Does VoIP work reliably with multi-WAN in pfSense? Experiences?
-
Hi,
I've setup a multi-WAN setup in pfSense, which seems to be working for normal HTTP sites.
Under System, Advanced, Miscellaneous, I've set Use sticky connections to on - this should help avoid issues with sites that expect subsequent requests to come from the same IP, correct?
However, for VoIP traffic, this seems to be working unreliably. Apparently we are getting call dropouts, which we suspect might be linked to the IP address changing, and the stickiness not working for VoIP.
What are people's experiences with using multi-WAN with VoIP traffic? Any issues or workarounds?
Cheers,
Victor -
I use a SIP phone with a multi-WAN pfSense installation. However, I am not doing any load balancing. There is a SIP section of the pfSense Wiki to discuss some other tweaks you might want to make.
http://doc.pfsense.org/index.php/VoIP_Configuration
I'm not experiencing any problems out of either WAN connection. One WAN can fail to the other, but like I mentioned before, I'm not using any load balancing.
-
However, for VoIP traffic, this seems to be working unreliably. Apparently we are getting call dropouts, which we suspect might be linked to the IP address changing, and the stickiness not working for VoIP.
Well, you can check the logs to see if your issues coincide with WAN failover (unlikely, unless you have a very flaky line).
There can be other reasons for SIP call dropouts, the most common being due to NAT states expiring, if you haven't configured your SIP devices accordingly.
-
Do you have specific IP's restricted for your SIP provider?
For example my SIP provider expects calls from 1 IP, if it comes from any other IP, i get no audio, so i had to use manual outbound NAT rules.
-
You cannot load balance VoIP traffic, the RTP will end up going out the wrong way at times, amongst other possible issues. Failover is the only multi-WAN option with VoIP.
-
Noted, thanks cmb,
as i am learning more about pfsense, i am also redesigning my entire network, this saved me some future possible headaches
-
heya,
Hmm, that's fair enough - what's the best way of setting up VoIP traffic so it doesn't load balance, and other traffic so that it does?
Btw - would IAX trunking handle the switchover then? Or at least stick to one IP per given "session"?
Cheers,
Victor -
Hmm, that's fair enough - what's the best way of setting up VoIP traffic so it doesn't load balance, and other traffic so that it does?
If you have a local PBX, match traffic from the PBX and assign it to a single WAN gateway, or a failover group. Use a rule at the top of the list, remember that first match wins.
If you have local phones and a remote PBX, match traffic going to the PBX, do the same to it.So long as you have the rules in the right order it will do what you want.
Oversimplified example:
- SIP traffic, use failover group
- everything else, use load balancing group