Various forms of media communications, including voice and multimedia communications, can be transmitted over a packet-based network. Because packet-based networks lack dedicated circuits for such communications and because end user devices have different capabilities, signaling protocols are used to establish the media communications sessions. One such signaling protocol for establishing voice and multimedia communication sessions over packet-based network is the Session Initiation Protocol (SIP) as developed by the Internet Engineering Task Force (IETF). SIP and other signaling protocols are used for negotiating session information to coordinate the establishment of a call session between SIP clients. Once communication setup signaling has been completed, packetized media, including voice and other real time data, can flow between the endpoints. A media transport protocol, such as the Real-Time Transport Protocol (RTP), can be used for conveying packetized media between the endpoints.
Some issues involving SIP communication are caused by the use of firewalls and/or network address translator (NAT) devices interposed between SIP entities. One issue is that a firewall does not allow unsolicited connections from a system or device outside a private network to nodes or devices in the private network. Similarly, NATs do not provide external visibility to terminals behind NATs. One way to solve such problems includes the use of pinholes. A pinhole is a port that is opened through a firewall or a NAT to allow a particular application or system access to a protected network or system. As may be expected, pinholes can expose a protected system to external attacks. It is therefore common in many implementations of firewalls and or NATs to automatically close pinholes after a period of non-use to minimize the security exposure.
One problem with pinholes in SIP networks is that a pinhole in a firewall opened in response to a SIP registration may close before the pinhole is refreshed by re-registration or other means. In SIP networks, the registration process involves a SIP terminal sending a register message to a SIP registrar informing the registrar of the terminal's current contact address. The SIP registrar responds with a SIP 200 OK message that includes an expire field that contains the duration for which the registration is valid. To maintain the registration, the SIP terminal may repeatedly send register messages within the expire or timeout period to keep the registration active.
If the SIP terminal is located behind a firewall, outgoing messages from the SIP terminal, such as the register messages, open a pinhole in the firewall. The pinhole is typically closed by the firewall if the pinhole is not used within a predetermined time period. If the SIP registration timeout is greater than the firewall pinhole timeout and no other messages are sent by the terminal, the pinhole will be closed, making the terminal unreachable.
Accordingly, it may desirable to trigger the user agent or terminal to refresh the firewall pinhole within the firewall pinhole timeout period. Any solution to the issue of maintaining firewall pinholes is preferably scalable and efficient from the point of view of the node that triggers the terminal to keep the pinhole open. For example, if all user terminals behind the same NAT or firewall are triggered to refresh their respective pinholes within a short time period of each other or without considering the collective effect of pinhole preservation traffic, then the result may be congestion or failure of a SIP node. If all of the SIP terminals reregister or refresh their pinholes at the same time, the burstiness and the traffic could overwhelm a SIP node. In addition, solutions which require the pinhole-refresh-triggering node to maintain the same registration state that is maintained by a SIP registrar are not scalable or suitable for geodiversity.
Accordingly, in light of these difficulties, there exists a need for improve methods, systems, and computer readable media for regulating NAT and firewall pinhole preservation traffic in a SIP network.