Quote Originally Posted by GreenLantern View Post
Hi Tim,

Thanks for all the hard work you guys did the last few days. It was rough sledding, but things look great right now.

Any idea if/why these attacks are intentionally targeting voipo?

Great info on the MTU limits. We'll know now to look for extraneous info like extra codecs, names, etc. in case BYOD users add any of that.

Thanks again, and now everyone go perform your preferred good luck rituals.
The attacks hopefully should be mitigated. They weren't intentional...just certain BYOD devices causing loops (think forwarding back to itself spawning tens of thousands of calls). We have a lot of loop detection/prevention in place but there was a new case we'd never seen before where it was happening with devices connecting using TCP and registrations looping in a way.

So far everything seems to be smooth now. This was happening on SIP but not SIP7 but then at one point to isolate things earlier in week, we redirected a lot of traffic from SIP to SIP7 while we tested that server more thoroughly and that's why SIP7 started acting up too (the users that had devices looping got moved). Once we isolated it and blocked it, we got things back to normal and added in logic to prevent it.

Hopefully smooth sailing now.

Also for what it's worth, we are in the midst of expanding the BYOD network with several new servers for you guys to choose from so there will be more choices in more DCs for you guys soon.