H.323 HNT

This section explains how H.323 hosted NAT traversal (HNT) works and how to enable this capability on your Oracle® Enterprise Session Border Controller.

The feature enables endpoints behind NATs to originate and terminate calls by resolving the address differences between the NAT and the actual endpoint.

H.323 communication through a NAT becomes an issue when engaging in RAS messaging. While the H.323 standard specifies specific information elements in the RAS messages that indicate the address to which the replies should be sent, these addresses will be behind the NAT and therefore unroutable. The Oracle® Enterprise Session Border Controller solves this problem by sending RAS replies to the layer 3 address from which the associated RAS request was received.

A second issue exists for media channels as the address specified in the H.323 OLC message will be behind the NAT and likewise unroutable. This is resolved by relying on the fact that the forward and reverse channels will utilize the same address and port on the endpoint. By sending media packets to the same address from which the packet are received, media and flow through the NAT.

If you do not use H.323 HNT, the following behavior will occur:

  • When an H.323 endpoint is behind a NAT and it registers with a gatekeeper through the Oracle® Enterprise Session Border Controller, the Oracle® Enterprise Session Border Controller tries to send a response back to the endpoint’s RAS address rather than to the NAT from which the request was received.
  • The same is true for LRQ and IRQ messages because responses without H.323 HNT for outbound sessions, responses were being sent back to the replyAddress or the rasAddress.
  • In addition, the Oracle® Enterprise Session Border Controller always induces one-way media because it tries to send the RTP to the media IP address and port it receives in the OLC messages rather than the ephemeral port on the intermediary NAT.

With this ability enabled, however, the Oracle® Enterprise Session Border Controller sends RAS responses back to the address from which the request was received (the NAT). It does not send responses to the endpoint’s rasAddress or replyAddress mentioned in the signaling message. The same is true for RTP. With H.323 HNT for outbound sessions enabled, the Oracle® Enterprise Session Border Controller sends RTP to the IP address and port from which it receives the RTP packets (the NAT).

The call flow below illustrates how this feature works:

Previous
Previous 		Next
Next
Go To Table Of Contents
Contents