NAT, or Network Address Translation, is a necessary evil in the world of network computing. FreeSWITCH tries very hard to make your life easier when dealing with NAT scenarios. One problem, however, is that there are differing devices with unpredictable behavior that can make it seem like your FreeSWITCH server is misbehaving. If you're stuck in a NAT situation then be aware that you may face challenges in getting everything on your network all working.
First off, here is a discussion of NAT at Wikipedia for those inclined to dig deeper.
BKW's Audio Presentation
On August 18, 2010 Brian K West (bkw) gave a brief overview of NAT and FreeSWITCH. You may download the audio here:
NAT in FreeSWITCH
In June 2009 the FreeSWITCH developers added code that makes it possible for FreeSWITCH to leverage the utility of UPnP and NAT-PMP devices. A number of home routers support UPnP or NAT-PMP, in some cases both. This includes the ubiquitous WRTG54G. If your NAT device does not support UPnP or NAT-PMP then you will be forced to use some of the less elegant solutions like STUN.
Many people suffer from NAT issues which come from a misunderstanding of how SIP, RTP and FreeSWITCH work. The topic comes up frequently in the IRC chat room. Please see the following links to aid you in your endeavors.
- Auto NAT - This page discusses how to take advantage of FreeSWITCH and the new NAT-busting features.
- External profile - this covers the topic of what makes the external profile so NAT traversal friendly in regards to SIP and RTP protocols. Also, this roughly covers the concept of copying from the external profile and creating a new profile that will enable you to cleanly traverse your NAT/firewall situation.
- NAT Traversal - General information regarding NAT and devices.
NAT just works!
For sip you can set your SIP IP to a STUN server like "stun:stun.fwdnet.net" or to your external non-NAT IP. If you have a dynamic public IP address and use a Dynamic DNS service, you can set your SIP IP to host:your.dns-host.name, and FS will do a DNS lookup to determine your public IP address. For RTP you set the value to "auto".
<param name="sip-ip" value="220.127.116.11"/> <param name="rtp-ip" value="auto"/>
If FreeSWITCH discovers that the registered endpoint is behind NAT, it will send SIP OPTIONS packets every 30 seconds to the endpoint to keep NAT alive. It is recommended though, that every endpoint be configured to send NAT keepalives itself.
For user NAT traversal, see NAT Traversal