[asterisk-dev] [Code Review] more reliable sip STUN support

Kevin P. Fleming kpfleming at digium.com
Wed Aug 4 12:04:36 CDT 2010 

On 08/04/2010 11:13 AM, David Vossel wrote:
> 
> 
>> On 2010-08-03 18:18:33, Simon Perreault wrote:
>>> Another issue: we *want* STUN and SIP to be multiplexed on the same port. This is a feature. It ensures the same treatment by the NAT device. Splitting in different ports may result in a different binding on the NAT device. If this NAT device has a public IP address pool and assigns a different public address to the STUN flow, we're basically screwed. Even without an address pool, being bound to a different public port is definitely not a good situation.
>>>
>>> Why not instead simply demultiplex STUN and SIP packets arriving on the same port? This is very easy. See RFC 5626 section 8. Excerpt:
>>>
>>>       Note: It is easy to distinguish STUN and SIP packets sent over
>>>       UDP, because the first octet of a STUN Binding method has a value
>>>       of 0 or 1, while the first octet of a SIP message is never a 0 or
>>>       1.
> 
> Thanks for your feedback.  As I stated, I know very little about how STUN is used so this is very helpful to me.
> 
> I am aware that it is easy to distinguish STUN from SIP traffic.  The reason I went about it this route is because of the way Asterisk's generic STUN api works.  The ast_stun_request() function both sends out a STUN request and blocks until it gets the response.  That means that any traffic coming in on that socket not STUN related while it is blocking for the STUN response is just thrown away.
> 
> Now, being aware of how STUN is used as a keep-alive mechanism I agree that the STUN requests need to be sent out the same UDP port as the SIP traffic.
> 
> I'm going to take down this review and make this all work right.

So it sounds like we should step back and try to document exactly what
Asterisk is using the STUN client mechanism to accomplish, because there
may be some confusion about that.

-- 
Kevin P. Fleming
Digium, Inc. | Director of Software Technologies
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
skype: kpfleming | jabber: kfleming at digium.com
Check us out at www.digium.com & www.asterisk.org

More information about the asterisk-dev mailing list