[77976] in North American Network Operators' Group
RE: Vonage complains about VoIP-blocking
daemon@ATHENA.MIT.EDU (Jay Hennigan)
Tue Feb 15 17:11:09 2005
Date: Tue, 15 Feb 2005 14:09:54 -0800 (PST)
From: Jay Hennigan <jay@west.net>
To: "Hannigan, Martin" <hannigan@verisign.com>
Cc: 'Eric Gauthier' <eric@roxanne.org>, nanog@merit.edu
In-Reply-To: <A206819EF47CBE4F84B5CB4A303CEB7A242377@dul1wnexmb01.vcorp.ad.vrsn.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Tue, 15 Feb 2005, Hannigan, Martin wrote:
> > Something else to consider. We block TFTP at our border for
> > security reasons
> > and we've found that this prevents Vonage from working.
> > Would this mean that
> > LEC's can't block TFTP?
>
>
> Was that a device trying to phone home and get it's configs?
> Cisco, Nortel, etc. phone home and get configs via tftp.
>
> Vonage doesn't need to phone home for config. The device is
> programmed (router) and it registers with the call manager.
> If you analyze the transactions it's about 89% SIP and 11% SDP.
Vonage devices initiate an outbound TFTP connection back to Vonage to
snarf their configs on initial connection and also (presumably) on reboot.
Many, many VoIP devices do this, including Cisco phones in all major
flavors. If an ISP is blocking TFTP originated by its customers at the
border, this will cause numerous problems with many VoIP devices as
well as numerous other things where a customer needs to initiate a TFTP
session over the Internet.
Filtering customer-initiated TFTP will cause problems with many legitimate
applications and devices.
--
Jay Hennigan - CCIE #7880 - Network Administration - jay@west.net
WestNet: Connecting you to the planet. 805 884-6323 WB6RDV
NetLojix Communications, Inc. - http://www.netlojix.com/
