Jump to content

Reserve UDP ports to prevent Signaling & Audio Problems


Recommended Posts

TIP: Reserve UDP ports from windows' own services to prevent signaling & audio

problems with pbxnsip.

 

UDP is a big problem nowadays under windows. With the latest DNS patches to

Windows machines ports used for UDP SIP and RTP audio can be eaten by

Windows' own DNS client and server processes.

 

Listed below is a registry key that will prevent windows from using UDP ports in the

same range that pbxnsip requires for operation.

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

ReservedPorts=

5060-5061

10000-12000

 

Separate values for ReservedPorts using enter to goto next line. You may change

reserved UDP port numbers to whatever ports above 1024 are required to operate

pbxnsip in your environment. In the sample above the first line is for inbound sip

on 5060 thru 5061 and RTP media using ports 10000 thru 12000.

 

 

Vulnerabilities in DNS Could Allow Spoofing (953230)

http://www.microsoft.com/technet/security/...n/ms08-037.mspx

 

You experience issues with UDP-dependent network services after you install DNS Server service security update 953230 (MS08-037)

http://support.microsoft.com/kb/956188/

 

-Isaac

Link to comment
Share on other sites

TIP: Reserve UDP ports from windows' own services to prevent signaling & audio

problems with pbxnsip.

 

UDP is a big problem nowadays under windows. With the latest DNS patches to

Windows machines ports used for UDP SIP and RTP audio can be eaten by

Windows' own DNS client and server processes.

 

Listed below is a registry key that will prevent windows from using UDP ports in the

same range that pbxnsip requires for operation.

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

ReservedPorts=

5060-5061

10000-12000

 

Separate values for ReservedPorts using enter to goto next line. You may change

reserved UDP port numbers to whatever ports above 1024 are required to operate

pbxnsip in your environment. In the sample above the first line is for inbound sip

on 5060 thru 5061 and RTP media using ports 10000 thru 12000.

 

 

Vulnerabilities in DNS Could Allow Spoofing (953230)

http://www.microsoft.com/technet/security/...n/ms08-037.mspx

 

You experience issues with UDP-dependent network services after you install DNS Server service security update 953230 (MS08-037)

http://support.microsoft.com/kb/956188/

 

Whow that is very interesting stuff!

Link to comment
Share on other sites

  • 2 months later...
  • 5 months later...
Listed below is a registry key that will prevent windows from using UDP ports in the

same range that pbxnsip requires for operation.

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

ReservedPorts=

5060-5061

10000-12000

 

Separate values for ReservedPorts using enter to goto next line. You may change

reserved UDP port numbers to whatever ports above 1024 are required to operate

pbxnsip in your environment. In the sample above the first line is for inbound sip

on 5060 thru 5061 and RTP media using ports 10000 thru 12000.

 

Note to clarify this Registry edit:

 

You are not adding a new key to HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

You are just adding a Multi-string Value called ReservedPorts (do not include the

= symbol in the name).

 

Details at http://support.microsoft.com/kb/812873/

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...