[177562] in North American Network Operators' Group
Re: AT&T uVerse blocking SIP?
daemon@ATHENA.MIT.EDU (Jared Mauch)
Tue Jan 27 09:53:19 2015
X-Original-To: nanog@nanog.org
From: Jared Mauch <jared@puck.nether.net>
In-Reply-To: <CA+RYCQ8oPDFBYQnnJ9jD2UL7VZdmpkL1ghBH6nWCrXgBtef3MA@mail.gmail.com>
Date: Tue, 27 Jan 2015 09:50:34 -0500
To: Brad Bendy <bb@1stclasshosting.com>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I=E2=80=99ve never gotten AT&T to respond to issues, including the fact =
the device eats the SIP packets, and some types of SIP packets can =
actually cause their device to reboot as well.
It=E2=80=99s been a few years now since I really chased this down, but =
beware all of these =E2=80=98helpers=E2=80=99, including the Cisco =
SIP-ALG are broken. It=E2=80=99s more damage introduced by these CPE =
devices (like broken DNS proxies, etc).
- Jared
> On Jan 27, 2015, at 9:47 AM, Brad Bendy <bb@1stclasshosting.com> =
wrote:
>=20
> They are saying this CPE has no ALG in it, but they can enable DMZ, =
which acourse made zero difference.
>=20
> What I do find funny is they escalated the problem to Tier-2 and =
wanted to enroll the customer in premium tech support for $15 a month, =
because the Internet signal is strong and is not causing the problem, =
sigh.
>=20
> Back to trying port 5061 it appears!
>=20
> On Mon, Jan 26, 2015 at 8:44 PM, Christopher Morrow =
<morrowc.lists@gmail.com> wrote:
> I think this is due to the CPE using a particular ALG ... (from
> recollection having never been a UVerse customer, but having sat
> through a long, long, long set of discussions about the
> merits/demerits of sip blocking)
>=20
> On Mon, Jan 26, 2015 at 10:22 PM, Jared Mauch <jared@puck.nether.net> =
wrote:
> > Yes. If you move to another port, e.g.: 5061 it works fine.
> >
> > If you=E2=80=99re running on a Linux based system, you can do this:
> >
> > /sbin/iptables -A PREROUTING -t nat -i eth1 -p udp --dport 5061 -j =
REDIRECT --to-port 5060
> >
> > on the host to remap 5061 -> 5060 with no application change.
> >
> > - Jared
> >
> >> On Jan 26, 2015, at 4:26 PM, Brad Bendy <bb@1stclasshosting.com> =
wrote:
> >>
> >> Has anyone seen issues where a end user on uVerse trying to connect =
to
> >> either another provider or AT&T non uVerse (in this case DIA) is =
having SIP
> >> blocked? SIP leaving the uVerse network going to another uVerse DSL =
account
> >> is fine, but it appears soon as it leave the uVerse network all SIP =
traffic
> >> is blocked?
> >>
> >> It appears others have seen this problem, some say it's a modem =
issue, some
> >> say they are truly blocking it. Ive yet to call uVerse support yet =
as im
> >> guessing ill get no where.
> >>
> >> Thanks for any insight on this.
> >>
> >> --
> >> This message contains confidential information and is intended only =
for the
> >> individual named. If you are not the named addressee you should not
> >> disseminate, distribute or copy this e-mail. Please notify the =
sender
> >> immediately by e-mail if you have received this e-mail by mistake =
and
> >> delete this e-mail from your system. E-mail transmission cannot be
> >> guaranteed to be secure or error-free as information could be =
intercepted,
> >> corrupted, lost, destroyed, arrive late or incomplete, or contain =
viruses.
> >> The sender therefore does not accept liability for any errors or =
omissions
> >> in the contents of this message, which arise as a result of e-mail
> >> transmission. If verification is required please request a =
hard-copy
> >> version. 1st Class Hosting, LLC. 1712 Pioneer Ave, Suite 1854, =
Cheyenne, WY
> >> 82001
> >
>=20
>=20
>=20
>=20
>=20
>=20
>=20
> This message contains confidential information and is intended only =
for the individual named. If you are not the named addressee you should =
not disseminate, distribute or copy this e-mail. Please notify the =
sender immediately by e-mail if you have received this e-mail by mistake =
and delete this e-mail from your system. E-mail transmission cannot be =
guaranteed to be secure or error-free as information could be =
intercepted, corrupted, lost, destroyed, arrive late or incomplete, or =
contain viruses. The sender therefore does not accept liability for any =
errors or omissions in the contents of this message, which arise as a =
result of e-mail transmission. If verification is required please =
request a hard-copy version. 1st Class Hosting, LLC. 1712 Pioneer Ave, =
Suite 1854, Cheyenne, WY 82001
