SOLVED Comcrap at it again

[wa4zlw]

I maintain a PBX for my synagogue. they have a comcast business account. Been up for years. Now it seems starting yesterday, pbx is basically non-functional. They are mucking with the SIP traffic as well as the RTP streams. A friend up in CT is having same issue on a residential account and this started about a week or so ago.

Comcast has been wanting to shove a new "improved" modem our way and we've been holding off. It seems the CISCOs they are deploying have known problems especially and my friend uncovered this last spring.

I am going to try and grab a packet capture tonight.

What I found on my end was SIP registrations to both voip.ms and vitelity kept dropping. A call might eventually complete but there would be no audio either way.

Beware.

leon

 

[wardmundy]

In the case of voip.ms, you might try one of the alternate SIP ports that they support:

We offer alternative SIP ports, UDP/TCP 5080 and 42872 on all of our servers, You can try those ports in case your Internet Service Provider blocks the port 5060 UDP/TCP or if you need to use another one.

Another option would be to move to a Cloud-based solution. Then you can use any port desired to connect your SIP phones.

 

[wa4zlw]

Hi ward...i already thought of that. I setup IAX and things acting strange here too. call comes in and eventually hear rining in phone I dialed from but extension doesnt ring and it never fails to VM but with an error. Done for tonight pooped. My friend in CT has phone power (?) and is stuck with SIP. unfortunately non of the gateways support VPN access I asked awhile ago. On the extension that never rang I was able to dial out successfully with 2way audio. The extension that didnt ring is connected via VPN to the pbx.

Thanks leon

 

[billsimon]

What did your packet capture show?

I highly doubt Comcast is interfering with IAX2.

As for SIP, maybe, maybe not. Given your history of posts on this forum of random problems that usually seem to come from your firewalls etc. I would not suspect Comcast as the most likely cause of problems, especially if it also is happening with IAX2 trunks (Comcast would have no interest in those).

 

[wa4zlw]

hey bill...well I didnt have an IAX rule in the synagogue firewall. but after putting it in things acting strange. My friend up in CT has documented numerous comcast issues including SIP. I may try the alternate sip ports but not tonight. I did not have a chance to do a packet capture yet. I'll keep y'all posted.

Thanks leon

 

[wa4zlw]

ok its working. forgot the IAX RTP ports 10000 to 20000. works faster than SIP. tomorrow have to get the rest of the voip.ms DIDs up. have to figure a way for vitelity.

leon

 

[dicko]

JFYI , IAX2 does not use rtp, the whole protocol is over 4569 (by default) you are chasing the wrong rabbit.

 

[jerrm]

ok its working. forgot the IAX RTP ports 10000 to 20000. works faster than SIP. tomorrow have to get the rest of the voip.ms DIDs up. have to figure a way for vitelity.

leon

IAX2 does not use RTP. There shouldn't be any need to forward anything other than 4569 (or whatever port you have assigned).

EDIT: @dicko posted while I was typing.

 

[wa4zlw]

voip.ms told me to use 10000 to 20000 UDP with UDP 4569
i originally thought 4569 had rtp as well. once I added it things started to work

 

[dicko]

voip.ms told you wrong.

 

[jerrm]

voip.ms told me to use 10000 to 20000 UDP with UDP 4569
i originally thought 4569 had rtp as well. once I added it things started to work

I have to think it started to work out of happenstance. The voip.ms techs probably don't really understand IAX2.

Is this a Comcast static or dynamic IP? Their router or yours?

 

[wa4zlw]

agreed on happenstance. they said the 10000-20000 was for SIP RTP in a later post.

COmcast is static. Their router (not one of the CISCOs) in bridge mode.
Watchguard firewall appliance heads up both my network and one at the synagogue as well.

 

[dicko]

Make sure your firewall allows udp/4569 both ways, It shouldn't be necessary it will do no harm to make sure your firewall is forwarding udp/4569 to your pbx. For trunks, it is always a good idea to add

trunk=yes

to the definition

 

[atsak]

FYI I had a lengthy discussion with a Comcast tech yesterday about bridge mode on their modems and static IP's. The short version he said was bridge mode doesn't work with static IP on their standard modem (I forget who makes it it's the black one with the attractive flashy white lights on the front).

 

[wa4zlw]

if it is a CISCO there are all sorts of problems with them and there is a known bug that comcast refuses to have CISCO fix.
I believe the one we have is a Netgear (don't remember for sure). With whatever modems they have had there, it's always been bridged and a static IP without any issues I am aware of and this is going back 7-8 years.

my friend up in CT went througha huge thing with then when he uncovered the issues with the CISCO modem and other things Comcast was doing to the circuits.

Leon

 

[jerrm]

agreed on happenstance. they said the 10000-20000 was for SIP RTP in a later post.

COmcast is static. Their router (not one of the CISCOs) in bridge mode.
Watchguard firewall appliance heads up both my network and one at the synagogue as well.

All of mine on Comcast Business have a /29 block, which they treat a little differently. Even with the Cisco unit all seems OK.

 

[wa4zlw]

do you pay extra for the /29? we just got a /30.

-------- Forwarded Message --------
Subject: Re: what pbx issues did u have with comcrap?
Date: Mon, 26 Sep 2016 10:55:30 -0400
From: Brian <[email protected]>
Reply-To: [email protected]
Organization: Amateur Radio Services
To: [email protected]

Leon;

I'm getting the same results with comcrap every 5 mintues where I go
inaudible but I don't lose the call. In tracing it appears comcast is
sending some sort of global sip reset frame every 5 minutes in a way to
block SIP from being used on their network.

...

The registration issue has been since day one. The dead audio issue just
recently, say a month ago... and it's residential but I'm also running
my CPE in bridge mode feeding a DD-WRT based linksys because the
management/lease fees on their Cisco box don't mean a thing when it
comes to actually delivering service - as found by the FCC.

...

I can see Comcrap trying to filter SIP since their phone system uses it as well. I
don't agree with it but I can understand it.

...

Run tcpdump and you'll see where the problem is. Definitely comcast
trying to take away your SIP link. tcpdump will prove this. They'll say
no so if you call or file a service request, have the proof. I'm more
shocked that they'd do this on a BUSINESS account.

...

Insure it's NOT:
Model: Cisco DPC3941T
Firmware: dpc3941-P20-18-v303r2042173-151003a-CMCST

Those are snippets of emails from over the last few months
I think the issue with the Cisco was when it was NOT in bridge mode using the builtin firewall.
There may also be bridge mode issues.


Leon

 

[jerrm]

The 5 IP block is $15 here.

 

[billsimon]

it appears comcast is
sending some sort of global sip reset frame every 5 minutes in a way to
block SIP from being used on their network.

What is a "global SIP reset frame"? Is that like inverting the polarity of the deflector shield to fire tachyon pulses at the Klingons? come on man. Let's do real network analysis and get to the bottom of it.

 

[wa4zlw]

Update...all that info was from my friend in CT. I know he spent a lot of hours debugging his situation. In any event, ,here's what going on now.

Voip.ms
1. IAX2 works
2. Alternate SIP/RTP works

Vitelity
Used to have IAX, now hard coded at SIP 5060 only. They did tell me that a new backend is being worked on but no timeframe. but right now it seems standard SIP is working again.

As soon as I get a copy of the comcrap bill from the Rabbi I will call them and beat them up again. Seems I have to do this at least once a year :-(

If standard SIP fails then I have two options for Vitelity:
1. call forward the two DIDs to a VOIP.MS number
2. port those DIDs over to voip.ms (they both use the same upstream)

THats it for now.

Thanks leon