www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

GENERICAL VOIP PROBLEM WITH NO ANSWER and NO SOLUTION

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
pgbuz



Joined: 05 Aug 2016
Posts: 33

PostPosted: Fri Aug 05, 2016 9:50 am    Post subject: GENERICAL VOIP PROBLEM WITH NO ANSWER and NO SOLUTION Reply with quote

I see on the forum a lot of messages about voip problems configuration, a lot with a sound problem in voip communication. The messages are disordered, almost all without an answer. The documentation about a typical voip configuration of zeroshell there isn't. I can confirm that respect other simple router, zeroshell make some difficulties in voip configuration. Is there a people that can help a lot of us to understand well how to configure basically zeroshell when you have a voip pbx connected to it? Particularly the nat configuration and the rtp ports because a lot of users have a sound problem Thank you very much to all! Laughing

Last edited by pgbuz on Fri Aug 12, 2016 8:00 pm; edited 1 time in total
Back to top
View user's profile Send private message
iulyb



Joined: 02 Jun 2016
Posts: 79

PostPosted: Mon Aug 08, 2016 2:58 pm    Post subject: Reply with quote

Making some generic affirmations will not fix your issue. There are many messages because there are different PBX networking setup. Here are most common:

1) PBX <--> Inetrnet <--> ZS <--> NAT <--> SIP Clients -- zhis is what I use, should be no setup / config however you can check conntrack and sip kernel module options. However I found that I need to do a contrack - f command every time I reboot ZS, else some SIP clients will not register.

2) SIP Client <--> Internet <--> ZS <--> NAT <--> PBX . Here u should forward ports or place PBX into a DMZ zone. ZS doesn't have a DMZ section like a cheap router you will have to create it.
Back to top
View user's profile Send private message
DrmCa



Joined: 12 Apr 2011
Posts: 204

PostPosted: Mon Aug 08, 2016 9:39 pm    Post subject: Reply with quote

Can you elaborate a bit more about sip kernel options?
That may be what I am missing - my ATA keeps losing connection which it is not able to re-register in UDP mode, but it works in TCP mode as port# keeps changing randomly.
Back to top
View user's profile Send private message
iulyb



Joined: 02 Jun 2016
Posts: 79

PostPosted: Mon Aug 08, 2016 11:22 pm    Post subject: Reply with quote

Not sure if I can help. First you should identify the networking issue.
tcpdump and conntrack are your friends. Here is some help: https://community.sophos.com/kb/en-us/120352

As for kernel modules

#list kernel modules:
Code:
lsmod |grep sip
nf_nat_sip              7701  0
nf_nat                 10000  7 nf_nat_masquerade_ipv4,nf_nat_ipv4,nf_nat_pptp,nf_nat_proto_gre,nf_nat_sip,nf_nat_ftp,nf_nat_h323
nf_conntrack_sip       18245  1 nf_nat_sip


# get module info:
Code:
modinfo nf_conntrack_sip
filename:       /lib/modules/4.4.13-ZS/kernel/net/netfilter/nf_conntrack_sip.ko
alias:          nfct-helper-sip
alias:          ip_conntrack_sip
description:    SIP connection tracking helper
author:         Christian Hentschel <chentschel@arnet.com.ar>
license:        GPL
depends:       
intree:         Y
vermagic:       4.4.13-ZS SMP mod_unload modversions PENTIUMIII
parm:           ports:port numbers of SIP servers (array of ushort)
parm:           sip_timeout:timeout for the master SIP session (uint)
parm:           sip_direct_signalling:expect incoming calls from registrar only (default 1) (int)
parm:           sip_direct_media:Expect Media streams between signalling endpoints only (default 1) (int)


This module accept 4 param (ports, sip_timeout etc).. Here is how you can change port number:

Code:
modprobe ip_conntrack_sip ports=5060, 5061 [,up to 8 ports]


Unfortunately sip modules are still buggy and you may need to check for bugs and eventually recompile.
Here is an example bug: https://bugs.centos.org/view.php?id=2310
Back to top
View user's profile Send private message
DrmCa



Joined: 12 Apr 2011
Posts: 204

PostPosted: Tue Aug 09, 2016 8:36 pm    Post subject: Reply with quote

Got it, this is something to start with.

In more detail, I used to have PAP2T ATA that over almost 10 years lost registration every about 6 months give or take a couple months.
Once registration was lost, nothing at all would restore registration but a change in port number. If I changed port from 5060 to 5061 it would register and work fine for another 4-6 months.
Over those 10 years I changed ISP and VOIP providers but the issue was always there. The only constant was Zeroshell router, which I gradually upgraded from 1.0 to 3.5 and somewhere in the middle rebuilt profile from scratch a couple of times.
Now I have Grandstream HT702 ATA and it loses registration almost daily.
I tried a few things and ended up switching from UDP to TCP and suddenly it works fine. It still loses registration every once in a while, but now with TCP it automatically re-registers and every time it does, it uses a different random port number (as I can see from the VOIP provider control panel), ignoring the 5060 kind of port that it used with UDP.
It's not that I am hard pressed to or eager to go back to UDP, just curious what could have caused this.
Back to top
View user's profile Send private message
iulyb



Joined: 02 Jun 2016
Posts: 79

PostPosted: Tue Aug 09, 2016 11:02 pm    Post subject: Reply with quote

DrmCa wrote:
Got it, this is something to start with.

In more detail, I used to have PAP2T ATA that over almost 10 years lost registration every about 6 months give or take a couple months.
Once registration was lost, nothing at all would restore registration but a change in port number. If I changed port from 5060 to 5061 it would register and work fine for another 4-6 months.
Over those 10 years I changed ISP and VOIP providers but the issue was always there. The only constant was Zeroshell router, which I gradually upgraded from 1.0 to 3.5 and somewhere in the middle rebuilt profile from scratch a couple of times.
Now I have Grandstream HT702 ATA and it loses registration almost daily.
I tried a few things and ended up switching from UDP to TCP and suddenly it works fine. It still loses registration every once in a while, but now with TCP it automatically re-registers and every time it does, it uses a different random port number (as I can see from the VOIP provider control panel), ignoring the 5060 kind of port that it used with UDP.
It's not that I am hard pressed to or eager to go back to UDP, just curious what could have caused this.


Had similar issue, with PAP, on alix witn an updated 3.6 works ok while on APU2 with 3.6 new image lost registration after every single reboot.
running `conntrack -f` fixed my issue but you will need to track your issue.
As a side note, csipsimple (android sip client) with same provider doesn't have any issue.

If you decide to use other ports then 5060 or 5061 I suggest you should register them into the kernel module.

A completely different approach would be to get rid of kernel modules
Code:
 rmmod nf_nat_sip && rmmod nf_conntrack_sip


Then forward all necessary ports to your device like here: http://www.3cx.com/blog/docs/draytek-firewall-voip/
However this will not work if you want to use csipsimple and pap in the same time like me.
Back to top
View user's profile Send private message
pgbuz



Joined: 05 Aug 2016
Posts: 33

PostPosted: Fri Aug 12, 2016 2:11 pm    Post subject: VOIP AND NAT in zeroshell? Reply with quote

iulyb wrote:
Making some generic affirmations will not fix your issue. There are many messages because there are different PBX networking setup. Here are most common:

1) PBX <--> Inetrnet <--> ZS <--> NAT <--> SIP Clients -- zhis is what I use, should be no setup / config however you can check conntrack and sip kernel module options. However I found that I need to do a contrack - f command every time I reboot ZS, else some SIP clients will not register.

2) SIP Client <--> Internet <--> ZS <--> NAT <--> PBX . Here u should forward ports or place PBX into a DMZ zone. ZS doesn't have a DMZ section like a cheap router you will have to create it.


Thank you Iulyb. I didn't made a specific questions because from the forum I see that a lot of us not super specialists have generical basic problems setting zeroshell for VOIP (I use GUI zeroshell interface). I attach my freepbx peer report with a linksys WRT54GL. You see that the registered external VOIP users have their real pubblic IP: voip communications are OK. I attach the freepbx report with zeroshell where you see that the external registered VOIP users have my private router IP. In zeroshell I putted in NAT both external and internal lan interface and I have port forwarding on RTP and SIP port like in WRT54Gl and I have audio problems. I think that something miss in the BASIC zeroshell setting, something that is automatically solved in linksys WRT54GL with DDWRT v24 VPN generic firmware or other similar routers. How I upload an image here? Laughing [/img]
Back to top
View user's profile Send private message
iulyb



Joined: 02 Jun 2016
Posts: 79

PostPosted: Sun Aug 14, 2016 9:01 pm    Post subject: Reply with quote

ZS fills the niche above tomato / wrt and is getting close to a real biz / production router. However the expectation in knowledge, is in the same place, there are not so much help pages. ZS shines when u use multiple internet connections, ex a DSL and an LTE connection in the same time.

Quote:
I putted in NAT both external and internal lan interface

Only interfaces used to go to internet should be on NAT box.

Quote:
I have port forwarding on RTP and SIP port like in WRT54Gl and I have audio problems


Usually sip should be deal only by kernel modules as long as it use 5060 or 5051, my sip works with no setup (no firewall). However you need more ports forwarded on firewall. http://www.3cx.com/blog/docs/draytek-firewall-voip/
I use csipsimple on android and a pap device in the same time without any issues. (except the conntrack that affect only pap device
Back to top
View user's profile Send private message
pgbuz



Joined: 05 Aug 2016
Posts: 33

PostPosted: Sun Aug 28, 2016 4:01 pm    Post subject: NAT SETTING SOLVED Reply with quote

iulyb wrote:


Quote:
I putted in NAT both external and internal lan interface

Only interfaces used to go to internet should be on NAT box.


SOLVED PARTIALLY. Thank you iulyB. I set only the wan interface as NAT and not WAN and LAN. Now the VOIP and INTERNET access are OK using port forwarding for sip and RTP but I created the problem accessing from internal to internal server using pubblic address or domain. This problem didn't existed with internal and external interface in NAT. It is an open problem if someone want to help http://www.zeroshell.org/forum/viewtopic.php?t=5746&highlight=
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group