Firewall/NAT Crossing by H.323/H.248
Roy, Radhika R, ALCOO
rrroy at ATT.COM
Mon Mar 26 11:17:06 EST 2001
Euchner:
Steve Davies has provided another URL to me. It is working for me. Hope that
it will work for all of you.
Best regards,
Radhika R. Roy
AT&T
+1 732 420 1580
rrroy at att.com
-----Original Message-----
From: Steve Davies [mailto:SDavies at Ridgeway-Sys.com]
Sent: Thursday, March 22, 2001 2:45 PM
To: Roy, Radhika R, ALCOO
Subject: RE: Firewall/NAT Crossing by H.323/H.248
Radhika,
The document is going through the IETF draft process - we sent it on
Tuesday. In the meantime its available from www.vxserver.com/standards.
We will be at the SIP discussion tomorrow. Thanyou - we think it is a better
solution too. The PIA does not need to be application aware (so its future
proof), the PS takes care of that. The PIA can be client software (i.e a
shim to the application) or a standalone unit. It scales down as well as up.
regards
Steve
Steve Davies
Chief Technical Officer
Ridgeway Systems and Software
Email: mailto:sdavies at ridgeway-sys.com
Web: www.ridgeway-sys.com
Tel B: +44 (0) 118 938 1114
Tel H: +44 (0) 1285 770979
-----Original Message-----
From: Euchner Martin [mailto:Martin.Euchner at icn.siemens.de]
Sent: Monday, March 26, 2001 9:38 AM
To: Roy, Radhika R, ALCOO; ITU-SG16 at mailbag.cps.INTEL.COM
Subject: AW: Firewall/NAT Crossing by H.323/H.248
Radhika,
thanks for pointing to this interesting draft. However, I was unable to
obtain that document;
http://www.ietf.org/internet-drafts/draft-davies-fw-nat-traversal-00.txt
<http://www.ietf.org/internet-drafts/draft-davies-fw-nat-traversal-00.txt>
is not successful.
Would someone be so kind and send it to me?
Kind Regards
Martin Euchner.
-----------------------------------------------------------------------
| Dipl.-Inf. Phone: +49 89 722 55790
| Martin Euchner Fax : +49 89 722 46841
| Siemens AG
| ICN M NT 5 mailto:Martin.Euchner at icn.siemens.de
<mailto:Martin.Euchner at icn.siemens.de>
| mailto:martin.euchner at ties.itu.int
<mailto:martin.euchner at ties.itu.int>
| Hofmannstr. 51 Intranet:
http://intranet.icn.siemens.de/marketing/network_technology/security/pki.htm
| D-81359 Muenchen Internet: http://www.siemens.de
<http://www.siemens.de>
| __________________
| Germany
-----------------------------------------------------------------------
-----Ursprüngliche Nachricht-----
Von: Roy, Radhika R, ALCOO [SMTP:rrroy at ATT.COM]
Gesendet am: Donnerstag, 22. März 2001 05:18
An: ITU-SG16 at mailbag.cps.INTEL.COM
Betreff: Firewall/NAT Crossing by H.323/H.248
Folks:
The following Internet draft (draft-davies-fw-nat-traversal-00.txt)
deals
with the proposal how H.323, H.248, and other applications (e.g.,
SIP) can
cross the firewalls and NATs that do not require any changes in NATs
and
firewalls.
I would request the members that it may be worthwhile to look into
the
proposal.
(I would also propose the authors to see whether this can be
presented in
the ITU-T SG16 for possible examination. If attendance is a problem
by the
authors, whether Rapporteurs, as they did in the past, can help in
collaboration with the authors in the presenting the proposal.)
Best regards,
Radhika R. Roy
AT&T
-----Original Message-----
From: Steve Davies [mailto:SDavies at Ridgeway-Sys.com]
Sent: Tuesday, March 20, 2001 8:45 PM
To: mshore at cisco.com
Cc: sob at harvard.edu; Steve Davies; midcom at ietf.com;
sip at lists.bell-labs.com
Subject: [SIP] Contribution to Midcom WG
Melinda,
Please excuse this email at the 11th hour. I've taking the liberty
of
copying it to the SIP and Midcom WGs in order to maximise the
opportunity
for discussion.
Ridgeway Systems & Software have just completed an Internet draft
for the
traversal of non-protocol aware firewalls and NATs by
session-oriented
protocols such as H.323, SIP and H.248/Megaco. The draft is the
culmination
of the last 2 years of research and development within Ridgeway. The
methods
outlined in the draft have been implemented and proven to work. The
main
benefit to the Internet and Telecommunications community of the
method
outlined in this draft is that it is protocol agnostic - a single
method can
carry multiple protocols. Until it is available through the system
it is
available from http://www.vxserver.com/standards/ - username is
'standards'
password is 'stevedavies'.
The method outlined in the draft is probably ahead of where Midcom
is at
this point. I bring it to your attention now because I see similar
initiatives within the SIP WG and because I would like to suggest to
the
Midcom WG that there are at least 2 classes of problem with
potentially
multiple solutions to address and capture. My basic premise is that
it is
not just a FW/NAT problem to address, but a FW/NAT + deployment set
of
problems.
Class A:
This class of problem is characterised by the fact that it is not
possible
or it is undesirable to upgrade the firewalls and NAT devices.
Typically,
NAPT is being used and Internet data and voice/video packets are
transported
on the same network (at some point, e.g. the LAN). Security must not
be
compromised. Examples deployments include residential and enterprise
access
to the Converged Network via an ISP.
The Traversal method Ridgeway has developed addresses this class of
problem.
Class B:
This class of problem is characterised by the fact that it is
possible to
upgrade existing or deploy new equipment to transport voice/video
over IP.
ALGs in firewalls and NATs is one solution to this class of problem.
It seems that the approach within Midcom is to formalise and
abstract ALGs
such that one method suits all protocols. However, this doesn't
address
deployments in Class A.
My colleague, Pete Cordell, and I will be in Minneapolis from
Wednesday thru
Friday and shall be attending the Midcom WG where we hope such
requirements
and issues will be raised and captured.
Please feel free to contact me should you want to discuss this
offline.
Kindest regards
Steve
Steve Davies
Chief Technical Officer
Ridgeway Systems and Software
Email: mailto:sdavies at ridgeway-sys.com
Web: www.ridgeway-sys.com
Tel B: +44 (0) 118 938 1114
Tel H: +44 (0) 1285 770979
US cell: +1 512 771 7160
_______________________________________________
This list is for continuing development of the SIP protocol.
The sip-implementor's list is the place to discuss implementation,
and to receive advice on understanding existing sip.
To subscribe to it, send mail to
sip-implementors-request at cs.columbia.edu with "subscribe" in the
body.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For help on this mail list, send "HELP ITU-SG16" in a message to
listserv at mailbag.intel.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
For help on this mail list, send "HELP ITU-SG16" in a message to
listserv at mailbag.intel.com
More information about the sg16-avd
mailing list