A Session Initiation Protocol (SIP) trunk is a direct connection of an IP PBX to a service provider over an IP network using
SIP. There can be numerous concurrent calls in a SIP trunk. During the call setup process, all calls use the same control
channel for call establishment. More than one call uses the same control channel for call setup. When the same control channel
is used by more than one call, the stateful information stored in the control-channel sessions becomes unreliable. SIP stateful
information consists of media channel information such as the IP address and port number used by client and server endpoints
to send media data. The media channel information is used to create a firewall pinhole and a Network Address Translation (NAT)
door for the data channel in firewall and NAT, respectively. Because multiple calls use the same control channel for call
setup, there will be multiple sets of media data.
In a SIP trunk, more than one call shares the same firewall and NAT session. NAT and firewall identify and manage a SIP session
by using the 5 tuple in a SIP packet—source address, destination address, source port, destination port, and protocol. The
conventional method of using the 5 tuple to identify and match calls does not completely support SIP trunking and often leads
to Layer 7 data memory leaks and call matching issues.
In contrast to other application-level gateways (ALGs), SIP ALG manages the SIP Layer 7 data by using a local database to
store all media-related information contained in normal SIP calls and in SIP calls embedded in a SIP trunk. SIP ALG uses the
Call-ID header field contained in a SIP message to search the local database for call matching and to manage and terminate
calls. The Call-ID header field is a dialog identifier that identifies messages belonging to the same SIP dialog.
SIP ALG uses the call ID to perform search in the local database and to manage memory resources. In certain scenarios where
SIP ALG is unable to free up a Layer 7 data record from the database, a session timer is used to manage and free resources
to ensure that there are no stalled call records in the database.
Note
|
Because all Layer 7 data is managed by SIP ALG by using a local database, SIP ALG never replies on firewall and NAT to free
SIP Layer 7 data; SIP ALG frees the data by itself. If you use the
clear command to clear all NAT translations and firewall sessions, the SIP Layer 7 data in the local database is not freed.
|