Bypassing Broken SIP ALG Implementations

The SIP protocol is commonly used for IP telephone communications. Unfortunately it’s notorious for having issues with NAT traversal. Even some major vendors can’t seem to get it right. [Stephen] had this problem with his Cisco WRVS4400N router. After a bit of troubleshooting, he was able to come up with a workaround that others may find useful.

The router had built in SIP ALG functionality, but it just didn’t work. [Stephen] was trying to route SIP traffic from a phone to an Asterisk PBX system behind the router. The router just couldn’t properly handle these packets regardless of whether SIP ALG was enabled or disabled.

[Stephen] first tried to change the SIP port on the external VOIP phone from the default of 5060 to something else. Then he setup port forwarding on the router to the Asterisk box to forward the traffic to the Asterisk system on the original port. This sort of worked. The calls would go through but they would eventually drop after about 20 seconds.

The only thing that [Stephen] could get to work completely was to change the SIP port in Asterisk’s sip.conf file using the “bindport” directive. He changed it to some random unused high port number. Then he setup port forwarding on the router to forward incoming UDP packets on that port to the Asterisk system. This worked fine, but now all of the original phones behind the router stopped working because they were configured to use the default port of 5060.

Rather than re-configure all of the phones in the organization, [Stephen] made one change on the Asterisk system. He setup an iptables rule to forward all incoming traffic on UDP port 5060 to the new SIP port. Now all of the phones are working with minimal changes across the organization. It’s a lot of hassle to go through just because the router couldn’t handle SIP correctly, but it gets the job done.

Retrotechtacular: Submarine Cable Splicing is Serious Business

Really. As this wonderfully narrated talkie picture from 1939 will attest, keeping even one drop of water from penetrating undersea cables is of the utmost importance.

How do they do it? Many, many layers of protection, including several of jute wrapping. The video centers on splicing a new cable to an existing one in the San Francisco Bay to bring the wonder of telephony to a man-made island created for the Golden Gate International Expo.

The narrator makes these men out to be heroes, and when you see how much lead they came into contact with, you’ll understand what he means. Each of the 1,056 individually insulated wires must be spliced by hand. After that comes a boiling out process in which petrolatum is poured over the splice to remove all moisture. Then, a lead sleeve is pulled over the connections. Molten lead is poured over the sleeve and smoothed out by hand.

At this point, the splice is tested. The sleeve is punctured and nitrogen gas is pumped in at 20psi.  Then comes the most important step: the entire sleeve is painted with soap suds.  Any gas that escapes will make telltale bubbles.

Once they are satisfied with the integrity of the sheath, they wrap the whole thing in what appears to be lead cables and pound them into submission. Surely that would be enough, don’t you think?  Nope.  They weld the cables all around and then apply two coats of tar-treated jute wrapping, which retards saltwater corrosion considerably.

Continue reading “Retrotechtacular: Submarine Cable Splicing is Serious Business”