NAT means Network Address Translation. When you connect to the Internet, information you send and receive is typically passed through a firewall, which protects your network infrastructure from hackers. Each individual network that is connected to the public Internet is identified by an IP address. Devices on the outside of your firewall see your publicly-routed IP Address; devices on the network inside of the firewall are addressed with private, non-routable IP addresses. When information passes through the firewall, it does so in the form of data "packets." Each packet contains an IP address, telling it where it's from and where it's going. When a packet passes through the firewall to the public Internet, the private IP address is replaced with the publicly-routed IP address. When information passes from the public Internet through the firewall, the publicly-routed IP address is replaced with a private one and routed to the appropriate device.
SIP messages, which are carried inside of data packets, also include IP address information. Traditional NAT does not open the packet to change the IP information inside the SIP message. Therefore, the VoIP provider will not be able to send the call to the appropriate location. SIP requires a device to open the packet and adjust the IP information as it passes through the firewall.
Some firewall devices, known as Application Layer Gateways (ALGs), have the ability to make this change inside the SIP message. Though several ALGs are capable of SIP NAT traversal, TOTLCOM supports the Ingate SIParator router. Other firewalls, including Sonicwall and Cisco ASA/PIX, have this capability, but TOTLCOM can only provide technical support for the Ingate ALGs.
NAT-traversal problems manifest themselves in several easy-to-identify ways. If you are experiencing any of the following problems, you may have a NAT-traversal issue:
1. Are you having one-way audio?
2. Is the call setting up (ringing), but missing sound?
3. Are calls not setting up in the first place?
If you are experiencing any of these issues with your VoIP service, call TOTLCOM's Customer Care Specialists at 1-800-300-5500.
TOTLCOM has several different options to help you deal with technical difficulties. If you are a Managed Network Services subscriber, we will take care of the problem from start to finish. If you don't subscribe to MNS, call our Customer Care Specialists at 1-800-409-4357, options 1,1,1. If your network uses the Ingate SIParator or the Edgewater EdgeMarc ALGs, we should be able to troubleshoot your problems remotely. If you don't currently use one of these TOTLCOM-supported ALG devices, there is another option. If you assign a public IP address directly to your phone system, you will obviate any NAT-traversal issues, because there is no translation necessary. This option does, however, leave your system vulnerable to attack. TOTLCOM does not recommend this option.
TOTLCOM supports two ALG devices: the Ingate SIParator and the Edgewater EdgeMarc router. Other devices capable of SIP packet translation are available, but TOTLCOM does not offer technical support for their use.
ALG stands for Application Layer Gateway. An ALG is a device that handles translation of the packet IP addresses (and for TOTLCOM VoIP service, the SIP IP information inside the packet) as they traverse the firewall. TOTLCOM supports the use of the Ingate SIParator ALG.
It is important to remember that ALG devices are designed to handle a specific number of concurrent calls. Be sure to purchase an ALG that fits your business needs. TOTLCOM's Account Executives can help you determine which ALG is right for you. Call 800-300-5500 to speak with an Account Executive today.
Another name for ALG, a SIP-aware firewall is a device capable of handling the translation of SIP-packet IP addresses as the packets traverse the firewall. TOTLCOM provides technical support for the Ingate SIParator firewall for SIP-packet translation.
Far-End NAT traversal is a method of accomplishing NAT. See "What is NAT traversal?" for more information on NAT traversal. TOTLCOM does not utilize Far-End NAT Traversal, because doing so would introduce unnecessary delays and latency into our customers' voice traffic. TOTLCOM places paramount importance on the voice quality of our service, and we feel that accomplishing NAT traversal on the customer's premise is a far more effective and efficient technique.
QoS stands for Quality of Service. Quality of Service (QoS) is the idea that transmission rates, error rates, and other characteristics can be measured, improved, and, to some extent, guaranteed in advance. Is the sound clear? Is there any jitter or latency? These are questions that determine the level of QoS. At TOTLCOM, we pride ourselves on being an industry leader in QoS. Our engineers work tirelessly to ensure for our customers the highest possible level of QoS.
There are a several methods of ensuring the highest possible call quality. TOTLCOM recommends using a dedicated data connection of at least T1 speed, along with a properly-configured router using the latest QoS technologies.
TOTLCOM is dedicated to providing the highest possible level of call quality. To that end, our experienced engineers develop and test the latest QoS techniques. TOTLCOM VoIP service currently uses several techniques to ensure QoS, including TOS-splitting, traffic shaping, and voice-optimized internet (on some phone systems).
A dedicated voice connection is an Internet connection used solely for voice traffic. It carries no data packets, so traffic congestion, latency, and jitter are not issues. It is one of the best ways to ensure call quality, but it is generally not cost effective, because it requires the purchase of an additional T1-class Internet connection.
TOS stands for Type-of-Service splitting. It is a way of classifying and prioritizing the traffic on a data connection to give priority to voice traffic. If voice packets are held up by data traffic, latency and jitter issues can arise. Data packets, on the other hand, can handle slight delay far more easily. TOTLCOM currently utilizes TOS-splitting on outbound VoIP calls over Sprint's and Qwest's T-1 lines (Optional).
Traffic shaping is a technology used to enhance call quality. Traffic shaping software can differentiate between voice and data traffic. The software then "throttles back" the speed on the data traffic to make room for the voice traffic to proceed on the network unimpeded.
Voice Optimized Internet (VOA) is a technology TOTLCOM offers to ensure call quality. Essentially,one circuit (ADSL, SDSL, or T-1) is delivered to the customer site. The circuit is provisioned with two separate IP addresses one for data traffic and the other for voice traffic. Using this method, the voice traffic is prioritized from the customer premises all the way to the carrier network. This reduces the congestion for both inbound and outbound voice traffic.
VoIP traffic is as secure as any other data traffic you send out onto the public internet. There are ways of making the system more secure, including some technologies currently undergoing testing by TOTLCOM engineers, but none of the available technologies is yet universal. The best way to ensure security for your VoIP traffic is to employ the use of a SIP-enabled firewall.
Your VoIP system is as secure as any other data leaving or entering your network. If you employ the use of a SIP-enabled firewall, your VoIP traffic is relatively secure. For someone to gain access to your VoIP calls, they would have to steal all of the packets leaving your network. The only way to do that is to be physically present at one of the points of transmission.
TLS is software with the ability to handle secure signaling, including SIP signaling, using secure certificates similar to the way some web sites use certificates to ensure secure financial transactions. TOTLCOM engineers are currently testing TLS technology, but because it is not yet universal, it is not ready for implementation.
SRTP is a way to encrypt the signals carrying the voice information over the Internet. It is still in the development stage; TOTLCOM engineers are testing and monitoring its progress to determine whether it can be of use.