Dual Nic Setup

Right now I am running dual nics on my Freepbx box.
All I am missing is a route somewhere I feel.
eth0 is 10.40.29.22 255.255.255.0 gw 10.40.29.1 sip trunk
eth1 is 10.10.6.1 255.255.255.0 gw 10.10.6.254 internal

My default gateway is currently set at 10.10.6.254.
Everything internal works like a charm.
With this route 10.10.10.21/32 via 10.40.29.1 dev eth0 when I call out on the trunk it connects but has no voice.
What route would I need to add to get this working right?

When I flip the default gateway to 10.40.29.22 sip trunk calls work great but internal is all messed up.
Thanks

You need to add both networks to your SIP localnet settings in SIP settings module.

This didn’t work unfortunately.

Post output of the following commands from shell “route”, “ifconfig” and "asterisk -rx ‘sip show settings’

route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.10.10.21 10.40.29.1 255.255.255.255 UGH 0 0 0 eth1
10.10.6.0 * 255.255.255.0 U 0 0 0 eth0
10.40.29.0 * 255.255.255.0 U 0 0 0 eth1
link-local * 255.255.0.0 U 1002 0 0 eth0
link-local * 255.255.0.0 U 1003 0 0 eth1
default 10.10.6.254 0.0.0.0 UG 0 0 0 eth0


ifconfig
eth0 Link encap:Ethernet HWaddr 00:1D:92:03:20:3B
inet addr:10.10.6.1 Bcast:10.10.6.255 Mask:255.255.255.0
inet6 addr: fe80::21d:92ff:fe03:203b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:16080 errors:0 dropped:0 overruns:0 frame:0
TX packets:15285 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5377284 (5.1 MiB) TX bytes:4503275 (4.2 MiB)
Interrupt:23 Base address:0x4000

eth1 Link encap:Ethernet HWaddr 00:40:F4:3C:40:C3
inet addr:10.40.29.22 Bcast:10.40.29.255 Mask:255.255.255.0
inet6 addr: fe80::240:f4ff:fe3c:40c3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4509 errors:0 dropped:0 overruns:0 frame:0
TX packets:164 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1230248 (1.1 MiB) TX bytes:29199 (28.5 KiB)
Interrupt:18 Base address:0xe000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:3453 errors:0 dropped:0 overruns:0 frame:0
TX packets:3453 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:734463 (717.2 KiB) TX bytes:734463 (717.2 KiB)


asterisk -rx ‘sip show settings’

Global Settings:

UDP Bindaddress: 0.0.0.0:5060
TCP SIP Bindaddress: Disabled
TLS SIP Bindaddress: Disabled
Videosupport: No
Textsupport: No
Ignore SDP sess. ver.: No
AutoCreate Peer: Off
Match Auth Username: No
Allow unknown access: Yes
Allow subscriptions: Yes
Allow overlap dialing: Yes
Allow promisc. redir: No
Enable call counters: No
SIP domain support: No
Realm. auth: No
Our auth realm asterisk
Use domains as realms: No
Call to non-local dom.: Yes
URI user is phone no: No
Always auth rejects: Yes
Direct RTP setup: No
User Agent: FPBX-2.10.1(11.4.0)
SDP Session Name: Asterisk PBX 11.4.0
SDP Owner Name: root
Reg. context: (not set)
Regexten on Qualify: No
Trust RPID: No
Send RPID: No
Legacy userfield parse: No
Send Diversion: Yes
Caller ID: Unknown
From: Domain:
Record SIP history: Off
Call Events: On
Auth. Failure Events: Off
T.38 support: No
T.38 EC mode: Unknown
T.38 MaxDtgrm: -1
SIP realtime: Disabled
Qualify Freq : 60000 ms
Q.850 Reason header: No
Store SIP_CAUSE: No

Network QoS Settings:

IP ToS SIP: CS3
IP ToS RTP audio: EF
IP ToS RTP video: AF41
IP ToS RTP text: CS0
802.1p CoS SIP: 4
802.1p CoS RTP audio: 5
802.1p CoS RTP video: 6
802.1p CoS RTP text: 5
Jitterbuffer enabled: No

Network Settings:

SIP address remapping: Enabled using externaddr
Externhost:
Externaddr: 10.40.29.22:0
Externrefresh: 10
Localnet: 10.10.5.0/255.255.255.0
10.10.6.0/255.255.255.0
10.10.8.0/255.255.248.0
10.40.29.0/255.255.255.0

Global Signalling Settings:

Codecs: (gsm|ulaw|alaw)
Codec Order: ulaw:20,alaw:20,gsm:20
Relax DTMF: No
RFC2833 Compensation: No
Symmetric RTP: Yes
Compact SIP headers: No
RTP Keepalive: 60
RTP Timeout: 120
RTP Hold Timeout: 300
MWI NOTIFY mime type: application/simple-message-summary
DNS SRV lookup: No
Pedantic SIP support: Yes
Reg. min duration 60 secs
Reg. max duration: 3600 secs
Reg. default duration: 120 secs
Sub. min duration 60 secs
Sub. max duration: 3600 secs
Outbound reg. timeout: 20 secs
Outbound reg. attempts: 0
Notify ringing state: Yes
Include CID: No
Notify hold state: Yes
SIP Transfer mode: open
Max Call Bitrate: 384 kbps
Auto-Framing: No
Outb. proxy:
Session Timers: Accept
Session Refresher: uas
Session Expires: 1800 secs
Session Min-SE: 90 secs
Timer T1: 500
Timer T1 minimum: 100
Timer B: 32000
No premature media: Yes
Max forwards: 70

Default Settings:

Allowed transports: UDP
Outbound transport: UDP
Context: from-sip-external
Record on feature: automon
Record off feature: automon
Force rport: Yes
DTMF: rfc2833
Qualify: 0
Keepalive: 0
Use ClientCode: No
Progress inband: Never
Language:
Tone zone:
MOH Interpret: default
MOH Suggest:
Voice Mail Extension: *97

Thanks

By changing the NAT settings under sip settings I am able to get voice inbound working.

Changed it to route by the way.

I take that back here is what has be up and running with inbound voice only. Could use some help on the opposite.

vi route-eth0
vi rule-eth0
from 10.40.29.22/32 table intern
to 10.10.10.21 table intern
vi rule-eth1
from 10.40.29.22/32 table intern
to 10.10.10.21 table intern
vi route-eth1
default via 10.40.29.1 dev eth1 table intern
10.10.10.21/32 via 10.40.29.1 dev eth1 src 10.40.29.22 table intern

You should not need NAT. Indicates something still wrong.

What device is doing the interVLAN routing? Is there a chance the remote devices are NAT’d

The interVLAN is done by switches and the router on the network. The 10.10.6.0/24 is one of those vlans. 10.40.29.22 is just the second nics IP and not part of the interVLAN. They could be nat’d once I send traffic to 10.40.29.1 the default gateway. It connects to 10.10.10.21 the metaswitch at the sip trunk provider.

The other problem is that 10.10.10.21 is a part of my other vlan network. 10.10.10.0/24.

Your problem is that sip can only bind to 1 network interface. see bindaddr in sip.conf
What are you trying to accomplish with the 2 nics?
You need something (like a firewall/router) to line up your subnets so they can all route through the one nic.

Actually everything would be much easier if I just used a router/firewall. You think I should try that with what I have described as my scenario? I just thought dual home and dual nics was the way to go when they provided private IP addresses and such.

To use multiple nics with Asterisk sip you can use nic bonding.
I have used this for awhile and it works great.
See this howto http://centoshelp.org/networking/nic-bonding/

I have seen that but I dont think with bonding you can assign one nic apart of sip provider private subnet and nic2 apart of your internal subnet. Can you? You suggest setting up a router with the SIP trunk providers internal network and run one nic or bonded nics through that correct?

As I stated above, you can not have one nic for the external trunk and the other nic for the internal phones. It does not work because you can only bind sip to one nic address. That is the bindaddr parameter in sip.conf.
So you still need to do some networking external to the asterisk box and then you can use the the nic bonding for the 2 nics. They will look like one address to Asterisk.

Inaccurate, you have use bindaddre of 0.0.0.0 it’s not a pyhcical NOC binding.

This is well documented but can be confusing. The point is that bindaddr=0.0.0.0 allows Asterisk to bind to all addresses. However, it does not bind all the addresses together. So you could not bridge a sip call between eth0 and eth1.

I don’t understand your statement. I have many boxes with outside interfaces talking to the SIP provider and inside interfaces connecting to SIP phones. Without SIP directmedia Asterisk will act like a B2B UA and connect the two calls. You see two channels occupied per call in sip/core show channels.

Are we speaking of the same thing?

I did get this working without a router. I actually realized after I had setup my router that there was another IP address my sip trunk provider did not tell me about for outbound voice wanting to talk to my system. Once I added that to my dual nic routes everything is working like a charm.