[177563] in North American Network Operators' Group
Re: AT&T uVerse blocking SIP?
daemon@ATHENA.MIT.EDU (Brad Bendy)
Tue Jan 27 09:58:39 2015
X-Original-To: nanog@nanog.org
In-Reply-To: <C7630BD2-CB3B-4519-B0C9-C97FCE24E3CD@puck.nether.net>
Date: Tue, 27 Jan 2015 07:58:35 -0700
From: Brad Bendy <bb@1stclasshosting.com>
To: Jared Mauch <jared@puck.nether.net>
Cc: nanog list <nanog@nanog.org>
Errors-To: nanog-bounces@nanog.org
I agree. I always leave ALGs off, its just 10x harder when the support
asked what SIP was and then told me it's not a common protocol since it's
not in his magic book :)
On Tue, Jan 27, 2015 at 7:50 AM, Jared Mauch <jared@puck.nether.net> wrote:
> I=E2=80=99ve never gotten AT&T to respond to issues, including the fact t=
he device
> eats the SIP packets, and some types of SIP packets can actually cause
> their device to reboot as well.
>
> It=E2=80=99s been a few years now since I really chased this down, but be=
ware all
> of these =E2=80=98helpers=E2=80=99, including the Cisco SIP-ALG are broke=
n. It=E2=80=99s more
> damage introduced by these CPE devices (like broken DNS proxies, etc).
>
> - Jared
>
> > On Jan 27, 2015, at 9:47 AM, Brad Bendy <bb@1stclasshosting.com> wrote:
> >
> > They are saying this CPE has no ALG in it, but they can enable DMZ,
> which acourse made zero difference.
> >
> > What I do find funny is they escalated the problem to Tier-2 and wanted
> to enroll the customer in premium tech support for $15 a month, because t=
he
> Internet signal is strong and is not causing the problem, sigh.
> >
> > Back to trying port 5061 it appears!
> >
> > On Mon, Jan 26, 2015 at 8:44 PM, Christopher Morrow <
> morrowc.lists@gmail.com> wrote:
> > I think this is due to the CPE using a particular ALG ... (from
> > recollection having never been a UVerse customer, but having sat
> > through a long, long, long set of discussions about the
> > merits/demerits of sip blocking)
> >
> > On Mon, Jan 26, 2015 at 10:22 PM, Jared Mauch <jared@puck.nether.net>
> wrote:
> > > Yes. If you move to another port, e.g.: 5061 it works fine.
> > >
> > > If you=E2=80=99re running on a Linux based system, you can do this:
> > >
> > > /sbin/iptables -A PREROUTING -t nat -i eth1 -p udp --dport 5061 -j
> REDIRECT --to-port 5060
> > >
> > > on the host to remap 5061 -> 5060 with no application change.
> > >
> > > - Jared
> > >
> > >> On Jan 26, 2015, at 4:26 PM, Brad Bendy <bb@1stclasshosting.com>
> wrote:
> > >>
> > >> Has anyone seen issues where a end user on uVerse trying to connect =
to
> > >> either another provider or AT&T non uVerse (in this case DIA) is
> having SIP
> > >> blocked? SIP leaving the uVerse network going to another uVerse DSL
> account
> > >> is fine, but it appears soon as it leave the uVerse network all SIP
> traffic
> > >> is blocked?
> > >>
> > >> It appears others have seen this problem, some say it's a modem
> issue, some
> > >> say they are truly blocking it. Ive yet to call uVerse support yet a=
s
> im
> > >> guessing ill get no where.
> > >>
> > >> Thanks for any insight on this.
> > >>
> > >> --
> > >> This message contains confidential information and is intended only
> for the
> > >> individual named. If you are not the named addressee you should not
> > >> disseminate, distribute or copy this e-mail. Please notify the sende=
r
> > >> immediately by e-mail if you have received this e-mail by mistake an=
d
> > >> delete this e-mail from your system. E-mail transmission cannot be
> > >> guaranteed to be secure or error-free as information could be
> intercepted,
> > >> corrupted, lost, destroyed, arrive late or incomplete, or contain
> viruses.
> > >> The sender therefore does not accept liability for any errors or
> omissions
> > >> in the contents of this message, which arise as a result of e-mail
> > >> transmission. If verification is required please request a hard-copy
> > >> version. 1st Class Hosting, LLC. 1712 Pioneer Ave, Suite 1854,
> Cheyenne, WY
> > >> 82001
> > >
> >
> >
> >
> >
> >
> >
> >
> > This message contains confidential information and is intended only for
> the individual named. If you are not the named addressee you should not
> disseminate, distribute or copy this e-mail. Please notify the sender
> immediately by e-mail if you have received this e-mail by mistake and
> delete this e-mail from your system. E-mail transmission cannot be
> guaranteed to be secure or error-free as information could be intercepted=
,
> corrupted, lost, destroyed, arrive late or incomplete, or contain viruses=
.
> The sender therefore does not accept liability for any errors or omission=
s
> in the contents of this message, which arise as a result of e-mail
> transmission. If verification is required please request a hard-copy
> version. 1st Class Hosting, LLC. 1712 Pioneer Ave, Suite 1854, Cheyenne, =
WY
> 82001
>
>
--=20
This message contains confidential information and is intended only for the=
=20
individual named. If you are not the named addressee you should not=20
disseminate, distribute or copy this e-mail. Please notify the sender=20
immediately by e-mail if you have received this e-mail by mistake and=20
delete this e-mail from your system. E-mail transmission cannot be=20
guaranteed to be secure or error-free as information could be intercepted,=
=20
corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.=
=20
The sender therefore does not accept liability for any errors or omissions=
=20
in the contents of this message, which arise as a result of e-mail=20
transmission. If verification is required please request a hard-copy=20
version. 1st Class Hosting, LLC. 1712 Pioneer Ave, Suite 1854, Cheyenne, WY=
=20
82001
