User's Manual 170 Document #: LTRT-89730
Mediant 3000
located behind NAT, the device sends the RTP with the IP address of the UA (i.e., private
IP address) as the destination, instead of that of the NAT server. Thus, the RTP will not
reach the UA. To resolve this NAT traversal problem, the device offers the following
features:
First Incoming Packet Mechanism - see ''First Incoming Packet Mechanism'' on page
170
RTP No-Op packets according to the avt-rtp-noop draft - see ''No-Op Packets'' on
page
171
The figure below illustrates a typical network architecture where the remote UA is located
behind NAT:
Figure 13-12: Remote UA behind NAT
13.9.2.2.1 First Incoming Packet Mechanism
In scenarios where the remote user agent (UA) resides behind a NAT server, it’s possible
that the device, if not configured for NAT traversal, will send the media (RTP, RTCP and
T.38) streams to an invalid IP address / UDP port (i.e., private IP address:port of UA and
not the public address). When the UA is located behind a NAT, although the UA sends its
private IP address:port in the original SIP message (INVITE), the device receives the
subsequent media packets with a source address of a public IP address:port (i.e., allocated
by the NAT server). Therefore, to ensure that the media reaches the UA, the device must
send it to the public address.
The device identifies whether the UA is located behind NAT, by comparing the source IP
address of the first received media packet, with the IP address and UDP port of the first
received SIP message (INVITE) when the SIP session was started. This is done for each
media type--RTP, RTCP and T.38--and therefore, they can have different destination IP
addresses and UDP ports than one another.
The EnableIpAddrTranslation and EnableUdpPortTranslation parameters specify the type
of compare operation that occurs on the first incoming packet. To compare only the IP
address, set EnableIpAddrTranslation to 1 and EnableUdpPortTranslation to 0. In this
case, if the first incoming packet arrives with only a difference in the UDP port, the sending
addresses won’t change. If both the IP address and UDP port need to be compared, then
both parameters need to be set to 1.
You can configure the device's NAT feature to operate in one of the following modes:
Auto-Detect: NAT is performed only if necessary. If the UA is identified as being
located behind NAT, the device sends the media packets to the public IP address:port
obtained from the source address of the first media packet received from the UA.
Otherwise, the packets are sent using the IP address:port obtained from the first
received SIP message. Note also that if the SIP session is established (ACK) and the
device (not the UA) sends the first packet, it sends it to the address obtained from the
SIP message and only after the device receives the first packet from the UA, does it
determine whether the UA is behind NAT.
NAT Is Not Used: (Default) NAT feature is disabled. The device considers the UA as
not located behind NAT and always sends the media packets to the UA using the IP