Totally agree with Jiri. An ALG unnecessarily brings up the price of the ADSL modem as well.

--- Dhiraj Bhuyan Network Security Specialist, BT Exact Business Assurance Solutions

Tel: +44 1473 643932 Mob: +44 7962 012145 Email: dhiraj.2.bhuyan@bt.com

-----Original Message----- From: serusers-bounces@iptel.org [mailto:serusers-bounces@lists.iptel.org]On Behalf Of Jiri Kuthan Sent: 30 July 2004 10:46 To: andres@telesip.net; serusers@lists.iptel.org Subject: Re: [Serusers] Broken "SIP Aware" Router

At 11:40 PM 7/29/2004, Andres wrote:

We have started having problems with customers in BellSouths ADSL network. New customers are being given the Westell ADSL modem which appears to be "SIP Aware". But the implementation is terribly broken.

Well, I think that Application-Level-Gateways (ALGs) is _fundamentally_ broken concept with very negative impact on interoperability, security and software engineering.

There will be attempt to create an effort documenting these issues in the upcoming IETF meeting; till this effort brings fruits it will take some time. Some enlighted vendors are aware of this: Cisco/Linksys gave up on the idea to introduce SIP awareness in residential routers.

Thank you for your report.

-jiri

The symptoms are that SIP INVITES cannot penetrate the NAT on the Modem even though we have a permanent Keep-Alive from the inside (every 15 seconds). Furthermore when the customer tries to make a call, the modem changes the source port of every single packet of the dialog. Thus breaking the SIP dialog completely.

Our interim solution was to setup these customer on an alternate server listening on a different port. For everybody's reference the modem version is: Westell B9061003006 and the Software is: 03.00.61

I have tried to contact Westell directly but they have not answered. I hope this is not something thats going to start happening with all modem manufacturers or else were going to have loads of trouble.

-- Andres Network Admin http://www.telesip.net

---

Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers

-- Jiri Kuthan http://iptel.org/~jiri/

_______________________________________________ Serusers mailing list serusers@lists.iptel.org http://lists.iptel.org/mailman/listinfo/serusers