VoIP Mailing List Archives

[darryl at moores.ca]

Hey all. This isn't directly an Asterisk question, but it is Asterisk
related because I am using SIP on asterisk.

The last couple of days I found that our asterisk box was having all
packets originating from port 5060 being blocked.

If I moved my SIP port to any other port I could register and place
calls, leaving it on 5060 I can do neither. Also if I ran tcpdump on
both ends of my truck connection. I could see all packets arriving at
the other end ONLY when they were not originating from port 5060.

The next question was where was it being blocked. running traceroute
yielded the following:

root@1940IronStone:~# traceroute -z 1000 -A -U -p 5060 --sport=5060
70.xx.xx.200
traceroute to 70.xx.xx.200 (70.xx.xx.200), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) [*] 3.837 ms 5.282 ms 6.280 ms
2 64.230.199.2 (64.230.199.2) [AS577] 9.690 ms * *
3 64.230.232.177 (64.230.232.177) [AS577] 24.936 ms * *
4 agg2-toronto63_xe5-1-0.net.bell.ca (64.230.156.178) [AS577] 40.235
ms * *
5 lns9-toronto63_GE1-0_101.net.bell.ca (64.230.103.145) [AS577]
10.382 ms * *
6 * * *
7 * * *
8 * * *
9 * * *

Notice the second and third packet at each hop after the first router
all timeout. Even when I put a long delay between packets. Looking
further, I find the same response no matter what source port I use. It
appears any UDP packet stream from the same port is being blocked.

I don't see this behaviour if I allow traceroute to use random source
ports for each packet, and I don't see this on other networks.


traceroute -A -U -p 5060 70.xx.xx.200
traceroute to 70.xx.xx.200 (70.xx.xx.200), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) [*] 62.783 ms 62.759 ms 62.743 ms
2 64.230.199.2 (64.230.199.2) [AS577] 66.565 ms 66.550 ms 66.587 ms
3 64.230.232.177 (64.230.232.177) [AS577] 66.488 ms 66.487 ms 66.535 ms
4 agg2-toronto63_xe5-1-0.net.bell.ca (64.230.156.178) [AS577] 66.521
ms 66.510 ms 66.552 ms


Has anybody seen anything like this before? I'm going to send this to
the ISP, but I thought I'd find out if anybody else had ever run into it.


Thanks,
Darryl


--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users

[dovid at telecurve.com]

Darryl,

We had this with a large ISP in the US. They blamed it on a software bug. For this reason we offer clients the option to use a non standard port. It's most likely your ISP that is blocking the port for g-d knows what reason.

Regards,

Dovid

-----Original Message-----
From: Darryl Moore <darryl@moores.ca>
Sender: asterisk-users-bounces@lists.digium.comDate: Thu, 14 Apr 2016 17:48:02
To: Asterisk Users Mailing List - Non-Commercial Discussion<asterisk-users@lists.digium.com>
Reply-To: Asterisk Users Mailing List - Non-Commercial Discussion
<asterisk-users@lists.digium.com>
Subject: [asterisk-users] SIP port blocking

Hey all. This isn't directly an Asterisk question, but it is Asterisk
related because I am using SIP on asterisk.

The last couple of days I found that our asterisk box was having all
packets originating from port 5060 being blocked.

If I moved my SIP port to any other port I could register and place
calls, leaving it on 5060 I can do neither. Also if I ran tcpdump on
both ends of my truck connection. I could see all packets arriving at
the other end ONLY when they were not originating from port 5060.

The next question was where was it being blocked. running traceroute
yielded the following:

root@1940IronStone:~# traceroute -z 1000 -A -U -p 5060 --sport=5060
70.xx.xx.200
traceroute to 70.xx.xx.200 (70.xx.xx.200), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) [*] 3.837 ms 5.282 ms 6.280 ms
2 64.230.199.2 (64.230.199.2) [AS577] 9.690 ms * *
3 64.230.232.177 (64.230.232.177) [AS577] 24.936 ms * *
4 agg2-toronto63_xe5-1-0.net.bell.ca (64.230.156.178) [AS577] 40.235
ms * *
5 lns9-toronto63_GE1-0_101.net.bell.ca (64.230.103.145) [AS577]
10.382 ms * *
6 * * *
7 * * *
8 * * *
9 * * *

Notice the second and third packet at each hop after the first router
all timeout. Even when I put a long delay between packets. Looking
further, I find the same response no matter what source port I use. It
appears any UDP packet stream from the same port is being blocked.

I don't see this behaviour if I allow traceroute to use random source
ports for each packet, and I don't see this on other networks.


traceroute -A -U -p 5060 70.xx.xx.200
traceroute to 70.xx.xx.200 (70.xx.xx.200), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) [*] 62.783 ms 62.759 ms 62.743 ms
2 64.230.199.2 (64.230.199.2) [AS577] 66.565 ms 66.550 ms 66.587 ms
3 64.230.232.177 (64.230.232.177) [AS577] 66.488 ms 66.487 ms 66.535 ms
4 agg2-toronto63_xe5-1-0.net.bell.ca (64.230.156.178) [AS577] 66.521
ms 66.510 ms 66.552 ms


Has anybody seen anything like this before? I'm going to send this to
the ISP, but I thought I'd find out if anybody else had ever run into it.


Thanks,
Darryl


--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
New to Asterisk? Join us for a live introductory webinar every Thurs:
http://www.asterisk.org/hello

asterisk-users mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-users