The below drawing illustrates broken end-to-end model of SIP because of the NAT deployment. NAT creates the following problems for the SIP phones:
they are no longer the end-devices of the Internet because the NATs are in their places,
they use private addresses because they are behind NAT,
they can initiate a VoIP call but can't receive one because NAT blocks incoming call.
This is not a complete list of damages done by NAT to SIP. They are listed here to represent the problems that are solved by ICI Technology and its applications such as SIPsocial. For a comprehensive list of NAT problems and analysis, see NAT RFC.
Private IP Address Space
The main functions of a NAT / firewall device that a SIPsocial has to work with include:
network address translation between private and public IP addressing spaces,
firewall, attack prevention and other security protection mechanisms,
The private IP address space is available for anyone to build their private networks without asking for permission from the Internet Registry or informing their network partners, and the addresses are meaningful only within the private network behind a NAT. For a private network to connect to the Internet, it must use a network address translator (NAT).
Private IP addresses are allocated in blocks of various sizes with the largest block larger than 16 million addresses. Regardless of the size of the private address block used behind a NAT, the private network needs only one public IP address to connect to the rest of the Internet.
4G NAT / Firewall Devices
NAT / firewall device includes a combination of the following components:
Local Wi-Fi access point.
The Wi-Fi access point connects Wi-Fi enable devices like the SIP 4G phones and other mobile devices. It creates a wireless Local Area Network (LAN) which is also called Wi-Fi hotspot.
Local Ethernet switch.
The Ethernet switch connects SIP soft-phones installed in desktop computers. It creates a wired LAN.
IP packet forwarding and firewall.
The IP layer performs packet forwarding and preventing hacker attacks from the Internet.
Network address translator.
The address translation rules are configurable in some NAT models.