Dialogic Support Helpweb
Dialogic® Host Media Processing (HMP) Software
Traversing HMP calls through NATs and Firewalls
Symptom
One of the stumbling blocks to widespread VoIP deployments is the firewall and / or NAT that is usually deployed between the caller and the called party. In most cases, there can be multiple firewalls or NATs between the caller and the Dialogic based VoIP application. NATs (or Network Address Translators) are needed due to limitation of available IP addresses in IP Version 4 ; NATs also provide the mechanism for a number of computers to share 1 actual IP address on the internet. .
Fix / Solution
The open source project OpenSER provides a mechanism to successfully traverse the many NAT implementations, and can be configured to work with most of the commonly used firewalls as well.
OpenSER is an SIP server that provides a number of communications functions ranging from accounting and authentication to SIP registrar and IM presence server. Client endpoints, including Dialogic® applications, register with OpenSER when they start up. For Dialogic applications, the gc_util_insert_parm_ref, gc_util_insert_parm_val and gc_ReqService APIs are used to register the application. Information related to the client is cached by the OpenSER when the client registers. This information includes the network port and the public IP address on which the registration for the client arrived. A client’s SIP invite is sent to the OpenSER server much like any registrar. Unlike other registrars, however, OpenSER has a table of information related to contacting the called party and uses this information to pass the SIP signaling between the calling and called parties.
As part of the signaling process, SIP send and receive ports are negotiated. OpenSER maintains a table of these media ports for sessions between clients. To complete the end-to-end mapping for any call, OpenSER must receive media packets from both the caller and the called party. Once mapped, all media between the two parties traverses the OpenSER server, which applies an additional network header to the packet. This additional header provides the information needed to direct the media packet to the called or calling endpoint located behind the NAT.
OpenSER runs on Linux® and Unix® operating systems and is meant to deployed in the DMZ (demilitarized zone) or public internet. The OpenSER application runs as a Demon (the equivalent of a Microsoft Windows System Service) and, as such, will start and stop with the operating system. OpenSER is configured via a configuration script which loads the various modules requested. The configuration script is much like other script based languages and defines the logic for handling the signaling and media packets received. The modules needed for NAT and Firewall traversal are the Nathelper, MediaProxy and the Registrar modules. It is also a advisable to load the xlog module to take advantage of the advanced logging it provides.
Dialogic® Product List
HMP = Dialogic® Host Media Processing Software
Glossary of Acronyms / Terms
HMP = Host Media Processing Software
SIP = Session Initiation Protocol
VoIP = Voice over IP/Voice over Internet Protocol
Related Documentation
http://openser.org/
© 2007 Dialogic Corporation. All rights reserved. Dialogic is a registered trademarks of Dialogic Corporation (“Dialogic”). Dialogic's trademarks may be used publicly only with permission from Dialogic. The names of actual companies and products mentioned herein are the trademarks of their respective owners.
Dialogic encourages all users of its products to procure all necessary intellectual property licenses required to implement their concepts or applications, which licenses may vary from country to country. No licenses or warranties of any kind are provided under this document. Dialogic may make changes to specifications, product descriptions, and plans at any time, without notice.
