Hello list, I have again come across a router which behaves very badly with my IAX2 packets. This time I've documented it and thought I'd share to see if anyone else has seen similar issues. I have two asterisk servers running behind a dlink DI-604 Internet router. Both are trying to use the same IAX account to connect to the same remote asterisk server to place phone calls. Niether register with the remote box. They both only use it to place outgoing calls when the need arises. They do both monitor quality though, and one works while the other does not. Using tcpdump to see the IAX traffic on both machines yields the following. ---- machine #1 ---- 15:27:04.325773 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP 15:27:05.327026 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP 15:27:24.325523 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP 15:27:25.326783 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP 15:27:44.324648 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP 15:27:45.325916 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP 15:28:04.324285 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP 15:28:05.325570 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP 15:28:24.323868 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP 15:28:25.325132 IP 192.168.10.97.4569 > 99.234.117.121.4569: UDP As you can see this machine is trying desperately to talk to the remote server, but there is never any response. ----- machine #2 ----- 15:27:04.364718 IP 99.234.117.21.4569 > 192.168.10.96.4569: UDP 15:27:05.363308 IP 99.234.117.21.4569 > 192.168.10.96.4569: UDP 15:27:24.362713 IP 99.234.117.21.4569 > 192.168.10.96.4569: UDP 15:27:25.365736 IP 99.234.117.21.4569 > 192.168.10.96.4569: UDP 15:27:33.182751 IP 192.168.10.96.4569 > 99.234.117.21.4569: UDP 15:27:33.205658 IP 99.234.117.21.4569 > 192.168.10.96.4569: UDP 15:27:33.205936 IP 192.168.10.96.4569 > 99.234.117.21.4569: UDP 15:27:44.362897 IP 99.234.117.21.4569 > 192.168.10.96.4569: UDP 15:27:45.364978 IP 99.234.117.21.4569 > 192.168.10.96.4569: UDP 15:28:04.362375 IP 99.234.117.21.4569 > 192.168.10.96.4569: UDP 15:28:05.365890 IP 99.234.117.21.4569 > 192.168.10.96.4569: UDP Oh look here's the responses! It would appear that all the responses to the packets from both machines are being sent to the one machine. ------------------------- I've seen and suspected this before, and changing the old cheap routers has generally fixed this, but I'm wondering if anyone else has seen this before, and if there are other routers I need to worry about. I don't yet have an automated way to test routers for this, but I'm seriously thinking about coming up with something. cheers, darryl
Darryl,> I've seen and suspected this before, and changing the old cheap routers > has generally fixed this, but I'm wondering if anyone else has seen this > before, and if there are other routers I need to worry about. I don't > yet have an automated way to test routers for this, but I'm seriously > thinking about coming up with something.Most of the cheaper NAT implementations appear to assume that there's ever only just one client on the LAN side sending traffic from port A to a server port on the WAN side. For TCP this assumption is a nice hack with not too much risk, for UDP applications which send traffic from a well known port to a well known port, this is killing. I've added a full chapter on this problem in our manual that gets sent to customers, which basically says to reconfigure the SIP clients to all use a different source port for SIP traffic. This should be applicable to most UDP based protocols. I think this is valid for most routers below a certain price point ($250?), perhaps those running Linux might not be affected. -- Andreas Sikkema