Update external address automatically on failover - Q for a dev

Some clients have vdsl with static IP, the LAN is of course NAT and their pbx box doesnt change LAN IP, this is all flawless.

But their isp supplied modem/router now also has auto failover to 4G, however, this is with a dynamic CGNAT IP, the failover works great for normal internet usage in a vdsl outage, however freepbx does not, because unlike a VoIP handset that does not care about ext addresses, freepbx does.

I’m not a php guru, but since “detect network settings” is a buttonable option in GUI, there is a way to do this by calling it in script which I can easily write and test for (in perl)
So my question to someone who knows for sure, what is the /bin/php /path/script/option it needs for this?

Some of these clients live in ruralish areas and if vdsl goes dark it can take hours or days to be restored.

(I should add this isnt for external sip users logins - they are not permitted in most cases, especiall health care centres, just onNET users, this is needed so the trunk can work)

Of course I’d also suggest this as a configurable (time wise checking) feature request, but no doubt I’ll get pointed to some obscure expensive comemrcial module :stuck_out_tongue:

You may not need this, and if you do, it may not work.

Some trunking providers, e.g., Callcentric, handle NAT traversal on their servers, i.e. they send calls to the address/port from which the REGISTER request was received. Provided that you reregister frequently, you should be fine.

Most providers will send calls to the address/port in the REGISTER Contact header. A few providers, e.g., VoIP.ms allow you to select the desired behavior on their portal. If the provider is not doing NAT traversal, the PBX must supply the correct address/port in Contact.

The problem is that many CGNAT implementations rewrite the source port. You can test yours to see whether this is the case. If so, give up and use another solution (different trunking provider, cloud PBX, etc.) However, even if the CGNAT preserves the source port when possible, there is always a chance that the port is in use by another user and it will be rewritten. You can minimize this by choosing a high random Port to Listen On. If this is the case, do some testing to see whether reliability is acceptable.

I’m not sure it will work either, we’ve played with this from our office at night with no CGNAT, we’ve got 2 vdsl links from multiple carriers, one dedicated for our office trunk and the other our normal internet usages, dumping the trunk primary vdsl, the pbx box could after the routers failover ping out to our trunk carriers network, but freepbx left untouched, for near on 30 mins calls failed because the trunks failed, if we used the refresh button thingy, it picked up new address and calls worked.

So it certainly needs human intervention, but that clicking button calls ajax function command getnetwork foo, which wont work if I try call it directly by using php binary, but the black magic it does should be able to be called direct, once we figure out what needs calling.

Assuming that your CGNAT doesn’t cause an issue with source port rewriting, see

for a way to automatically update Asterisk when your public IP address changes.

My perl script in that thread uses a list of public STUN servers to detect IP address changes. This was made several years ago, so I ran a test to see how many are still working. I found 64; you may wish to update the stunlist.txt file with this data:

If you modify the perl script to make it more robust or otherwise improve it, I would greatly appreciate it if you post the update here.

Here’s a bash script I am using that works well. Schedule it to run every X minutes in cron. (whatever interval you prefer)

Dynamic DNS would solve this. You would need to set up a Dynamic DNS service for the network so that when the IP changes, the DNS record is updated. You then set the external_ settings to the domain which will resolve to the IP.

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.