SIP IP Address Hiding and NATing in XML
Adding to its topology hiding and NAT capabilities, the Oracle® Enterprise Session Border Controller now performs those functions for pertinent IP addresses that are not part of the standard SIP message header format. Previously, such addresses were visible to the next hop in the SIP session path.
Note that this feature adds to the Oracle® Enterprise Session Border Controller’s pre-existing ability to perform this function for XML messages; this new support is specifically for the keyset-info message type.
For incoming SIP NOTIFY messages, the Oracle® Enterprise Session Border Controller searches for the application/keyset-info+xml content type in the message. When it finds this content type, it searches further to detect the presence of <di:remote-uri> or <di:local-uri> XML tags and then NATs the IP addresses in the tags it finds. Specifically, the Oracle® Enterprise Session Border Controller changes:
- The <di:remote-uri> IP address to be the egress SIP interface’s IP address
- The <di:local-uri> IP address to be the Ip address of the next hop to which the message is being sent
Sample SIP NOTIFY with NATed XML
Note:
that it contains the <di:remote-uri> or <di:local-uri> XML tags on which the system will perform NAT; these lines appear in bold text.NOTIFY sip:15615281021@10.152.128.253:5137;transport=udp SIP/2.0 To: 15615281021 <sip:15615281021@10.152.128.102:5080>;tag=5c93d019904036a From: <sip:15615281021@10.152.128.102:5080>;tag=test_tag_0008347766 Call-ID: 3215a76a979d0c6 CSeq: 18 NOTIFY Contact: <sip:15615281021@10.152.128.102:5080;maddr=10.152.128.102> Via: SIP/2.0/UDP 10.152.128.102:5060;branch=z9hG4bK_brancha_0023415201 Event: keyset-info Subscription-state: active;expires=2778 Accept: application/keyset-info+xml Content-Type: application/keyset-info+xml Content-Length: 599 Max-Forwards: 70 <?xml version="1.0"?> <keyset-info xmlns="urn:ietf:params:xml:ns:keyset-info" version="16" entity="15615281021"> <ki-data> <ki-state>"active"</ki-state> <ki-event>"unknown"</ki-event> </ki-data> <di:dialog id="dialog_id_201" call-id="1395216611-1987932283256611-11-0884970552" local-tag="test_tag_0008347790" direction="recipient"> <di:state>trying</di:state> <di:duration>2778</di:duration> <di:local-uri>sip:15615281021@10.152.128.253:5137</di:local-uri> <di:remote-uri>sip:1004@10.152.128.102</di:remote-uri> </di:dialog> </keyset-info>
Once the Oracle® Enterprise Session Border Controller has completed the NAT process, the <di:remote-uri> and <di:local-uri> XML tags look like this
<di:local-uri>sip:15615281021@192.168.200.99:5137</di:local-uri> <di:remote-uri>sip:1004@192.168.200.49</di:remote-uri>
because egress the SIP interface’s IP address is 192.168.200.49 and the next hop’s IP address is 192.168.200.99.
This feature does not require any configuration.