1. Home
  2. Voice-Over-IP
  3. How do VoIP devices punch holes for RTP?

How do VoIP devices punch holes for RTP?

Hi

I was wondering: How do SIP devices open the ports they need for RTP?

I'm about to send an IP phone to someone who doesn't know much about things computers, so I need to find out if his router can handle SIP/RTP automagically, or if he'll need to map incoming ports to this device.

Is there a way to check this easily? Some special words to look for in the router's documentation ("UPnP?")? Some utility I can run from the outside or that he can download and run on his computer to check if his router will open ports dynamically?

Thank you.

Reply to
Gilles Ganault
Loading thread data ...

Ideally the phones would be put in front of any firewalls or NAT translations. That's how SIP and RTP are meant to be run and doing it any other way is a bit of an uphill battle.

If you do need to run SIP and RTP behind a firewall or NAT box you'll need to read up on "stun" and configure the phones to use one. If things are working correctly stun should take care of opening up any stateful firewall and working around any NAT translations.

formatting link

-wolfgang

Reply to
Wolfgang S. Rupprecht

If your SIP client (or SIP phone) can support STUN protocol, it will be very easy to through NAT with a STUN server.

If you want to run your SIP server on microsoft windows platform, I suggest you to try miniSipServer which is a SIP&STUN server.

If you have a linux computer, it is better to try Asterisk or Brekeke SIP server, they are also very good choices. But they cannot be STUN server at the same time, then you can try 'stun.xten.com' as your STUN server.

Enjoy SIP!

Reply to
Hongtian

Thanks guys for the tip. I though STUN was simply a way for an SIP device in a private LAN to learn its public IP address by connecting out to a STUN server on the Net, but I guess that, when running in STUN mode, an SIP device keeps sending packets out to keep some ports open on the router.

In that case, how can the remote SIP device use those open ports? Is an open UDP port available for use by any remote host, even if it's not the STUN server that was used to open them in the first place?

I'll read up on STUN. Thank you.

Reply to
Gilles Ganault

I believe the STUN hack works as such: Initially both sides talk to the stun server and it relays the packets. After a while the two endpoints try to talk to each other directly using the same ports that they used when talking indirectly via the stun server. The act of the local phone sending a UDP packet out to the remote phone through the local stateful firewall should cause the firewall to create a second opening, this time for the remote phone. Since both sides are doing the same thing, both firewalls should end up having pass rules inserted for packets from both the stun server and for the direct UDP link to the other side. (This is just from my cursory reading, I may have some of the details wrong. Corrections welcome.)

-wolfgang

Reply to
Wolfgang S. Rupprecht

Thanks for the explanation, but most calls are made from two phones that don't use the same STUN server, if at all. In that case, I wonder how the STUN trick works.

I'll see what documentation I can gather about STUN, UPnP and possibly other tricks SIP phones can use to open RTP ports dynamically.

Reply to
Gilles Ganault

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.