[asterisk-users] Why Nat=yes Nat=no Option?
Steve Totaro
stotaro at totarotechnologies.com
Thu Nov 13 10:36:07 CST 2008
On Thu, Nov 13, 2008 at 10:19 AM, Alex Balashov
<abalashov at evaristesys.com>wrote:
> Alex Balashov wrote:
> > Klaus Darilion wrote:
> >
> >> Actually I would nat=yes always, even if clients are not behind NAT os
> >> otherwise the clietn can put some garbage into the contact header (e.g.
> >> IP address of an upstream provider) and influence routing.
> >
> > No. There is a specific reason RFC 3261 says:
> >
> > "Registration creates bindings in a location service for a particular
> > domain that associates an address-of-record URI with one or more
> > contact addresses. Thus, when a proxy for that domain receives a
> > request whose Request-URI matches the address-of-record, the proxy
> > will forward the request to the contact addresses registered to that
> > address-of-record."
> >
> > This gives the UAC the necessary level of control to determine how it is
> > to be contacted.
> >
> > Imagine, for a example, a scenario in which incoming registrations are
> > proxied further upstream for whatever reason - load balancer/distributor
> > perhaps? - by an intermediate element. Do you really want to use that
> > proximate hop's received IP address in place of the ultimate sending
> > UAC's domain?
>
> In other words, there is a very specific reason why UACs are given the
> power to determine where and how to be contacted by the locator,
> depending on the application.
>
> If the UAS wishes to restrict the ability of registrants to specify a
> contact URI domain that does not match their received IP, or to
> overwrite it with something else, it can do that. Those are
> configuration options that can be created with Asterisk. But to enable
> standards-breaking behaviour by default (let alone always) is absurd;
> there very point of specifying a contact binding in registrations is to
> provide the very control and flexibility you are suggesting should be
> taken away.
>
> --
> Alex Balashov
> Evariste Systems
> Web : http://www.evaristesys.com/
> Tel : (+1) (678) 954-0670
> Direct : (+1) (678) 954-0671
> Mobile : (+1) (706) 338-8599
>
Alex is going to cling to to the RFC as if it were the gospel, and not look
at what would essentially be a "good thing". Making many NAT questions drop
off IRC and and the list. Making administration and system deployments
"Just Work".
An RFC means "Request for Comment", it is not the Gospel or the Law.
Here, read this link
http://www.legalzoom.com/legal-articles//article13758.html
Good stuff.
--
Thanks,
Steve Totaro
+18887771888 (Toll Free)
+12409381212 (Cell)
+12024369784 (Skype)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20081113/4924da9b/attachment.htm
More information about the asterisk-users
mailing list