Technical Analysis of NAT Problems with SIP. Kirill Ivanov

Similar documents
Three-Way Calling using the Conferencing-URI

TECHNICAL SUPPORT NOTE. 3-Way Call Conferencing with Broadsoft - TA900 Series

SIP Basics. CSG VoIP Workshop. Dennis Baron January 5, Dennis Baron, January 5, 2005 Page 1. np119

How To Understand The Purpose Of A Sip Aware Firewall/Alg (Sip) With An Alg (Sip) And An Algen (S Ip) (Alg) (Siph) (Network) (Ip) (Lib

AGILE SIP TRUNK IP-PBX Connection Manual (Asterisk)

NAT and Firewall Traversal with STUN / TURN / ICE

SIP ALG - Session Initiated Protocol Applications- Level Gateway

Avaya IP Office 4.0 Customer Configuration Guide SIP Trunking Configuration For Use with Cbeyond s BeyondVoice with SIPconnect Service

VoIP LAB. 陳 懷 恩 博 士 助 理 教 授 兼 所 長 國 立 宜 蘭 大 學 資 訊 工 程 研 究 所 TEL: # 255

Session Initiation Protocol (SIP) 陳 懷 恩 博 士 助 理 教 授 兼 計 算 機 中 心 資 訊 網 路 組 組 長 國 立 宜 蘭 大 學 資 工 系 TEL: # 340

NAT and Firewall Traversal. VoIP and MultiMedia /77

SIP Trunking & Peering Operation Guide

VoIP Fraud Analysis. Simwood esms Limited Tel:

Voice over IP (SIP) Milan Milinković

Storming SIP Security Captions

Formación en Tecnologías Avanzadas

Session Initiation Protocol (SIP)

SIP: Protocol Overview

VoIP Fundamentals. SIP In Depth

Media Gateway Controller RTP

SIP: Session Initiation Protocol. Copyright by Elliot Eichen. All rights reserved.

NAT Traversal in SIP. Baruch Sterman, Ph.D. Chief Scientist David Schwartz Director, Telephony Research

Asterisk with Twilio Elastic SIP Trunking Interconnection Guide using Secure Trunking (SRTP/TLS)

Part II. Prof. Ai-Chun Pang Graduate Institute of Networking and Multimedia, Dept. of Comp. Sci. and Info. Engr., National Taiwan University

EE4607 Session Initiation Protocol

NAT and Firewall Traversal with STUN / TURN / ICE

Technical Communication 1201 Norphonic emergency rugged telephone on Alcatel-Lucent OmniPCX Enterprise

3.1 SESSION INITIATION PROTOCOL (SIP) OVERVIEW

SIP Introduction. Jan Janak

Session Initiation Protocol

Multimedia Communication in the Internet. SIP: Advanced Topics. Dorgham Sisalem, Sven Ehlert Mobile Integrated Services FhG FOKUS

internet technologies and standards

VoIP. What s Voice over IP?

SIP OVER NAT. Pavel Segeč. University of Žilina, Faculty of Management Science and Informatics, Slovak Republic

Request for Comments: August 2006

IP Office 4.2 SIP Trunking Configuration Guide AT&T Flexible Reach and AT&T Flexible Reach with Business in a Box (SM)

SIP for Voice, Video and Instant Messaging

For internal circulation of BSNL only

Multimedia & Protocols in the Internet - Introduction to SIP

Grandstream Networks, Inc. GXP2130/2140/2160 Auto-configuration Plug and Play

Denial of Services on SIP VoIP infrastructures

NTP VoIP Platform: A SIP VoIP Platform and Its Services

Voice over IP Fundamentals

Application Notes for Configuring SIP Trunking between McLeodUSA SIP Trunking Solution and an Avaya IP Office Telephony Solution 1.

Hacking Trust Relationships of SIP Gateways

Adaptation of TURN protocol to SIP protocol

Application Notes for IDT Net2Phone SIP Trunking Service with Avaya IP Office Issue 1.0

Application Note. Firewall Requirements for the Onsight Mobile Collaboration System and Hosted Librestream SIP Service v5.0

How To Send A Connection From A Proxy To A User Agent Server On A Web Browser On A Pc Or Mac Or Ipad (For A Mac) On A Network With A Webmail Web Browser (For Ipad) On An Ipad Or

AGILE SIP TRUNK IP- PBX Connection Manual (Asterisk, Trixbox)

IP Office Technical Tip

Session Initiation Protocol (SIP)

802.11: Mobility Within Same Subnet

Voice over IP & Other Multimedia Protocols. SIP: Session Initiation Protocol. IETF service vision. Advanced Networking

VoIP and NAT/Firewalls: Issues, Traversal Techniques, and a Real-World Solution

NAT Traversal for VoIP

SIP Essentials Training

SIP Trunk 2 IP-PBX User Guide Asterisk. Ver /08/01 Ver /09/17 Ver /10/07 Ver /10/15 Ver1.0.

Interoperability between IPv4 and IPv6 SIP User Agents

NAT Traversal for VoIP. Ai-Chun Pang Graduate Institute of Networking and Multimedia Dept. of Comp. Sci. and Info. Engr. National Taiwan University

Transbox. User Manual

SIP Session Initiation Protocol Nicolas Montavont

Internet Engineering Task Force (IETF) Request for Comments: 7088 Category: Informational February 2014 ISSN:

SIP - QUICK GUIDE SESSION INITIATION PROTOCOL - INTRODUCTION

Session Initiation Protocol and Services

Advanced Networking Voice over IP & Other Multimedia Protocols

SIP Security. ENUM-Tag am 28. September in Frankfurt. Prof. Dr. Andreas Steffen. Agenda.

An Introduction to. Voice over IP Security

Microsoft s Proposal to the SIP Forum. For SIP Trunking Interoperability

Troubleshooting SIP with Cisco Unified Communications

OSSIR, November /45

NTP VoIP Platform: A SIP VoIP Platform and Its Services 1

Application Note. Onsight Connect Network Requirements V6.1

Session Initiation Protocol (SIP) The Emerging System in IP Telephony

How To Configure. VoIP Survival. with. Broadsoft Remote Survival

Handbook: Residential VoIP and IP Centrex Services Maintenance Release 23

Session Initiation Protocol

3GPP TS V8.1.0 ( )

OpenSIPS For Asterisk Users

IP-Telephony SIP & MEGACO

NAT TCP SIP ALG Support

FortiOS Handbook - VoIP Solutions: SIP VERSION 5.2.0

Hacking / Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions / Endler & Collier / Enumerating a VoIP Network

IPv6/IPv4 Translation for SIP Applications- Socket-Layer Translator and SIPv6 Translator

ARCHITECTURES TO SUPPORT PSTN SIP VOIP INTERCONNECTION

SIP Trunking. Service Guide. Learn More: Call us at

TECHNICAL CHALLENGES OF VoIP BYPASS

White paper. SIP An introduction

Telecommunication Services Engineering (TSE) Lab. Chapter V. SIP Technology For Value Added Services (VAS) in NGNs

SIP Session Initiation Protocol

2 ports GSM/VoIP PCI Card. User Manual

An outline of the security threats that face SIP based VoIP and other real-time applications

Enabling Security Features in Firmware DGW v2.0 June 22, 2011

ETSI TS V ( )

Internet Services & Protocols Multimedia Applications, Voice over IP

Voice over IP (VoIP) using the Session Initiation Protocol (SIP) INF Protokoller og ruting i Internett , UiO Lars Strand

Transcription:

Technical Analysis of NAT Problems with SIP Kirill Ivanov ivanovkirillk@gmail.com

The Problem of NAT in SIP Network address translators are common devices that hide private networks behind public IP addresses. In many cases connections can be initiated from the private network to the Internet, but not the other way around, depends on the NAT type. NAT devices can modify IP and UDP/TCP headers but not the SIP and SDP headers.

The Problem of NAT in SIP Types of NAT basic (one-to-one NAT), PAT port address translation (many-to-one, manyto-many) Methods of the port translation Full cone NAT, Address restricted cone NAT, Port restricted cone NAT, Symmetric NAT.

Full Cone NAT

Address restricted cone NAT

Port restricted cone NAT

Laboratory environment

The Problems of NAT in SIP, routing of responses

The Problems of NAT in SIP, routing of responses Alice send Registration request to SIP Server: REGISTER sip:212.83.3.148:5060 SIP/2.0 Via: SIP/2.0/UDP 10.140.48.94:5060;branch=z9hG4bKd8754z-c52fa14af877a425-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2006@10.140.48.94:5060;rinstance=e4a234de6cd5 96d6;transport=udp> To: "2006"<sip:2006@212.83.3.148:5060> From: "2006"<sip:2006@212.83.3.148:5060>;tag=772e63a0 Call-ID: YmU3MGU3OTNmMzEyMjZlMDA5NDViYjZmNzJjOTBmN GY CSeq: 26 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO User-Agent: X-Lite release 4.5 stamp 69607 Content-Length: 0 REGISTER message received by SIP Server contains Alice s private IP address: Internet Protocol, Src: 168.63.109.146 (168.63.109.146), Dst: 10.100.122.40 (10.100.122.40) User Datagram Protocol, Src Port: 1027 (1027), Dst Port: sip (5060) REGISTER sip:212.83.3.148:5060 SIP/2.0 Via: SIP/2.0/UDP 10.140.48.94:5060;branch=z9hG4bKd8754z-e7f52e5994850a39-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2006@10.140.48.94:5060;rinstance=e4a234de6cd5 96d6;transport=udp> To: "2006"<sip:2006@212.83.3.148:5060> From: "2006"<sip:2006@212.83.3.148:5060>;tag=772e63a0 Call-ID: YmU3MGU3OTNmMzEyMjZlMDA5NDViYjZmNzJjOTBmN GY CSeq: 27 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO User-Agent: X-Lite release 4.5 stamp 69607 Content-Length: 0

The Problems of NAT in SIP, routing of responses

The Problems of NAT in SIP, routing of requests

The Problems of NAT in SIP, routing of requests 200 OK Sent by SIP Server to Alice: SIP/2.0 200 OK Via: SIP/2.0/TCP 10.140.48.94:5060;branch=z9hG4bK- d8754z-223f9ac8428096e6-1---d8754z- ;rport;received=168.63.109.146 To: <sip:2004@212.83.3.148:5060>;tag=6d813406-f79e- 4C09-95D4-4AC9536F3DE0-64119 From: "2006"<sip:2006@212.83.3.148:5060>;tag=c708f067 Call-ID: MjVkNTJjZGM5Mjk1OWE1MzI5Yzk2NDdkYTEzZmYxODA CSeq: 1 INVITE Contact: <sip:10.100.122.40:5060;transport=tcp> X-Genesys-CallUUID: UCRB99H5TD1IV7LN97CK5O4K84000030 Allow: INVITE, ACK, PRACK, CANCEL, BYE, UPDATE User-Agent: X-Lite release 4.5 stamp 69607 Session-Expires: 1800;refresher=uas Min-SE: 90 Supported: uui,timer Content-Type: application/sdp Content-Length: 180 200 OK received by Alice, is exactly the same as the one sent by SIP Server: SIP/2.0 200 OK Via: SIP/2.0/TCP 10.140.48.94:5060;branch=z9hG4bK- d8754z-223f9ac8428096e6-1---d8754z- ;rport;received=168.63.109.146 To: <sip:2004@212.83.3.148:5060>;tag=6d813406-f79e- 4C09-95D4-4AC9536F3DE0-64119 From: "2006"<sip:2006@212.83.3.148:5060>;tag=c708f067 Call-ID: MjVkNTJjZGM5Mjk1OWE1MzI5Yzk2NDdkYTEzZmYxODA CSeq: 1 INVITE Contact: <sip:10.100.122.40:5060;transport=tcp> X-Genesys-CallUUID: UCRB99H5TD1IV7LN97CK5O4K84000030 Allow: INVITE, ACK, PRACK, CANCEL, BYE, UPDATE User-Agent: X-Lite release 4.5 stamp 69607 Session-Expires: 1800;refresher=uas Min-SE: 90 Supported: uui,timer Content-Type: application/sdp Content-Length: 180

The Problems of NAT in SIP, routing of requests Alice Azure network SIP Server Bob 10.140.48.94 212.83.3.148 10.100.122.1 10.100.122.40 10.100.122.42 INVITE TCP SYN TRYING DECLINE ACK

RTP NAT traversal problems. Alice Azure network SIP Server Bob 10.140.48.94 212.83.3.148 10.100.122.1 10.100.122.40 10.100.122.42 INVITE INVITE TRYING TRYING OK ACK RINGING OK ACK RTP RTP

INVITE from Alice to SIP Server: RTP NAT traversal problems. INVITE sip:2004@212.83.3.148:5060;transport=tcp SIP/2.0 Via: SIP/2.0/TCP 10.140.48.94:5060;branch=z9hG4bKd8754z-a329ef65b699cb58-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2006@10.140.48.94:5060;transport=tcp> To: <sip:2004@212.83.3.148:5060> From: "2006"<sip:2006@212.83.3.148:5060>;tag=450b0b01 200 OK message from Bob, received by Alice: SIP/2.0 200 OK Via: SIP/2.0/TCP 10.140.48.94:5060;branch=z9hG4bK- d8754z-a329ef65b699cb58-1---d8754z- ;rport;received=168.63.109.146 To: <sip:2004@212.83.3.148:5060>;tag=6d813406-f79e- 4C09-95D4-4AC9536F3DE0-71979 From: "2006"<sip:2006@212.83.3.148:5060>;tag=450b0b01 Call-ID: MWJlMjAwN2I3NjUxNGJkN2UxNTM1YmJhYTk4MmZmMz Y v=0 o=- 13008610867728610 1 IN IP4 10.140.48.94 s=x-lite 4 release 4.5 stamp 69607 c=in IP4 10.140.48.94 t=0 0 m=audio 63564 RTP/AVP 8 0 101 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv v=0 o=- 1363639348 1 IN IP4 10.100.122.42 s=x-lite c=in IP4 10.100.122.42 t=0 0 m=audio 53500 RTP/AVP 8 0 101 a=sendrecv a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15

STUN Session Traversal Utilities for NAT (STUN) is a simple protocol for discovering the serverreflexive address. A STUN server is located in the public Internet The STUN server receives the query and inspects the sender address, which is the server-reflexive address. It sends back a reply containing the server-reflexive address in its payload. The client thus learns its server-reflexive address.

STUN STUN request from Bob to STUN Server Internet Protocol, Src: 10.100.122.42 (10.100.122.42), Dst: 216.93.246.18 (216.93.246.18) User Datagram Protocol, Src Port: sip (5060), Dst Port: stun (3478) Simple Traversal of UDP Through NAT [Response In: 35] Message Type: Binding Request (0x0001) Message Length: 0x0008 Message Transaction ID: 014f4039ec6aba1ebd4d58497c538467 Attributes Binding response from STUN Server to Bob: Frame 103: 134 bytes on wire (1072 bits), 134 bytes captured (1072 bits) Ethernet II, Src: Cisco_5f:c2:b3 (00:09:43:5f:c2:b3), Dst: Vmware_d9:93:c9 (00:0c:29:d9:93:c9) Internet Protocol, Src: 216.93.246.18 (216.93.246.18), Dst: 10.100.122.42 (10.100.122.42) User Datagram Protocol, Src Port: stun (3478), Dst Port: sip (5060) Simple Traversal of UDP Through NAT Attributes Attribute: MAPPED-ADDRESS Attribute Type: MAPPED-ADDRESS (0x0001) Attribute Length: 8 Protocol Family: IPv4 (0x0001) Port: 5060 IP: 212.83.3.148 (212.83.3.148)

STUN Alice Azure network STUN Server SIP Server Bob 10.140.48.94 212.83.3.148 10.100.122.1 10.100.122.40 10.100.122.42 Binding request MAPPED ADDRESS Binding request MAPPED ADDRESS INVITE TRYING INVITE TRYING RINGING OK OK ACK BYE

STUN INVITE sent by Alice contains her mapped address in contact field and in SDP connection information : INVITE sip:2004@212.83.3.148:5060;transport=tcp SIP/2.0 Via: SIP/2.0/TCP 10.140.48.94:48620;branch=z9hG4bK-d8754z- 231f738b18e54326-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2006@168.63.109.146:1024;transport=tcp> To: <sip:2004@212.83.3.148:5060> From: "2006"<sip:2006@212.83.3.148:5060>;tag=afdd27ce Call-ID: YTJhMDUyNzM1OWQwOTJjNWUyZGY5NWJkMWQwNTg2Mjk CSeq: 1 INVITE Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO Content-Type: application/sdp Supported: replaces User-Agent: X-Lite release 4.5 stamp 69607 Content-Length: 212 v=0 o=- 13008628149321836 1 IN IP4 10.140.48.94 s=x-lite 4 release 4.5 stamp 69607 c=in IP4 168.63.109.146 t=0 0 m=audio 1025 RTP/AVP 0 8 101 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv 200 OK Received by Alice, with SIP Server s IP address in Contact field and Bob s mapped address in SDP connection information. SIP/2.0 200 OK Via: SIP/2.0/TCP 10.140.48.94:48620;branch=z9hG4bK-d8754z- 231f738b18e54326-1---d8754z-;rport;received=168.63.109.146 To: <sip:2004@212.83.3.148:5060>;tag=243d7fa4-2878-44b2-a8c6-816a08c3ad3d-20260 From: "2006"<sip:2006@212.83.3.148:5060>;tag=afdd27ce Call-ID: YTJhMDUyNzM1OWQwOTJjNWUyZGY5NWJkMWQwNTg2Mjk CSeq: 1 INVITE Contact: <sip:10.100.122.40:5060;transport=tcp> X-Genesys-CallUUID: P8574M3VIP6550D8COP9ROFAUS000024 Allow: INVITE, ACK, PRACK, CANCEL, BYE, UPDATE User-Agent: X-Lite release 4.5 stamp 69607 Session-Expires: 1800;refresher=uas Min-SE: 90 Supported: uui,timer Content-Type: application/sdp Content-Length: 178 v=0 o=- 1364139415 1 IN IP4 212.83.3.148 s=x-lite c=in IP4 212.83.3.148 t=0 0 m=audio 51230 RTP/AVP 0 8 101 a=sendrecv

TURN To be reachable, a device behind a symmetric NAT needs to initiate and maintain a connection to a relay. Extension to STUN TURN servers located in the Internet A NATed TURN client asks the server to allocate a public address and port and relay packets to and from that address.

TURN Alice Azure network TURN Server SIP Server Bob 10.140.48.94 212.83.3.148 10.100.122.1 10.100.122.40 10.100.122.42 Binding request Binding response Allocate request UDP Binding request Binding response Allocate error response unauthorized Allocate request with authorization Allocate success XOR-RELAYED address INVITE TRYING INVITE TRYING RINGING Allocate request UDP Allocate error response unauthorized Allocate request with authorization Allocate success XOR-RELAYED address Channel bind request Channel bind success Channel Data OK OK Channel bind request Channel bind success Channel Data ACK BYE

TURN STUN server responds with ALLOCATE- SUCCESS message with XOR-RELAYED address and XOR-MAPPED ADDRESS. 66.228.45.110 10.140.48.94 STUN 126 Allocate Success Response XOR-RELAYED-ADDRESS: 66.228.45.110:64455 lifetime: 600 bandwidth: -1 XOR-MAPPED-ADDRESS: 168.63.109.146:1024 Alice sends INVITE message to SIP server with XOR-RELAYED address in connection information in SDP, and XOR-MAPPED address in Contact field. INVITE sip:2004@212.83.3.148:5060;transport=tcp SIP/2.0 Via: SIP/2.0/TCP 10.140.48.94:5060;branch=z9hG4bK-d8754z-0078868e48f0d6e6-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2006@168.63.109.146:1024;transport=tcp> To: <sip:2004@212.83.3.148:5060> From: "2006"<sip:2006@212.83.3.148:5060>;tag=6fd59dff Call-ID: Nzc0MjM3MjNkZDRhNTZjOGQxOTYxZWUyYWViYTY1M2M CSeq: 1 INVITE Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO Content-Type: application/sdp Supported: replaces User-Agent: X-Lite release 4.5 stamp 69607 Content-Length: 212 v=0 o=- 13008798333277188 1 IN IP4 10.140.48.94 s=x-lite 4 release 4.5 stamp 69607 c=in IP4 66.228.45.110 t=0 0 m=audio 64455 RTP/AVP 8 0 101 a=rtpmap:101 telephone-event/8000

200 OK sent by SIP Server SIP/2.0 200 OK Via: SIP/2.0/TCP 10.140.48.94:5060;branch=z9hG4bK-d8754z-0078868e48f0d6e6-1---d8754z- ;rport;received=168.63.109.146 To: <sip:2004@212.83.3.148:5060>;tag=243d7fa4-2878-44b2-a8c6-816a08c3ad3d-57842 From: "2006"<sip:2006@212.83.3.148:5060>;tag=6fd59dff Call-ID: Nzc0MjM3MjNkZDRhNTZjOGQxOTYxZWUyYWViYTY1M2M CSeq: 1 INVITE Contact: <sip:10.100.122.40:5060;transport=tcp> X-Genesys-CallUUID: P8574M3VIP6550D8COP9ROFAUS00004K Allow: INVITE, ACK, PRACK, CANCEL, BYE, UPDATE User-Agent: X-Lite release 4.5 stamp 69607 Session-Expires: 1800;refresher=uas Min-SE: 90 Supported: uui,timer Content-Type: application/sdp Content-Length: 180 v=0 o=- 1364140007 1 IN IP4 66.228.45.110 s=x-lite c=in IP4 66.228.45.110 t=0 0 m=audio 64457 RTP/AVP 8 0 101 a=sendrecv a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 TURN

TURN After receiving 200 OK Alice binds the channel on TURN server by sending Channel bind request 10.140.48.94 66.228.45.110 STUN 242 Channel-Bind Request user: ivanovkirillk@gmail.com realm: viagenie.ca with nonce ChannelNumber=0x6951 XOR-PEER-ADDRESS: 66.228.45.110:64465 On which TURN Server responds with Channel-bind success response 66.228.45.110 10.140.48.94 STUN 86 Channel-Bind Success Response Bob does the same, after this both clients begin to send Channel Data TURN messages, which carry data to TURN server.

ICE ICE includes the multiplicity of IP addresses and ports in SDP offers and answers, which are then tested for connectivity by peer-to-peer connectivity checks. IP addresses and ports are performed using STUN When the client gathers all of its candidates, it orders them in priority order and sends to another client in SDP offer. Receiving such offer another client gathers all of its candidates and includes them in SDP answer. At the end of that process each client has full list of another client s candidates. UN. ICE also uses TURN.

ICE Alice Azure network STUN/TURN Server SIP Server Bob 10.140.48.94 212.83.3.148 10.100.122.1 10.100.122.40 10.100.122.42 Binding request Binding response INVITE TRYING INVITE TRYING Binding request Binding response RINGING Binding request Candidate 1 Binding request Candidate 1 OK OK Binding request Candidate 1 Binding request Candidate 1 ACK BYE

ICE Binding response received by Alice: 66.228.45.110 10.140.48.94 STUN 98 Binding Success Response MAPPED-ADDRESS: 168.63.109.146:1025 XOR-MAPPED-ADDRESS: 168.63.109.146:1025 RESPONSE-ORIGIN: 66.228.45.110:3478 INVITE Sent by Alice to SIP Server contains mapped address in Contact field and in connection information in SDP, also two candidates are presented in SDP INVITE sip:2004@212.83.3.148:5060;transport=tcp SIP/2.0 Via: SIP/2.0/TCP 10.140.48.94:5060;branch=z9hG4bK-d8754z-20516fcbef9ed253-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2006@168.63.109.146:1024;transport=tcp> To: <sip:2004@212.83.3.148:5060> From: "2006"<sip:2006@212.83.3.148:5060>;tag=85e3f975 v=0 o=- 13008949513270678 1 IN IP4 10.140.48.94 s=x-lite 4 release 4.5 stamp 69607 c=in IP4 168.63.109.146 t=0 0 a=ice-ufrag:15746d a=ice-pwd:a33de27fdbd17170dfcb68d9d019bba3 m=audio 1025 RTP/AVP 8 0 101 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv a=rtcp:1026 IN IP4 168.63.109.146 a=candidate:1 1 UDP 659136 10.140.48.94 55864 typ host a=candidate:2 1 UDP 659084 168.63.109.146 1025 typ srflx raddr 10.140.48.94 rport 55864 a=candidate:1 2 UDP 659134 10.140.48.94 55865 typ host a=candidate:2 2 UDP 659082 168.63.109.146 1026 typ srflx raddr 10.140.48.94 rport 55865

ICE Binding response received by Bob 66.228.45.110 10.100.122.42 STUN Binding Success Response MAPPED-ADDRESS: 212.83.3.148:53223 XOR-MAPPED-ADDRESS: 212.83.3.148:53223 RESPONSE-ORIGIN: 66.228.45.110:3478 SIP/2.0 200 OK Via: SIP/2.0/UDP 10.100.122.40:5060;branch=z9hG4bK22365C0B-D009-42F3-A23D-953E78E52C9F-32 Contact: <sip:2004@10.100.122.42:5060> To: <sip:2004@10.100.122.40>;tag=b87ecbd3 From: <sip:2006@212.83.3.148:5060>;tag=243d7fa4-2878-44b2-a8c6-816a08c3ad3d-210516 v=0 o=- 13008949458988158 3 IN IP4 10.100.122.42 s=x-lite 4 release 4.5 stamp 69607 c=in IP4 212.83.3.148 t=0 0 a=ice-ufrag:6bb70c a=ice-pwd:26b02178fe49cf2728e0c262687e1fa2 m=audio 53222 RTP/AVP 8 0 101 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv a=rtcp:53223 IN IP4 212.83.3.148 a=candidate:1 1 UDP 659136 10.100.122.42 53222 typ host a=candidate:2 1 UDP 659084 212.83.3.148 53222 typ srflx raddr 10.100.122.42 rport 53222 a=candidate:1 2 UDP 659134 10.100.122.42 53223 typ host a=candidate:2 2 UDP 659082 212.83.3.148 53223 typ srflx raddr 10.100.122.42 rport 53223

ICE RTP form Alice to Bob is sent on second candidate address: Internet Protocol Version 4, Src: 10.140.48.94 (10.140.48.94), Dst: 212.83.3.148 (212.83.3.148) User Datagram Protocol, Src Port: 55864 (55864), Dst Port: 53222 (53222) Real-Time Transport Protocol RTP form Bob to Alice is sent on second candidate address: Internet Protocol, Src: 10.100.122.42 (10.100.122.42), Dst: 168.63.109.146 (168.63.109.146) User Datagram Protocol, Src Port: 53222 (53222), Dst Port: blackjack (1025) Real-Time Transport Protocol

SBC SIP Client Alice Azure network SIP Server 10.140.X.X ISP Router ISP network SBC Internet Lab router with NAT Private network 10.100.122.40 212.83.3.148 10.100.122.1 SIP Client Bob SIP Client Kirill Laboratory 10.100.122.42 192.168.1.150

SBC Kirill s SIP client sends the REGISTER message with his local IP address in Contact and Via fields: REGISTER sip:212.83.3.148:5060 SIP/2.0 Via: SIP/2.0/UDP 192.168.1.150:5060;branch=z9hG4bKd8754z-eddebc6d10b305bb-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2005@192.168.1.150:5060;rinstance=152ae735a9024e4 d;transport=udp> To: "2005"<sip:2005@212.83.3.148:5060> From: "2005"<sip:2005@212.83.3.148:5060>;tag=56ccd5e3 Call-ID: YmY1NzVhOGU5ZTVhNjFlZTE1NzQ0YmQyODI3YzVlOD CSeq: 1 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO User-Agent: X-Lite release 5.0.0 stamp 67284 Content-Length: 0 Register received by Server, Contact and Via fields were changed to SBC address and port number: REGISTER sip:212.83.3.148:5060 SIP/2.0 Via: SIP/2.0/UDP 91.192.69.33:55052;branch=z9hG4bKd8754z-eddebc6d10b305bb-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2005@91.192.69.33:55052;rinstance=152ae735a9024e 4d;transport=udp> To: "2005"<sip:2005@212.83.3.148:5060> From: "2005"<sip:2005@212.83.3.148:5060>;tag=56ccd5e3 Call-ID: YmY1NzVhOGU5ZTVhNjFlZTE1NzQ0YmQyODI3YzVlODY. CSeq: 1 REGISTER Expires: 3600 Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO User-Agent: X-Lite release 5.0.0 stamp 67284 Content-Length: 0

SBC SIP server send 200 OK to address received in REGISTER s Contact field: SIP/2.0 200 OK Via: SIP/2.0/UDP 91.192.69.33:55052;branch=z9hG4bK- d8754z-eddebc6d10b305bb-1---d8754z- ;rport;received=91.192.69.33 To: "2005"<sip:2005@212.83.3.148:5060>;tag=6D813406- F79E-4C09-95D4-4AC9536F3DE0-34515 From: "2005"<sip:2005@212.83.3.148:5060>;tag=56ccd5e3 Call-ID: YmY1NzVhOGU5ZTVhNjFlZTE1NzQ0YmQyODI3YzVlODY. CSeq: 1 REGISTER Expires: 1800 Contact: <sip:2005@91.192.69.33:55052;rinstance=152ae735a9024e4 d;transport=udp>;expires=1800 Content-Length: 0 Here is 200 OK received by Kirill s UA, Via and Contact addresses have been changed again. SIP/2.0 200 OK Via: SIP/2.0/UDP 192.168.1.150:5060;branch=z9hG4bK- d8754z-eddebc6d10b305bb-1---d8754z- ;rport;received=192.168.0.100 To: "2005"<sip:2005@212.83.3.148:5060>;tag=6D813406- F79E-4C09-95D4-4AC9536F3DE0-34515 From: "2005"<sip:2005@212.83.3.148:5060>;tag=56ccd5e3 Call-ID: YmY1NzVhOGU5ZTVhNjFlZTE1NzQ0YmQyODI3YzVlODY. CSeq: 1 REGISTER Expires: 1800 Contact: <sip:2005@192.168.1.150:5060;rinstance=152ae735a9024e 4d;transport=udp>;expires=1800 Content-Length: 0 R1#sh ip nat translations Pro Inside global Inside local Outside local Outside global udp 212.83.3.148:5060 10.100.122.40:5060 91.192.69.33:55052 91.192.69.33:55052

SBC 192.168.1.150 212.83.3.148 10.100.122.1 10.100.122.40 10.100.122.42 INVITE INVITE TRYING RINGING OK ACK BYE OK RINGING OK ACK BYE OK

SBC Here is the INVITE message sent by Kirill with private addresses in Via, Contact and the connection information fields. INVITE sip:2004@212.83.3.148:5060;transport=udp SIP/2.0 Via: SIP/2.0/UDP 192.168.1.150:50562;branch=z9hG4bKd8754z-aa1929cdfbff5eb6-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2005@192.168.1.150:50562;transport=udp> To: <sip:2004@212.83.3.148:5060> From: "2005"<sip:2005@212.83.3.148:5060>;tag=7da9659d Call-ID: NzNhYWFjNjIzMzQ0OTg0ZGZkNDU5OWNkNTI1MDhhNTE CSeq: 1 INVITE Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO Content-Type: application/sdp Supported: replaces User-Agent: X-Lite release 4.5 stamp 69607 Content-Length: 213 v=0 o=- 13009114438954403 1 IN IP4 192.168.1.150 s=x-lite 4 release 4.5 stamp 69607 c=in IP4 192.168.1.150 t=0 0 m=audio 53804 RTP/AVP 0 8 101 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv And here is an INVITE received by SIP Server: INVITE sip:2004@212.83.3.148:5060;transport=udp SIP/2.0 Via: SIP/2.0/UDP 91.192.69.33:50562;branch=z9hG4bKd8754z-aa1929cdfbff5eb6-1---d8754z-;rport Max-Forwards: 70 Contact: <sip:2005@91.192.69.33:50562;transport=udp> To: <sip:2004@212.83.3.148:5060> From: "2005"<sip:2005@212.83.3.148:5060>;tag=7da9659d Call-ID: NzNhYWFjNjIzMzQ0OTg0ZGZkNDU5OWNkNTI1MDhhNTE CSeq: 1 INVITE Allow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, NOTIFY, MESSAGE, SUBSCRIBE, INFO Content-Type: application/sdp Supported: replaces User-Agent: X-Lite release 4.5 stamp 69607 Content-Length: 211 v=0 o=- 13009114438954403 1 IN IP4 91.192.69.33 s=x-lite 4 release 4.5 stamp 69607 c=in IP4 91.192.69.33 t=0 0 m=audio 53804 RTP/AVP 0 8 101 a=rtpmap:101 telephone-event/8000 a=fmtp:101 0-15 a=sendrecv

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information