NATTCPSIPALGSupportTheNATTCPSIPALGSupportfeatureallowsembeddedmessagesoftheSessionInitiationProtocol(SIP)passingthroughadevicethatisconfiguredwithNetworkAddressTranslation(NAT)tobetranslatedandencodedbacktothepacket.
Anapplication-layergateway(ALG)isusedwithNATtotranslatetheSIPorSessionDescriptionProtocol(SDP)messages.
ThismoduledescribestheNATTCPSIPALGSupportfeatureandexplainshowtoconfigureit.
FindingFeatureInformation,onpage1PrerequisitesforNATTCPSIPALGSupport,onpage1RestrictionsforNATTCPSIPALGSupport,onpage1InformationAboutNATTCPSIPALGSupport,onpage2HowtoConfigureNATTCPSIPALGSupport,onpage6ConfigurationExamplesforNATTCPSIPALGSupport,onpage7AdditionalReferenceforNATTCPSIPALGSupport,onpage7FeatureInformationforNATTCPSIPALGSupport,onpage8FindingFeatureInformationYoursoftwarereleasemaynotsupportallthefeaturesdocumentedinthismodule.
Forthelatestcaveatsandfeatureinformation,seeBugSearchToolandthereleasenotesforyourplatformandsoftwarerelease.
Tofindinformationaboutthefeaturesdocumentedinthismodule,andtoseealistofthereleasesinwhicheachfeatureissupported,seethefeatureinformationtable.
UseCiscoFeatureNavigatortofindinformationaboutplatformsupportandCiscosoftwareimagesupport.
ToaccessCiscoFeatureNavigator,gotowww.
cisco.
com/go/cfn.
AnaccountonCisco.
comisnotrequired.
PrerequisitesforNATTCPSIPALGSupportLayer4Forwarding(L4F)mustbeenabledforthefeaturetofunction.
RestrictionsforNATTCPSIPALGSupportNetworkAddressTranslation(NAT)translatesonlyembeddedIPv4addresses.
NATTCPSIPALGSupport1NATapplication-layergateway(ALG)fixupforSessionInitiationProtocol(SIP)messagesoverTCPisnotdonewhenLayer4Forwarding(L4F)functionalityisdisabled.
Inthiscase,SIPmessagesareconsideredasTCPmessagesandonlyLayer3andLayer4fixupsaredone.
AsperRFC5128,NATTCPSIPALGfeatureusesEndpoint-Independentmappingtoperformaddresstranslations.
ThiscombinationallowsincomingSIPtrafficfromanyexternalendpointonthepublicnetworktoamappedpublicport.
IfyoudonotneedEndpoint-Independentmapping,useACLorZone-basedPolicyFirewalltolimitthescopeofincomingtraffic.
InformationAboutNATTCPSIPALGSupportNATTCPSIPALGSupportOverviewTheNATTCPSIPALGSupportfeatureallowsembeddedmessagesoftheSessionInitiationProtocol(SIP)passingthroughadevicethatisconfiguredwithNetworkAddressTranslation(NAT)tobetranslatedandencodedbacktothepacket.
Anapplication-layergateway(ALG)isusedwithNATtotranslatetheSIPorSessionDescriptionProtocol(SDP)messages.
TheNATTCPSIPALGSupportfeatureaddsNATALGsupportforfixingupTCP-basedSIPmessages.
SessionInitiationProtocol(SIP)isanASCII-based,application-layercontrolprotocolthatcanbeusedtoestablish,maintain,andterminatecallsbetweentwoormoreendpoints.
SIPisaprotocoldevelopedbyIETFformultimediaconferencingoverIP.
SIPcanbeconfiguredtooperateoverTCP-basedtransports.
CiscoSIPimplementationenablessupportedCiscoplatformstosignalthesetupofvoiceandmultimediacallsoverIPnetworks.
SIPprovidesanalternativetoH.
323withintheVoIPinternetworkingsoftware.
LikeotherVoIPprotocols,SIPisdesignedtoaddressfunctionsofsignalingandsessionmanagementwithinapackettelephonynetwork.
Signalingallowscallinformationtobecarriedacrossnetworkboundaries.
Sessionmanagementprovidestheabilitytocontrolattributesofanend-to-endcall.
SessionDescriptionProtocol(SDP)isaprotocolthatdescribesmultimediasessions.
SDPcanbeusedinSIPmessagebodiestodescribemultimediasessionsusedforcreatingandcontrollingmultimediasessionswithtwoormoreparticipants.
SIPMessagesEntitiesthatarepresentinaSessionInitiationProtocol(SIP)deploymentcommunicatewitheachotherbyusingwell-definedSIPmessagesthattaketheformofrequestsandresponses.
TheseSIPmessagescancontainembeddedIPaddressorportinformationthatmightbelongtoaprivatedomain,andsuchmessagesmustbefixedupwhentheypassthroughaNetworkAddressTranslation(NAT)device.
FixupdenotesthewritingofthetranslatedIPaddressbackintothepacket.
Thisfixupisnormallyperformedbyanapplication-layergateway(alsocalledanapplication-levelgateway)(ALG)modulethatresidesontheNATdevice.
Bydefault,supportforSIPisenabledonthestandardTCPport5060toexchangeSIPmessages.
YoucanalsoconfigurenonstandardportsforSIPtooperate.
NATALGacceptsandattemptsfixupoperationsonallTCPsegmentsthatoriginatefromoraredestinedtotheconfiguredSIPport.
SIPmessageprocessinginvolvesperformingthefixupoperationonacompleteSIPmessage.
ATCPsegmentmaycarrymultipleSIPmessages.
ItisalsopossiblethataSIPmessageissegmentedandcarriedintwodifferentTCPsegments.
SIPmessagesaretextbased.
AnyadjustmentthatismadetothemessageaspartoftheALGfixupcanresultinthemessagetoincreaseordecreaseinsize.
AchangeinthemessagesizemeansthattheALGmustmakeNATTCPSIPALGSupport2NATTCPSIPALGSupportInformationAboutNATTCPSIPALGSupportadjustmentstotheTCPsequenceoracknowledgmentnumbersandkeeptrackofthesame.
TherearecaseswheretheALGmustperformspoofacknowledgmentsandcompleteTCPretransmission.
TCPproxyisanessentialcomponentthatterminatesaTCPconnectionpassingthroughNATALGandregeneratestheTCPconnection.
ThisconnectionallowsNATALGtomodifytheTCPpayloadwithoutanyTCPsessionhandlingissues.
ThetablebelowidentifiesthesixavailableSIPrequestmessages.
Table1:SIPRequestMessagesPurposeSIPMessageSentbycallingpartytoconfirmthereceiptofafinalresponsetoINVITE.
ACKSentbycallingpartyorcalledpartytoendacall.
BYESenttoendacallthathasnotyetbeenconnected.
CANCELRequestsentfromaUserAgentClient(UAC)toinitiateasession.
INVITESenttoquerycapabilitiesofUACsandnetworkservers.
OPTIONSSentbytheclienttoregistertheaddresswithaSIPproxy.
REGISTERThetablebelowidentifiestheavailableSIPresponsemethods.
Table2:SIPResponseMessagesPurposeSIPMessage100=Trying180=Ringing181=CallIsBeingForwarded182=Queued183=SessionProgress1xx(Informational)200=OK2xx(Successful)300=MultipleChoices301=MovedPermanently302=MovedTemporarily303=SeeOther305=UseProxy380=AlternativeService3xx(Redirection)NATTCPSIPALGSupport3NATTCPSIPALGSupportSIPMessagesPurposeSIPMessage400=BadRequest401=Unauthorized402=PaymentRequired403=Forbidden404=NotFound405=MethodNotAllowed406=NotAcceptable407=ProxyAuthenticationRequired408=RequestTimeout409=Conflict410=Gone411=LengthRequired413=RequestEntityTooLarge414=RequestURITooLarge415=UnsupportedMediaType420=BadExtension480=TemporarilyNotAvailable481=CallLeg/TransactionDoesNotExist482=LoopDetected483=TooManyHops484=AddressIncomplete485=Ambiguous486-BusyHere4xx(RequestFailure)500=InternalServerError501=NotImplemented502=BadGateway503=ServiceUnavailable504=GatewayTimeout505=SIPVersionNotSupported5xx(ServerFailure)NATTCPSIPALGSupport4NATTCPSIPALGSupportSIPMessagesPurposeSIPMessage600=BusyAnywhere603=Decline604=DoesNotExistAnywhere606=NotAcceptable6xx(GlobalFailure)SIPFunctionalityUsersinaSIPnetworkareidentifiedbyuniqueSIPaddresses.
ASIPaddressissimilartoane-mailaddressandisintheformatsip:userID@gateway.
com.
TheuserIDcanbeeitherausernameoranE.
164address.
Thegatewaycanbeeitheradomain(withorwithoutahostname)oraspecificinternetIPaddress.
AnE.
164addressisatelephonenumberwithastringofdecimaldigits,whichuniquelyindicatesthepublicnetworkterminationpoint.
Thisaddresscontainsallinformationthatisnecessarytorouteacalltoaterminationpoint.
NoteUsersregisterwitharegistrarserverusingtheirassignedSIPaddresses.
TheregistrarserverprovidesSIPaddressestothelocationserveronrequest.
Theregistrarserverprocessesrequestsfromuser-agentclients(UACs)forregistrationoftheircurrentlocations.
Whenauserinitiatesacall,aSIPrequestissenttoaSIPserver(eitheraproxyoraredirectserver).
Therequestincludestheaddressofthecaller(intheFromheaderfield)andtheaddressoftheintendedcalledparty(intheToheaderfield).
ASIPendusermightmovebetweenendsystems.
ThelocationoftheendusercanbedynamicallyregisteredwiththeSIPserver.
Thelocationservercanuseoneormoreprotocols(includingFinger,RWhois,andLightweightDirectoryAccessProtocol[LDAP])tolocatetheenduser.
Becausetheendusercanbeloggedinatmorethanonestationandthelocationservercansometimeshaveinaccurateinformation,thelocationservermightreturnmorethanoneaddressfortheenduser.
IftherequestiscomingthroughaSIPproxyserver,theproxyservertrieseachofthereturnedaddressesuntilitlocatestheenduser.
IftherequestiscomingthroughaSIPredirectserver,theredirectserverforwardsalltheaddressestothecalleravailableintheContactheaderfieldoftheinvitationresponse.
SIPFunctionalitywithaProxyServerAproxyserverreceivesSessionInitiationProtocol(SIP)requestsfromaclientandforwardsthemontheclient'sbehalf.
ProxyserversreceiveSIPmessagesandforwardthemtothenextSIPserverinthenetwork.
Proxyserverscanprovidefunctionssuchasauthentication,authorization,networkaccesscontrol,routing,reliablerequestretransmission,andsecurity.
SIPisapeer-to-peerprotocol.
Thepeersinasessionarecalleduseragents(UAs).
Whencommunicatingthroughaproxyserver,thecallerUAsendsanINVITErequesttotheproxyserverandthentheproxyserverdeterminesthepathandforwardstherequesttothecalledparty.
ThecalledUArespondstotheproxyserver,whichthenforwardstheresponsetothecaller.
Whenbothpartiesrespondwithanacknowledgment(SIPACKmessage),theproxyserverforwardstheacknowledgmentstotheirintendedpartyNATTCPSIPALGSupport5NATTCPSIPALGSupportSIPFunctionalityandasession,orconference,isestablishedbetweenthem.
TheReal-timeTransferProtocol(RTP)isthenusedforcommunicationacrosstheconnectionnowestablishedbetweenthecallerandcalledUA.
HowtoConfigureNATTCPSIPALGSupportSpecifyingaPortforNATTCPSIPALGSupportNetworkAddressTranslation(NAT)supportforSessionInitiationProtocol(SIP)isenabledbydefault.
SIPusesthedefaultTCPport5060toexchangemessages.
Ifrequired,youcanconfigureadifferentporttohandleSIPmessages.
SUMMARYSTEPS1.
enable2.
configureterminal3.
ipnatservicesiptcpportport-number4.
end5.
debugipnatsipDETAILEDSTEPSPurposeCommandorActionEnablesprivilegedEXECmode.
enableStep1Example:Enteryourpasswordifprompted.
Device>enableEntersglobalconfigurationmode.
configureterminalExample:Step2Device#configureterminalSpecifiesaportnumberotherthanthedefaultport.
ipnatservicesiptcpportport-numberExample:Step3Device(config)#ipnatservicesiptcpport8000ExitsglobalconfigurationmodeandreturnstoprivilegedEXECmode.
endExample:Step4Device(config)#endDisplaysSIPmessagesthatNATrecognizesandtheembeddedIPaddressescontainedinthosemessages.
debugipnatsipExample:Step5Device#debugipnatsipNATTCPSIPALGSupport6NATTCPSIPALGSupportHowtoConfigureNATTCPSIPALGSupportConfigurationExamplesforNATTCPSIPALGSupportExample:SpecifyingaPortforNATTCPSIPALGSupportThefollowingexampleshowshowtoconfigurethenonstandardport8000:Device(config)#ipnatservicesiptcpport8000Thefollowingissampleoutputfromthedebugipnatsipcommand:Device#debugipnatsipMay2314:11:17.
243IST:NAT-L4F:settingALG_NEEDEDflaginsubblockforSIPmessageMay2314:11:17.
243IST:NAT-ALG:lookup=0l7_bytes_recd=509appl_type=7May2314:11:17.
243IST:NAT-ALG:CompleteSIPMessageheaderofsize:376May2314:11:17.
243IST:NAT-ALG:Messagebodylength:133May2314:11:17.
243IST:NAT-ALG:TotalSIPmessagelength:509May2314:11:17.
243IST:NAT-ALG:afterstatemachine:May2314:11:17.
243IST:NAT-ALG:l7_bytes_recd=509May2314:11:17.
243IST:NAT-ALG:remaining_hdr_sz=0May2314:11:17.
243IST:NAT-ALG:remaining_payl_sz=0May2314:11:17.
243IST:NAT-ALG:tcp_alg_state=0May2314:11:17.
243IST:NAT-ALG:complete_msg_len=509May2314:11:17.
243IST:NAT-SIP-TCP:NumberofSIPmessagesreceived:1May2314:11:17.
243IST:NAT:SIP:[0]processingINVITEmessageMay2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:[0]translatedembeddedaddress192.
168.
122.
3->10.
1.
1.
1May2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:[0]translatedembeddedaddress192.
168.
122.
3->10.
1.
1.
1May2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:ContactheaderfoundMay2314:11:17.
243IST:NAT:SIP:TryingtofindexpiresparameterMay2314:11:17.
243IST:NAT:SIP:[0]translatedembeddedaddress192.
168.
122.
3->10.
1.
1.
1May2314:11:17.
243IST:NAT:SIP:[0]register:0door_created:0May2314:11:17.
243IST:NAT:SIP:[0]messagebodyfoundMay2314:11:17.
243IST:NAT:SIP:MediaLinespresent:1May2314:11:17.
243IST:NAT:SIP:Translatedglobalm=(192.
168.
122.
3,6000)->(10.
1.
1.
1,6000)May2314:11:17.
243IST:NAT:SIP:old_sdp_len:133new_sdp_len:130May2314:11:17.
243IST:l4f_sendreturns497bytesMay2314:11:17.
243IST:CompletebufferwrittentoproxyAdditionalReferenceforNATTCPSIPALGSupportRelatedDocumentsDocumentTitleRelatedTopicCiscoIOSMasterCommandList,AllReleasesCiscoIOScommandsCiscoIOSIPAddressingServicesCommandReferenceNATcommandsNATTCPSIPALGSupport7NATTCPSIPALGSupportConfigurationExamplesforNATTCPSIPALGSupportStandardsandRFCsTitleStandard/RFCSIP:SessionInitiationProtocolRFC2543TechnicalAssistanceLinkDescriptionhttp://www.
cisco.
com/cisco/web/support/index.
htmlTheCiscoSupportandDocumentationwebsiteprovidesonlineresourcestodownloaddocumentation,software,andtools.
UsetheseresourcestoinstallandconfigurethesoftwareandtotroubleshootandresolvetechnicalissueswithCiscoproductsandtechnologies.
AccesstomosttoolsontheCiscoSupportandDocumentationwebsiterequiresaCisco.
comuserIDandpassword.
FeatureInformationforNATTCPSIPALGSupportThefollowingtableprovidesreleaseinformationaboutthefeatureorfeaturesdescribedinthismodule.
Thistablelistsonlythesoftwarereleasethatintroducedsupportforagivenfeatureinagivensoftwarereleasetrain.
Unlessnotedotherwise,subsequentreleasesofthatsoftwarereleasetrainalsosupportthatfeature.
UseCiscoFeatureNavigatortofindinformationaboutplatformsupportandCiscosoftwareimagesupport.
ToaccessCiscoFeatureNavigator,gotowww.
cisco.
com/go/cfn.
AnaccountonCisco.
comisnotrequired.
Table3:FeatureInformationforNATTCPSIPALGSupportFeatureInformationReleasesFeatureNameTheNATTCPSIPALGSupportfeatureallowsembeddedmessagesoftheSessionInitiationProtocol(SIP)passingthroughadevicethatisconfiguredwithNetworkAddressTranslation(NAT)tobetranslatedandencodedbacktothepacket.
Anapplication-layergateway(ALG)isusedwithNATtotranslatetheSIPorSessionDescriptionProtocol(SDP)messages.
15.
3(1)TNATTCPSIPALGSupportNATTCPSIPALGSupport8NATTCPSIPALGSupportFeatureInformationforNATTCPSIPALGSupport
VoLLcloud LLC是一家成立于2020年12月互联网服务提供商企业,于2021年1月份投入云计算应用服务,为广大用户群体提供云服务平台,已经多个数据中心部署云计算中心,其中包括亚洲、美国、欧洲等地区,拥有自己的研发和技术服务团队。现七夕将至,VoLLcloud LLC 推出亚洲地区(香港)所有产品7折优惠,该产品为CMI线路,去程三网163,回程三网CMI线路,默认赠送 2G DDoS/C...
前些天赵容分享过DogYun(狗云)香港BGP线路AMD 5950X经典低价云服务器的信息(点击查看),刚好账户还有点余额够开个最低配,所以手贱尝试下,这些贴上简单测试信息,方便大家参考。官方网站:www.dogyun.com主机配置我搞的是最低款优惠后14.4元/月的,配置单核,512MB内存,10GB硬盘,300GB/50Mbps月流量。基本信息DogYun的VPS主机管理集成在会员中心,包括...
Friendhosting发布了针对“系统管理日”(每年7月的最后一个星期五)的优惠活动,针对VPS主机提供55%的优惠(相当于四五折),支持1-6个月付款使用,首付折扣非永久,优惠后最低套餐首半年7.18欧元起。这是一家保加利亚主机商,成立于2009年4月,商家提供VDS和独立服务器租用等,数据中心目前可选美国洛杉矶、保加利亚、乌克兰、荷兰、拉脱维亚、捷克和波兰等8个地区机房。下面以最低套餐为例...
internalservererror为你推荐
sqlserver2000挂起SQL server2000 安装为什么老是提示挂起?温州都市报招聘在温州哪里好找工作?长沙电话号码升位0731_88602360电话是哪的财务单据会计里各种票据的定义及区分repaired金盾评级repaired是什么意思joomla模板为什么joomla模板安装后跟模板演示的不一样论坛勋章个人论坛的勋章从哪里弄搜索引擎教程自学搜索引擎,必须有什么基础? 比如C语言等等。网站日志iis日志详解,网站日志中的每一个数据代表什么安与骑士安与骑兵多大了?
云南虚拟主机 哈尔滨服务器租用 网页空间租用 oneasiahost 美国翻墙 国外idc 512m内存 ev证书 debian7 租空间 彩虹ip 卡巴斯基永久免费版 个人免费空间 警告本网站美国保护 腾讯云分析 泉州电信 hdd ca187 中国电信宽带测速器 空间登录首页 更多