Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: VOIP utter failure [again]  (Read 2256 times)

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
VOIP utter failure [again]
« on: April 17, 2018, 05:45:25 AM »

I am ashamed to say that years have passed and I have done little about sorting voip out properly. I have failed to get voip working directly into a box on the lan, too befuddled and too much pain to debug it, and it may be that voip through a multi-line bonded dsl link isn't viable anyway for all I know, especially given that the upstream is very ‘odd’ in performance terms as one line is quite a bit faster upstream than the other two [12-15%], for some reason, also my chosen huge interleave imposes sizeable latency.

I have a Siemens N300 VoIP box which I got from AA, my ISP. AA staff would definitely be up for sorting it out but I just don't have the stamina or the tools. I'm not 100% sure if I have the firewalling correct for it. I've read the requirements carefully several times but I may have missed something. I think I did get this bit right because an earlier Siemens box, same model, did sort-of work in the distant past, but was not reliable. I think it was perhaps possible that it would fail when the network was loaded with other traffic, which if true is very very bad, lack of proper QoS marking or handling. For some reason, I ended up with a replacement box, can't remember why. The second one never worked, just completely fails 100%.

My questions:

* Has anyone got voip working properly over dsl?

* Does it work even when the network is loaded flat out?

* Got a slow link?

* Has anyone tried and failed to get voip working at all? Or got something that half works?

* Anyone out there with line bonding?

The problem is that it's just to easy to leave things unfinished. I can simply use AA’s redirect facility where they reroute calls to Mrs Weaver’s mobile phone over the normal phone network. I don’t think Mrs has noticed any audio quality or reliability problems with such a half-voip (or less; half voip at the very most) system. So because that is good enough and she has voice mail anyway if her mobile has no signal, then there is little motivation to summon up the energy and restart the gruesome attempt to get full 100% voip going via the Siemens box. I’m so full of pain drugs these days that everything seems to be in a spin.

Router: I am aware that Firebrick routers have special directives in their config now for VoIP support, but I have never used these. I don't know why they are needed, perhaps something to do with NAT mitigation? I have zero NAT. If there is more to it and they must be used because of say QoS or something to do with special firewalling exceptions then I should be using these voip directives and maybe that is why nothing works. But people used to manage ok somehow before Firebrick software upgrades brought these new voip-awareness directives, and my config is from that era, so I'm just guessing that NAT users are the people who really need this new config technology.
Logged

vic0239

  • Reg Member
  • ***
  • Posts: 519
Re: VOIP utter failure [again]
« Reply #1 on: April 17, 2018, 10:48:00 AM »

Hi Weaver great to have you back.  :)

I use the Firebrick as my SIP gateway to AAISP which I understand removes the need to do NAT, but my rules do accommodate this as I initially had the N300 talk directly to Voiceless. I have two bonded lines and it works fine. I did change the QoS setting on my modems to prioritise upstream traffic by packet size. Take a look at my working configuration settings, they may help with your setup.

Here is my VoIP rule-set:
Code: [Select]
<rule-set name="Incoming Firewall Rules"
           no-match-action="continue">

  <rule name="SIP"
        source-ip="81.187.30.110-119 90.155.3.0/24 90.155.103.0/24 2001:8b0:0:30::5060:0/112 2001:8b0:5060::/48"
        target-ip="192.168.1.0/24"
        target-port="5060-5069"
        action="accept"/>
  <rule name="RTP"
        target-ip="192.168.1.0/24 90.155.3.0/24 90.155.103.0/24 2001:8b0:0:30::5060:0/112 2001:8b0:5060::/48"
        target-port="1024-65534"
        protocol="17"
        set-graph="RTP"
        action="accept"/>

 </rule-set>
and the VoIP config. Replace the username etc. and password with the carrier credentials from the control page. The credentials in the telephone configuration can be to your chosing and are used in the N300 connection settings (see attachment).
Code: [Select]
<voip comment="VoIP Services">

  <carrier name="AASIP+44nnnnnnnnnn”
           allow="81.187.30.110-119 2001:8b0:0:30::5060:0/112"
           registrar="voiceless.aa.net.uk"
           username="+44nnnnnnnnnn”
           password=“xxxxxxxxxxxxx”
           extn="+44nnnnnnnnnn”
           max-calls="1"
           comment="AAISP"/>

  <telephone name="GigasetN300-A"
             display-name="N300-AAISP"
             username="N300-AAISP"
             password=“xxxxxxxxxx”
             allow="192.168.1.0/24"
             ddi="+44nnnnnnnnnn"
             extn="2001"
             carrier="AASIP+44nnnnnnnnnn"/>

 </voip>
You can also set the IP Access List on the Outgoing tab on the control pages to restrict the IPs allowed to connect to your service for outgoing calls once you are satisfied it is working ok.
« Last Edit: April 17, 2018, 10:50:42 AM by vic0239 »
Logged
Lothian Broadband 900/900 + AAISP VDSL, Vigor2865Vac, MikroTik rb260gsp, ZyXel NWA50AX WiFi AP.

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: VOIP utter failure [again]
« Reply #2 on: April 17, 2018, 11:11:25 PM »

Brilliant vic, many many thanks for your generous post, so it definitely can be done. Mind you, I don't have any QoS facilities in my modems that I know if, so I could be in big trouble there. The Firebrick prioritises short packets, but stuff that has already gone into the modem's upstream ingress queue is beyond the reach of such a mechanism of course.

I will adapt those config rules when I am feeling a bit more with-it.
« Last Edit: April 17, 2018, 11:16:35 PM by Weaver »
Logged

burakkucat

  • Respected
  • Senior Kitizen
  • *
  • Posts: 38300
  • Over the Rainbow Bridge
    • The ELRepo Project
Re: VOIP utter failure [again]
« Reply #3 on: April 17, 2018, 11:40:01 PM »

I may have got this utterly wrong but I thought that (in your specific case) it would be the Firebrick to apply the QoS rules before passing the data to the three pure dumb modems.  :-\
Logged
:cat:  100% Linux and, previously, Unix. Co-founder of the ELRepo Project.

Please consider making a donation to support the running of this site.

vic0239

  • Reg Member
  • ***
  • Posts: 519
Re: VOIP utter failure [again]
« Reply #4 on: April 18, 2018, 09:53:51 AM »

You are, of course, correct. Looking back at the article I followed on the AAISP support site I now realise that it was referring to the device (VMG1312-B10A) running in modem/router mode, not bridged mode as is the case here.
Logged
Lothian Broadband 900/900 + AAISP VDSL, Vigor2865Vac, MikroTik rb260gsp, ZyXel NWA50AX WiFi AP.

aesmith

  • Kitizen
  • ****
  • Posts: 1216
Re: VOIP utter failure [again]
« Reply #5 on: May 01, 2018, 12:06:18 PM »

The Gigaset N300 is very "firewall friendly" so it should essentially work with no special firewall configuration, assuming the firewall behaves in the normal way which is to permit pretty much anything outbound, but inbound to only allow replies to outbound packets.  What are the issues that you experience, for example does it fail to register, fail on inbound or outbound calls, or one way audio or none?
Logged

Weaver

  • Senior Kitizen
  • ******
  • Posts: 11459
  • Retd s/w dev; A&A; 4x7km ADSL2 lines; Firebrick
Re: VOIP utter failure [again]
« Reply #6 on: May 01, 2018, 01:20:19 PM »

I'll need to ask Mrs Weaver as it has been such a long time. The most recent thing though was that we couldn't seem to the phones to see it [vague]

I'll need to ask my beloved if she can find a mo to give it another look.
Logged
 

anything