[Serusers] symmetric nat/ broadband routers
Andrei Pelinescu-Onciul
pelinescu-onciul at fokus.fraunhofer.de
Thu Dec 4 21:27:34 CET 2003
On Dec 04, 2003 at 15:22, Ricardo Villa <ricvil at epm.net.co> wrote:
> On our lab we have a RH7.3 box with iptables firewall and NAT. When we were
> initially testing the nathelper module we found out that external pings did
> NOT keep the sessions alive on this box. Only pings going from inside
> towards the internet. At that point we decided to simply rely on the
> ability of devices like the ATA186 and GS phones to send a SIP Dummy packet
> from behind the NAT in order to keep the sessions alive. So far this
> approach has worked 100%. It is possible that the Linux box just needed
> some tweaking, but we needed a solution that worked seamlessly with all
> customers.
>
> I belive we also tested another common broadband home router and it behaved
> the same way.
Did you try with smaller ping times?
My freebsd nat box work perfectly with nat ping interval set to 30s.
natping should keep the bindings alive also on any linux based nat (just
make sure the nat ping interval is greater then the defautl udp binding
expire time).
Andrei
More information about the sr-users
mailing list