-1

I have a 3cx server behind a pfsense router. Most of my users are remote except myself and this one other guy. so I use my cell phone for calls, but that 1 guy? yeah, he's old school. He has a desk phone!

Well, all my users are on SBCs so when a phone needs provisioning, it just works. but here, it does not. The one lonely phone on prememsis died recently (was provisioned before the pfsense router was installed) and now I cant get a phone to detect in the phone switch to save my life. This is an issue I have dealt with plenty of times, but never on pfsense. AFAIK, this happens when multicast isnt working... but I have no idea how to configure for multicast in pfsense.

Honestly, I have no idea how multicast works. I thought it was just an application broadcasting out and asking what server handles a specific protocol (in this case SIP)... am I wrong? Can ANYONE link me a guid for this, or better yet, just tell me what rule I need to make multicast happy?

Presently I just have the minimal rules set on LAN1. But I DO have an alias for the sip server and the relevant ports forwarded from outside (as described here.)... I thought that would be it...

rudepeople
  • 33
  • 6
  • 2
    Multicast is _not_ broadcast. Multicast is only processed by host that have subscribed to the multicast group that is the destination IP address, while all hosts must process broadcasts. Multicast routing is very different than unicast routing. A host subscribing to a multicast group sends an IGMP message to the multicast router (some switches snoop on this to block multicast at interfaces without a subscribing host). Multicast routers use a multicast routing protocol, e.g. PIM, to communicate with other multicast routers in the multicast routing domain. Broadcasts cannot be routed. – Ron Maupin Sep 12 '22 at 16:29
  • @Ron Maupin Okay, that makes a little more sense. So I'm looking in the wrong place then? I have a netgear JGS524PE in the rack... I suspect igmp snooping in enabled. if so, then that should be the source of my issue... right? – rudepeople Sep 12 '22 at 16:47
  • @Ron Maupin, I disabled igmp snooping, but the requisite domain (sip.mcast.net) is still down on the server so I'm going to have to wait till after hours to run a separate tool to hopefully bind the domain to the interface... I won't know if that was the issue until I do. – rudepeople Sep 12 '22 at 16:57
  • @Ron Maupin - Yep! the first upstream switch from the server was blocking IGMP which broke multicast. Turning IGMP snooping fixed the issue. I had to restart the sip services to trigger a binding to sip.mcast.net on that interface, but it's working now. Thank you! – rudepeople Sep 13 '22 at 14:07
  • 1
    You seem to have run into [this problem](https://networkengineering.stackexchange.com/a/28302/8499). IGMP snooping is a good thing to run on your switches, but you need to do it correctly. – Ron Maupin Sep 13 '22 at 14:12

0 Answers0