Application Layer Gateway for RTSP Protocol
Real Time Streaming Protocol (RTSP) is an application-level protocol for the transfer of real-time media data. Used for establishing and controlling media sessions between end points, RTSP is a control channel protocol between the media client and the media server. The typical communication is between a client and a streaming media server.
Streaming media from a private network to a public network requires translating IP addresses and port numbers over the network. Citrix ADC functionality includes an Application Layer Gateway (ALG) for RTSP, which can be used with Large Scale NAT (LSN) to parse the media stream and make any necessary changes to ensure that the protocol continues to work over the network.
How IP address translation is performed depends on the type and direction of the message, and the type of media supported by the client-server deployment. Messages are translated as follows:
- Outbound request—Private IP address to Citrix ADC owned public IP address called an LSN pool IP address.
- Inbound response—LSN pool IP address to private IP address.
- Inbound request—No translation.
- Outbound response—Private IP address to LSN pool IP address.
Limitations of RTSP ALG
The RTSP ALG does not support the following:
- Multicast RTSP sessions
- RTSP session over UDP
- TD/admin partitioning/cluster deployments
- RSTP Authentication
- HTTP tunneling
RTSP and LSN scenario
The following figure shows an RTSP SETUP request flow. Typically, a SETUP request specifies how a single media stream must be transported. The request contains the media stream URL and a transport specifier. This specifier typically includes one local port for receiving RTP data (audio or video), and another for receiving RTCP data (meta information). The server reply usually confirms the chosen parameters and fills in the missing parts, such as the server’s chosen ports. Each media stream must be configured by using the SETUP command before an aggregate play request can be sent.
In a typical RTSP communication, the media client in the public network sends a SETUP request to the media server in the private network. RSTP ALG intercepts the request and, in the media stream, replaces the public IP address and port number with the LSN pool IP address and LSN port number. The following figure shows the translation performed by a Citrix ADC appliance in the media stream for an outbound request:
The media server in the private network uses the LSN pool IP address and LSN port number to send a 200 OK response to the media client in the public network. The Citrix ADC RTSP ALG intercepts the response and replaces the LSN pool IP address and LSN port number with the public IP address and port number of the media client. The following figure shows the translation performed by a Citrix ADC appliance in the media stream for an inbound response:
Configuring RTSP ALG
Configure RTSP ALG as part of the LSN configuration. For instructions on configuring LSN, see Configuration Steps for LSN. While configuring LSN, make sure that you:
- Set the NAT Type as DETERMINSTIC or DYNAMIC while adding the LSN pool.
- Set the following parameters while adding the LSN application profile:
- IP Pooling = PAIRED
- Address and Port Mapping = ENDPOINT-INDEPENDENT
- Filtering = ENDPOINT-INDEPENDENT
- Create a RTSP ALG profile and bind the RTSP ALG profile to the LSN group
Sample RTSP ALG Configuration:
The following sample configuration shows how to create a simple LSN configuration with a single subscriber network, single LSN NAT IP address, and RTSP ALG settings:
enable ns feature WL SP LB CS LSN Done add lsn pool pool1 -nattype DETERMINISTIC Done bind lsn pool pool1 10.102.218.246 Done add lsn client client1 Done bind lsn client client1 -network 18.104.22.168 -netmask 255.255.255.0 Done add lsn appsprofile app1 TCP -ippooling PAIRED -mapping ENDPOINT-INDEPENDENT -filtering ENDPOINT-INDEPENDENT Done add lsn appsprofile app2 UDP -ippooling PAIRED -mapping ENDPOINT-INDEPENDENT -filtering ENDPOINT-INDEPENDENT Done bind lsn appsprofile app1 1-65535 Done bind lsn appsprofile app2 1-65535 Done add lsn rtspalgprofile rtspalgprofiledefault -rtspIdleTimeout 1000 -rtspportrange 554 Done add lsn group group1 -clientname client1 -nattype DETERMINISTIC -portblocksize 512 -rtspalg ENABLED Done bind lsn group group1 -poolname pool1 Done bind lsn group group1 -appsprofilename app1 Done bind lsn group group1 -appsprofilename app2 Done bind lsn group group1 -rtspalgprofilename rtspalgprofiledefault Done