VOS3000 Media Proxy and System Parameters: Complete Configuration Reference

VOS3000 media proxy and system parameters control the core functionality of your VoIP softswitch. Proper configuration of these parameters determines call quality, NAT traversal success, security levels, and overall system performance. This comprehensive reference guide covers all critical parameters from the official VOS3000 2.1.9.07 manual, explaining their functions and recommended configurations for different deployment scenarios.

📞 Need help configuring VOS3000 parameters? WhatsApp: +8801911119966

📡 Understanding Media Proxy in VOS3000

Media proxy determines whether RTP (Real-time Transport Protocol) voice packets flow directly between endpoints or through the VOS3000 server. This decision has significant implications for NAT traversal, audio quality, server resource usage, and call reliability.

📊 VOS3000 Media Proxy Modes

The SS_MEDIAPROXYMODE parameter controls media proxy behavior with four distinct modes:

⚙️ Media Proxy Auto Mode Decision Logic (VOS3000 Media Proxy)

When SS_MEDIAPROXYMODE is set to “Auto,” VOS3000 follows a precise decision algorithm to determine whether media proxy is needed:

Media Proxy Decision Steps (Auto Mode):

Step 1: Check if caller or callee MUST have media proxy
        ├── If gateway/phone has Media Proxy = Must On
        └── Result: ENABLE media proxy

Step 2: Check if caller or callee has Media Proxy disabled
        ├── If gateway/phone has Media Proxy = Off
        └── Result: DISABLE media proxy

Step 3: Check if caller or callee has Media Proxy enabled
        ├── If gateway/phone has Media Proxy = On
        └── Result: ENABLE media proxy

Step 4: Check if callee has local ring enabled
        ├── Local ring requires media proxy for ringback tone
        └── Result: ENABLE media proxy

Step 5: Check for dynamic registration with encryption
        ├── If phone/gateway uses dynamic register AND encryption
        └── Result: ENABLE media proxy

Step 6: Check cross-network routing (SS_MEDIAPROXYBETWEENNET)
        ├── If caller and callee from different networks
        └── Result: ENABLE media proxy

Step 7: Check NAT conditions (SS_MEDIAPROXYBEHINDNAT)
        ├── If phone and gateway in same NAT, SS_MEDIAPROXYSAMENAT = On
        ├── If phone and gateway in different NAT, one in private network
        └── Result: ENABLE media proxy

Step 8: Default action
        └── Result: DISABLE media proxy

🔧 Configuring Media Proxy Parameters

📍 Location in VOS3000 Client

Navigation Path:
Operation Management → Softswitch Management → Additional Settings → System Parameter

Parameter Name: SS_MEDIAPROXYMODE
Valid Values: Off, On, Auto, Must On
Default Value: Auto

Related Parameters:
┌─────────────────────────────────────────────────────────────┐
│ Parameter Name                  │ Description               │
├─────────────────────────────────────────────────────────────┤
│ SS_MEDIAPROXYBETWEENNET        │ Proxy for cross-network   │
│ SS_MEDIAPROXYBEHINDNAT         │ Proxy for behind-NAT      │
│ SS_MEDIAPROXYSAMENAT           │ Proxy for same-NAT        │
└─────────────────────────────────────────────────────────────┘

📡 RTP Port Configuration (VOS3000 Media Proxy)

RTP port configuration determines which UDP ports VOS3000 uses for voice media streams. Proper configuration is essential for firewall rules and capacity planning. VOS3000 Media Proxy

📊 RTP Port Parameters VOS3000 Media Proxy

⚙️ RTP Port Sizing Calculation

RTP Port Capacity Planning:

Each concurrent call uses 2 RTP ports (one for each direction)
Port Range: 10000-39999 = 30,000 ports
Maximum Concurrent Calls = 30,000 / 2 = 15,000 calls

However, consider:
- Each port allocation has overhead
- IVR services need separate port range
- H.323 calls share same range

Recommended Configuration by Capacity:
┌──────────────────────────────────────────────────────────────┐
│ Expected Capacity │ RTP Port Range    │ IVR Port Range      │
├──────────────────────────────────────────────────────────────┤
│ Small (<500 CC)   │ 10000-19999       │ 40000-40999         │
│ Medium (500-2000) │ 10000-29999       │ 40000-41999         │
│ Large (2000-5000) │ 10000-39999       │ 40000-44999         │
│ Enterprise (5000+)│ 10000-59999       │ 60000-64999         │
└──────────────────────────────────────────────────────────────┘

Firewall Rule Example:
iptables -A INPUT -p udp --dport 10000:39999 -j ACCEPT
iptables -A INPUT -p udp --dport 40000:47999 -j ACCEPT

🔑 SIP Parameters Reference – VOS3000 Media Proxy

SIP parameters control how VOS3000 handles SIP signaling, authentication, and session management. These parameters directly impact call setup success and session reliability.

📊 Critical SIP Parameters

⚙️ NAT Keep-Alive Configuration

NAT Keep-Alive Purpose:
- Maintains NAT binding for devices behind NAT
- Prevents one-way audio caused by expired bindings
- Essential for devices that don't support SIP Timer

How It Works:
1. VOS3000 sends UDP message to registered device IP
2. Message content = SS_SIP_NAT_KEEP_ALIVE_MESSAGE (default: "HELLO")
3. Sent every SS_SIP_NAT_KEEP_ALIVE_PERIOD seconds (default: 30)
4. This keeps the NAT mapping active

Configuration Example:
SS_SIP_NAT_KEEP_ALIVE_MESSAGE = "HELLO"
SS_SIP_NAT_KEEP_ALIVE_PERIOD = 30
SS_SIP_NAT_KEEP_ALIVE_SEND_INTERVAL = 500
SS_SIP_NAT_KEEP_ALIVE_SEND_ONE_TIME = 3000

This means:
- Send "HELLO" to each device every 30 seconds
- Wait 500ms between sending to different devices
- Process 3000 devices in each batch

Scaling Notes:
- 3000 devices × 500ms = 25 minutes to process all
- Adjust SEND_ONE_TIME for large deployments
- Increase SEND_INTERVAL if network is slow

🔐 Authentication Parameters

Authentication parameters control how VOS3000 handles SIP authentication challenges and account lockout policies for security.

📊 Authentication Security Parameters

⚙️ Authentication Lockout Configuration

Security Configuration Example:

For High-Security Environments:
SS_AUTHENTICATION_MAX_RETRY = 3
SS_AUTHENTICATION_FAILED_SUSPEND = 300

For Standard Environments:
SS_AUTHENTICATION_MAX_RETRY = 6
SS_AUTHENTICATION_FAILED_SUSPEND = 180

For Relaxed Environments (trusted networks only):
SS_AUTHENTICATION_MAX_RETRY = 10
SS_AUTHENTICATION_FAILED_SUSPEND = 60

How Lockout Works:
1. Device attempts registration with wrong password
2. VOS3000 returns 401 Unauthorized
3. Device retries (up to SS_AUTHENTICATION_MAX_RETRY times)
4. After max retries, IP is added to temporary block list
5. Block lasts for SS_AUTHENTICATION_FAILED_SUSPEND seconds
6. After timeout, device can retry

This protects against:
- Brute force password attacks
- SIP flood attacks
- Credential guessing
- Automated hacking tools

📊 Session Timer Configuration (VOS3000 Media Proxy)

Session timers ensure that hung calls are detected and cleaned up, preventing “ghost calls” and billing errors.

⚙️ Session Timer Parameters

Session Timer Configuration:

SS_SIP_SESSION_TTL = 1800 (30 minutes)
SS_SIP_SESSION_UPDATE_SEGMENT = 300 (5 minutes)
SS_SIP_NO_TIMER_REINVITE_INTERVAL = 7200 (2 hours)

How SIP Session Timer Works:
1. During call setup, session timer is negotiated
2. VOS3000 sends UPDATE or re-INVITE at interval
3. If no response, session is considered dead
4. Call is terminated and CDR is generated

For Non-Timer-Capable Clients:
- SS_SIP_NO_TIMER_REINVITE_INTERVAL sets max call time
- After this duration, call is terminated
- Prevents ultra-long "zombie" calls

Recommended Values:
┌────────────────────────────────────────────────────────────┐
│ Scenario           │ TTL  │ Update Segment │ Max No-Timer │
├────────────────────────────────────────────────────────────┤
│ Standard VoIP      │ 1800 │ 300            │ 7200         │
│ High-Volume Trunk  │ 3600 │ 600            │ 14400        │
│ Calling Card       │ 900  │ 180            │ 3600         │
│ Enterprise PBX     │ 1800 │ 300            │ 28800        │
└────────────────────────────────────────────────────────────┘

Session Timer Benefits:
- Detects hung calls automatically
- Prevents billing discrepancies
- Reduces "ghost call" complaints
- Frees system resources

🎯 H.323 Parameters Reference

For environments using H.323 protocol, VOS3000 provides comprehensive parameter controls.

📊 Critical H.323 Parameters

📈 Quality of Service (QoS) Parameters

QoS parameters control the DSCP marking on IP packets for prioritization in managed networks.

⚙️ QoS Configuration

QoS Parameters:

SS_QOS_SIGNAL = 0xa0 (default)
- DSCP marking for SIP/H.323 signaling packets
- Hex value applied to IP header ToS field

SS_QOS_RTP = 0xa0 (default)
- DSCP marking for RTP media packets
- Hex value applied to IP header ToS field

DSCP Value Reference:
┌─────────────────────────────────────────────────────────────┐
│ Hex Value │ Binary  │ DSCP Class        │ Description      │
├─────────────────────────────────────────────────────────────┤
│ 0x00      │ 000000  │ Best Effort       │ Default, no QoS  │
│ 0x20      │ 001000  │ CS1               │ Scavenger        │
│ 0x40      │ 010000  │ CS2               │ OAM              │
│ 0x60      │ 011000  │ CS3               │ Signaling        │
│ 0x80      │ 100000  │ CS4               │ Real-time        │
│ 0xa0      │ 101000  │ CS5 / EF          │ Voice (default)  │
│ 0xc0      │ 110000  │ CS6               │ Network control  │
└─────────────────────────────────────────────────────────────┘

When to Configure:
- Only in managed networks with QoS policies
- Coordinate with network team on DSCP values
- Match router/switch QoS configuration

📊 Billing and CDR Parameters

These parameters control billing precision and CDR generation behavior. VOS3000 Media Proxy

⚙️ Critical Billing Parameters

🔗 Related Resources – VOS3000 Media Proxy

• 📖 VOS3000 Extended Firewall Configuration
• 📖 VOS3000 One-Way Audio Troubleshooting
• 📖 VOS3000 Server Configuration Guide
• 📖 VOS3000 FAQ Based on Official Manual
• 📖 VOS3000 Downloads

❓ Frequently Asked Questions

Should I set media proxy to On or Auto?

Auto mode is recommended for most deployments. It intelligently enables media proxy only when needed (NAT traversal, encryption, cross-network calls) while allowing direct RTP when possible. This provides the best balance of reliability and server resource usage.

How do I know if my RTP port range is sufficient?

Calculate: Each concurrent call uses 2 RTP ports. With default range 10000-39999 (30,000 ports), you can support 15,000 concurrent calls. Monitor port usage through system performance monitoring. If you see port allocation errors, increase the range or reduce concurrent call load.

Why do calls drop at 30 seconds?

This typically indicates SIP session timer or NAT binding issues. Check SS_SIP_SESSION_TTL and ensure NAT keep-alive is configured. The 30-second timeout often corresponds to NAT binding expiry when keep-alives are not working.

What is the best authentication retry setting?

For most environments, the default of 6 retries with 180-second suspension works well. For high-security environments, reduce to 3 retries with longer suspension (300+ seconds). Balance security against false positives from legitimate users mistyping passwords.

How do I troubleshoot media proxy issues?

Use Debug Trace in VOS3000 to capture SIP and SDP messages. Check if media proxy is being invoked (look at the c= line in SDP). Verify that RTP ports are within configured range. Check firewall rules allow both signaling and RTP ports.

📞 Get Expert Help with VOS3000 Configuration

Need assistance optimizing VOS3000 parameters for your specific deployment? Our team provides professional VOS3000 installation, configuration, and performance tuning services.

📱 WhatsApp: +8801911119966

Contact us for VOS3000 server hosting, parameter optimization, and professional support services!

📞 Need Professional VOS3000 Setup Support?

For professional VOS3000 installations and deployment, VOS3000 Server Rental Solution:

📱 WhatsApp: +8801911119966
🌐 Website: www.vos3000.com
🌐 Blog: multahost.com/blog
📥 Downloads: VOS3000 Downloads