Skip to end of metadata
Go to start of metadata

The SBC Core supports SIP peers located behind remote Network Address/Port Translation (NAPT) devices. NAPT is the most common type of Network Address Translation (NAT) The most common is a residential IAD behind a home NAPT device.

NAPT traversal is enabled on an individual IP Trunk Group basis. When configuring NAPT traversal, the Qualified Prefix table (qualifiedPrefix) is defined, which is a set of one or more IP network media and signaling prefixes that an IP address must match to be considered for NAT handling. If no entry is present in qualifiedPrefix table, the endpoint is automatically treated as existing behind a NAT device. As a result, SBC considers requests from all IP addresses to be behind a NAT device.

Two general issues apply to the problem where NAPT devices rewrite IP header addresses and ports for both signaling and media but do not modify embedded addressing information (i.e., NAPT devices exist that are SIP/SDP unaware):

  • The "private" addressing local to the SIP peer is different from the "public" addressing SBC uses to reach the peer through the NAPT device. Consequently, addressing information that SIP peer embeds within signaling messages is insufficient for routing purposes and the SBC needs an alternate means of determining the appropriate destination IP address/port.
  • Pinholes must be open in the NAPT device to exchange signaling and media between the SBC and the SIP peer. Otherwise, any "unsolicited" packets the SBC sends towards the SIP peer are dropped by the NAPT device. The implication for both signaling and media is that the SBC must first receive packets from a SIP peer located behind a NAPT device before it can send packets to such a peer. (See Adaptive NAT Pinhole Timer section below).

Note

The SBC Core does not support NAT traversal for IPv6 calls. Ensure NAT is disabled in pure IPv6 call scenarios.

Refer to Network Hosted NAPT - NAT Traversal for addtional details.

  • No labels