IP Phone connectivity

shuvangkar-dhar · August 1, 2023, 5:05pm

I have an x86 network router which has eth0-eth5 total of six ports. My ISP provides Internet on VLAN 500 and VOIP on VLAN 600 on the wan port and my ont port is connected with eth0. From my router an IP phone will be connected with eth1 and another 4 ports will be used for the LAN user will be connected. Now what will be my network configuration and the iptables rules that are needed there for the IP phone to allow VOIP communication?

Here is the network configuration for my router.

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config globals 'globals'
        option ula_prefix 'fd00:b009:1776::/48'

config interface 'lan'
        option type 'bridge'
        option ifname 'eth2 eth3 eth4 eth5'
        option proto 'static'
        option ipaddr '192.168.0.1'
        option netmask '255.255.255.0'
        option ip6assign '60'

config interface 'wan'
        option ifname 'eth0.500'
        option proto 'dhcp'
	option vid '500'
        option proto 'pppoe'
        option dns '1.1.1.1 9.9.9.9'
        option username '*********'
        option password  '123456'

psherman · August 1, 2023, 5:08pm

what version of OpenWrt are you running?

ubus call system board

mk24 · August 1, 2023, 5:14pm

The typical setup is to bridge the phone to the ONT on VLAN 600. The ISP will manage all DHCP etc of the phone. There is no routing of the phone network in the router. The firewall will have no effect, so there is no need to configure any firewall rules.

Your config file is in the old syntax. In the new syntax, bridges are declared separately.

config device
    option name 'br-voip'
    option type 'bridge'
    list ports 'eth0.600'
    list ports 'eth1'

config interface 'voip'
    option device 'br-voip'
    option proto 'none'

If the phone expects tagged packets as if it were plugged into the ONT directly, use eth1.600.

shuvangkar-dhar · August 1, 2023, 5:29pm

Openwrt Version 18.06.02

{
"kernel": "4.14.95",
"hostname": "Openwrt",
"system": "Intel(R) Celeron(R) CPU 1037U @ 1.80GHz",
"model": "To be filled by O.E.M. To be filled by O.E.M.",
"board_name": "to-be-filled-by-o-e-m-to-be-filled-by-o-e-m",
"release": {
"distribution": "OpenWrt",
"version": "18.06.2",
"revision": "r7676-cddd7b4c77",
"target": "x86/64",
"description": "OpenWrt 18.06.2 r7676-cddd7b4c77"
}
}

psherman · August 1, 2023, 5:31pm

oof.... this is really really old. It is unsupported and has been EOL for many years. Beyond that, there are many known security vulnerabilities and this should not be used on the internet anymore.

You should upgrade to 22.03.

In addition, I'm fairly certain that the syntax offered by @mk24 will not work on such an old version (it is correct for 21.02 and 22.03 as well as the forthcoming 23.05).