SPA112 & SIP122 - Garbage bytes sent while using SIP over TCP

Answered Question
Apr 4th, 2014
User Badges:

Because UDP port 5060 is blocked in my case, the SIP over TCP is a good solution for me.

But when I set SPA112 to use SIP over TCP, the registration to server is always failed.

(The firmware version I used is the latest one: 1.3.3, but old versions has the same behavior.)

After captured the packets, a problem is found:

Every time before SPA112 sent a register message, there were 9 data frames sent before it.

Each frame has 20 bytes and the contents are same.

The 20 bytes has a pattern: the first 4 bytes is always 00 01 00 00.

Then come with 4 * 4 bytes, for example, d8 22 6b 17 d8 22 6b 17 d8 22 6b 17 d8 22 6b 17

So in the TCP stream, the register message is like:

....."k.."k.."k.."k......"k.."k.."k.."k......"k.."k.."k.."k......"k.."k.."k.."k......"k.."k.."k.."k......"k.."k.."k.."k......"k.."k.."k.."k......"k.."k.."k.."k......"k.."k.."k.."k.NOTIFY sip:sip.callwithus.com:5060 SIP/2.0

Via:.....

 

The server returned "SIP/2.0 484 Address Incomplete" immediately.

Then SPA112 send register message again, this time it succeeds, and server reply "SIP/2.0 401 Unauthorized".

Looks good.

Subsequently, SPA112 sent a new register message with digest information but the garbage bytes appeared again.

 

Is there any configuration about this garbage bytes?

 

Correct Answer by Dan Lukes about 3 years 4 months ago

It seems you hit nice firmware bug. I can tell you what I see in captured TCP stream.

Your client connected to SIP server, but it doesn't start sending SIP messages - it do STUN over the stream instead. You catched "STUN Binding request" nine times before first SIP packet. And another STUN is tried before second REGISTER.

It's bug with no doubt - STUN have nothing to do in the SIP TCP stream. As switch is expecting SIP packets, it's confused by STUN byte causing SIP packets to be unrecognized and rejected.

Unfortunately, I have no idea how to report firmware bugs to Cisco unless you are willing to pay for it.

On the other side, it may not be so hard to solve the problem. Just disable the STUN.

Mark thread as answered if it solve your problem, it will help others to found solutions.

 

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Dan Lukes Sat, 04/05/2014 - 01:29
User Badges:
  • Red, 2250 points or more
  • Cisco Designated VIP,

    2017 Small Business

It seems you are able to catch the packets. So attach the saved dump here, please.

zhudanfei Sat, 04/05/2014 - 08:09
User Badges:

There are 2 pcapng files in the attached zip file.

SPA112_TCP_FILTERED.pcapng was captured in last year and SPA112_UDP_TCP_FILTERED.pcapng was captured this week.

The latter file has one line configured as SIP over UDP and the other one configured as SIP over TCP.

 

 

Attachment: 
Correct Answer
Dan Lukes Sat, 04/05/2014 - 12:34
User Badges:
  • Red, 2250 points or more
  • Cisco Designated VIP,

    2017 Small Business

It seems you hit nice firmware bug. I can tell you what I see in captured TCP stream.

Your client connected to SIP server, but it doesn't start sending SIP messages - it do STUN over the stream instead. You catched "STUN Binding request" nine times before first SIP packet. And another STUN is tried before second REGISTER.

It's bug with no doubt - STUN have nothing to do in the SIP TCP stream. As switch is expecting SIP packets, it's confused by STUN byte causing SIP packets to be unrecognized and rejected.

Unfortunately, I have no idea how to report firmware bugs to Cisco unless you are willing to pay for it.

On the other side, it may not be so hard to solve the problem. Just disable the STUN.

Mark thread as answered if it solve your problem, it will help others to found solutions.

 

zhudanfei Sun, 04/06/2014 - 09:26
User Badges:

You are right, SPA112 could register to the server after STUN is disabled.

Thank you very much!

Callwithus.com require ATAs behind NAT router to use its STUN server, so I still need to find the alternative.

Dan Lukes Sun, 04/06/2014 - 15:19
User Badges:
  • Red, 2250 points or more
  • Cisco Designated VIP,

    2017 Small Business

Either:

  1. Try to buy Cisco (Linksys) PAP2T somewhere. It is end-of-life model, but I trust it's firmware more than it's replacement SPA112.  It should work. And it have almost same configuration style and same features like SPA112
  2. Ask appropriate network administrator to unblock UDP:5060 port, use UDP with STUN then.
  3. Use ATA from other vendor
  4. Install a small PC with Asterisk or other switch, connect your ata to it, connect it to Callwithus.
  5. Use Telco not requiring use of STUN

 

zhudanfei Sun, 04/06/2014 - 21:36
User Badges:

Well received with many thanks. That's very nice of you offering these solutions. 

Actions

This Discussion