The STUN Protocol and VoIP – Part 2

As seen in Part 1 of this article, STUN enables a SIP entity running behind a NAT to discover its public IP and what type of NAT is running on the gateway it is connected to. It also enables the SIP entity to discover which port external SIP entities can connect to, to establish a connection. Since SIP uses UDP as transport protocol, and UDP is not a connection oriented protocol, a connection between 2 SIP entities cannot be established easily by depending on the transport protocol, that is why STUN is widely used in a SIP based VoIP environment. Below we are going to see captures of a SIP based VoIP phone trying to register to an IP PBX running outside its network and what happens if the SIP based VoIP phone is using STUN protocol or not.

Sending of a SIP message without using STUN protocol

Below is a capture of a SIP Register message; a SIP based VoIP phone running behind a NAT trying to register as extension 101 with an IP PBX (listening on host name voipproducts.org) running outside its network without using STUN protocol.

REGISTER sip:voipproducts.org SIP/2.0

Via: SIP/2.0/UDP 192.168.2.14:7214;branch=z9hG4bK-d8754z;rport

Max-Forwards: 70

Contact: : <sip:101@192.168.2.14:7214;rinstance=0639bae5043c66ac>

To: “account1″ <sip:101@voipproducts.org>

From: “account1″<sip:101@voipproducts.org>;tag=0a75d76e

Call-ID: OTcxMDU5MGNhNTAxNzgzYjZkODVkY2I3MmE3NDhlNzQ.

CSeq: 1 REGISTER

Expires: 3600

Content-Length: 0

From the above we can see that:

Contact: <sip:101@192.168.2.14:7214;rinstance=0639bae5043c66ac>

In the “Contact” field we can see that the SIP based VoIP phone is specifying its own private IP address (192.168.2.14) and port 7214. Therefore it is requesting the remote IP PBX outside its network to try to establish a connection by sending SIP messages back to IP address 192.168.2.14 and port 7214. In such case, the IP PBX will try to establish the connection but since this is a private IP address, it is not routable on the internet and therefore the response the IP PBX tries to send is usually dropped by a router or internet gateway. Since packets are dropped, the connection cannot be established.

STUN resolution explained

If a SIP based VoIP phone has STUN resolution enabled and a STUN server specified, the VoIP phone sends a STUN resolution request to the STUN server and waits for the STUN server to reply. Such request typically is done during startup of the VoIP phone or before trying to communicate with an external SIP entity. Below is a capture of a typical STUN server response:

Message Type: Binding Response(0×0101)

Message Length: 0×0044

Message Transaction ID: E753D76EA857A24DA38A229F7576E18E

Attribute: MAPPED-ADDRESS

Attribute Type: MAPPED-ADDRESS(0×0001)

Attribute Length: 8

Protocol Family: IPv4 (0×0001)

Port: 6023

IP: 78.158.143.115 (78.158.143.115)

Attribute: SOURCE-ADDRESS

Attribute Type: SOURCE-ADDRESS(0×0004)

Attribute Length: 8

Protocol Family: IPv4 (0×0001)

Port: 3478

IP: 10.252.131.113 (10.252.131.113)

Attribute: CHANGED-ADDRESS

Attribute Type: CHANGED-ADDRESS(0×0005)

Attribute Length: 8

Protocol Family: IPv4 (0×0001)

Port: 3479

IP: 75.101.138.128 (75.101.138.128)

From the above we can see that:

Message Type: Binding Response(0×0101)

Message Length: 0×0044

Message Transaction ID: E753D76EA857A24DA38A229F7576E18E

Message type: This field states the message type; in the above example we can see that this is a Binding response to the Binding request sent to the STUN server by the VoIP phone.

Message Length: This field states the message length in bytes.

Message Transaction: This is a unique identifier used for each STUN message binding / response session. For each new transaction, a new unique identifier is created.

Attribute: MAPPED-ADDRESS

Attribute Type: MAPPED-ADDRESS(0×0001)

Attribute Length: 8

Protocol Family: IPv4 (0×0001)

Port: 6023

IP: 78.158.143.115 (78.158.143.115)

The above attribute is called “MAPPED-ADDRESS”; its purpose is to indicate the source IP (from the above example; 78.158.143.115) and source Port (from the above example; 6023) the server saw in the Binding request sent from the SIP based VoIP phone.

Attribute: SOURCE-ADDRESS

Attribute Type: SOURCE-ADDRESS(0×0004)

Attribute Length: 8

Protocol Family: IPv4 (0×0001)

Port: 3478

IP: 10.252.131.113 (10.252.131.113)

The above attribute is called “SOURCE-ADDRESS”; its purpose is to indicate if twice NAT configurations are being used. From the above we can see that twice NAT configuration is being used because the VoIP phone’s IP address is 192.168.2.14, the public IP from where the Binding request was received is 78.158.143.115 and the IP address from where the last point which contacted the STUN server received the STUN request was 10.252.131.113.

Attribute Type: CHANGED-ADDRESS(0×0005)

Attribute Length: 8

Protocol Family: IPv4 (0×0001)

Port: 3479

IP: 75.101.138.128 (75.101.138.128)

The above attribute is called “CHANGED-ADDRESS”; its purpose is to indicate the IP address and port where the response would have been sent from if the client requests a “Change IP” and “Change Port” in a “CHANGE-REQUEST” attribute.

Sending of a SIP message using STUN protocol

Below is a capture of a SIP Register message; a SIP based VoIP phone running behind a NAT trying to register as extension 101 with an IP PBX (listening on host name voipproducts.org) running outside its network using STUN protocol.

REGISTER sip:voipproducts.org SIP/2.0

Via: SIP/2.0/UDP 192.168.2.14:7214;branch=z9hG4bK-d8754z;rport

Max-Forwards: 70

Contact: <sip:101@78.158.143.115:8676;rinstance=c82d2f5b1918e5cf>

To: “account1″<sip:101@voipproducts.org.com>

From: “account1″<sip:101@voipproducts.org>;tag=484b4e36

Call-ID: YWI3Y2I3ODIzOWIxYWI5NDQwMzA5ZTYxMTAzOTM4Y2I.

CSeq: 1 REGISTER

Expires: 3600

Content-Length: 0

From the above we can see that:

Via: SIP/2.0/UDP 192.168.2.14:7214

The VoIP client is still listening on the same internal IP address (192.168.2.14) and same port (7214).

Contact: <sip:101@78.158.143.115:8676;rinstance=c82d2f5b1918e5cf>

In the “Contact” field in the register SIP message the VoIP phone replaces its own IP address (192.168.1.14) with the external IP address (78.158.143.115) and external Port (8676) discovered by making a STUN resolution before trying to register with an external IP PBX. Thanks to the STUN resolution, now the IP PBX can establish a connection with the VoIP phone by sending SIP responses to IP address 78.158.143.115 on port 8676 which is mapped to IP address 192.168.2.14 and port 7214 on the NAT device.

As seen above, since most of the protocols used in SIP based VoIP calls typically use UDP as transport protocol, which is a connectionless protocol, STUN plays a very important role in aiding SIP entities running behind NATs establishing a SIP based VoIP call.