Solved

Asterisk finds server unreachable

Posted on 2011-03-24
16
1,069 Views
Last Modified: 2012-05-11
Wouldn't you know it I tested the last solution for 5 days then as soon as posted the accepted solution the problem came back. This question is the same as my previous question. Somehow or other after being connected for maybe 2 days asterisk finds the VoiP provider server unreachable, which is then fixed by power cycling the modem. The funny thing is the connection lasts longer with 1 router over the other. It happens with 3 routers. The same as before, when the connection is down I can ping the server using the server name not the ip address so I know it's resolving. I'm using the same NAT traversal method, namely specifying the externip= xx.xxx.xxx.xxx and  localnet=192.168.0.0/255.255.255.0 in the config file. Once it goes down it does not come back.
0
Comment
Question by:Jeff swicegood
  • 10
  • 4
  • 2
16 Comments
 
LVL 8

Expert Comment

by:API_NOC
Comment Utility
Have you tried putting your server into the DMZ of your network?
0
 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
I have a double NAT, one in the modem and one in the router. If I put the server in the DMZ of the router, would I also need to put the router in the DMZ (if it has one) of the modem?
0
 
LVL 19

Expert Comment

by:feptias
Comment Utility
Sorry to hear that you've still got the problem. You can ask for a refund of points if you want.

To answer your DMZ question, the modem most likely just passes everything through to the router - so a DMZ would only make sense in the context of the router.

I wonder if it could be some kind of connection/session timeout. Are there any settings for session timeouts on the router? If so, the timeout for UDP connections is the relevant one (it is used by the stateful packet inspection engine). Try increasing it by about 50%. If there are settings to limit the maximum number of sessions, make them a little more generous.

Another idea: Check the settings on the firewall that are designed to protect it from attacks such as Denial of Service, UDP Floods, etc. Experiment with disabling them for a while to see if they make a difference.

Do you have access to the setup forms on the modem? If so, does it have settings for connections or sessions like those mentioned above?

A final idea: Next time you get the problem, try disconnecting the router from the modem for 5 minutes - just unplug the patch lead, but don't power cycle the modem. When you reconnect the patch lead, does it fix the problem or do you have to power cycle the modem.
0
 
LVL 8

Expert Comment

by:API_NOC
Comment Utility
Put the router into the DMZ of the modem. Then the asterisk server in the DMZ of the router.
0
 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
Thanks for all your leads. I am in the process of testing. I'll get back to you in a few days.
0
 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
Yes, disconnecting the router from the modem for 5 mins restored the connection and fixed the problem.
0
 
LVL 19

Expert Comment

by:feptias
Comment Utility
That's interesting. It points to an issue with established router connections - disconnecting the modem would force the router to clear its list of established connections. Next time, try a very brief disconnection of the patch lead. In my opinion it points much more to a router issue than a modem issue, but its a tough one to pin down.

Did you find any settings for sessions/connections etc?
0
 
LVL 8

Expert Comment

by:API_NOC
Comment Utility
Does the problem exists even when the DMZs are opened up?
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
I am just now setting the DMZ's and looking for session settings. I'll get back to you soon.
0
 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
I set the DMZ's and I did find a setting for UDP timeout. I increased it from 120 sec to 180 sec. I did not find a setting for maximum sessions, but I did find one for maximum ports, but it was already at maximum.
0
 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
Disconnecting patch cable for a short period did not restore the connection. Neither using the DMZ' nor the new UDP timeout settings helped.
0
 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
Did you have any more ideas?
0
 
LVL 8

Accepted Solution

by:
API_NOC earned 500 total points
Comment Utility
Can the modem in front of your router be put into bridge mode? This would allow the public IP to be on your router and then you can try the DMZ on the router.
0
 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
I have attempted to put the modem in bridge mode, but I was not able to find enough information on the web. It is a Zyxel 660R. Maybe if I call my ISP they will help me do that.
0
 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
The modem is now in bridge mode. I guess I will test it for a few days before putting the server in the DMZ.
0
 
LVL 1

Author Comment

by:Jeff swicegood
Comment Utility
Putting the modem in bridge mode, even without using DMZ has done the trick since my past post! I will test it for another week, then award full points.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Almost all Internet protocol telephones have built-in switches at the back that allow you to connect your personal computer to one port and use the other port to connect your phone to to a Cisco switch.   Why we need to connect the PC to the pho…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now