Simple Traversal of UDP Through NATs (STUN)
Simple Traversal of User Datagram Protocol (UDP) through Network Address Translators (NATs),
or STUN, is a protocol defined by RFC 3489 that allows a client behind a NAT device to
determine the:
•
presence and types of NATs and firewalls between them and the public Internet
•
public IP addresses allocated to them by the NAT
•
port associations
STUN works with many existing NATs and allows for a wide variety of applications to work
through existing NAT infrastructure.This information helps set up UDP communication
between two hosts that are both behind NAT routers.
NOTE: STUN does not work with a symmetric NAT router.
To determine the type of router you have, see
Router" section on page
14.
You can get open-source STUN software at the following website:
http://www.voip-info.org/wiki-STUN
Use any public STUN server from the link above when configuring SIP > NAT Support
Parameters > STUN Server. See
SIP-NAT Interoperation
The addresses where messages/data are sent to a SPA9x2 system are embedded in the SIP
messages sent by the device. If the SPA9x2 is located behind a NAT device, its private IP address
is not usable for communications with SIP devices outside the private network.
NOTE: A service provider can offer an outbound NAT-Aware proxy, which discovers the public
IP address from the remote endpoint, eliminating the need to modify the SIP message from the
UAC.
To communicate with a specific public peer address/port, the SPA9x2 must substitute the
private address/port with the external IP address/port. The SPA9x2 performs the following:
•
Discovers the NAT mappings used to communicate with the peer.
A STUN server responds to a special NAT-Mapping-Discovery request by sending back a
message to the source IP address/port. The SPA9x2 can send this request when it first tries
to communicate with a SIP device over the Internet. It then stores the mapping discovery
results returned by the server.
•
Communicates the NAT mapping information to the external SIP devices.
•
If the device is a SIP Registrar, the information is carried in the Contact header that
overwrites the private address/port information.
Linksys SPA9x2 Phone Administration Guide
Introducing Linksys SPA9x2 Phones
Simple Traversal of UDP Through NATs (STUN)
"Determining the Type of NAT Used on Your
> "Public STUN Servers" section.
"NAT Support Parameter Notes" section on page
Cisco Confidential--First Draft
53.
13