Posted on by imaginator

VoIP debugging

I have been fighting againt a problem with my VoIP calling setup. The problem presented itself last week and was not accompanied by any software upgrades or network changes on my end. I should first explain a little about my current setup. I use Asterisk as a software PBX. This handles outbound and inbound calls, voicemail and termniation of my London and German and US telephone numbers. Last week I noticed that when I made outbound calls via SipDiscount I would receive no ringing signal and also the call would never be fully setup.

Or so I though. After looking through my logs I discovered that the calls were actually being setup. At first I though that SipDiscount had changed their supported codecs. After searching on the internet it seemed that nobody really knew which were supported codecs. So I setup a list of all codecs that I could support and relied on the SIP negotiation phase to choose the correct one. Unfortunately the symptoms persisted.

On a hunch I then started tcpdumping and analysing the traffic on port 5060 (the SIP signalling port). All this seemed fine too. I saw a common codec being selected and the call setup and tear down completing without a problem.

I banged my head more and then decided to double check my firewall log. This seemed unnecessary since my VoIP calls had all been completing fine for the last year.

Mar  1 19:07:15 bunker DENY2: IN= OUT=ppp0 MAC= xsrc=62.245.233.186 DST=194.120.0.163 LEN=200 TOS=10 PREC=0x00 TTL=64 ID=693 DF PROTO=UDP SPT=17820 DPT=57344 LEN=180
Mar  1 19:07:15 bunker DENY2: IN= OUT=ppp0 MAC= xsrc=62.245.233.186 DST=194.120.0.163 LEN=200 TOS=10 PREC=0x00 TTL=64 ID=694 DF PROTO=UDP SPT=17820 DPT=57344 LEN=180
Mar  1 19:07:15 bunker DENY2: IN= OUT=ppp0 MAC= xsrc=62.245.233.186 DST=194.120.0.163 LEN=200 TOS=10 PREC=0x00 TTL=64 ID=695 DF PROTO=UDP SPT=17820 DPT=57344 LEN=180
Mar  1 19:07:15 bunker DENY2: IN= OUT=ppp0 MAC= xsrc=62.245.233.186 DST=194.120.0.163 LEN=200 TOS=10 PREC=0x00 TTL=64 ID=696 DF PROTO=UDP SPT=17820 DPT=57344 LEN=180

That seemed odd since my firewall script read:

iptables -A INPUT    -p udp -s 0.0.0.0/0 -d $VOIPIP --dport 10000:20000  -j accept-log
iptables -A OUTPUT -p udp -s $VOIPIP -d 0.0.0.0/0 --dport 10000:20000  -j accept-log

Hmmm. What had happened is that SipDiscount changed their reception port range to something outside the normal range for SIP calls. Normal SIP port ranges are 10000-20000. A quick change of my rules fixed the problem and I now have telephone calls with audio.

iptables -A INPUT    -p udp -s 0.0.0.0/0 -d $VOIPIP --dport 10000:20000  -j accept-log
iptables -A OUTPUT -p udp -s $VOIPIP -d 0.0.0.0/0 --sport 10000:20000  -j accept-log

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.