dslreports logo
 
    All Forums Hot Topics Gallery
spc
Search similar:


uniqs
14386
jsb825
Premium Member
join:2003-10-08
Exeter, NH

jsb825

Premium Member

comcast blocking voip ports

For those who are having problems with accessing the vonage service with their comcast internet service, call vonage and ask them to change your port number to one other than the normal port 5060 - 5090.. I provide digital services via internet for subscribers in NH and MA, and those using the comcast internet can't connect. I have tried pinging with ports and the range of voip port addresses has been blocked by comcast.. After contacting their level II engineers in COL. They stated they are now reserving those ports for their own digital voice service.... Didn't know this was allowed, however they wouldn't need to reserve ports just for their own service.. either way it doesn't matter what port they use.. why block the range of ports... it won't compromise traffic....

J
priller
join:2000-10-20
Gainesville, VA

4 edits

priller

Member

Vonage hasn't used SIP on 5060 for a couple of years now ... it's all on 10000.

Have to admit, I'm a bit skeptical at this point. Nobody else on BBR or vonage-forum.com is talking about being "blocked" by Comcast. Sure this isn't some everyday routing issue?

anonymous coward
@verizon.net

anonymous coward

Anon

No, comcast does this from time to time. This usually happens around the time they roll out Comcast Digital Voice in a particular area. They'll block vonage and make it appear that the Vonage service is problematic when in fact they're just blocking ports. Then they call their customers in the affected area to upsell the digital voice. After numberous traceroutes and examples are provided and sent to Comcast NOC the "routing issue" is corrected and everything works again. Sometimes they go so far as to block out our website. It may not have been a large area affected so it may not have made the forums but this poster is most like telling the truth.

-Former Vonage Tech Support
Matthewb
join:2000-02-09
Crofton, MD

Matthewb to jsb825

Member

to jsb825
If true, could you imagine needing to dial 911 on Vonage, and not being able to because of unscrupulous marketing tactics?

christcorp
Premium Member
join:2001-05-21
Cheyenne, WY

christcorp

Premium Member

That's why god invented the cell phone. Anyone who has ONLY voip without some form of backup such as a cell, 2nd voip line, pots, etc..., needs to learn CPR, First-Aid, Self Defense, and marksmanship; because they don't deserve emergency services. Later... Mike...
jsb825
Premium Member
join:2003-10-08
Exeter, NH

1 recommendation

jsb825

Premium Member

Hello Folks,

Thanks for the posts. I did come to the bottom of the issue, and as one member here had stated, it was finally provided to me verbally from T-2 support that they do block ports that they deem as suspect to spam or hacking. Also from time to time as was explained, that ports are blocked to favor services provided by Comcast. I have filed a level 2 complaint with the PUC in NH and pending filing with MA as this was an effect of most of my customer base that uses comcast. Also CC to FCC will be amended with the explanation of the 911 feature being cut as a result of the "so called" blocking.

I hope Comcast is taking note, they are not dealing with a small fish here. With a combined customer base of near 80,000 subscribers, mostly business, they need to take the time to advise the customer there is an issue before blocking native ports.

justin
..needs sleep
Mod
join:1999-05-28
2031
Billion BiPAC 7800N
Apple AirPort Extreme (2011)

justin to jsb825

Mod

to jsb825
said by jsb825:

I provide digital services via internet for subscribers in NH and MA, and those using the comcast internet can't connect. I have tried pinging with ports and the range of voip port addresses has been blocked by comcast..
Can you provide some evidence of this? what ping tool are you using that can ping VOIP UDP on specified ports? I think to gain traction for this topic you have to screenshot to show an IP reachable on normal ports but not a known VOIP port range, using a well known or easily available tool, and someone else needs to confirm it.
DMS1
join:2005-04-06
Plano, TX

DMS1

Member

said by justin:

said by jsb825:

I provide digital services via internet for subscribers in NH and MA, and those using the comcast internet can't connect. I have tried pinging with ports and the range of voip port addresses has been blocked by comcast..
Can you provide some evidence of this? what ping tool are you using that can ping VOIP UDP on specified ports? I think to gain traction for this topic you have to screenshot to show an IP reachable on normal ports but not a known VOIP port range, using a well known or easily available tool, and someone else needs to confirm it.
I'll be surprised if he can because you can't 'ping' a port. The ping command uses ICMP which is an OSI layer 3 protocol. Ports are a concept connected with UDP and TCP which are OSI layer 4 protocols. One could attempt to open a TCP connection to a particular port, but there are any number of reasons why such a request would be rejected even though it made it through to the destination.

justin
..needs sleep
Mod
join:1999-05-28
2031
Billion BiPAC 7800N
Apple AirPort Extreme (2011)

justin

Mod

There are UDP ping (or UDP send) programs available, hence my question as to what tool he was using. If he controls the other end, he can show that the packet doesn't reach.
quote:
UDP Ping is a customized ping tool using application-layer UDP packets to provide configurable ping intervals and packet sizes. UDP Ping uses a server and a client, where the UDP Ping client writes a sequence number and current timestamp into a UDP packet and sends it to the UDP Ping server which echoes the packet data back to the client. The client then reports the round-trip time and calculates the packet loss rate.
DMS1
join:2005-04-06
Plano, TX

DMS1

Member

said by justin:

There are UDP ping (or UDP send) programs available, hence my question as to what tool he was using. If he controls the other end, he can show that the packet doesn't reach.
That's the key bit. Unless he has full control of both endpoints then he can't claim the failure of UDP datagrams is due to a network "issue".

justin
..needs sleep
Mod
join:1999-05-28
2031
Billion BiPAC 7800N
Apple AirPort Extreme (2011)

justin

Mod

said by DMS1:

That's the key bit. Unless he has full control of both endpoints then he can't claim the failure of UDP datagrams is due to a network "issue".
He said:
"I provide digital services via internet for subscribers in NH and MA"

So I was taking him at his word, if he does, then he can test end-to-end. Hence I was asking for some detail behind his claim.

NetFixer
From My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU

1 edit

NetFixer to jsb825

Premium Member

to jsb825
One thing that anyone can do to test if their ISP (not just Comcast) is blocking the standard SIP ports is to go to »testyourvoip.com.

To simulate Comcast blocking SIP and RTP ports used by Vonage, I blocked UDP ports 5060-5063, 6000-6003, and 10000-20000 in my Comcast gateway router. This is the message I got from that site under those conditions:
said by testyourvoip.com :

Test Failed

Your computer couldn't call our location on the standard SIP port (5060) or a commonly available port (6000). This suggests that a firewall is blocking all UDP access including SIP. Please check the following:

     * Your Personal Firewall, if you are using Windows XP, may be filtering the SIP and UDP ports used for communication.
     * Your home firewall or your broadband provider's firewall may be blocking the SIP and UDP ports used for communication.

Please check these firewall settings and ensure that UDP ports 5060 and 50000 - 50100 are open for RTP streams and SIP signaling. Then re-run your test.

Please try again in a couple of minutes. If the test continues to fail please contact us at TestYourVoIP@Brixnet.com
I suppose that is is possible that Comcast is randomly blocking or negatively prioritizing UDP ports 10000-20000 that Vonage uses for RTP, and/or any UDP to/from Vonage IP ranges, but I have seen no evidence of that here locally, (and Comcast has just recently begun selling their own VOIP service in this area).

Mind you, internet VOIP over my Comcast connection sucks, compared to using my Covad connection, but I don't think it is intentional, it is just Comcast's typical lag and jitter.