October 23, 2018, 08:50:06 pm *
Welcome, Guest. Please login or register.
   Forum Home   Search Login Register OBiTALK  
Pages: [1]
Author Topic: Reducing the RTP Port Range to a single port, per Service Provider  (Read 6995 times)
Posts: 16

« on: April 28, 2013, 11:13:35 am »

Hi, folks.

I was wondering if there were any cause for concern with isolating the UDP ports associated with RTP to a single UDP port, per Service Provider, rather than using the dynamic range of 10000-20000.

I am pretty sure that I can do this under:

ITSP Profile A, RTP, LocalPortMin / LocalPortMax (and repeat for the other SPs, using different static ports).

For example, for:

SP1, use only UDP port 16001
SP2, use only UDP port 16002
SP3, use only UDP port 16003
SP4, use only UDP port 16004

My concern is that punching around 10000 (well, actually the Obi client narrows this to only about 1000, but still!) successive holes through a firewall to a facilitate a single application is not really an ideal situation for security purposes, and does not match up to general best practices (network-wise, not sure about VoIP).  Reducing this huge dynamic range would also help the intermediary devices facilitating QoS manage less sessions, and reduce their processing/managing overhead.

The discussion is very similar to RPC in the world of Microsoft servers, where, by default a large range of ports are required, but can be configured to use a smaller range, and or even a single port.
« Last Edit: April 28, 2013, 11:22:19 am by Torvette » Logged
Pages: [1]
Jump to:  

Powered by SMF 1.1.11 | SMF © 2006-2009, Simple Machines LLC