• V20: 3CX Re-engineered. Get V20 for increased security, better call management, a new admin console and Windows softphone. Learn More.

Solved Trunk Keep-Alive stopped working

Status
Not open for further replies.
Hi @JST
Just a thought for you.
Have you looked at the UDP timeout on your firewall?
That was the problem on my network and a quick internet search for "Sophos UDP timeout" returned some interesting results. Indeed searching just "UDP timeout" is also very informative.
John
 
Hi John,
This is great feedback. I am using Sophos SG though and it seems that most issues are around Sophos XG (tested it, but didn't think it is quite ready for production yet). Anyhow, I just checked with the command shell and see the following values:

cat /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout
30
cat /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout_stream
180

So, that means 30 seconds timeout for UDP and 180 seconds timeout for UDP stream.

I am also not using the VOIP functionality provided by Sophos because I previously encountered strange issues using it.

I believe 180 seconds should be good enough for VOIP applications. It also seems that there is no way to change it permanently from what I can see.

This is a good idea though! I guess packet capture will give some clarity. I will try to get on that this weekend assuming that the issue prevails.

Thanks,
Jens
 
Sorry for being out of touch, but the problem simply vanished for a few weeks. Sadly, it slowly returned last week and it got really bad today. Luckily, I found that I don't need to reboot the system every time. I can just edit and save the trunk instead.

Anyhow, I am in the process of installing wireshark on the 3CX linux system, but since it doesn't happen all the time, I am somewhat wondering about the size of the capture. Can I just leave this running for a couple of hours? I have only brielfy used wireshark once before.

Also really confused why the program would be gone for a while and then return once again. There have been no firmware upgrades on the Sophos appliance during the past few weeks. I also didn't apply any updates except some mobile client upgrades.

Hopefully, I can capture some issues and then go back to the VOIP provider.
 
OK. I got wireshark installed, but I am having trouble with running xming on Windows 10. I mean it seems to be running and I was able to do the configuration (multiple windows, putty, etc.), but when I click the config file no windows are being opened.

Not sure what went wrong. I will do some more research...
 
I have made some progress after doing a reboot. Now, the first time I click the config file for xming, it is starting putty and putty is asking me for the password, but then nothing happens. I just don't get a window running wireshark.
 
You can run a capture straight from linux or even the management console. You won't be able to see if live but you can download it and see if after. I am not familiar with xming so i cannot really assist you with that.
 
  • Like
Reactions: JST
Thank you! I have only used Wireshark on Windows before. So, I will have to do a little bit more research to figure out how to run it on Linux.
 
Hi @JST I hope I am not intruding or "trying to teach my Granny....." as it were. There are many better guys than me out there. Also if I am coming late to the party I have been away for a while.
A few things, or helpful thoughts from my experience.
Firstly I have found that most problems are never with the 3CX, either Windows or Linux based.
I am also pretty sure your SIP provider has tested their platform to death and has overcome any issues as they have arisen from their multitude of clients.
So that probably brings us back to the Router/Firewall.
I know absolutely nothing about the Sophos but where I have had this problem I have upped the UDP portmap timeout.
So in your case: cat /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout 30
I would increase this. You could certainly make this 180 i.e. 3 minutes and even more without any major worries.
Actually if you look at your Sophos TCP timeout I am sure it'll be much bigger.
Wireshark etc.
The inbuilt capture feature of 3CX is good.
From the console go to "Activity Log" then "Settings" and switch to "Verbose". Click OK.
Click "Capture" and let this run for as short or long as your hardware will stand but especially if your fault is apparent at the time.
Once you think you have the information you need click "Stop" and you will then be presented with a choice.
If this is for your own purposes click "Your capture can be downloaded from here".
The file downloaded can be opened in Wireshark.
If the guys at 3CX want the trace click "Generate support information package" which will be emailed to you and you forward to them.
Remember to go back and set logging level to Low or whatever you prefer.
Finally if you are more familiar with Wireshark on your Windows laptop/desktop/server whatever then you might consider getting an inexpensive "Smart" switch which will do "port mirroring".
So you connect your router to the "mirrored" port and your laptop to the "mirror" port.
Preferably on a temporary basis - you can watch and log all of your network traffic via this mirror port. Obviously this can slow things down a bit etc. etc.
But even better in my experience get an old "HUB" which broadcasts all information to all ports.
I use an old D-Link DFE-908Dx.
I really hope this helps but especially that I don't offend.
John
 
  • Like
Reactions: JST
Hi John,
I am happy about any feedback because I have never encountered this type of issue before. I also agree with you on your sentiment about 3CX and the SIP provider not being at fault.
So, for starters, I have now increased the UDP timeout from 30 to 60. I also found that there is a second UDP timeout value (UDP stream) which is already set to 180. Apparently, the UDP stream value is being used if UDP traffic flows in both directions.
In addition, I have also played around with the built-in wireshark utility. Now, I am waiting on it to happen again. Hopefully, the capture will yield some better information on the problem.
I also like your idea on using a switch to do port mirroring for the process. The system is actually connected to a managed switch and so this might be a good option if the first option fails.
Thank you for your detailed feedback and help!
I will report back with another update soon.
Jens
 
OK. The problem has happened again today and I was able to do a capture using the built-in capture tool. Also installed Wireshark on a local machine and loaded the file.

Now, it is quite long and I am not sure how I can sanitize it to post a copy here. On a brief scroll through I discovered some entries that might give a clue about the issue (see screenshot).

upload_2018-5-6_10-18-58.png

The three lines above take place with 3CX as a source and the service provider as destination.

I also see some traffic going the other way, but that traffic might be related to the failed calls.

upload_2018-5-6_10-23-42.png

In addition, the service provider has now captured a voice mail using their own VM system. This confirms that the service isn't registered at all times.

How can I get better data and determine the root problem based on the capture?

I will now increase the UDP timeout to 2 minutes.
 
While I haven't been able to discover the root cause for this issue, I found that a UDP timeout of 3 minutes seems to resolve the problem. At least, it hasn't happened for 4 weeks in a row now.

Thank you to everyone trying to help!
 
While I haven't been able to discover the root cause for this issue, I found that a UDP timeout of 3 minutes seems to resolve the problem. At least, it hasn't happened for 4 weeks in a row now.

Thank you to everyone trying to help!
Glad to see the issue has been resolved and thank you for updating the thread
 
Status
Not open for further replies.
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.