News:

On Tuesday September 6th the forum will be down for maintenance from 9:30 PM to 11:59 PM PDT

Main Menu

Reducing the RTP Port Range to a single port, per Service Provider

Started by Torvette, April 28, 2013, 11:13:35 AM

Previous topic - Next topic

Torvette

Hi, folks.

I was wondering if there were any cause for concern with isolating the UDP ports associated with RTP to a single UDP port, per Service Provider, rather than using the dynamic range of 10000-20000.

I am pretty sure that I can do this under:

ITSP Profile A, RTP, LocalPortMin / LocalPortMax (and repeat for the other SPs, using different static ports).

For example, for:

SP1, use only UDP port 16001
SP2, use only UDP port 16002
SP3, use only UDP port 16003
SP4, use only UDP port 16004


My concern is that punching around 10000 (well, actually the Obi client narrows this to only about 1000, but still!) successive holes through a firewall to a facilitate a single application is not really an ideal situation for security purposes, and does not match up to general best practices (network-wise, not sure about VoIP).  Reducing this huge dynamic range would also help the intermediary devices facilitating QoS manage less sessions, and reduce their processing/managing overhead.

The discussion is very similar to RPC in the world of Microsoft servers, where, by default a large range of ports are required, but can be configured to use a smaller range, and or even a single port.