Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
399
Views
0
Helpful
2
Replies

Seeing UDP:0

teevanke
Level 1
Level 1

‎10-27-2022 03:42 AM

Hi,

I have a SIP Trunk Server (Debian - Kamailio) - in EPG1/BD1, and a Media Server in EPG2/BD2 - communication is SIP --> Media :UDP:5060  - I have a Contract to allow UDP:5060 (and a few more voip specific ports and i also allowed icmp)  - the call setup failed.

I did PCAP traces on the hosts and ACI - the traffic went from SIP to Media server but the trace showed the Media server did nothing with the frame - doesn't defragment it. Once SIP and Media server were in the same EPG it worked.

I have ND Insights and was reviewing the Flow Details for the SIP traffic and noticed communication going from Sip --> Media on UDP:0 - my Contract is allow UDP:5060,  so PBR kicked in and sent this strange UDP:0 to my firewall - see screen shot - below. 

On seeing this UPD:0 and redirect I decided to Allow UDP All on my contract to see if this did anything and Yep - it works when I allow UDP All - the PBR doesn't kick in and the Calls can be set up.

My question is - what is this UDP:0 - where/who and Why is it getting generated - the Voip guy is saying it's nothing to do with him - anyone ever seen anything similar ? Any advise/comments greatly appreciated. 

Thanks.

teevanke_0-1666866880041.png

 

Labels:
0 Helpful
2 Replies 2

Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎10-28-2022 02:09 AM

Hi @teevanke 

Based on the "EPG" information, the one you highlighted, seems like the flow is flooded in BD. Probably that's why Port information is not relevant. Maybe..

Questions:

1. Who is the contract consumer and provider?

2. How is the SIP contract configured from "Reverse filter ports" and "Apply both directions"?

3. How is the PBR contract configured (Consumer/provider)?

 

Cheers,

Sergiu

0 Helpful

teevanke
Level 1
Level 1
In response to Sergiu.Daniluk

‎10-28-2022 03:13 AM

Hi Sergiu - thanks for getting back to me - answer to your questions are below. A theory here is its something to do with fragmentation, one thing i didn't mention above is the UDP:0 packet is not seen in any of the PCAP's we did, only shows up in the Insights..

The BD's are setup up as:

L2 Unknown Unicast = Hardware Proxy

L3 Unknown Multicast Flooding = Flood

Multi Destination Flooding = Flood in BD

ARP Flooding = Enabled

1. Who is the contract consumer and provider? - Both EPG's use the same contract as Consumer and Provider as the traffic can be initiated from either EPG.

2. How is the SIP contract configured from "Reverse filter ports" and "Apply both directions"? -- Apply both directions"? -- Reverse Filter = True and Apply both directions = False

3. How is the PBR contract configured (Consumer/provider)?  - VZany

 

Kevin.

 

 

 

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License