Greetings! We have several TA900 series devices and are in the process of deploying TCP as the underlying transport for SIP communications. The application is for analog FXS lines and PBXs using PRI.
With UDP, the TA9xx consistently originates SIP messages sourced from port 5060. With TCP, the TA9xx originates a SIP dialog (such as a REGISTER) from a random high port. Once that transaction is complete, the next transaction (such as an INVITE) will originate from a different random port. Destination port is always 5060.
Our SBC vendor Sansay accepts the REGISTER and remembers its TCP source port. The SBC rejects all subsequent SIP messages not originating from the same port, meaning that all calls fail as the INVITE is rejected by the SBC. This doesn't seem logical to me. TCP is connection-oriented so once the transaction is complete the TCP session drops. I would expect that the next SIP dialog to be a new TCP session from a different source port.
1. Is our SBC's behavior correct in ignoring subsequent TCP SIP messages from a registered device not originating from the same source port?
2. Is there a way to configure the TA9xx to always originate TCP connections from the same source port on the same voice trunk?
3. Is there a way to keep the TCP session nailed-up indefinitely once registered in a similar fashion to that of BGP that keeps the TCP session nailed up once established? (I suspect that this may not scale well from the SBC side as it will need to track thousands of nailed sessions.)
Thanks in advance for your help.
See if your model supports this command. Found it when trying to get SIP TLS setup, but I assume it's not TLS specific.
To optionally configure the AOS device to use the TCP port from which AOS initiated a TLS connection in
the Contact URI, enter the grammar contact host port persistent command from the trunk’s
configuration mode. This configuration is useful when using client-only authentication. With this type of
authentication, a persistent connection is established to the SIP server. Many SIP servers and session
border controllers (SBCs) need to see the TCP port from which AOS initiated the TLS connection in the
Contact URI sent by AOS.
(config)#voice trunk T01 type sip
(config-T01)#grammar contact host port persistent
This does not work. It's intended for use with TLS. The command is accepted but makes no difference in the behavior, source port is still randomized using SIP over TCP.
Was this ever resolved? just curious what was the fix