Broken End-to-End Model of SIP

The below drawing illustrates broken end-to-end model of SIP because of the NAT deployment. NAT creates the following problems for the SIP phones:
  • they are no longer the end-devices of the Internet because the NATs are in their places,
  • they use private addresses because they are behind NAT,
  • they can initiate a VoIP call but can't receive one because NAT blocks incoming call.
This is not a complete list of damages done by NAT to SIP. They are listed here to represent the problems that are solved by ICI Technology  and its applications such as SIPsocial.  For a comprehensive list of NAT problems and analysis, see NAT RFC.
    
SIP meets NAT


Private IP Address Space 

The main functions of a NAT / firewall device that a SIPsocial has to work with include:
  • network address translation between private and public IP addressing spaces,
  • firewall, attack prevention and other security protection mechanisms,
  • IP packets transport to/from the Internet.
NAT functions are described in NAT RFC.  Private IP address descriptions are found in Private IP Address
  
The private IP address space is available for anyone to build their private networks without asking for permission from the Internet Registry or informing their network partners, and the addresses are meaningful only within the private network behind a NAT. For a private network to connect to the Internet, it must use a network address translator (NAT).

Private IP addresses are allocated in blocks of various sizes with the largest block larger than 16 million addresses. Regardless of the size of the private address block used behind a NAT, the private network needs only one public IP address to connect to the rest of the Internet.


4G NAT / Firewall Devices

NAT / firewall device includes a combination of the following components:
  • Local Wi-Fi access point. 
    • The Wi-Fi access point connects Wi-Fi enable devices like the SIP 4G phones and other mobile devices. It creates a wireless Local Area Network (LAN) which is also called Wi-Fi hotspot.
  • Local Ethernet switch. 
    • The Ethernet switch connects SIP soft-phones installed in desktop computers.  It creates a wired LAN.
  • IP packet forwarding and firewall. 
    • The IP layer performs packet forwarding and preventing hacker attacks from the Internet.
  • Network address translator.  
    • The address translation rules are configurable in some NAT models.
  • Internet access point:
    • Wired:  coaxial cable, fiber optic, DSL.
    • Wireless:  4G LTE, WiMAX, or other 3G Wireless technologies. See NAT / Firewall Devices.

The firewall functions exist with various capabilities in all models of NAT / firewall devices.  For that reason, the NAT / firewall device will sometimes be called NAT device.

wired NAT device is a gateway for the SIP Network to access the Internet via wired networks such as fiber optic, coaxial cable, or DSL. The device of this type is call wired NAT or NAT. 


SIP Hotspot



wireless NAT device is a gateway for the SIP Network to access the Internet via 4G wireless networks, LTE or WiMAX.  The device of this type is called 4G NAT device. 


SIP 4G Hotspots