Hi AusNOGgers, As part of our ongoing efforts to modernize our network and enhance service reliability, we are implementing changes that will impact certain legacy features, including SIP (Session Initiation Protocol) traffic handling.
Effective 9th of July 2024, Telstra is initiating the process of disabling SIP ALG traffic from its CGNAT Platforms. This decision aligns with industry standards and best practices in network security and performance optimization. SIP ALG was originally intended to assist in managing SIP traffic across different network boundaries but has since been found to cause more issues than benefits, including potential interference with VoIP (Voice over Internet Protocol) services and other applications. The typical SIP ALG use cases of VoIP solutions are as follows: - Customers using 3rd party legacy VOIP solutions. - Wireless subscribers running 3rd party VoIP SIP applications. Disabling SIP ALG will have no negative impacts on TIPT services. If you are using any services which are categorized as the two use cases above, please check your router and application settings and use TLS for your SIP applications to avoid any issues. * time-frame * We are planning to start the deployment on 9th July 2024 and 11th July 2024 in South Australia. Further deployments in other states are planned by the end of July and will be advised to the list. * Things to be aware of * - If you are using 3rd party legacy VOIP solutions, or a wireless subscriber running 3rd party VoIP SIP applications using Telstra, please make sure you check your settings prior to our deployment and use TLS (Transport Layer Security Encryption) instead of SIP ALG to avoid any possible impact. In some cases, you will need to check your router settings for SIP ALG as well. * Basic flow * - The purpose of the SIP ALG is to facilitate SIP signalling and related media through GGNAT by monitoring SIP exchanges and ensuring by-directional signalling and media flows are permitted and handled correctly. - Modern SIP implementations are NAT aware and do not require a SIP ALG on the Service Provider CGNAT to function. - Some SIP solutions (particularly legacy ones) may not be NAT aware or may not be configured for NAT-traversal by default. - Once Telstra disables the SIP ALG for Mobile Broadband, all SIP signalling and media flows will be treated as standard IP traffic and handled as normal CGNAT flows: It’s expected that most applications will handle this change gracefully, but some solutions (particularly legacy platforms) may need to be reconfigured for NAT-traversal using mechanisms such as STUN, ICE and TURN, to name a few. *Work around * For apps which appear broken, try to avoid SIP ALG. Another alternate would be to use customer devices with ipv6 provision for VOIP applications. Telstra has enabled Mobile Ipv6 for a while so any VOIP applications should be using this in the first instance. * Contacting us* Telstra is exiting support for SIP ALG. We are aiming to work with community forums like AusNOG and Whirlpool to ensure this is a smooth rollout. For any assistance, please contact your application support, or reach out directly to ipv6wirelessdeploym...@team.telstra.com to directly contact our CGNAT technical teams about this issue.
_______________________________________________ AusNOG mailing list AusNOG@lists.ausnog.net https://lists.ausnog.net/mailman/listinfo/ausnog
