NATTCPSIPALGSupportTheNATTCPSIPALGSupportfeatureallowsembeddedmessagesoftheSessionInitiationProtocol(SIP)passingthroughadevicethatisconfiguredwithNetworkAddressTranslation(NAT)tobetranslatedandencodedbacktothepacket.
Anapplication-layergateway(ALG)isusedwithNATtotranslatetheSIPorSessionDescriptionProtocol(SDP)messages.
ThismoduledescribestheNATTCPSIPALGSupportfeatureandexplainshowtoconfigureit.
FindingFeatureInformation,onpage1PrerequisitesforNATTCPSIPALGSupport,onpage1RestrictionsforNATTCPSIPALGSupport,onpage1InformationAboutNATTCPSIPALGSupport,onpage2HowtoConfigureNATTCPSIPALGSupport,onpage6ConfigurationExamplesforNATTCPSIPALGSupport,onpage7AdditionalReferenceforNATTCPSIPALGSupport,onpage7FeatureInformationforNATTCPSIPALGSupport,onpage8FindingFeatureInformationYoursoftwarereleasemaynotsupportallthefeaturesdocumentedinthismodule.
Forthelatestcaveatsandfeatureinformation,seeBugSearchToolandthereleasenotesforyourplatformandsoftwarerelease.
Tofindinformationaboutthefeaturesdocumentedinthismodule,andtoseealistofthereleasesinwhicheachfeatureissupported,seethefeatureinformationtable.
UseCiscoFeatureNavigatortofindinformationaboutplatformsupportandCiscosoftwareimagesupport.
ToaccessCiscoFeatureNavigator,gotowww.
cisco.
com/go/cfn.
AnaccountonCisco.
comisnotrequired.
PrerequisitesforNATTCPSIPALGSupportLayer4Forwarding(L4F)mustbeenabledforthefeaturetofunction.
RestrictionsforNATTCPSIPALGSupportNetworkAddressTranslation(NAT)translatesonlyembeddedIPv4addresses.
NATTCPSIPALGSupport1NATapplication-layergateway(ALG)fixupforSessionInitiationProtocol(SIP)messagesoverTCPisnotdonewhenLayer4Forwarding(L4F)functionalityisdisabled.
Inthiscase,SIPmessagesareconsideredasTCPmessagesandonlyLayer3andLayer4fixupsaredone.
AsperRFC5128,NATTCPSIPALGfeatureusesEndpoint-Independentmappingtoperformaddresstranslations.
ThiscombinationallowsincomingSIPtrafficfromanyexternalendpointonthepublicnetworktoamappedpublicport.
IfyoudonotneedEndpoint-Independentmapping,useACLorZone-basedPolicyFirewalltolimitthescopeofincomingtraffic.
InformationAboutNATTCPSIPALGSupportNATTCPSIPALGSupportOverviewTheNATTCPSIPALGSupportfeatureallowsembeddedmessagesoftheSessionInitiationProtocol(SIP)passingthroughadevicethatisconfiguredwithNetworkAddressTranslation(NAT)tobetranslatedandencodedbacktothepacket.
Anapplication-layergateway(ALG)isusedwithNATtotranslatetheSIPorSessionDescriptionProtocol(SDP)messages.
TheNATTCPSIPALGSupportfeatureaddsNATALGsupportforfixingupTCP-basedSIPmessages.
SessionInitiationProtocol(SIP)isanASCII-based,application-layercontrolprotocolthatcanbeusedtoestablish,maintain,andterminatecallsbetweentwoormoreendpoints.
SIPisaprotocoldevelopedbyIETFformultimediaconferencingoverIP.
SIPcanbeconfiguredtooperateoverTCP-basedtransports.
CiscoSIPimplementationenablessupportedCiscoplatformstosignalthesetupofvoiceandmultimediacallsoverIPnetworks.
SIPprovidesanalternativetoH.
323withintheVoIPinternetworkingsoftware.
LikeotherVoIPprotocols,SIPisdesignedtoaddressfunctionsofsignalingandsessionmanagementwithinapackettelephonynetwork.
Signalingallowscallinformationtobecarriedacrossnetworkboundaries.
Sessionmanagementprovidestheabilitytocontrolattributesofanend-to-endcall.
SessionDescriptionProtocol(SDP)isaprotocolthatdescribesmultimediasessions.
SDPcanbeusedinSIPmessagebodiestodescribemultimediasessionsusedforcreatingandcontrollingmultimediasessionswithtwoormoreparticipants.
SIPMessagesEntitiesthatarepresentinaSessionInitiationProtocol(SIP)deploymentcommunicatewitheachotherbyusingwell-definedSIPmessagesthattaketheformofrequestsandresponses.
TheseSIPmessagescancontainembeddedIPaddressorportinformationthatmightbelongtoaprivatedomain,andsuchmessagesmustbefixedupwhentheypassthroughaNetworkAddressTranslation(NAT)device.
FixupdenotesthewritingofthetranslatedIPaddressbackintothepacket.
Thisfixupisnormallyperformedbyanapplication-layergateway(alsocalledanapplication-levelgateway)(ALG)modulethatresidesontheNATdevice.
Bydefault,supportforSIPisenabledonthestandardTCPport5060toexchangeSIPmessages.
YoucanalsoconfigurenonstandardportsforSIPtooperate.
NATALGacceptsandattemptsfixupoperationsonallTCPsegmentsthatoriginatefromoraredestinedtotheconfiguredSIPport.
SIPmessageprocessinginvolvesperformingthefixupoperationonacompleteSIPmessage.
ATCPsegmentmaycarrymultipleSIPmessages.
ItisalsopossiblethataSIPmessageissegmentedandcarriedintwodifferentTCPsegments.
SIPmessagesaretextbased.
AnyadjustmentthatismadetothemessageaspartoftheALGfixupcanresultinthemessagetoincreaseordecreaseinsize.
AchangeinthemessagesizemeansthattheALGmustmakeNATTCPSIPALGSupport2NATTCPSIPALGSupportInformationAboutNATTCPSIPALGSupportadjustmentstotheTCPsequenceoracknowledgmentnumbersandkeeptrackofthesame.
TherearecaseswheretheALGmustperformspoofacknowledgmentsandcompleteTCPretransmission.
TCPproxyisanessentialcomponentthatterminatesaTCPconnectionpassingthroughNATALGandregeneratestheTCPconnection.
ThisconnectionallowsNATALGtomodifytheTCPpayloadwithoutanyTCPsessionhandlingissues.
ThetablebelowidentifiesthesixavailableSIPrequestmessages.
Table1:SIPRequestMessagesPurposeSIPMessageSentbycallingpartytoconfirmthereceiptofafinalresponsetoINVITE.
ACKSentbycallingpartyorcalledpartytoendacall.
BYESenttoendacallthathasnotyetbeenconnected.
CANCELRequestsentfromaUserAgentClient(UAC)toinitiateasession.
INVITESenttoquerycapabilitiesofUACsandnetworkservers.
OPTIONSSentbytheclienttoregistertheaddresswithaSIPproxy.
REGISTERThetablebelowidentifiestheavailableSIPresponsemethods.
Table2:SIPResponseMessagesPurposeSIPMessage100=Trying180=Ringing181=CallIsBeingForwarded182=Queued183=SessionProgress1xx(Informational)200=OK2xx(Successful)300=MultipleChoices301=MovedPermanently302=MovedTemporarily303=SeeOther305=UseProxy380=AlternativeService3xx(Redirection)NATTCPSIPALGSupport3NATTCPSIPALGSupportSIPMessagesPurposeSIPMessage400=BadRequest401=Unauthorized402=PaymentRequired403=Forbidden404=NotFound405=MethodNotAllowed406=NotAcceptable407=ProxyAuthenticationRequired408=RequestTimeout409=Conflict410=Gone411=LengthRequired413=RequestEntityTooLarge414=RequestURITooLarge415=UnsupportedMediaType420=BadExtension480=TemporarilyNotAvailable481=CallLeg/TransactionDoesNotExist482=LoopDetected483=TooManyHops484=AddressIncomplete485=Ambiguous486-BusyHere4xx(RequestFailure)500=InternalServerError501=NotImplemented502=BadGateway503=ServiceUnavailable504=GatewayTimeout505=SIPVersionNotSupported5xx(ServerFailure)NATTCPSIPALGSupport4NATTCPSIPALGSupportSIPMessagesPurposeSIPMessage600=BusyAnywhere603=Decline604=DoesNotExistAnywhere606=NotAcceptable6xx(GlobalFailure)SIPFunctionalityUsersinaSIPnetworkareidentifiedbyuniqueSIPaddresses.
ASIPaddressissimilartoane-mailaddressandisintheformatsip:userID@gateway.
com.
TheuserIDcanbeeitherausernameoranE.
164address.
Thegatewaycanbeeitheradomain(withorwithoutahostname)oraspecificinternetIPaddress.
AnE.
164addressisatelephonenumberwithastringofdecimaldigits,whichuniquelyindicatesthepublicnetworkterminationpoint.
Thisaddresscontainsallinformationthatisnecessarytorouteacalltoaterminationpoint.
NoteUsersregisterwitharegistrarserverusingtheirassignedSIPaddresses.
TheregistrarserverprovidesSIPaddressestothelocationserveronrequest.
Theregistrarserverprocessesrequestsfromuser-agentclients(UACs)forregistrationoftheircurrentlocations.
Whenauserinitiatesacall,aSIPrequestissenttoaSIPserver(eitheraproxyoraredirectserver).
Therequestincludestheaddressofthecaller(intheFromheaderfield)andtheaddressoftheintendedcalledparty(intheToheaderfield).
ASIPendusermightmovebetweenendsystems.
ThelocationoftheendusercanbedynamicallyregisteredwiththeSIPserver.
Thelocationservercanuseoneormoreprotocols(includingFinger,RWhois,andLightweightDirectoryAccessProtocol[LDAP])tolocatetheenduser.
Becausetheendusercanbeloggedinatmorethanonestationandthelocationservercansometimeshaveinaccurateinformation,thelocationservermightreturnmorethanoneaddressfortheenduser.
IftherequestiscomingthroughaSIPproxyserver,theproxyservertrieseachofthereturnedaddressesuntilitlocatestheenduser.
IftherequestiscomingthroughaSIPredirectserver,theredirectserverforwardsalltheaddressestothecalleravailableintheContactheaderfieldoftheinvitationresponse.
SIPFunctionalitywithaProxyServerAproxyserverreceivesSessionInitiationProtocol(SIP)requestsfromaclientandforwardsthemontheclient'sbehalf.
ProxyserversreceiveSIPmessagesandforwardthemtothenextSIPserverinthenetwork.
Proxyserverscanprovidefunctionssuchasauthentication,authorization,networkaccesscontrol,routing,reliablerequestretransmission,andsecurity.
SIPisapeer-to-peerprotocol.
Thepeersinasessionarecalleduseragents(UAs).
Whencommunicatingthroughaproxyserver,thecallerUAsendsanINVITErequesttotheproxyserverandthentheproxyserverdeterminesthepathandforwardstherequesttothecalledparty.
ThecalledUArespondstotheproxyserver,whichthenforwardstheresponsetothecaller.
Whenbothpartiesrespondwithanacknowledgment(SIPACKmessage),theproxyserverforwardstheacknowledgmentstotheirintendedpartyNATTCPSIPALGSupport5NATTCPSIPALGSupportSIPFunctionalityandasession,orconference,isestablishedbetweenthem.
TheReal-timeTransferProtocol(RTP)isthenusedforcommunicationacrosstheconnectionnowestablishedbetweenthecallerandcalledUA.
HowtoConfigureNATTCPSIPALGSupportSpecifyingaPortforNATTCPSIPALGSupportNetworkAddressTranslation(NAT)supportforSessionInitiationProtocol(SIP)isenabledbydefault.
SIPusesthedefaultTCPport5060toexchangemessages.
Ifrequired,youcanconfigureadifferentporttohandleSIPmessages.
SUMMARYSTEPS1.
enable2.
configureterminal3.
ipnatservicesiptcpportport-number4.
end5.
debugipnatsipDETAILEDSTEPSPurposeCommandorActionEnablesprivilegedEXECmode.
enableStep1Example:Enteryourpasswordifprompted.
Device>enableEntersglobalconfigurationmode.
configureterminalExample:Step2Device#configureterminalSpecifiesaportnumberotherthanthedefaultport.
ipnatservicesiptcpportport-numberExample:Step3Device(config)#ipnatservicesiptcpport8000ExitsglobalconfigurationmodeandreturnstoprivilegedEXECmode.
endExample:Step4Device(config)#endDisplaysSIPmessagesthatNATrecognizesandtheembeddedIPaddressescontainedinthosemessages.
debugipnatsipExample:Step5Device#debugipnatsipNATTCPSIPALGSupport6NATTCPSIPALGSupportHowtoConfigureNATTCPSIPALGSupportConfigurationExamplesforNATTCPSIPALGSupportExample:SpecifyingaPortforNATTCPSIPALGSupportThefollowingexampleshowshowtoconfigurethenonstandardport8000:Device(config)#ipnatservicesiptcpport8000Thefollowingissampleoutputfromthedebugipnatsipcommand:Device#debugipnatsipMay2314:11:17.
243IST:NAT-L4F:settingALG_NEEDEDflaginsubblockforSIPmessageMay2314:11:17.
243IST:NAT-ALG:lookup=0l7_bytes_recd=509appl_type=7May2314:11:17.
243IST:NAT-ALG:CompleteSIPMessageheaderofsize:376May2314:11:17.
243IST:NAT-ALG:Messagebodylength:133May2314:11:17.
243IST:NAT-ALG:TotalSIPmessagelength:509May2314:11:17.
243IST:NAT-ALG:afterstatemachine:May2314:11:17.
243IST:NAT-ALG:l7_bytes_recd=509May2314:11:17.
243IST:NAT-ALG:remaining_hdr_sz=0May2314:11:17.
243IST:NAT-ALG:remaining_payl_sz=0May2314:11:17.
243IST:NAT-ALG:tcp_alg_state=0May2314:11:17.
243IST:NAT-ALG:complete_msg_len=509May2314:11:17.
243IST:NAT-SIP-TCP:NumberofSIPmessagesreceived:1May2314:11:17.
243IST:NAT:SIP:[0]processingINVITEmessageMay2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:[0]translatedembeddedaddress192.
168.
122.
3->10.
1.
1.
1May2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:[0]translatedembeddedaddress192.
168.
122.
3->10.
1.
1.
1May2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:ContactheaderfoundMay2314:11:17.
243IST:NAT:SIP:TryingtofindexpiresparameterMay2314:11:17.
243IST:NAT:SIP:[0]translatedembeddedaddress192.
168.
122.
3->10.
1.
1.
1May2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:[0]messagebodyfoundMay2314:11:17.
243IST:NAT:SIP:MediaLinespresent:1May2314:11:17.
243IST:NAT:SIP:Translatedglobalm=(192.
168.
122.
3,6000)->(10.
1.
1.
1,6000)May2314:11:17.
243IST:NAT:SIP:old_sdp_len:133new_sdp_len:130May2314:11:17.
243IST:l4f_sendreturns497bytesMay2314:11:17.
243IST:CompletebufferwrittentoproxyAdditionalReferenceforNATTCPSIPALGSupportRelatedDocumentsDocumentTitleRelatedTopicCiscoIOSMasterCommandList,AllReleasesCiscoIOScommandsCiscoIOSIPAddressingServicesCommandReferenceNATcommandsNATTCPSIPALGSupport7NATTCPSIPALGSupportConfigurationExamplesforNATTCPSIPALGSupportStandardsandRFCsTitleStandard/RFCSIP:SessionInitiationProtocolRFC2543TechnicalAssistanceLinkDescriptionhttp://www.
cisco.
com/cisco/web/support/index.
htmlTheCiscoSupportandDocumentationwebsiteprovidesonlineresourcestodownloaddocumentation,software,andtools.
UsetheseresourcestoinstallandconfigurethesoftwareandtotroubleshootandresolvetechnicalissueswithCiscoproductsandtechnologies.
AccesstomosttoolsontheCiscoSupportandDocumentationwebsiterequiresaCisco.
comuserIDandpassword.
FeatureInformationforNATTCPSIPALGSupportThefollowingtableprovidesreleaseinformationaboutthefeatureorfeaturesdescribedinthismodule.
Thistablelistsonlythesoftwarereleasethatintroducedsupportforagivenfeatureinagivensoftwarereleasetrain.
Unlessnotedotherwise,subsequentreleasesofthatsoftwarereleasetrainalsosupportthatfeature.
UseCiscoFeatureNavigatortofindinformationaboutplatformsupportandCiscosoftwareimagesupport.
ToaccessCiscoFeatureNavigator,gotowww.
cisco.
com/go/cfn.
AnaccountonCisco.
comisnotrequired.
Table3:FeatureInformationforNATTCPSIPALGSupportFeatureInformationReleasesFeatureNameTheNATTCPSIPALGSupportfeatureallowsembeddedmessagesoftheSessionInitiationProtocol(SIP)passingthroughadevicethatisconfiguredwithNetworkAddressTranslation(NAT)tobetranslatedandencodedbacktothepacket.
Anapplication-layergateway(ALG)isusedwithNATtotranslatetheSIPorSessionDescriptionProtocol(SDP)messages.
15.
3(1)TNATTCPSIPALGSupportNATTCPSIPALGSupport8NATTCPSIPALGSupportFeatureInformationforNATTCPSIPALGSupport
CloudCone 商家也是比较有特点的,和我们熟悉的DO、Vultr、Linode商家均是可以随时删除机器开通的小时计费模式。这个对于有需要短租服务器的来说是比较有性价比的。但是,他们还有一个缺点就是机房比较少,不同于上面几个小时计费服务商可以有多机房可选,如果有这个多机房方案的话,应该更有特点。这次我们可以看到CloudCone闪购活动提供洛杉矶三个促销方案,低至月付1.99美元。商家也可以随...
搬瓦工最近上线了一个新的荷兰机房,荷兰 EUNL_9 机房,这个 9 的编号感觉也挺随性的,之前的荷兰机房编号是 EUNL_3。这次荷兰新机房 EUNL_9 采用联通 AS9929 高端路线,三网都接入了 AS9929,对于联通用户来说是个好消息,又多了一个选择。对于其他用户可能还是 CN2 GIA 机房更合适一些。其实对于联通用户,这个荷兰机房也是比较远的,相比之下日本软银 JPOS_1 机房可...
韩国云服务器哪个好?韩国云服务器好用吗?韩国是距离我国很近的一个国家,很多站长用户在考虑国外云服务器时,也会将韩国云服务器列入其中。绝大部分用户都是接触的免备案香港和美国居多,在加上服务器确实不错,所以形成了习惯性依赖。但也有不少用户开始寻找其它的海外免备案云服务器,比如韩国云服务器。下面云服务器网(yuntue.com)就推荐最好用的韩国cn2云服务器,韩国CN2云服务器租用推荐。为什么推荐租用...
internalservererror为你推荐
phpwindphpwind怎么用?免费么?请详细说明http404未找到为什么网站上传,打开看不到,显示HTTP 404 - 未找到文件access数据库修复编程怎样实现access中对数据库的修复功能。tumblr上不去吃鸡更新完打不开,成这样了,怎么办在线等,挺急的青岛网通测速中国联通宽带,青岛地区咋样,与网通有啥区别中国保健养猪网最具权威的养猪信息网站是哪个 啊3g手机有哪些电信3g手机有哪些?什么是通配符什么是介母网站后台密码破解怎样破解网站后台管理用户名密码店铺统计怎样查淘宝店铺的销售总额
什么是域名解析 200g硬盘 hkg 泉州移动 河南移动m值兑换 免费网页申请 卡巴斯基是免费的吗 免费私人服务器 双12 重庆电信服务器托管 空间服务器 免费个人网页 winds cdn加速 ipower 热云 文件传输 天翼云主机 usb大容量存储设备 免费空间申请 更多