Training:Router

From IPitomy Wiki
Revision as of 21:57, 13 September 2012 by Mike Lunn (talk | contribs)
Jump to navigation Jump to search

Router

 

The router is your gateway to the internet.  It is responsible for routing packets from devices on your LAN to the internet, and ensuring that packets from the internet are routed to the correct devices on the LAN.  This is accomplished through Network Address Translation (NAT) and port forwarding.  The router is also typically responsible for assigning IP addresses to devices on the network via DHCP when not using a separate DHCP server.

 

  • Network Address Translation – Since there are a limited number of IP addresses it is not feasible for every device that communicates to the internet to have its own public IP address.  Because of this your network will have its own private subnet of IP addresses and a single public IP.  When a device communicates out to the internet, the router will NAT a certain port for that device so that it knows where to send responding packets. 

 

Inconsistent NAT is the number one reason we see remote phones failing.  Symptoms would be showing as unreachable on the Monitoring page in the PBX, unable to receive calls, but able to make calls.

  • Eg: You have a remote phone with a local IP address of 192.168.1.112 at your house.  The public IP at your house is 78.16.54.98.  If you look at the monitoring page in the PBX, it shows the remote phone registered with the 78.16.54.98 IP address.  When the PBX sends packets to your phone, it sends them [[|to <78.16.54.98:Port#>. ]]When your home router receives the packets, it knows that the Port# was reserved for the local IP 192.168.1.112 and therefore routes the packets to your phone, allowing you to communicate. 

 

  • Dynamic Host Configuration Protocol (DHCP) – In most installs the router will serve the function of DHCP, meaning the router is responsible for handing out IP addresses to devices on the network.  In a few instances the user will have a server onsite that handles DHCP instead of the router.  During your site survey it is important to find out how DHCP will be handled, what the DHCP range is, and a list of unused static IP addresses so you can set the PBX (and possibly other devices) to a static IP and not have to worry about an IP conflict.  Unless the network has advanced configuration (vLAN) there should only be one device handing out DHCP.

 

  • Port Forwarding – This is how the router ensures that inbound packets to particular ports are routed to the right device on the LAN.  For example, remote phones always initiate their communication by sending packets to port 5060.  Because of this, you must forward port 5060 in the router to the internal static IP address of the PBX.  If this port forwarding is not configured, the router will not know what to do with a packet received on 5060 and a remote phone will not register.

 

  • Single Port Forwarding: This instructs the router to take all WAN traffic to a certain port and route those packets to a LAN IP via that single port. Eg: forward port 5080 externally to the PBX IP on port 5060.
  • Port Range Forwarding: This instructs the router to take all WAN traffic to a range of ports and route those packets to a LAN IP via that range of ports.  Eg: forward ports 10000 thru 20000 externally to the PBX IP on ports 10000 thru 20000.

 

  • 1 to 1 NAT: This instructs the router to take all WAN traffic to a certain port and route those packets to a LAN IP via a different port.  This would typically be used when the port needed is already being used.  Eg:  The end user hosts their own webpage and 80 is used, so instead you can forward port 8080 externally to the PBX IP on port 80.

 

Table 1: Single Port Forwarding

Application Name

Port

Protocol

To IP Address

Remote Administration

80

TCP

PBX Internal IP

SSH Support

22

TCP

PBX Internal IP

SIP

5060

UDP

PBX Internal IP

Branch Office

4569

UDP

PBX Internal IP

 

Table 2: Port Range Forwarding

Application Name

Port

Protocol

To IP Address

RTP

10000-20000

TCP & UDP

PBX Internal IP

 

Table 3: 1 to 1 NAT

Application Name

External Port

Internal Port

Protocol

To IP Address

Alternate Remote Administration

8080

80

TCP

PBX Internal IP

 

 

  • Remote Access – With remote access to the PBX you can make configuration changes from your office.  IPitomy Tech Support will also be able to troubleshoot with you more efficiently.  In order to have the most visibility to the PBX, we recommend you forward port 80 (remote admin) and port 22 (SSH) to the PBX Internal IP address.  Once this has been configured in the router you can enter <publicIPaddress>/ippbx from any PC that is connected to the internet and access the admin login for the PBX.  If the end user is already using port 80 you will have to configure a 1 to 1 NAT of a different port (8080) to port 80 as the web access port on the PBX cannot be changed.

 

  • Example Router Forwarding Interface: DDWRT – Below is a screenshot from a router loaded with DDWRT Open Source firmware.  The configuration screen for Port Forwarding is pretty standard.

 

<picture needed>

 

 

 

 

 

Questions:

 

  1. What port is used to access the web interface for the PBX? (80, 8080, 5060, 4569)

 

  1. What device on your network functions as a gateway to the Internet? (switch, router, PBX, server)

 

  1. Which term is used to describe a port forward that routes packets from one external port to a different internal port? (1 to 1 NAT, port triggering, SSH, DHCP)

 

  1. How many devices on the network should typically be handing out DHCP? (2, 0, all, 1)

 

  1. What ports must be forwarded for remote phones to function? (5060 & 10000-20000, 8080 & 22, 4569 & 5048, 5060 and 80)