FreePBX and 2 internet providers

Hello everyone!
Freepbx 14.0.17, Asterisk 16.6.2 - one eth0 port with a local address is configured, on the Asterisk itself there are 3 different sip providers (3 numbers). Everything worked perfectly. There is a Mikrotik router - the other day I configured recursive routing. In priority, traffic runs through the first provider (conditionally WAN1), the second provider (conditionally WAN2) as a backup. All services work stably, but a problem with telephony appeared. 2 numbers work stably and registration, and calls and sound pass, but on the last number - registration and calls pass, but there is no sound. According to the logs, it is clear that sip registration packets go via WAN1, and packets with sound via WAN2. At the same time, in FreePBX “External Address” - the IP address of WAN1 is indicated. In the routing of the server itself, only the IP address of WAN1 and local addresses of the network where Asterisk and SIP device clients are located are indicated. On the Mikrotik router, ports UDP 5060,10000-20000 are forwarded to the Asterisk address in the Firewall.
In the Freepbx parameters:
SIP canrenivite (directmedia) - no
firewall - disabled.
SIP nat - No.
Strict RTP - Yes (set to No - nothing changed).
SIP ALG is disabled on Mikrotik.
Is the Trunk of this phone number configured incorrectly? The trunk has the RTP Symmetric - Yes item.
Some item responsible for configuring RTP was missed. Has anyone encountered this? I don’t really understand why Asterisk suddenly decided to send sound along one path and register on another…

Thanks!

you need to understand that SIP will try to negotiate an SDP session in which the media will be carried

for a single port transport look to IAX2

It sounds to me like you are attempting to run a network with 2 defaut gateways, that is your FreePBX box has 2 routes to 0.0.0.0 ending in different WAN routers. I know you say otherwise but since you are blaming Asterisk for this, it’s clear that since there’s no way for Asterisk to route packets, it MUST have multiple gateways defined in the OS.

If this isn’t true and it really is a situation where the Microtick router has ONE lan interface, the PBX is on the inside using that lan interface, and the Microtick router has 2 WAN interfaces - then I honestly fail to understand how it is that you believe Asterisk has anything whatsoever to do with this.

Network Address Translation is the biggest network hack ever invented and “redundant” ISP links going to a translator are an even bigger hack - the translator has to keep track of ALL connections and try to suss out what UDP data stream is associated with what TCP data stream and keep connection tracking straight in all this mess. Normally it does it by looking at data on the phone registration connection to figure out who’s UDP data stream belongs to what public destination.

You are sending all your traffic to ONE address - the Microtick LAN address. The problem started when you mucked about in the Microtick - so how exactly is this Asterisk’s fault? It’s not. What you need to do is properly reframe the question:

“I don’t really understand why Microtik suddenly decided to send sound along one path and register on another…”

and you will realize where the issue is. We don’t understand, either. Maybe Microtick does. They were who “invented” this so-called “recursive routing” which by the way isn’t a real routing term it’s something Microtick pulled out of their hat. They wrote the translation code for their router and if it’s not behaving as expected then they should be able to know why.

You can hack around this by installing a second router that is just connected to the inside lan and the outside wan to ONE of the providers and change only the Asterisk system default GW to that, and then unplug the 1 leg of the microtick wan port from that outside wan and plug it into the inside LAN and configure it to point to the second router. It is a hack of the worst order since now you are double-translating for any traffic going through the microtick to the second ISP but what’s an uglier hack among ugly hacks???

The ONLY true redundancy for Internet is getting an AS number and obtaining RIR issued subnets and running BGP to your ISPs.

Thanks for the help, guys.

The problem was solved. Mikrotik, despite the settings, incorrectly routed traffic from FreePBX to the SIP provider server. The routes were disabled, the ethernet port was disabled, but it still sent calls along this path. Updated ROS to version 7.15.3, so far everything works stably.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.