[asterisk-users] Why Nat=yes Nat=no Option?
abalashov at evaristesys.com
Wed Nov 12 15:47:06 CST 2008
Steve Totaro wrote:
> I have done some large installs where people are going to be in the
> office, sometimes out, work from home, it always changes sorta thing......
> I have found that setting all device profiles to Nat=yes "Just Works"
> whether they are on the LAN or not and this is even on larger scale
> systems with hundreds of "phones".
> Is there any reason why this would be frowned upon as a default? Even
> to the point of, if nat= is not specified, it would default to yes?
> Is there a performance hit somewhere, or some other downside?
> If not, I suggest making it the default.
The premise of nat=yes is that the domain portion of the Contact URI is
overridden with the real, received source IP of the request and that the
default expectation of port 5060 (if not specified in the Contact URI)
is dropped in favour of the actually received source UDP port.
Similarly for SDP (without SIP-aware ALG).
I think the reason this would be frowned upon as a default is
philosophical in essence; by default, per the RFC, a SIP UAC is
expected to behave such and such way, i.e. use the Contact URI that
arrives in a REGISTER request and/or INVITE. Overriding that with the
received IP:port is a "hack" around prescribed behaviour, and enabling
hacks as default behaviour is generally considered a bad idea.
Web : http://www.evaristesys.com/
Tel : (+1) (678) 954-0670
Direct : (+1) (678) 954-0671
Mobile : (+1) (706) 338-8599
More information about the asterisk-users