Re: The Planet still being used / blocked UDP traffic
Quote:
Originally Posted by
Russell
I appreciate your response, Tim. Quite honestly, I feel for you guys having to provide a service where just one of the variables (the router) can behave so differently!
1) From a consumer perspective, I was quite surprised by the blast of packets from 4 different IP addresses every few seconds. Since I'd never examined the traffic with any of my previous providers I can't comment on whether this is typical or not. I'm curious as to exactly what this adds to bandwidth consumption? I realize each "probe" by itself is probably small, but cannot help but wonder what it adds up to cumulatively. Whether I port forward or not, I'm still going to have this traffic.
2) Port forwarding: as I mentioned, I like the ability to have multiple ATA's behind my router. If I port forward, wouldn't this kill the ability of my other ATA's to handle calls? In a case like this will DMZing be a better option? Or, ideally, would a device that acted like a router and ATA (like the 2102?) be the solution? Were the Grandstream's (that I keep hearing mentioned) similar devices (ATA + router)?
For the longest time I have 2 PAP2Ts behind my router--no DMZ--No Port Forwarding--not the first problem. My router, of course, provides PPPoE for my DSL--router firewall disabled.
Re: The Planet still being used / blocked UDP traffic
Quote:
Originally Posted by
sr98user
Russell,
Since Voipo does not use SRV records anymore, I don't think the ATA is initiating the traffic to these SIP servers. I wonder why the other SIP servers are sending packets to your router unless they think that you are registered with that server.
You might want to shutdown your router and ATA (and probably your softphone too) for 5-10 minutes until the connections clear in the "Devices" page and then see if you are getting the packets from all the SIP servers.
I thought based on what Tim says it was for failover and keep-alive purposes for non-cooperative routers. This means (unless I'm special) we're all being sent these packets (no registered softphone running). Since my phone service appear to work and I'm rejecting the packets I suspect I wont be very "failover" tolerant and I must have a cooperative router. I'd be most interested in anything Brandon may have to say.
Re: The Planet still being used / blocked UDP traffic
Quote:
Originally Posted by
burris
For the longest time I have 2 PAP2Ts behind my router--no DMZ--No Port Forwarding--not the first problem. My router, of course, provides PPPoE for my DSL--router firewall disabled.
Burris, I'm not sure I understand what you mean by "not the first problem". Do you mean that you don't have issue #1 in my message that you quoted? I believe PPPoE provides the credentials your DSL modem needs to let a device PC or router connect to it, so I'm not sure it's germane. My gut feeling is if you disable your router's firewall you're opening yourself up to being hacked - I believe, besides allowing multiple devices access the internet, providing that firewall is another advantage of using the router - I'm no expert. Others more knowledgeable may have a comment you disabling your router firewall.
Anyway, based on Tim's response it appears it's normal for us to be sent those messages (also, see my other response).
Re: The Planet still being used / blocked UDP traffic
Quote:
Originally Posted by
Russell
Burris, I'm not sure I understand what you mean by "not the first problem". Do you mean that you don't have issue #1 in my message that you quoted? I believe PPPoE provides the credentials your DSL modem needs to let a device PC or router connect to it, so I'm not sure it's germane. My gut feeling is if you disable your router's firewall you're opening yourself up to being hacked - I believe, besides allowing multiple devices access the internet, providing that firewall is another advantage of using the router - I'm no expert. Others more knowledgeable may have a comment you disabling your router firewall.
Anyway, based on Tim's response it appears it's normal for us to be sent those messages (also, see my other response).
I believe that the router firewall causes problems. My third party firewall along with the NAT I believe takes good care of me. At the same time, my anti-virus scans real time.
I think that port forwarding and DMZ and keeping the ATA in front of the router is far more risky for intrusion.
Mind you, I'm no expert,but from my reading and real time experiences, I feel comfortable that my set up is ok and most important, it works.
Re: The Planet still being used / blocked UDP traffic
Quote:
Originally Posted by
burris
I believe that the router firewall causes problems. My third party firewall along with the NAT I believe takes good care of me. At the same time, my anti-virus scans real time.
I think that port forwarding and DMZ and keeping the ATA in front of the router is far more risky for intrusion.
Mind you, I'm no expert,but from my reading and real time experiences, I feel comfortable that my set up is ok and most important, it works.
DD-WRT is the only way to go
Re: The Planet still being used / blocked UDP traffic
Quote:
Originally Posted by
Xponder1
DD-WRT is the only way to go
Naw- pfSense :D;)
Re: The Planet still being used / blocked UDP traffic
Quote:
Originally Posted by
burris
I believe that the router firewall causes problems. My third party firewall along with the NAT I believe takes good care of me. At the same time, my anti-virus scans real time.
I think that port forwarding and DMZ and keeping the ATA in front of the router is far more risky for intrusion.
Mind you, I'm no expert,but from my reading and real time experiences, I feel comfortable that my set up is ok and most important, it works.
I think we're on the same page here. I think of the NAT function as providing the firewall since by its nature devices on the private side are hidden from the public Internet by the router and (at a naive level) only responses to solicited requests are allowed through the NAT device back to the requester.
I do agree that the measures you have in place are very reasonable. I have similar measures in place with one exception. I've put another router between my first router and my main computer.
I also agree with you about port forwarding, putting a device in the DMZ and keeping the ATA in front of the router as all those are equivalent to exposing the device on the Internet.
Re: The Planet still being used / blocked UDP traffic
Quote:
Originally Posted by
Russell
I thought based on what Tim says it was for failover and keep-alive purposes for non-cooperative routers. This means (unless I'm special) we're all being sent these packets (no registered softphone running). Since my phone service appear to work and I'm rejecting the packets I suspect I wont be very "failover" tolerant and I must have a cooperative router. I'd be most interested in anything Brandon may have to say.
I think Tim was talking about the keep alive packets being sent often. Of course, he can correct me if I am wrong.
But I don't think multiple SIP servers trying to talk to your adapter at the same time is normal. I don't see that kind of a behavior on my setup.
Re: The Planet still being used / blocked UDP traffic
Quote:
Originally Posted by
sr98user
I think Tim was talking about the keep alive packets being sent often. Of course, he can correct me if I am wrong.
But I don't think multiple SIP servers trying to talk to your adapter at the same time is normal. I don't see that kind of a behavior on my setup.
I would tend to agree. Approx 10 requests a minute is 10 * 60 * 24 * 30 request a month. Wonder how many bytes each request is. Anyone know? It'll be interesting to hear Brandon's take on this.
Re: The Planet still being used / blocked UDP traffic
The keep alive requests are very small, ~1.5 bytes/request.
At 10 requests a minute, you're looking at:
1.5 bytes * 10 * 60 minutes * 24 hours = 21600 bytes (21.094 kilobytes) sent in a day, or approximately .61 megabytes per month.
