VoIP Strategies with NAT Firewalls
What Is a NAT Firewall?
In the 1980s it was decided that the Internet addressing system should use 32 bits. This is why an IP address consists of four distinct sections with each segment being three decimal digits long. At the time it was thought that this was more than enough and there would never come a time when the number of devices exceeded the addresses available. Today we know that is not true. The world is slowly shifting to IPv6 that has 128 bits instead. But the legacy architecture and structures of IPv4 still remain.
One of the consequences of the IPv4 address shortage was that it wasn't feasible for every device connected to the Internet have its own IP address. Instead, bunches of them were clumped together and put behind a NAT firewall. This NAT had a single IP address that served for all the devices sitting behind it. Every device was instead identified with a random port number affixed to the NAT IP address. This also has security benefits as it allows all network traffic to be routed through a single point that can be secured and analyzed for malicious traffic.
But it created a problem for applications that relied on direct device to device or P2P communications – like VoIP. For VoIP to work properly, both devices need to know how to contact the other directly. NAT firewalls get in the way and prevent this from happening because devices behind it don't know what their IP address is.
NAT Circumvention Strategies
Over the years, several strategies have been developed to cater to various NAT architectures. One example is what is known as a STUN server that VoIP devices query in order to obtain their own IP address that can be passed along using the SIP protocol to the other device. Unfortunately not all NAT topographies allow this to work. VoIP clients are therefore forced to use a number of different techniques in order to work properly.
It is a testament to the innovativeness and creativity of VoIP engineers that most individuals using VoIP are blissfully unaware of all the complicated machinations going on behind the scenes in order to deliver a seamless communications experience. VoIP client software automatically detects the type of NAT firewall and adjusts its method accordingly. Still, when something goes wrong it may be necessary to delve into the settings page and manually enter the details of the specific VoIP service such as providing the address of the STUN server.
It is probably best if you were to use the SIP client provided to you by your New York VoIP phones service provider. They will already come preconfigured with all the best settings specifically optimized for that service such as VoIP codecs etc. Call one to find out how you can get started today in less than 15 min.
No comments yet.