RE: [Devil-Linux-discuss] Feature Request: SIP proxy

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

>SIP (one of the two big VoIP communications protocols in use today - =
the
>other being H.323) is not NAT friendly - it embeds client IP address =
and
>port into the data stream, and uses UDP to RECEIVE calls.
>
>There are a couple of options available to address SIP issues:
>o Use of STUN.  STUN is a service run by the REMOTE system that tries =
to
>tell the client if it is behind a NAT firewall, and if so what type.  =
It has
>to be included in the client software to make use of it - and doesn't =
work
>in all cases.
>
>o -IF- the client allows, giving it the firewall's address and telling =
it to
>use that instead of its own IP address (some clients will allow this), =
and
>the use of port forwarding on the firewall to "open a hole" to the =
client
>box.
>
>o The use of a SIP gateway.  In essence, you run a SIP based PBX on the
>firewall that takes the call from the Internet and connects with the
>"extension" (in this case - the client box).
>
>o The use of a SIP proxy.
>
>NOTE:  The netfilter people (aka the IPTables group) has said that
>fixing/changing IPTables to handle SIP is non trivial and would require =
a
>massive rewrite of the IPTables core.  They have indicated that the =
work
>would have to be sponsored by somebody - and nobody has currently =
stepped
>forward with the money.

if i understand correctly, which i don't, i think you have a point.
some way of doing the peer to peer in a NAT environment?