Hi,
I have got so fed up with the Sure Signal version 3 not working, I decided to capture traffic from it for around 10 hours in an attempt to spot problems and find out what it does. Results below
a) When not in a call, the Sure Signal sends and receives about 5MB (Bytes) of dat aper day, 150MB per month
b) When in a call, the Sure Signal sends and receives about 100kbps (kilo bit per second).
c) When the Sure Signal is first switched on, the communication sequence looks like this
1) Issues a DHCP request to get an IP
2) ARP request to find it's local router MAC address for local router
3) * DNS requests for cluster18.vap.vodafone.co.uk (88.82.13.176, 182, 183 this is round robin DNS) and initial-ipsecrouter.vap.vodafone.co.uk (212.183.131.139)
4) ISAKMP / IKE VPN tunnel to 88.82.13.182 (cluster18.vap.vodafone.co.uk) using port UDP 500 to UDP 500
5) ISAKMP / IKE switches to UDP 4500 to UDP 4500 - IKE NAT traversal - NOTE: The response packet from 88.82.13.182 has an MTU too large so gets fragmented, this could explain why some routers have a problem - The UDP length 1544, with IP headers this is 64+ bytes over 1500 - The VF server could be reconfigured to avoid this
6) * NTP requests to 88.82.13.180 and 172
7) ESP session created to 88.82.13.182, following IKE session. Using UDP Nat traversal 4500 - 4500. This session continues throughout.The average packet size in the ESP connection is very small, as you would expect for voice packets. Only sometimes does the size increase from SureSignal to server, reaching a maximum of 1406 bytes on the wire. This 'should' mean people with a lower MTU (like PPPoE users) could be OK.
😎 Tracert request to 88.82.13.182 multiple times with both small and large payload (60 and 1414). It tests with a TTL of 1 and a TTL of 2, but never higher. I'm guessing it is trying to look for jitter on the first part of the connection (user to ISP). Of course, this assumes your ISP connection is only one hop away. Every hour, it will repeat this sequence with 40 requests.
* For reasons I can't explain, the DNS requests I see don't get answered. The SS makes a request to opendns (my configured DNS server) on 208.67.222.222, but I never see a response. Other systems (PCs etc) on the same LAN making the exact same request do see a response. If I switch my DNS server to be internal to my LAN, it does get a response. Not sure why this is. It will still connect without a response, but I guess only with the last known IP. If this IP is down, this could cause downtime.
** As above, the NTP requests do not get a response on my network
For both the DNS and NTP, I have switched broadband routers, DNS servers and several other things. Nothing makes a difference.
Actions for VF support (if you would like to improve service to users)
i) It would be great if someone technical could look at the MTU size issue in step 5, as a simple reconfigure could probably help a number of people using PPPoE connect properly. This doesn't impact me, but will others.
ii) The IP ranges do not match those described in this forum for opening up connections, the instructions need updating
iii) The ports and protocols do not match those described in this forum for opening up connections, the instructions need updating
If anyone want a copy of the trace, you are welcome, just reply to this thread and I will PM you a download location.
Thanks
.png "Moderator (Retired)"){kind=icon}
