RTP Source Port Validate

The 2020 IMG does not allow multiple RTP streams to be sent to the same VoIP channel to prevent poor voice quality or other potential voice problems. The 2020 IMG employs the RTP Source Port Validate Method to examine the IP address and the UDP port of the incoming RTP packet. This ensures that the packet came from the device to which the 2020 IMG is transmitting RTP data. If the validation fails and the 2020 IMG detects that its getting RTP from an unknown source, it will drop the invalid RTP packets. The Source Port Validate Method is configured through ClientView and is enabled by default.

 

Configuration:

The RTP Source Port Validate feature is configurable through the ClientView GUI. Within the IP Bearer profile pane is a field labeled Source Port Validate. Click in this field to enable or disable the RTP Source Validate feature for the IP Bearer Profile being configured. The default setting is Enabled. See screen capture below.

SC_IPBearerProf_SourcePortValidate.png

 

Call Trace:

Below is a Call Trace which has RTP Source Port Validation enabled. Once a call has been cut thru the RTP Source Port Validation will look like the following:

 

18:09:55.469 CALL(SIP) (02:08415:00) RCVD Progress from L4
18:09:55.469 CALL(SIP) (02:08415:00) Set media src IP 10.129.55.89:8196
18:09:55.469 CALL(SIP) (02:08415:00) Set media dst IP 10.129.55.81:8180
18:09:55.469 CALL(SIP) (02:08415:00) CODEC Negotiation Priority LOCAL
18:09:55.469 CALL(SIP) (02:08415:00) Set media PLD ID 18
18:09:55.469 CALL(SIP) (02:08415:00) Set media PLD Size 20, Multiplier:2
18:09:55.469 CALL(SIP) (02:08415:00) RFC 2833 DTMF Relay Enabled, pld type 101
18:09:55.469 CALL(SIP) (02:08415:00) Set Fax Type to Relay Fallback
18:09:55.469 CALL(SIP) (02:08415:00) Source Port Validation : Enabled
18:09:55.469 CALL(SIP) (02:08415:00) SENT L3-L3 Outseize Ctrl to VPPL
18:09:55.469 CALL(IP)  (02:08415:00) RCVD Outseize ([vts 49] [m0.1.12]) from L3P (span 4225 chan 17)
18:09:55.469 CALL(IP)  (02:08415:00) RTP: (Src) 10.129.55.89:8196
18:09:55.469 CALL(IP)  (02:08415:00) RTP: (Dst) 10.129.55.81:8180
18:09:55.479 CALL(IP)  (02:08415:00) SrcPortValidation: Enabled
18:09:55.479 CALL(IP)  (02:08415:00) VoIP Codec is G729; Payload Size is 20 msec
18:09:55.479 CALL(IP)  (02:08415:00) RFC2833 DTMF Relay in use, Dynamic Payload Type is 101

 

Limitations:

There is a risk to enabling the Source Port Validation Feature along with enabling Comedia Mode on the same VoIP channel. Comedia requires waiting for an RTP packet, any RTP packet, before configuring the destination IP/port. Source Port Validation validates incoming packets with the configured destination IP/port. When a channel is configured with Comedia (Passive) and Source Port Validation enabled, Comedia needs to be resolved before Source Port Validation can begin. Below is example of what happens with this configuration.

 

Example

Feature Setting Description
Comedia Mode Passive Mode Enabled Disable transmit on a channel and wait for a packet
Source Port Validate Enabled Only accept packts from the IP Address/Port the 2020 IMG is communicating with. (Drop all other packets

 

When Comedia Mode is enabled (Passive Mode) and Source Port Validation is enabled on a channel, the following sequence takes place.

  1. The channel is placed in receive only mode and Source Port Validation is temporarily disabled. At this time any RTP packet received by this channel will be used to update the destination IP/Port.

Note: This packet could be a rogue packet directed to this channels IP/Port or possibly even a packet from a previous call that did not get torn down.

  1. Upon receiving a packet the destination IP/Port is updated.

  2. Source Port Validation is enabled and the transmission of packets is enabled. Any packets received by the channel that do not match the channels destination IP/port will be dropped. Since the initial packet could have been a rogue packet, or a packet from the previous call, the channel may be using an incorrect destination IP/port. In this case the intended RTP Stream will be dropped.