firewall variants –One port, any peer –One port, any “authorized”"— Presentation transcript:

1 SDP & RTP & NAT Christian Huitema

2 What NAT do Map ports –TCP connection –UDP stream (activity) Firewall variants –One port, any peer –One port, any “authorized” peer –One port per peer Two problems –Make NAT “UDP friendly”, –Use random port numbers for RTP, RTCP NAT Node S 10.0.0.1:2345 64.5.6.7:8901 “Real” Internet Natted area

3 Recommendation for NAT: draft-huitema-natreq4udp-00.txt draft-huitema-natreq4udp-00.txt Two mapping variants –Same port / Different port Two firewall variants –Accept / Require “activity” Problem –Different ports make “conferencing” very hard –Firewall makes “call transfer” and “signalling” hard –Not secure anyway… Recommendation –Use same mapping, –Don’t “firewall” the user. Can we publish it, please? NAT Node S 10.0.0.1:2345 64.5.6.7:8901 “Real” Internet Natted area T 64.5.6.7:????

4 Document mapping in SDP: draft-huitema-natreq4udp-00.txt draft-huitema-natreq4udp-00.txt NAT map RTP, RTCP –Oddity ? –Sequencing ? Mapping can be learned –Use “echo server” Proposal: document in SDP –Allow RTP > odd port –“a=rtcp=7654” AVT comment –If deviate oddity, document two ports. Decision –Last call ? NAT Node E 10.0.0.1:3456 10.0.0.1:3457 64.5.6.7:8901 64.5.6.7:7654 “Real” Internet Natted area T

Download ppt "SDP & RTP & NAT Christian Huitema. What NAT do Map ports –TCP connection –UDP stream (activity) Firewall variants –One port, any peer –One port, any “authorized”"

Similar presentations

SIP, Firewalls and NATs Oh My!. www.dynamicsoft.com SIP Summit 2001 5.01.01 SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.

SIP, Firewalls and NATs Oh My!. SIP Summit SIP, Firewalls and NATs, Oh My! Getting SIP Through Firewalls Firewalls Typically.
Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.

Caltech Proprietary Videoconferencing Security in VRVS 3.0 and Future Videoconferencing Security in VRVS 3.0 and Future Kun Wei California Institute of.
Running SIP behind NAT Dr. Christian Stredicke, snom technology AG Tokyo, Japan, Oct 22 th 2002.

Running SIP behind NAT Dr. Christian Stredicke, snom technology AG Tokyo, Japan, Oct 22 th 2002.
NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.

NAT, firewalls and IPv6 Christian Huitema Architect, Windows Networking Microsoft Corporation.
Enabling IPv6 in Corporate Intranet Networks

Enabling IPv6 in Corporate Intranet Networks
1 3gpp_trans / 09/02 / IPv6 Transition Solutions for 3GPP Networks draft-wiljakka-3gpp-ipv6-transition-01.txt Juha Wiljakka, Nokia.

1 3gpp_trans / 09/02 / IPv6 Transition Solutions for 3GPP Networks draft-wiljakka-3gpp-ipv6-transition-01.txt Juha Wiljakka, Nokia.
A Presentation on H.323 Deepak Bote. Email, IM, blog…

A Presentation on H.323 Deepak Bote. , IM, blog…
July 20, 2000H.323/SIP1 Interworking Between SIP/SDP and H.323 Agenda Compare SIP/H.323 Problems in interworking Possible solutions Conclusion Q/A Kundan.

July 20, 2000H.323/SIP1 Interworking Between SIP/SDP and H.323 Agenda Compare SIP/H.323 Problems in interworking Possible solutions Conclusion Q/A Kundan.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 28 Real-Time Traffic over the Internet.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2000 Chapter 28 Real-Time Traffic over the Internet.
29.1 Chapter 29 Multimedia Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

29.1 Chapter 29 Multimedia Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Review of a research paper on Skype

Review of a research paper on Skype
H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.
Wireless Audio Conferencing System (WACS) Mehmet Ali Abbasoğlu Furkan Çimen Aylin Deveci Kübra Gümüş.

Wireless Audio Conferencing System (WACS) Mehmet Ali Abbasoğlu Furkan Çimen Aylin Deveci Kübra Gümüş.
School of Information Technologies Revision NETS3303/3603 Week 13.

School of Information Technologies Revision NETS3303/3603 Week 13.
Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.

Chapter 7 Firewalls. Firewall Definition  A network device that enforces network access control based upon a defined security policy.
Negotiating Unsolicited Connections to a Service Listening Behind a Firewall Ben Stroud CS525 Spring 10.

Negotiating Unsolicited Connections to a Service Listening Behind a Firewall Ben Stroud CS525 Spring 10.
DYSWIS1 Managing (VoIP) Applications – DYSWIS Henning Schulzrinne Dept. of Computer Science Columbia University July 2005.

DYSWIS1 Managing (VoIP) Applications – DYSWIS Henning Schulzrinne Dept. of Computer Science Columbia University July 2005.
ICE Jonathan Rosenberg dynamicsoft. Issue 1: Port Restricted Flow This case does not work well with ICE right now Race condition –Works if message 13.

ICE Jonathan Rosenberg dynamicsoft. Issue 1: Port Restricted Flow This case does not work well with ICE right now Race condition –Works if message 13.
RTSP NAT Traversal Update Magnus Westlund (Ericsson) Thomas Zeng (PVNS, an Alcatel company) IETF-60 MMUSIC WG draft-ietf-mmusic-rtsp-nat-03.txt.

RTSP NAT Traversal Update Magnus Westlund (Ericsson) Thomas Zeng (PVNS, an Alcatel company) IETF-60 MMUSIC WG draft-ietf-mmusic-rtsp-nat-03.txt.

Similar presentations

Ads by Google