Slashdot Mirror

← Back to Stories (view on slashdot.org)

Cheap Point-To-Point VoIP Through NAT?

Posted by Cliff on from the conversations-over-the-link dept.

An anonymous reader asks: "70% of my phone bill comes from calls to a few colleagues. We all have 'broadband' internet access (at least 100 kbit/s upstream) and are behind NATs, so we can share our access with the rest of our house-mates. The OS most used is Linux. In order to lower our phone bills I'm looking for a Point-to-Point audio tool which enables you to pass relatively easily through the NATs. I've had a look at Speak-Freely, which is quite nice as it sports things like GPG-encryption. But it uses two UDP and one TCP ports which is a bit much and not very NAT friendly. I wouldn't like to use commercial tools with central servers like Skype. What would be ok is to use a webserver to serve as a kind of starting point where you would update your IP address and ports. But it should be possible to give your mom and pop webhoster to set up or even better just a cgi-script which interacts with the clients via http or https. The audio data itself shouldn't be routed over a server (what a waste of bandwidth). Thanks for all ideas."

6 of 35 comments (clear)

  1. IPv6 and Teredo by Isomer · · Score: 2, Informative

    Use Teredo and whatever protocol you like.

    Teredo is a way to give yourself a realworld IPv6 address, even though you are stuck behind NAT (and without cooperation from the NAT device, like uPnP requires).

    Basically Teredo tunnels IPv6 packets over UDP, and relies on the fact that most NAT's reuse the same source port for all udp packets that you send that have the same source address internally.

    All your application only need to support IPv6. There are Teredo implementations for Linux and FreeBSD and Teredo is built into Windows SP2. Teredo also supports two people both behind NAT to talk to each other directly in almost all common circumstances.

    So go add IPv6 support to your applications, and recommend your users use Teredo to defeat NAT!

    1. Re:IPv6 and Teredo by hab136 · · Score: 2, Informative
      Teredo is built into Windows SP2

      Um, no, it's built into the Advanced Networking Pack for Windows XP - which is not installed by default.

  2. VoIP over NAT by Gadzinka · · Score: 4, Informative

    There's no easy way to communicate between two agents, both behind NAT. Period.

    Having said that, where've you been for the last couple of years? There are free registrars that let you use rfc compliant VoIP like SIP: FWD, IPTel. You register there, but you communicate directly between your internet connections. This is really something like web page with your IPs, but automated. Kphone or Linphone are good for it on Linux.

    You have to set up some kind of NAT traversal. You can set up port forwarding on the NAT and/or use STUN server.

    Also, Skype isn't communicating via server. Skype only authenticates with server, but communication more or less is point to point. When the Skype client is unreachable directly, you communicate with it via third party (i.e. any Skype client with externally open ports). And the communication is encrypted with AES in order to avoid snooping by your ,,proxy''.

    There's also teamspeak which requires extrenally running server (there are some servers publically available) but works like a charm with every kind of NAT, because all the communication goes thru server.

    Robert

    --
    Bastard Operator From 193.219.28.162
    1. Re:VoIP over NAT by dpoulson · · Score: 2, Informative

      Freeworlddialup can use IAX too. Register for a free account, then either get a soft client (tho' I've had trouble finding a decent stable one) or get a little box of tricks from http://www.digium.com/ called the IAXy which will convert a POTS phone to a IAX VoIP phone.

      Of course, running an asterisk server gives you a lot more options and is definately the geek thing to do!

      --
      http://www.22balmoralroad.net/ http://www.tinynetworks.co.uk/
    2. Re:VoIP over NAT by Gadzinka · · Score: 2, Informative
      I know about this, used it myself.

      Unfortunatelly, there's no way for the clients alone to initiate this transfer. They have to know:
      1. Their external IP address
      2. Who they want to communicate to
      3. The ports on which to communicate

      Now, there are some "middleman" servers like STUN that will take care of some of this, but requirement 3 may be impossible to to fulfill.

      You see, normally when you send packets through NAT, it rewrites source port and address. In case of Linux, if the port is free on firewall/nat box, it leaves it unchanged. If it is taken, it assigns new, free port. Similarly, if you send UDP to address A and then send UDP to address B with the same source port, they may end up with different ports after natting. And the next problem is when several machines behind the same NAT send packets with the same source port: they have to have different ports after natting, in order to distinguish the returning packets.

      Basically, you have no way of knowing what you source port will be behind a "hostile" NAT, since it can even change between your packets beeing sent to "middleman" server and packets beeing sent to proper recipient's NAT.

      There's just no way to reliably communicate between natted machines, because this communication was never a goal. Rather, from day one, inability to communicate with machine behind NAT was the "security feature" and big selling point.

      Robert
      --
      Bastard Operator From 193.219.28.162
  3. Teamspeak. by terrox · · Score: 2, Informative

    Just use teamspeak, gamers have used voice comms for ages and teamspeak is just one of many. http://www.goteamspeak.com/products.php?t=screensh ots