The article is concerning a device specifically used with Germany’s network provider “Alice” (now O2/Alice), called “Alice IAD 3221”.
A (really) small site with a VPN connection to the central office reported problems with their Internet connection: Whenever a phone call was made, no new sessions (ssh to central server through VPN) could be established, web pages wouldn’t load.
That site in question is connected to the world via O2/Alice on an NGN line (“next-generation network”, where voice and Internet go through a single DSL line via pure IP). The provider box (“IAD 3221”, build by Spairon) contains a VoIP-to-analog converter plus “DSL modem” and optional router pus Ethernet switch).
The provider box wasn’t configured as a router, leaving it as a bridge to the separate VPN router. The “phone” part of the IAD was activated, an analog phone attached.
This setup ran trouble-free for about half a year, but then the problems somehow manifested. During a stay at the location I could trouble-shoot the networking devices and indeed, as soon as the analog phone had established a call, the Internet connecting was majorly degraded. Irritatingly, while ssh, http and anything else using TCP didn’t work at all, ICMP requests went through just fine – I could “ping” remote systems, but got no ssh nor http connection. As soon as the call was over, the ssh calls came back alive and finished their connect.
A quick check on the Internet gave hints about drops in line quality, where the phone call would use up most of the bandwidth – but the Internet connection was rather quick, there ought to be plenty of room for a VoIP call in parallel. So I decided to give the support line a call (which in itself would justify an article – I won’t elaborate on getting the correct number and getting through to a person, since that’s no technological problem 😉 ), where a friendly technician made me configure the IAD 3221 as a modem and gave proof that the problem wouldn’t exist then. Fine – but now our router won’t work… at least I had proof that the DSL line itself is ok.
I’ve found no documented way to un-set the router mode, short of resetting the device to factory defaults. Luckily, in this case, all that was required to reconfigure was the PIN to re-register the VoIP part of the device.
Of course, the problem still persisted.
Further tracing only revealed excessive “Async event (0x20) timer epxired” output from “ip xfrm monitor” on the VPN router, rather than the usual “Async event (0x10) replay update” overhead.
Then I came across the ATM mode settings for the IAD 3221 (reachable via i.e. http://192.168.1.1/web.cgi?controller=Internet&action=IndexAccessMode, once you’re logged in to the
A word of warning: Changing any of those settings can seriously damage your connections – you might find yourself doing a factory reset plus a full reconfiguration of the IAD to recover!
Well, in our case, it was set to “Router (1VC), Voice over PPPoE”. I changed this to “Modem (1VC), Voice over PPPoE” and immediately, the problems were gone.
I don’t know what changed in the first place, to cause the problems. Whether that setting got somehow unset or some new firmware got installed via the provider path (and the previous version worked without changing that Modem/Router setting), I cannot tell. Just for reference: The IAD now reports a firmware version “2.21-2.49.6b”.
A short summary for our German readers
Ein als Modem genutztes IAD 3221 beeinträchtigte die Internet-Verbindungen des externen Router immer dann, wenn über den analogen Telefonie-Anschluss das IAD telefoniert wurde. Ein “factory reset” des IAD brachte keine Abhilfe, erst die Konfiguration des Modus “Modem (1VC)…” anstelle von “Router (1VC)…” ermöglichte die Internet-Nutzung auch während telefoniert wird.