VOIP - SIP registration timeout issue

  • Hi all,

    I am having this strange issue that I have tried to resolve using 2 different configurations.  Currently I have a pretty current snapshot of 1.23-RC3 running in a multi-wan setup with PPPOE and a cablemodem with an asterisk box behind it.

    I have 2 different VOIP providers and the issue I am having is that when the system is idle, one of the trunks of one provider will lose its registration and will not reregister until I reboot the pfsense box.

    Initially I have tried to NAT forward RTP and SIP ports over both links along with manual outbound NAT rules and related firewall pass rules to let the traffic go where it wants to go.  This did work, but occasionally one provider trunk would drop.  In this case, I would see a 'stuck' state with my voip providers IP that I could manually clear in the state table to allow for reregistration.  I did have some audio quality issues with this setup (probably because QOS doesn't work with multi-wan and some traffic was running on WAN2) so I changed it.

    Now the box is running a transparent siproxd (because of the multiple providers) with manual outbound NAT rules with no firewall rules as siproxd does everything for you.  This is working great when it works and I can see the siproxd relaying properly within the state table but eventually the trunk going to one of the providers will drop completely.  On the pbx I see it as offline and there are no related states anymore in the state table.  I simple restart of siproxd will not get that trunk to reregister, only a reboot of the firewall will bring it back up.  Also note that in this setup, I have decided to force all VOIP traffic over WAN1 (PPPOE) for simplicity and am running the traffic shaper on that link also.

    I tcpdumped the LAN interface on the firewall and see the registration attempts coming in on the LAN side but they don't seem to make it out the WAN side after it drops for some reason.

    I have no idea where to look anymore as I have been wrapping my head around this for 2 days already.  I have 3 trunks with one provider that never drop and one trunk with a 2nd provider that always drops or gets stuck in the state table.  Because there are no firewall rules to play with, only the siproxd settings, in this case,  I am not sure how to improve this situation.  I am partial to using a proxy over straight NAT/firwall rules because I have been told that the call quality is a bit better and there are virtually no issues with dropped calls when using this by the end users.  The other thing seems to be as long as the trunk is active, it wont drop, ie if I reboot it in the morning and the trunk is getting a fair amount of calls all day, its fine and will only drop after hours when the call volume has been reduced.

    Any help would be appreciated.

  • I think I know what is happening, not sure how to fix it yet.

    There are 2 sets of trunks, 3 trunks with one provider and 1 trunk with a second provider.  If I disable either trunk set, the other set will register and work fine.  Its when both trunk sets are enabled that the single trunk set will drop.  It should be noted that when the trunk drops, tcpdump shows no outgoing traffic to the provider of that trunk on the wan interface; however the lan interface shows the traffic coming into the box.

    So at least I can replicate the issue by enabling/disabling the asterisk trunks without rebooting the pfsense box each time.

    I suspect that this vanished trunk registration traffic is being incorrectly routed to the other provider and thats why I don't see it.  I also have no idea why it would work initially for a bit when the trunks are all enabled and then it dies with no trace.

