NAT Traversal
 White Paper

SIP NAT Traversal
NAT Traversal using STUN, TURN and ICE

Solving the NAT Traversal Problem

To solve the NAT traversal problem, the industry has attempted a few solutions:

  1. Application Level Gateway (ALG): An ALG acts as a protocol-aware firewall, monitoring traffic and permitting traffic flows for specific applications. This solution, however, does not ensure security or authenticity, and is difficult to deploy.

  2. Session Border Controller (SBC): An SBC addresses some of the problems that ALGs fail to resolve. However, this solution is not scalable for large numbers of concurrent calls. Moreover, it introduces additional delay and packet loss with the ultimate consequence of inferior end-user experience. Since SBCs use proprietary methods for NAT traversal, they do not work with SBCs from other vendors and/or third party solutions.

  3. IETF STUN, TURN and ICE: The IETF (Internet Engineering Task Force) has devised a suite of protocols, namely STUN (Session Traversal Using NAT) [1], TURN (Traversal Using Relay NAT) [2], and ICE (Interactive Connectivity Establishment) [3], to address the limitations of the currently available NAT traversal solutions. STUN lets the applications discover the public IP address and port mappings that the applications can use to communicate with its peer. TURN, on the other hand, allocates a public IP/port on a globally reachable server and uses it to relay media between communicating parties. ICE is a framework that defines how to use the STUN and TURN protocols to solve the NAT traversal problem, by choosing the best possible interconnection method between two users. Since ICE incorporates STUN and TURN methods, sometimes ICE is also used to refer to the complete STUN, TURN, and ICE solution.

Although ICE is still an Internet draft, and not yet standardized, it has already received widespread support and adoption. Leading vendors including Microsoft, Cisco, Nortel, Lucent Alcatel, Huawei, Avaya, Juniper, Tanberg, Tekelec, Nokia, and Sony Ericsson have adopted ICE for NAT traversal. CableLabs, the technology consortium of cable system operators who are also the largest VoIP operators in USA, has also incorporated ICE support into the CableLabs IMS specification for next-generation communications architecture.

The next section presents an overview on how NAT-traversal using ICE methodology works.

Back

Contents

NEXT



NAT Traversal with STUN, TURN, ICE


Download AnyFirewall
Technology white paper

  Contact Us