My router shows UDP packets from hosts that may be related to VoIOo's service, such as softlayer.com.
Here's some examples that show that a lot of UDP junk is being tossed here. Are these VoIPo related? I recall being told that some VoIPo systems toss out packets to overcome flaws (NAT related?) in certain routers.
Looking at the port numbers, below, supports the proposition that these are VoIP related (phone not in use).
Can I (we?) avoid having this? It fills up logs with junk, though the packet rate isn't large, it isn't a normal etiquette on the Internet.

My VoIP works (ATA on LAN side of router) and I have no port-forwards on 5060 et al. I think that popular consumer routers bridge incoming UDP packets back to the LAN side based on recent outbound UDP traffic.
So what's the deal with these UDPs arriving every few seconds?




[INFO] Sat Dec 04 17:38:56 2010 Blocked incoming UDP packet from 174.37.45.134:5060 to 72.130.129.xxx:5061
[INFO] Sat Dec 04 17:38:34 2010 Blocked incoming UDP packet from 208.43.68.151:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:38:22 2010 Blocked incoming UDP packet from 174.37.45.134:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:38:21 2010 Blocked incoming UDP packet from 208.43.68.151:5060 to 72.130.129.xxx:5061
[INFO] Sat Dec 04 17:38:09 2010 Blocked incoming UDP packet from 174.37.45.134:5060 to 72.130.129.xxx:5061
[INFO] Sat Dec 04 17:37:46 2010 Blocked incoming UDP packet from 67.228.77.18:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:37:44 2010 Blocked incoming UDP packet from 208.43.68.151:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:37:35 2010 Blocked incoming UDP packet from 174.37.45.134:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:37:31 2010 Blocked incoming UDP packet from 208.43.68.151:5060 to 72.130.129.xxx:5061

My router shows UDP packets from hosts that may be related to VoIOo's service, such as softlayer.com.
Here's some examples that show that a lot of UDP junk is being tossed here. Are these VoIPo related? I recall being told that some VoIPo systems toss out packets to overcome flaws (NAT related?) in certain routers.
Looking at the port numbers, below, supports the proposition that these are VoIP related (phone not in use).
Can I (we?) avoid having this? It fills up logs with junk, though the packet rate isn't large, it isn't a normal etiquette on the Internet.

My VoIP works (ATA on LAN side of router) and I have no port-forwards on 5060 et al. I think that popular consumer routers bridge incoming UDP packets back to the LAN side based on recent outbound UDP traffic.
So what's the deal with these UDPs arriving every few seconds?




[INFO] Sat Dec 04 17:38:56 2010 Blocked incoming UDP packet from 174.37.45.134:5060 to 72.130.129.xxx:5061
[INFO] Sat Dec 04 17:38:34 2010 Blocked incoming UDP packet from 208.43.68.151:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:38:22 2010 Blocked incoming UDP packet from 174.37.45.134:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:38:21 2010 Blocked incoming UDP packet from 208.43.68.151:5060 to 72.130.129.xxx:5061
[INFO] Sat Dec 04 17:38:09 2010 Blocked incoming UDP packet from 174.37.45.134:5060 to 72.130.129.xxx:5061
[INFO] Sat Dec 04 17:37:46 2010 Blocked incoming UDP packet from 67.228.77.18:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:37:44 2010 Blocked incoming UDP packet from 208.43.68.151:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:37:35 2010 Blocked incoming UDP packet from 174.37.45.134:5060 to 72.130.129.xxx:5060
[INFO] Sat Dec 04 17:37:31 2010 Blocked incoming UDP packet from 208.43.68.151:5060 to 72.130.129.xxx:5061


This is part of our keep-alive system. Without this, massive numbers of users begin losing registrations because their routers can't properly keep the NAT pinhole open.

We've tried disabling it in the past because it's a lot of traffic to send out to due to the size of our customerbase, but we lost a huge % of registrations within minutes. Most routers today simply won't keep the NAT open long enough and a constant flow of traffic is needed to keep it open.

There's currently no way to enable/disable it on a per user basis.

It's either this or we set the devices to re-register at an insanely low level (less than 30 seconds) which some providers do.

"NAT pinhole" is the term?
My last three consumer routers didn't need port-forwarding. Nor this semi-pro one (Cradlepoint MBR900 - great, by the way).

So is it some of the D-Link and Netgear crap out there?

Sure is a mess 'o packets flying out.
Do all the VoIP providers have to do this? I don't recall seeing it with two others.

"NAT pinhole" is the term?
My last three consumer routers didn't need port-forwarding. Nor this semi-pro one (Cradlepoint MBR900 - great, by the way).

So is it some of the D-Link and Netgear crap out there?

Sure is a mess 'o packets flying out.
Do all the VoIP providers have to do this? I don't recall seeing it with two others.

All providers have to do something if their customers are using consumer routers since virtually none of them handle NAT in a VoIP-friendly way.

Like I said one alternative is just an insanely short re-registration interval where the adapter is just constantly refreshing its registration.