We have seen how NAT/firewalls present a
challenge to VoIP call completion. As we saw in Figure 1,
there are many different kinds of NATs/firewalls in use,
each which may be setup differently, making VoIP calls
difficult to complete.
A typical solution to the problem described
above is that a VoIP application will require a range of
specific port numbers to be left open in the firewall. This
approach introduces a severe security risk because an
intruder, with knowledge of these open ports, can create
malicious software to take advantage of the fact that the
firewall is letting traffic in through the open ports.
Leaving ports open defeats the reason for installing a
firewall in the first place.
Another problem with opening ports is that
manual configuration is required by end-users or network
administrators. Home users often lack the necessary
technical knowledge to correctly make this adjustment, or
may even be unable to do so if their ISP controls their
firewall product, as is the case with certain cable and DSL
service providers. For internal users, their network
administrator may also be unable, or more likely unwilling,
to open the required ports that the VoIP application needs
to function correctly. Either way, users are required to
take extra steps to enable end user communications and, more
often than not, will give up in frustration. Some key
features that are expected from a NAT traversal solution
include:
-
Guaranteed call completion with
maximized peer-to-peer calls: The solution must
ensure 100% call completion rate between users,
regardless of the NAT/firewall types used. Moreover, it
needs to maximize peer-to-peer calls in order to reduce
load on relay servers.
-
Security: The NAT traversal
solution must not compromise the security settings of
the NAT/firewall.
-
Ease of integration with existing
products or services: It is vital for the NAT
traversal solution to be easily integrated with existing
VoIP products or services, with minimal amount of work
and time.
-
Standard compliance and
interoperability: The solution must interoperate
with equipment from different vendors. Therefore, the
solution must be based on some standards to ensure
successful communication between devices with different
settings.
-
Service scalability: The solution
needs to be scalable so that it can be used independent
of the number of participants.
-
Optimized call completion time:
The solution needs to make sure that the calls are
established in a reasonable amount of time.
