Rohit Bajaj
asked on
What is a SIP aware Firewall and Application Level Gateway and how does it solve RTP firewall Problem
Hi,
I want to understand how does the SIP aware firewall/ALG solve the problem of trasfering RTP data to a client behind a firewall ?
Thanks
I want to understand how does the SIP aware firewall/ALG solve the problem of trasfering RTP data to a client behind a firewall ?
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Entire books have been written on the OSI model. And the application layer is layer 7, not 5 *or* 3. As far as identifying session layer or network layer, generally the network layer is IPv4 or IPv6 in most networks. That's it. No TCP. No UDP. No GRE. Just IP. A layer-3 only device can see an IP packet and understand the source and destination address and that's about it. You see some layer-3 switches, but most firewalls and routers understand *at least* layer-4, if not higher. After all, to do their job, they usually have to have a basic concept of a TCP packet vs a UDP packet, and if they are performing NAT, be able to map sessions (which is itself higher than layer 3.)
-Cliff
-Cliff
Yup, I got it wrong, its layer 7:
http://en.wikipedia.org/wiki/List_of_network_protocols_%28OSI_model%29
You can identify if the device can perform SIP level fixes if it has some sort of ALG functionality beyond NAT capabilities (layer 3 fixes or rewrites):
http://www.voip-info.org/wiki/view/Routers+SIP+ALG
http://en.wikipedia.org/wiki/List_of_network_protocols_%28OSI_model%29
You can identify if the device can perform SIP level fixes if it has some sort of ALG functionality beyond NAT capabilities (layer 3 fixes or rewrites):
An ALG understands the protocol used by the specific applications that it supports (in this case SIP) and does a protocol packet-inspection of traffic through it. A NAT router with a built-in SIP ALG can re-write information within the SIP messages (SIP headers and SDP body) making signaling and audio traffic between the client behind NAT and the SIP endpoint possible.
http://www.voip-info.org/wiki/view/Routers+SIP+ALG
ASKER
I understood what you mentioned above. Just want to clarify one thing.
How does one identifies is the fix is at layer 5 or layer 3 . also i read that sip is an applicatiom level protocol. Please help me also in identifyinf the difference between a network layer and session layer.
Thanka