My new voice provider will allow me to choose the IP address subnet of his own VoIP gateway (hardware) he’s going to install for sip trunk with my pbx.
Should I choose the same subnet where all ip phones and internet gateway reside or, being pbx double-nic capable, choose a different subnet for sip trunk traffic ?
Pros or cons in two solutions ?
If your new voice provider is offering you the flexibility to choose the IP address subnet for their VoIP gateway, it might be worth considering setting up a different subnet for your SIP trunk traffic, especially if your PBX supports double-NIC. The rationale behind this is quite straightforward. Firstly, segregating your SIP trunk traffic onto a separate subnet beefs up your network security by keeping external communication isolated from your internal network, thereby reducing the risk of potential threats or attacks. Secondly, having a distinct subnet allows you to prioritize your SIP trunk traffic differently from internal traffic, potentially leading to enhanced call quality, even during periods of heavy network usage. Moreover, managing and troubleshooting your network becomes simpler when you have separate subnets, as it streamlines the process of identifying and resolving issues related to SIP trunk traffic without impacting your internal network operations. Lastly, opting for a separate subnet now sets you up for smoother scalability in the future, providing the flexibility to expand or modify your network without causing disruptions to your internal setup. So, if your PBX is up to the task, going for the separate subnet option could offer you improved security, quality of service, and network management capabilities.
Thank you James,
The provider will probably go for a /30 subnet between freepbx and audiocodes gateway.
The first issue I met while testing double nic setup is pbx chooses the second/new subnet gateway as default internet router…
For now, I removed gateway declaration on second nic setup (as I don’t need more than the /30 counterpart dialog for sip trunk).
If a second gateway was needed , I suppose is all up to Centos routing thing…
If you remove the gateway on the /30 interface how will you route traffic over that /30?
The presumption is that he doesn’t need to, right? He’ll only setup a trunk to send SIP traffic to that specific device at whatever IP address it has on the second NIC. The rest of internet bound traffic will go over his primary NIC/LAN subnet.
Well, not what is on the NIC. If it’s 192.168.1.0/30 it means the gateway will be 192.168.1.1 and the PBX will be 192.168.1.2. In order for the PBX to send calls out, it will need to send them to 192.168.1.1 and the gateway will send requests to 192.168.1.2. As long as there is a routing table that says all 192.168.1.0/30 is routable on the secondary NIC they should be fine…
Wait, that’s not how local communications happen. If you are on the same subnet network traffic doesn’t get sent to the gateway. The device sends it directly to the device that’s on the same subnet as your device. You don’t need a gateway for communications with devices that are on the same subnet.
Correct, as long as it is on the same subnet then it is fine. I was talking about the linux routing tables, there still needs to be an entry for 192.168.1.0/30 so it knows the subnet. You end up with something like this:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 0.0.0.0 255.255.255.252 U 0 0 0 enp1s0
There’s no gateway but it says route this subnet locally over this interface.
Yes , the directly connnected subnets don’t need gateway for inside subnet traffic.
I just wonder why the new subnet gateway was chosen as default one when the new nic was just setup…
Yea, I think that’s a Cent OS 7 thing maybe?