[VoiceOps] Issues with ISPs blocking SIP 5060 - 5061

J. Oquendo sil at infiltrated.net
Thu Nov 21 12:26:27 EST 2013 

On Thu, 21 Nov 2013, Jay Hennigan wrote:

> It's a balancing act, to be sure.  Your customer will of course say that
> the rest of the Internet works fine, it's just your VoIP service that is
> failing.  "I can get to Google and Yahoo, so there's nothing wrong with
> my Internet, but your phone doesn't work."
> 
> For one-off remote phones, setting SIP transport to TCP is often a good
> workaround by the way.
> 

Don't you just love that? (All is working except you sux0r).
We had (and have, and sometimes goes back to had) a client
in Fairfield CT. According to the installer, the building
they were in was wretched (wiring, etc.). They'd put in one
T1, we'd slap on VoIP. "Horrible service - you suck!" They'd
move over to another VoIP carrier. Two months later, they'd
move back to us, with another T1 from another carrier to
then come back and tell us: "You suck" (again). This went
on for some time until it finally dawned on them 3 VoIP
carriers later, 4 T1 providers later. "Your infrastructure
is teh suck!"

It becomes difficult in the ITSP/Managed VoIP game to deal
with this. Moreso to find contacts in the carriers who are
willing to even assist when we call on behalf of our clients.
"You're not the client" Moreso, to deal with "networking"
gurus who just seemed to have graduated "Fisher Price My
First Network" academy who fiddle with stuff. Last VoIP
was story...

Two weeks ago. Client with dual connectivity (AT&T Ts and
Comcast)... We fight with getting info into their network
correctly. Wireshark captures galore showed they were
taking IN from AT&T, then sending audio OUT Comcast. We
corrected SIP ALG, NAT, FW garbage on our SBCs. Weeks go
by, all is fine. Client: "Our VoIP is broken you are teh
sucks!" 

Gigabytes of Wireshark analysis later... We show then what
is happening which is on their end. Newb IT Guy: "Oh well
the only thing I changed was I turned on IPS for VoIP."
Sigh. I spent about 4-6 hours capturing, analyzing what
was going on (no charge because remember, at the end of the
day it is our fault, since they can still read Twitter).
Painted some nice stick figure captures illustrating the
issue. Result? Still not fixed, kludge was installed to
address their issue.

This was AFTER the initial install where I had already spent
about 3-4 hours trying to assist them with their Astaro FW
cluster^W rules.

-- 
=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+
J. Oquendo
SGFA, SGFE, C|EH, CNDA, CHFI, OSCP, CPT, RWSP, GREM

"Where ignorance is our master, there is no possibility of
real peace" - Dalai Lama

42B0 5A53 6505 6638 44BB  3943 2BF7 D83F 210A 95AF
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x2BF7D83F210A95AF

More information about the VoiceOps mailing list