Date: Wed, 08 Sep 2004 20:15:06 -0400 From: Forrest Aldrich <forrie@forrie.com> To: freebsd-net@freebsd.org Subject: Re: VoIP and IPFW Message-ID: <413FA08A.3010803@forrie.com> In-Reply-To: <200409082255.i88MtPEO054166@f1.masterplan.org> References: <200409082255.i88MtPEO054166@f1.masterplan.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I see. I had imagined some traffic shaping and QoS necessities to manage the service (on the FreeBSD box, though I don't know how it's QoS works yet). I'd also be concerned about general security. Jason George wrote: >Subject: Re: VoIP and IPFW >To: forrie@forrie.com >Cc: > > > >>I'm also speaking of specific ipfw configuration to support this >>functionality (QoS, traffic shaping, etc)... >> >> >> >> > >I have the Vonage box behind my OpenBSD pf firewall. "It just works". > >The box grabs a DHCP address and then initiates a UDP connection to >the server at the Vonage end. Every 14 seconds, the box "polls" >the head-end. > >dew# tcpdump -i le1 host 192.168.4.11 >tcpdump: listening on le1 >16:44:40.790962 216.115.25.20.5061 > 192.168.4.11.5061: udp 478 (DF) >16:44:54.795825 192.168.4.11.5061 > 216.115.25.20.5061: udp 633 >16:44:54.884601 216.115.25.20.5061 > 192.168.4.11.5061: udp 479 (DF) >16:45:08.896124 192.168.4.11.5061 > 216.115.25.20.5061: udp 633 >16:45:08.984711 216.115.25.20.5061 > 192.168.4.11.5061: udp 479 (DF) >16:45:22.996351 192.168.4.11.5061 > 216.115.25.20.5061: udp 632 >16:45:23.121386 216.115.25.20.5061 > 192.168.4.11.5061: udp 478 (DF) >16:45:37.129823 192.168.4.11.5061 > 216.115.25.20.5061: udp 633 >16:45:37.218418 216.115.25.20.5061 > 192.168.4.11.5061: udp 479 (DF) >16:45:51.230049 192.168.4.11.5061 > 216.115.25.20.5061: udp 632 >16:45:51.425216 192.168.4.11.5061 > 216.115.25.20.5061: udp 632 >16:45:51.645703 216.115.25.20.5061 > 192.168.4.11.5061: udp 478 (DF) >16:45:51.650558 216.115.25.20.5061 > 192.168.4.11.5061: udp 478 (DF) >16:46:05.646906 192.168.4.11.5061 > 216.115.25.20.5061: udp 633 >16:46:05.735910 216.115.25.20.5061 > 192.168.4.11.5061: udp 479 (DF) >16:46:19.747073 192.168.4.11.5061 > 216.115.25.20.5061: udp 633 >16:46:19.849489 216.115.25.20.5061 > 192.168.4.11.5061: udp 479 (DF) >^C > >If an incoming call occurs, apparently the control message then causes >The box to initiate an outbound connection for the actual call completion. > >16:47:29.997893 192.168.4.11.10000 > 216.18.39.148.15974: udp 172 >16:47:30.017540 216.18.39.148.15974 > 192.168.4.11.10000: udp 172 (DF) >16:47:30.017803 192.168.4.11.10000 > 216.18.39.148.15974: udp 172 >16:47:30.038034 192.168.4.11.10000 > 216.18.39.148.15974: udp 172 >16:47:30.038671 216.18.39.148.15974 > 192.168.4.11.10000: udp 172 (DF) >16:47:30.056087 216.18.39.148.15974 > 192.168.4.11.10000: udp 172 (DF) >16:47:30.057945 192.168.4.11.10000 > 216.18.39.148.15974: udp 172 >16:47:30.075550 216.18.39.148.15974 > 192.168.4.11.10000: udp 172 (DF) >16:47:30.078019 192.168.4.11.10000 > 216.18.39.148.15974: udp 172 >16:47:30.096761 216.18.39.148.15974 > 192.168.4.11.10000: udp 172 (DF) >16:47:30.098179 192.168.4.11.10000 > 216.18.39.148.15974: udp 172 >16:47:30.117632 216.18.39.148.15974 > 192.168.4.11.10000: udp 172 (DF) >16:47:30.118223 192.168.4.11.10000 > 216.18.39.148.15974: udp 172 >16:47:30.138180 192.168.4.11.10000 > 216.18.39.148.15974: udp 172 >16:47:30.138571 216.18.39.148.15974 > 192.168.4.11.10000: udp 172 (DF) >16:47:30.154673 216.18.39.148.15974 > 192.168.4.11.10000: udp 172 (DF) > > >I actually haven't made any pf configuration changes, but I will be putting >in a QoS policy to guarantee ~100kbit/sec for the Vonage service. I >had some complaints about the quality of my voice at the far end when I was >uploading or emailing large attachments. (I'm using the highest-quality >setting on a 4Mbit/~400kbit down/up cablemodem connection.) > >Otherwise, on an unloaded link, it's just fine. > >I hope this helps...I don't have any specific IPFW settigs...sorry! > >--J >=== >Jason B. George, P.Eng., PMP - JGeorge@ResourceChain.com >ResourceChain Inc. - Project Consulting >(403) 703-5476 Cell (403) 668-0117 Office > > > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?413FA08A.3010803>