VOS3000 Media Proxy and System Parameters: Complete Configuration Reference

VOS3000 media proxy and system parameters control the core functionality of your VoIP softswitch. Proper configuration of these parameters determines call quality, NAT traversal success, security levels, and overall system performance. This comprehensive reference guide covers all critical parameters from the official VOS3000 2.1.9.07 manual, explaining their functions and recommended configurations for different deployment scenarios.

📞 Need help configuring VOS3000 parameters? WhatsApp: +8801911119966

📡 Understanding Media Proxy in VOS3000

Media proxy determines whether RTP (Real-time Transport Protocol) voice packets flow directly between endpoints or through the VOS3000 server. This decision has significant implications for NAT traversal, audio quality, server resource usage, and call reliability.

📊 vos3000 Media Proxy Modes

The SS_MEDIAPROXYMODE parameter controls media proxy behavior with four distinct modes:

Mode	Behavior	Server Load	Best Use Case
Off	Never proxy media; RTP flows directly between endpoints	Lowest	Public IP endpoints, no NAT issues
On	Always proxy all media through server	Highest	Troubleshooting, maximum control
Auto	Intelligent decision based on conditions	Variable	Mixed environments, recommended
Must On	Forced proxy regardless of other settings	Highest	Specific debugging scenarios only

⚙️ Media Proxy Auto Mode Decision Logic (VOS3000 Media Proxy)

When SS_MEDIAPROXYMODE is set to “Auto,” VOS3000 follows a precise decision algorithm to determine whether media proxy is needed:

Media Proxy Decision Steps (Auto Mode):

Step 1: Check if caller or callee MUST have media proxy
        ├── If gateway/phone has Media Proxy = Must On
        └── Result: ENABLE media proxy

Step 2: Check if caller or callee has Media Proxy disabled
        ├── If gateway/phone has Media Proxy = Off
        └── Result: DISABLE media proxy

Step 3: Check if caller or callee has Media Proxy enabled
        ├── If gateway/phone has Media Proxy = On
        └── Result: ENABLE media proxy

Step 4: Check if callee has local ring enabled
        ├── Local ring requires media proxy for ringback tone
        └── Result: ENABLE media proxy

Step 5: Check for dynamic registration with encryption
        ├── If phone/gateway uses dynamic register AND encryption
        └── Result: ENABLE media proxy

Step 6: Check cross-network routing (SS_MEDIAPROXYBETWEENNET)
        ├── If caller and callee from different networks
        └── Result: ENABLE media proxy

Step 7: Check NAT conditions (SS_MEDIAPROXYBEHINDNAT)
        ├── If phone and gateway in same NAT, SS_MEDIAPROXYSAMENAT = On
        ├── If phone and gateway in different NAT, one in private network
        └── Result: ENABLE media proxy

Step 8: Default action
        └── Result: DISABLE media proxy

🔧 Configuring VOS3000 Media Proxy Parameters

📍 Location in VOS3000 Client

Navigation Path:
Operation Management → Softswitch Management → Additional Settings → System Parameter

Parameter Name: SS_MEDIAPROXYMODE
Valid Values: Off, On, Auto, Must On
Default Value: Auto

Related Parameters:
┌─────────────────────────────────────────────────────────────┐
│ Parameter Name                  │ Description               │
├─────────────────────────────────────────────────────────────┤
│ SS_MEDIAPROXYBETWEENNET        │ Proxy for cross-network   │
│ SS_MEDIAPROXYBEHINDNAT         │ Proxy for behind-NAT      │
│ SS_MEDIAPROXYSAMENAT           │ Proxy for same-NAT        │
└─────────────────────────────────────────────────────────────┘

📡 RTP Port Configuration (VOS3000 Media Proxy)

RTP port configuration determines which UDP ports VOS3000 uses for voice media streams. Proper configuration is essential for firewall rules and capacity planning.

📊 RTP Port Parameters

Parameter	Default Value	Description
SS_RTP_PORT_RANGE	10000,39999	UDP port range for RTP media streams
SS_H245_PORT_RANGE	10000,39999	H.245 port range for H.323 calls
IVR_RTP_PORT	40000,47999	RTP port range for IVR services

⚙️ RTP Port Sizing Calculation

RTP Port Capacity Planning:

Each concurrent call uses 2 RTP ports (one for each direction)
Port Range: 10000-39999 = 30,000 ports
Maximum Concurrent Calls = 30,000 / 2 = 15,000 calls

However, consider:
- Each port allocation has overhead
- IVR services need separate port range
- H.323 calls share same range

Recommended Configuration by Capacity:
┌──────────────────────────────────────────────────────────────┐
│ Expected Capacity │ RTP Port Range    │ IVR Port Range      │
├──────────────────────────────────────────────────────────────┤
│ Small (<500 CC)   │ 10000-19999       │ 40000-40999         │
│ Medium (500-2000) │ 10000-29999       │ 40000-41999         │
│ Large (2000-5000) │ 10000-39999       │ 40000-44999         │
│ Enterprise (5000+)│ 10000-59999       │ 60000-64999         │
└──────────────────────────────────────────────────────────────┘

Firewall Rule Example:
iptables -A INPUT -p udp --dport 10000:39999 -j ACCEPT
iptables -A INPUT -p udp --dport 40000:47999 -j ACCEPT

🔑 SIP Parameters Reference (VOS3000 Media Proxy)

SIP parameters control how VOS3000 handles SIP signaling, authentication, and session management. These parameters directly impact call setup success and session reliability.

📊 Critical SIP Parameters

Parameter	Default	Purpose
SS_SIP_NAT_KEEP_ALIVE_MESSAGE	HELLO	Content of NAT keep-alive message
SS_SIP_NAT_KEEP_ALIVE_PERIOD	30	Keep-alive interval in seconds (10-86400)
SS_SIP_NAT_KEEP_ALIVE_SEND_INTERVAL	500	Interval between sending keep-alives (ms)
SS_SIP_NAT_KEEP_ALIVE_SEND_ONE_TIME	3000	Number of keep-alives sent per batch
SS_SIP_SESSION_TTL	1800	Session Timer TTL in seconds
SS_SIP_SESSION_UPDATE_SEGMENT	300	Session update interval in seconds
SS_SIP_RESEND_INTERVAL	0.5,1,2,4,4,4,4,4,4,4	SIP message resend intervals (seconds)
SS_SIP_NO_TIMER_REINVITE_INTERVAL	7200	Max call time for non-timer SIP clients

⚙️ NAT Keep-Alive Configuration

NAT Keep-Alive Purpose:
- Maintains NAT binding for devices behind NAT
- Prevents one-way audio caused by expired bindings
- Essential for devices that don't support SIP Timer

How It Works:
1. VOS3000 sends UDP message to registered device IP
2. Message content = SS_SIP_NAT_KEEP_ALIVE_MESSAGE (default: "HELLO")
3. Sent every SS_SIP_NAT_KEEP_ALIVE_PERIOD seconds (default: 30)
4. This keeps the NAT mapping active

Configuration Example:
SS_SIP_NAT_KEEP_ALIVE_MESSAGE = "HELLO"
SS_SIP_NAT_KEEP_ALIVE_PERIOD = 30
SS_SIP_NAT_KEEP_ALIVE_SEND_INTERVAL = 500
SS_SIP_NAT_KEEP_ALIVE_SEND_ONE_TIME = 3000

This means:
- Send "HELLO" to each device every 30 seconds
- Wait 500ms between sending to different devices
- Process 3000 devices in each batch

Scaling Notes:
- 3000 devices × 500ms = 25 minutes to process all
- Adjust SEND_ONE_TIME for large deployments
- Increase SEND_INTERVAL if network is slow

🔐 Authentication Parameters (VOS3000 Media Proxy)

Authentication parameters control how VOS3000 handles SIP authentication challenges and account lockout policies for security.

📊 Authentication Security Parameters

Parameter	Default	Purpose
SS_AUTHENTICATION_MAX_RETRY	6	Max auth retries before suspension (0-999)
SS_AUTHENTICATION_FAILED_SUSPEND	180	Suspension duration in seconds (60-3600)
SS_SIP_AUTHENTICATION_CODE	Unauthorized(401)	SIP response code for auth challenge
SS_SIP_AUTHENTICATION_TIMEOUT	10	Timeout for SIP authentication in seconds
SS_SIP_AUTHENTICATION_RETRY	6	SIP auth retry count for 401/407 responses

⚙️ Authentication Lockout Configuration

Security Configuration Example:

For High-Security Environments:
SS_AUTHENTICATION_MAX_RETRY = 3
SS_AUTHENTICATION_FAILED_SUSPEND = 300

For Standard Environments:
SS_AUTHENTICATION_MAX_RETRY = 6
SS_AUTHENTICATION_FAILED_SUSPEND = 180

For Relaxed Environments (trusted networks only):
SS_AUTHENTICATION_MAX_RETRY = 10
SS_AUTHENTICATION_FAILED_SUSPEND = 60

How Lockout Works:
1. Device attempts registration with wrong password
2. VOS3000 returns 401 Unauthorized
3. Device retries (up to SS_AUTHENTICATION_MAX_RETRY times)
4. After max retries, IP is added to temporary block list
5. Block lasts for SS_AUTHENTICATION_FAILED_SUSPEND seconds
6. After timeout, device can retry

This protects against:
- Brute force password attacks
- SIP flood attacks
- Credential guessing
- Automated hacking tools

📊 Session Timer Configuration

Session timers ensure that hung calls are detected and cleaned up, preventing “ghost calls” and billing errors.

⚙️ Session Timer Parameters (VOS3000 Media Proxy)

Session Timer Configuration:

SS_SIP_SESSION_TTL = 1800 (30 minutes)
SS_SIP_SESSION_UPDATE_SEGMENT = 300 (5 minutes)
SS_SIP_NO_TIMER_REINVITE_INTERVAL = 7200 (2 hours)

How SIP Session Timer Works:
1. During call setup, session timer is negotiated
2. VOS3000 sends UPDATE or re-INVITE at interval
3. If no response, session is considered dead
4. Call is terminated and CDR is generated

For Non-Timer-Capable Clients:
- SS_SIP_NO_TIMER_REINVITE_INTERVAL sets max call time
- After this duration, call is terminated
- Prevents ultra-long "zombie" calls

Recommended Values:
┌────────────────────────────────────────────────────────────┐
│ Scenario           │ TTL  │ Update Segment │ Max No-Timer │
├────────────────────────────────────────────────────────────┤
│ Standard VoIP      │ 1800 │ 300            │ 7200         │
│ High-Volume Trunk  │ 3600 │ 600            │ 14400        │
│ Calling Card       │ 900  │ 180            │ 3600         │
│ Enterprise PBX     │ 1800 │ 300            │ 28800        │
└────────────────────────────────────────────────────────────┘

Session Timer Benefits:
- Detects hung calls automatically
- Prevents billing discrepancies
- Reduces "ghost call" complaints
- Frees system resources

🎯 H.323 Parameters Reference

For environments using H.323 protocol, VOS3000 provides comprehensive parameter controls.

📊 Critical H.323 Parameters

Parameter	Default	Purpose
SS_H245_PORT_RANGE	10000,39999	Port range for H.245 control channel
SS_H323_DTMF_METHOD	H.245 alphanumeric	Default DTMF transmission method
SS_H323_TIMEOUT_ALERTING	120	Timeout for alerting state (seconds)
SS_H323_TIMEOUT_CALLPROCEEDING	20	Timeout for call proceeding (seconds)
SS_H323_TIMEOUT_SETUP	5	Timeout for call setup (seconds)

📈 Quality of Service (QoS) Parameters

QoS parameters control the DSCP marking on IP packets for prioritization in managed networks.

⚙️ QoS Configuration

QoS Parameters:

SS_QOS_SIGNAL = 0xa0 (default)
- DSCP marking for SIP/H.323 signaling packets
- Hex value applied to IP header ToS field

SS_QOS_RTP = 0xa0 (default)
- DSCP marking for RTP media packets
- Hex value applied to IP header ToS field

DSCP Value Reference:
┌─────────────────────────────────────────────────────────────┐
│ Hex Value │ Binary  │ DSCP Class        │ Description      │
├─────────────────────────────────────────────────────────────┤
│ 0x00      │ 000000  │ Best Effort       │ Default, no QoS  │
│ 0x20      │ 001000  │ CS1               │ Scavenger        │
│ 0x40      │ 010000  │ CS2               │ OAM              │
│ 0x60      │ 011000  │ CS3               │ Signaling        │
│ 0x80      │ 100000  │ CS4               │ Real-time        │
│ 0xa0      │ 101000  │ CS5 / EF          │ Voice (default)  │
│ 0xc0      │ 110000  │ CS6               │ Network control  │
└─────────────────────────────────────────────────────────────┘

When to Configure:
- Only in managed networks with QoS policies
- Coordinate with network team on DSCP values
- Match router/switch QoS configuration

📊 Billing and CDR Parameters

These parameters control billing precision and CDR generation behavior.

⚙️ Critical Billing Parameters

Parameter	Default	Purpose
SERVER_BILLING_HOLD_TIME_PRECISION	50	Billing time precision in milliseconds
SERVER_MAX_CDR_PENDING_LIST_LENGTH	100000	Max pending CDR queue length
SERVER_CDR_FILE_WRITE_MAX	2048	Max CDR files to retain
SERVER_CDR_FILE_WRITE_INTERVAL	60	CDR file write interval (seconds)

🔗 Related Resources (VOS3000 Media Proxy)

• 📖 VOS3000 Extended Firewall Configuration
• 📖 VOS3000 One-Way Audio Troubleshooting
• 📖 VOS3000 Server Configuration Guide
• 📖 VOS3000 FAQ Based on Official Manual
• 📖 VOS3000 Downloads

❓ Frequently Asked Questions

Should I set media proxy to On or Auto?

Auto mode is recommended for most deployments. It intelligently enables media proxy only when needed (NAT traversal, encryption, cross-network calls) while allowing direct RTP when possible. This provides the best balance of reliability and server resource usage.

How do I know if my RTP port range is sufficient?

Calculate: Each concurrent call uses 2 RTP ports. With default range 10000-39999 (30,000 ports), you can support 15,000 concurrent calls. Monitor port usage through system performance monitoring. If you see port allocation errors, increase the range or reduce concurrent call load.

Why do calls drop at 30 seconds?

This typically indicates SIP session timer or NAT binding issues. Check SS_SIP_SESSION_TTL and ensure NAT keep-alive is configured. The 30-second timeout often corresponds to NAT binding expiry when keep-alives are not working.

What is the best authentication retry setting?

For most environments, the default of 6 retries with 180-second suspension works well. For high-security environments, reduce to 3 retries with longer suspension (300+ seconds). Balance security against false positives from legitimate users mistyping passwords.

How do I troubleshoot media proxy issues?

Use Debug Trace in VOS3000 to capture SIP and SDP messages. Check if media proxy is being invoked (look at the c= line in SDP). Verify that RTP ports are within configured range. Check firewall rules allow both signaling and RTP ports.

📞 Get Expert Help with VOS3000 Configuration

Need assistance optimizing VOS3000 parameters for your specific deployment? Our team provides professional VOS3000 installation, configuration, and performance tuning services.

📱 WhatsApp: +8801911119966

Contact us for VOS3000 server hosting, parameter optimization, and professional support services!

---

📞 Need Professional VOS3000 Setup Support?

For professional VOS3000 installations and deployment, VOS3000 Server Rental Solution:

📱 WhatsApp: +8801911119966
🌐 Website: www.vos3000.com
🌐 Blog: multahost.com/blog
📥 Downloads: VOS3000 Downloads

---