DrayTek UK Users' Community Forum

Help, Advice and Solutions from DrayTek Users

2820 UDP NAT problem with long term 'sessions'

More
06 Feb 2011 13:41 #66113 by jedi98
(yes I know that UDP is connectionless, I am referring to the NAT table entry as a 'session')

This is an odd problem I have been tracking for a few months, so I thought I would see if anyone has any ideas on it.

Scenarios are: -
  • 1. Asterisk VOIP server (SIP over UDP) -->
Vigor 2820(n) --> net --> VOIP provider.
2. Asterisk VOIP server (IAX2 over UDP) --> Vigor 2820(n) --> net --> Vigor 2800 --> Asterisk VOIP server.
Problem is that after some time (one or more days) the UDP VOIP 'sessions' to a given remote service, SIP or IAX2 will stop working and NOTHING short of rebooting the router will make them work again. Once this happens I can see the packets leave the server on the LAN, but there is no response back.

When it IS working I see a NAT table entry as expected. When it's NOT working there is no NAT table entry and I think this is the nub of the matter. For some reason the NAT table is no longer storing an entry for the given session so no packets can get back. It acts like ther is an internal entry in the router saying that the NAT table entry is there but the actual enry has got deleted. The 2800 router at the other site (2 above) does not seem to have the same issue.

The firmware is 3.3.4.1 and the problem was also present on 3.3.4. It does appear that some SIP services 'aggravate' the problem and I am uncertain why that would be.

If anyone has any good ideas for tracking this increasingly annoying issue down then it would be helpful. I have a high level of technical knowledge so I can packet trace all sorts of stuff or log pretty well whatever is needed.

Please Log in or Create an account to join the conversation.

More
08 Feb 2011 07:06 #66138 by dannyboy1121
Replied by dannyboy1121 on topic 2820 UDP NAT problem with long term 'sessions'
I had odd issues until I disabled sip_alg (from command line) and made sure that all sip accounts (even the ones I wasn't using and were blank) were set up to use something other than port 5060. Then my asterisk server began to work.

If you've tried all that - I would be interested to see if you get better results on an even older version of firmware.

I'm running a 2710 on version 3.3.2. Anything higher than that appears to cause me issues with anything that demands a long established session. In my case, I found that my Vodafone sure signal (femotcell) had zero stability.

Dan

Please Log in or Create an account to join the conversation.

More
08 Feb 2011 17:00 #66151 by jedi98
Hmmm... don't think I have sip_alq command line option, my 2820 is not a V model. But feel free to tell me I'm wrong about that if I am!

I have the problem with both SIP on 5060 and with IAX2 on 4569 so I am fairly sure that its not a port 5060 thing. However if fw>3.3.2 on the 2710 suffers from long term session trouble then maybe there is the same problem with the 2820.

The release 2820 fw only goes back to 3.3.3 so it is possible that the problem has been in there since the router came out. I will look into trying out 3.3.3, its a bit of an upheaval :?

Of course, the other problem is that when I want it to go wrong it won't and I have to wait about 2 weeks, then it does it right at the most inconvenient time!

Please Log in or Create an account to join the conversation.

More
01 May 2012 11:36 #72071 by jedi98
I'm going to revive this thread because I still have this problem and have (a little) more info.

The problem can also be seen with a voip (sip) phone using STUN. The phone works initially, then at some point will no longer register with the remote (asterisk) server. The actual packets are never passed on by the 2820 (it appears). There is no record of the NAT sessions out to the remote server.

Again, it is like a session died or timed out but was only half destroyed it the nat tables in the router so that all the outgoing packets after that go down a black hole. Rebooting the router fixes it but there is no real idea when it is going to happen, could be a day, a week, or a month.

Certain services aggravate it more than others. On my asterisk server one voip provider caused this to happen all the time but now I switched to a different one it happens less but has not gone away.

Anyone got any ideas? Anyone using asterisk server inside a 2820, 2830 or similar? I'm currently on 2820n with v3.3.5.2_232201 if I use any higher version then some of my VPNs will not work.

Please Log in or Create an account to join the conversation.

Moderators: ChrisSami