I am really struggling to find a configuration that works correctly and reliably on my 2860n+ router connected to BT Infinity2 (VDSL). Everything works fine except for certain features on a SIP desk phone.

This phone operates as a remote extension off of a hosted PBX and is configured (& locked) to sit behind any normal SOHO router without requiring firewall or configuration changes. Essentially it communicates with just one external IP address and keeps the NAT routing table open with a series of SIP packets sent every 10 seconds or so - thus ensuring there is always a route open in the reverse direction for any incoming packets.

The phone is working fine for normal calls, but I have a problem with some PBX features like BLF's (line busy lamps) and incoming ring-group call notifications. These status updates are sent out as UDP SIP Notify packets which get fragmented in transit and do not then seem to be reliably processed by the Draytek router. I have done numerous Wireshark captures to try and determine the cause of this, but of course from the LAN side of the router I can't tell what is coming in over the VDSL side.

So here are some facts:
1) The phone works absolutely fine (including the problematic features) if I use a BT HomeHub as the modem/router. There is no configuration required, it just works perfectly...
2) It also works most of the time if I run the 2860n+ behind the HomeHub (so a double NAT, WAN2 Ethernet port on 2860n+ connecting to LAN port on BT HomeHub). However running like this the "Firewall >> General Setup >> Accept large incoming fragmented UDP or ICMP packets" setting can have some effect
3) But if I use the 2860n+ as intended (so the only modem/router device) then I am unable to find a configuration that works consistently reliably.

Some additional tech info:
a) Router MTU is of course 1492, as dictated by PPoE protocol.
b) Wiresharks taken simultaneously at i) remote hosted PBX provider and ii) locally on phone; do indeed show that some packets are simply not making it through. For example one packet originated as a single 1752 byte packet was received as 2 fragmented packets as expected, whereas others of similar size (but still above the PPoE MTU threshold) simply get dropped by the 2860n+.
c) Firewall logs show nothing incoming being dropped/blocked
d) Router is running 3.7.4.1 firmware
e) I have done a factory reset on the 2860 and configured only necessary parameters to bring up VDSL & WAN2 ports.

All the above indicate to me that there might be a problem with the way the 2860n+ handles IP fragments. Can anyone suggest any other configuration changes I might try or could this be an undocumented feature in this model of router... I really need to use my Draytek router rather than BT HomeHub as it offers other features I need!!

Appreciate any thoughts anyone may have on this subject!

Thanks,
Chris

i know the usal mtu for vdsl is 1492 but you can run a test for MTU using the CMD if is better an other value for your connection (packets fragment)
http://www.dslreports.com/faq/5793

you can also check at Firewall >> General Setup, Accept routing packet from WAN if helps and enable/tick ipv4

Not sure if will work with a 2860 but with telnet can try disable SIP ALG (sometimes causing issues with voip)
http://www.elantelecom.com/technical-assistance/disable-sip-alg-draytek/
http://support.draytek.net.au/index.php?/Knowledgebase/Article/View/409/9/do-vigor-routers-support-sip-alg

also there is a beta, later than 3.7.4.1 but is not the latest
http://www.forum.draytek.co.uk/viewtopic.php?f=19&t=19313&p=80640#p80509

Thanks for your suggestions.

MTU is reported as 1492 by http://www.letmecheck.it/mtu-test.php . Interestingly I seem to get inconsistent results using the ping test method, for example: bbc.co.uk will ping up to l=1464 (i.e MTU of 1492) whereas DSLreports.com will go up to l=1472 (i.e. MTU of 1500). Not sure what's going on here, I don't think it should go this high! Tried changing the 2860n WAN DF_check bit, but doesn't seem to have any effect.
BTHomeHub seems to have MTU of 1488 (1460 ping + 28), but setting 2860n MTU to this has no effect on my phone problem. It's kind of slow testing since each change needs a reboot to be sure it has taken effect.

Firewall IPv4 routing doesn't make any difference.
SIP ALG is already disabled

I'm still baffled...

Chris

I think I may have found the reason for this problem, but now I need to find a fix.

By comparing VDSL/WAN side packet captures with simultaneous LAN side packet capture, I find that only those packet fragments that come in on the BT VDSL line in logical order (i.e. fragment 1 first, then 2 etc.) get treated correctly and passed to LAN side. However as the vast majority of fragments seem to come in from the VDSL line in reverse logical order (so fragment 2 first, then fragment 1) then the 2860n just seems to drop them as if they never existed!

I can't find any way of modifying this behaviour: the firewall is off, accept large incoming fragmented UDP or ICMP packets is on, DOS defence is off.

No doubt there is some IETF RFC on the handling of fragmented packets arriving out of sequence, however the BT HH5 is able to cope with this whereas the Draytek 2860n views matters very differently...

Anyone ever seen this before or got a workaround?

Chris

do you know if this been resolved in the latest firmware update, having the same issues?

Yes, seems to have been fixed, though I don't recall exactly which firmware update cured it. Certainly v3.7.8 works fine. Problem now is LAN port mirroring is not correctly mirroring WAN/VDSL port in both directions, so although fragmented packets seems to be working I can no longer confirm my original diagnosis by packet sniffing on the WAN port.