I originally posted the following, and I’m having a similar issue again:
I’m now running FreePBX 15.0.21. I recently updated the DNS settings on all of my phones. They used to acquire DNS from the local server. However, I’ve since changed all of the phones to Google’s DNS (8.8.8.8, 8.8.4.4). I’m having the problem with phones going REACHABLE and UNREACHABLE again. (The original solution worked for the two phones that were originally an issue. But, those were off-site phones. My issue now is with ON-SITE phones.)
Rather than change settings on all of our phones, I’d like to see if I can reconfigure the router to avoid these constant time-outs. We’re using a SonicWall TZ-270 for all of our routing. The phones have static IPs they obtain from the SonicWall, which also gives them their DNS settings (as detailed above.)
Create a firewall policy that has a source of all the phones (address group) and destination of the phone server. In the advance tab, you should set the UDP timeout to something like 300 (assuming you are using UDP).
So I’ve added that rule to the SonicWall. However, I’m still getting the UNREACHABLE and REACHABLE messages, as well as some LAGGED messages.
Here are pieces of the log since I’ve made the change. (I removed VERBOSE lines.)
[2022-02-03 17:36:39] NOTICE[3547] chan_sip.c: Peer ‘108’ is now Lagged. (2171ms / 2000ms)
[2022-02-03 17:36:49] NOTICE[3547] chan_sip.c: Peer ‘108’ is now Reachable. (172ms / 2000ms)
[2022-02-03 17:41:18] NOTICE[3547] chan_sip.c: Peer ‘106’ is now UNREACHABLE! Last qualify: 168
[2022-02-03 17:41:28] NOTICE[3547] chan_sip.c: Peer ‘106’ is now Reachable. (180ms / 2000ms)
[2022-02-03 17:50:00] NOTICE[3547] chan_sip.c: Peer ‘102’ is now UNREACHABLE! Last qualify: 176
[2022-02-03 17:50:10] NOTICE[3547] chan_sip.c: Peer ‘102’ is now Reachable. (189ms / 2000ms)
[2022-02-03 17:52:13] NOTICE[3547] chan_sip.c: Peer ‘102’ is now Lagged. (3069ms / 2000ms)
[2022-02-03 17:52:24] NOTICE[3547] chan_sip.c: Peer ‘102’ is now Reachable. (171ms / 2000ms)
[2022-02-03 17:59:45] NOTICE[3547] chan_sip.c: Peer ‘109’ is now UNREACHABLE! Last qualify: 188
[2022-02-03 17:59:55] NOTICE[3547] chan_sip.c: Peer ‘109’ is now Reachable. (180ms / 2000ms)
[2022-02-03 18:11:51] NOTICE[3547] chan_sip.c: Peer ‘106’ is now UNREACHABLE! Last qualify: 171
[2022-02-03 18:12:02] NOTICE[3547] chan_sip.c: Peer ‘106’ is now Reachable. (172ms / 2000ms)
[2022-02-03 18:12:26] NOTICE[3547] chan_sip.c: Peer ‘104’ is now Lagged. (3168ms / 2000ms)
[2022-02-03 18:12:36] NOTICE[3547] chan_sip.c: Peer ‘104’ is now Reachable. (181ms / 2000ms)
[2022-02-03 18:14:15] NOTICE[3547] chan_sip.c: Peer ‘102’ is now UNREACHABLE! Last qualify: 175
[2022-02-03 18:14:25] NOTICE[3547] chan_sip.c: Peer ‘102’ is now Reachable. (173ms / 2000ms)
[2022-02-03 18:15:15] NOTICE[3547] chan_sip.c: Peer ‘106’ is now UNREACHABLE! Last qualify: 169
[2022-02-03 18:15:26] NOTICE[3547] chan_sip.c: Peer ‘106’ is now Reachable. (170ms / 2000ms)
[2022-02-03 18:18:12] NOTICE[3547] chan_sip.c: Peer ‘103’ is now UNREACHABLE! Last qualify: 168
[2022-02-03 18:18:22] NOTICE[3547] chan_sip.c: Peer ‘103’ is now Reachable. (169ms / 2000ms)
[2022-02-03 18:19:41] NOTICE[3547] chan_sip.c: Peer ‘104’ is now UNREACHABLE! Last qualify: 169
[2022-02-03 18:19:51] NOTICE[3547] chan_sip.c: Peer ‘104’ is now Reachable. (206ms / 2000ms)
[2022-02-03 18:21:14] NOTICE[3547] chan_sip.c: Peer ‘101’ is now UNREACHABLE! Last qualify: 200
[2022-02-03 18:21:24] NOTICE[3547] chan_sip.c: Peer ‘101’ is now Reachable. (173ms / 2000ms)
It happens on every phone.
All of my phones are an address object - IP_Phones (192.168.1.100-192.168.1.119) LAN
All of these phones are behind one SonicWall TZ270.
My FreePBX server is on an off-site hosted virtual server on Vultr - it’s an address object - Phone_Server (our_custom_domain_name.dyndns.org) WAN
My custom SIP services (we don’t use 5060) are a service group - SIP_Custom_Services
(That includes our custom SIP UDP port, along with the RTP ports 10000-20000)
The UDP inactivity timeout is set to 300 seconds in that rule, as well as in the FIREWALL - FLOOD PROTECTION - UDP settings.
Looks fine to me. I suggest running MTR from the local network to the phone server to see if you can see any network related issues while the phones are flapping. This forum post has some useful information.
