Add TCP SIP ALG beside already existing UDP SIP ALG

Product Discussion Feature Requests
1

The Peplink Balance 300 (BA300) running latest firmware (v4.8.1 build 1259) only supports UDP SIP ALG and not SIP ALG over TCP connection.

Feature requests:

  1. improve documentation regarding VoIP and SIP ALG, to specify for which transport protocols (udp,tcp,tls) SIP ALG is supported on which Balance model.
  2. please add TCP SIP ALG for Balance 300 devices
  3. documentation that explains how to “fix” BA300 for VoIP providers that error out with “SIP/2.0 479 Please don’t use private IP addresses”; the solution is to create an outbound firewall rule that blocks TCP traffic to the SIP port (default: 5060) of the VoIP provider.

Evidence that Peplink Balance 300 (BA300) only supports UDP SIP ALG and not SIP ALG over TCP connections gathered using sip-alg-detector:

Test Results:
- SIP UDP ALG: TRUE
- SIP TCP ALG: FALSE

INFO: There are differences between sent request and received mirrored request:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
--2c2--
Sent from this host :  Via: SIP/2.0/UDP 192.168.254.11:5065;rport;branch=z9hG4bKxuxt8fr8
Received by server  :  Via: SIP/2.0/UDP 8.1.2.1:5065;rport;branch=z9hG4bKxuxt8fr8
--8c8--
Sent from this host :  Contact: <sip:[email protected]:5065;transport=udp>
Received by server  :  Contact: <sip:[email protected]:5065;transport=udp>
--16c16--
Sent from this host :  c=IN IP4 192.168.254.11
Received by server  :  c=IN IP4 8.1.2.1
----------------------------------------------------------

$ ruby sip-alg-detector.rb -n -si 9.1.1.5 -lp 5065                       (23-11-11 00:04)


Settings:
- Test UDP: true
- Test TCP: true
- Server IP: 9.1.1.5
- Server port: 5060
- Local port: 5065

INFO: Starting the SIP UDP ALG test...

DEBUG: Connecting to the server (UDP:9.1.1.5:5060) ...

DEBUG: Sending the SIP request to the server ...

DEBUG: Sent from 192.168.254.11:5065 to 9.1.1.5:5060:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
INVITE sip:[email protected]:5060 SIP/2.0
Via: SIP/2.0/UDP 192.168.254.11:5065;rport;branch=z9hG4bKxuxt8fr8
Max-Forwards: 5
To: <sip:[email protected]:5060>
From: "SIP ALG Detector" <sip:[email protected]>;tag=npvdd1qe
Call-ID: [email protected]
CSeq: 76 INVITE
Contact: <sip:[email protected]:5065;transport=udp>
Allow: INVITE
Content-Type: application/sdp
Content-Length: 254

v=1
o=dykh4e87 26185007 8583724 IN IP4 192.168.254.11
s=-
c=IN IP4 192.168.254.11
t=0 0
m=audio 2656 RTP/AVP 8 0 3 101
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:3 GSM/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=ptime:20
----------------------------------------------------------

DEBUG: Waiting for the responses from the server ...

DEBUG: 1/2 responses received

DEBUG: 2/2 responses received

DEBUG: Mirrored request sent in the response from the server:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
INVITE sip:[email protected]:5060 SIP/2.0
Via: SIP/2.0/UDP 8.1.2.1:5065;rport;branch=z9hG4bKxuxt8fr8
Max-Forwards: 5
To: <sip:[email protected]:5060>
From: "SIP ALG Detector" <sip:[email protected]>;tag=npvdd1qe
Call-ID: [email protected]
CSeq: 76 INVITE
Contact: <sip:[email protected]:5065;transport=udp>
Allow: INVITE
Content-Type: application/sdp
Content-Length: 254

v=1
o=dykh4e87 26185007 8583724 IN IP4 192.168.254.11
s=-
c=IN IP4 8.1.2.1
t=0 0
m=audio 2656 RTP/AVP 8 0 3 101
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:3 GSM/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=ptime:20
----------------------------------------------------------

INFO: There are differences between sent request and received mirrored request:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
--2c2--
Sent from this host :  Via: SIP/2.0/UDP 192.168.254.11:5065;rport;branch=z9hG4bKxuxt8fr8
Received by server  :  Via: SIP/2.0/UDP 8.1.2.1:5065;rport;branch=z9hG4bKxuxt8fr8
--8c8--
Sent from this host :  Contact: <sip:[email protected]:5065;transport=udp>
Received by server  :  Contact: <sip:[email protected]:5065;transport=udp>
--16c16--
Sent from this host :  c=IN IP4 192.168.254.11
Received by server  :  c=IN IP4 8.1.2.1
----------------------------------------------------------

__________________________________________________________________
INFO: SIP UDP ALG test result: TRUE
INFO: It seems that your router is performing ALG for SIP UDP
__________________________________________________________________

INFO: Starting the SIP TCP ALG test...

DEBUG: Connecting to the server (TCP:9.1.1.5:5060) ...

DEBUG: Sending the SIP request to the server ...

DEBUG: Sent from 192.168.254.11:56624 to 9.1.1.5:5060:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
INVITE sip:[email protected]:5060 SIP/2.0
Via: SIP/2.0/TCP 192.168.254.11:5065;rport;branch=z9hG4bKrhmmc7hh
Max-Forwards: 5
To: <sip:[email protected]:5060>
From: "SIP ALG Detector" <sip:[email protected]>;tag=ycghjnag
Call-ID: [email protected]
CSeq: 424 INVITE
Contact: <sip:[email protected]:5065;transport=tcp>
Allow: INVITE
Content-Type: application/sdp
Content-Length: 254

v=0
o=yydggxnx 33525472 3332642 IN IP4 192.168.254.11
s=-
c=IN IP4 192.168.254.11
t=0 0
m=audio 3356 RTP/AVP 8 0 3 101
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:3 GSM/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=ptime:20
----------------------------------------------------------

DEBUG: Waiting for the responses from the server ...

DEBUG: 1/2 responses received

DEBUG: 2/2 responses received

DEBUG: Mirrored request sent in the response from the server:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
INVITE sip:[email protected]:5060 SIP/2.0
Via: SIP/2.0/TCP 192.168.254.11:5065;rport;branch=z9hG4bKrhmmc7hh
Max-Forwards: 5
To: <sip:[email protected]:5060>
From: "SIP ALG Detector" <sip:[email protected]>;tag=ycghjnag
Call-ID: [email protected]
CSeq: 424 INVITE
Contact: <sip:[email protected]:5065;transport=tcp>
Allow: INVITE
Content-Type: application/sdp
Content-Length: 254

v=0
o=yydggxnx 33525472 3332642 IN IP4 192.168.254.11
s=-
c=IN IP4 192.168.254.11
t=0 0
m=audio 3356 RTP/AVP 8 0 3 101
a=rtpmap:8 PCMA/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:3 GSM/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-15
a=ptime:20
----------------------------------------------------------

INFO: No differences between sent request and received mirrored request

__________________________________________________________________
INFO: SIP TCP ALG test result: FALSE
INFO: It seems that your router is not performing ALG for SIP TCP
__________________________________________________________________


##################################################################
#     Test Results:
##    - SIP UDP ALG: TRUE
###   - SIP TCP ALG: FALSE
##################################################################


Return code: 21
2

Thank you for the features requests. We will look into supporting TCP SIP ALG on our current models.

In fact I think you will be amazed by the new features available our firmware 5 - firmware 5 is not available on your Balance 300 but we could definitely work out a favourable trade-up option for you as our loyal customer and supporter. Feel free to initiate a dialogue if you are interested.

3

The trade-up offer was acceptable, but later on adding € 50 for Fedex shipping costs per device are communication skills that might need some improvement too.