Voice over Internet Protocol (VoIP) has come a long way since they days of poor audio quality and noticeable delays in speech. Today’s VoIP communications actually sound better than traditional analog or digital telephone connections. However, in order to achieve the best performance, customers’ gateway routers and firewalls need to be configured properly to allow VoIP to flow freely and perform well.
The information below should assist IT staff in properly configuring a router/firewall to work well with VoIP:
1. DHCP – VoIP phones use SIP protocol for communications , and are typically configured to use DHCP, but if static IP addresses, VLANs, or other special configuration settings are desired, please notify PHONEWARE customer service.
2. SIP ALG: If the customer’s router supports SIP Application Layer Gateway (SIP ALG), this feature must be disabled, as it typically causes a variety of sporadic problems. SIP ALG is a feature wherein the router inspects SIP packets and then changes values within them, replacing internal IP addresses with public IP addresses. It’s a variation of NAT, but the changes are performed with the contents of the packets, not just in the headers. Some SIP services require SIP ALG, but the PHONEWARE network features session border controllers which perform this function on the server side. Therefore, so if the customer’s router perform the function as well, it will cause a variety of problems. Thus, SIP ALG needs to be turned off. Different router/firewall manufacturers refer to SIP ALG using slightly different terminology: Cisco calls it PROTOCOL INSPECTION / SIP; Fortinet calls it SIP SESSION HELPER; Sonic Wall calls it SIP TRANSFORMATIONS. Note: failure to address this setting may result in failure of various features on the phone, such as PARK, HOLD, and TRANSFER, and can also cause issues with no audio or one way audio on phones.
3. UDP TIMEOUT: It is necessary to confirm and most likely adjust the UDP CONNECTION TIMEOUT setting. Most routers have a default UDP CONNECTION TIMEOUT setting of 2 minutes. Our servers may go as long as 11 minutes between communications with the phones on UDP port 5060. Therefore, it is necessary to change the UDP CONNECTION TIMEOUT to 15 minutes or 900 seconds. Note: failure to address this setting may result in calls being disconnected after 2-3 minutes into a conversation, and will result in phones randomly going unregistered.
4. FILTER RULES: It is often necessary to create filter rules to allow traffic to flow freely between our servers and the phones. The addresses of our servers are:
- Outbound Proxy 1: 18.104.22.168
- Outbound Proxy 2: 22.214.171.124
- Outbound Proxy 3: 126.96.36.199
- NTP Server: 188.8.131.52
- Configuration Server: 184.108.40.206
(it is often easier to create a filter rule to allow all traffic to and from 220.127.116.11/24, which will cover all of the necessary IP addresses listed above except one.)
Note: failure to address this setting may result in phones failing to acquire their configuration, registration, or audio problems.
5. QoS: If router supports QoS features, please enable them. QoS should be configured to prioritize traffic travelling to and from our VoIP server IP addresses. If the customer’s router supports bandwidth reservation, please reserve 80kbps per active phone call needed at the customer’s site. Typically, this will be done by restricting bandwidth usage for non-VoIP traffic. For example, here is how we would typically ask to have a router configured for 10 phones, using a 25mbps x 5mbps internetion connection:
- Mark traffic to and from both outbound proxies as “VoIP”. All other traffic is unmarked. You can also mark traffic based on the DSCP value of 46 or the DIFFSERV value of 184. All voice communications are tagged with these values for identification and priority queuing and routing.
- Set maximum bandwidth utilization for upload and download for traffic marked VoIP at 2Mbps (this is really unnecessary, as the phones won’t use this much data). Give this data high priority.
- Set maximum bandwidth utilization for upload to 4.2Mbps and download to 24.2Mbps for all unmarked traffic. (this will result in 800kb being set aside for upload and download for up to 10 VoIP conversations at 80kbps each). Give this data low priority.
Note: failure to address this setting may result in degraded audio quality during periods of peak internet bandwidth usage.
If you have any questions, or if you require any additional information to configure this customer’s network to support their new VoIP phone service, please contact our customer service department at 602-445-7777 ext 1 or via email email@example.com.