Logicwrath Posted July 1, 2016 Report Posted July 1, 2016 Hello,I was fixing some issues with my golden firewall configuration today and realized that their are quite a few IP addresses getting used in the SIP calls that I did not have flagged. I am taking other steps to ensure QoS in all situations regardless of 2600hz IP address, however, I would very much like 2600hz to create and maintain a public wiki document of some kind that gives all the address ranges in use.Is this something we can get posted?
Logicwrath Posted July 1, 2016 Author Report Posted July 1, 2016 I also wanted to add that in cases where end users are on a softphone it becomes harder to do good QoS without the complete list of public IPs as the local IP will be the PC on the local network. I am also not a big fan of tagging connections based on port or protocol as other services can sometimes get into the wrong priority.
Administrators Darren Schreiber Posted July 1, 2016 Administrators Report Posted July 1, 2016 Is this for PBX Connector or is it for regular devices like Polycoms and such?Drop a note to support and we'll send you the list. We try to keep the list non-public to discourage DoS nonsense.
Logicwrath Posted July 1, 2016 Author Report Posted July 1, 2016 I am not currently using the PBX connector, however, I suspect we will at some point for having them all would be best.I will open a support ticket.
Jesse Howard Posted July 1, 2016 Report Posted July 1, 2016 Is scraping the info from dig acceptable (also notice there are no tcp srv records?) dig srv _sip._udp.us-east.p.zswitch.net... dig lb001.ord.p.zswitch.net any... dig lb001.ewr.p.zswitch.net any......Or are there other IPs outside of this we need to worry about?Basically looking for a dynamic way to "discover" as the network expands.
Administrators Darren Schreiber Posted July 1, 2016 Administrators Report Posted July 1, 2016 I don't think that's going to work. But this has been a popular question as of late.Maybe we can find somewhere in the GUI where we can publish these so that they are correct on a per-client basis (they vary by client).
Logicwrath Posted July 1, 2016 Author Report Posted July 1, 2016 I am not sure how client is defined. Is a client a reseller or is a client a sub client of a reseller? I would prefer to save all the necessary addresses into my configuration file that gets loaded into the firewall and not have to manually check and change configuration items on a per client basis.
Administrators Darren Schreiber Posted July 1, 2016 Administrators Report Posted July 1, 2016 It's per reseller, sorry. Thanks for asking for that clarification, good point!
Recommended Posts