658:
Vulnerability: Older implementations of IAX2 were vulnerable to resource exhaustion DoS attack methods that are available to the public. While no solutions existed for these issues, the best practices included limiting UDP port access to specific trusted IP addresses. Internet-facing IAX2 ports are
643:
Awkward extensibility: Due to the lack of a generic extension mechanism, new features have to be added in the protocol specification, which makes the protocol less flexible than
688:
RFC 5456, page 1: "Status of This Memo This memo provides information for the
Internet community. It does not specify an Internet standard of any kind."
471:
671:
development tree. These issues were briefly mentioned in the IAX RFC 5456 on page 94. This flaw does not exist in up-to-date installations.
231:
595:
between two endpoints, reducing the IP overhead. This is advantageous in VoIP transmissions, in which IP headers use a large fraction of
801:
464:
191:
522:
830:
321:
316:
286:
146:
393:
336:
261:
403:
373:
615:
457:
388:
181:
61:
592:
652:
569:
206:
196:
699:
326:
306:
256:
722:
560:
configuration. Other VoIP protocols typically use independent channels for signaling and media, such as the
573:
534:
246:
241:
236:
648:
627:
561:
549:
521:
and has been superseded by a second version, commonly called IAX2. The IAX2 protocol was published as an
423:
383:
251:
626:
The primary goals for IAX are to minimize bandwidth used in media transmissions, and to provide native
553:
98:
787:
276:
216:
825:
820:
499:
492:
443:
433:
226:
141:
125:
744:
541:
311:
161:
33:
631:
596:
557:
438:
211:
793:
221:
108:
8:
537:(VoIP) that is used for streaming media, but is primarily designed for IP voice calls.
428:
156:
21:
17:
797:
356:
132:
91:
618:
and much of the development was carried out in the
Asterisk open-source community.
525:(non-standards-track) RFC 5456 by discretion of the RFC Editor in February 2010.
297:
779:
772:
114:
748:
496:
347:
814:
507:
51:
789:
Inter-Asterisk
Exchange (IAX): Deployment Scenarios in SIP-Enabled Networks
584:
511:
266:
545:
602:
IAX2 supports native encryption of both control and media streams using
518:
503:
414:
86:
707:
588:
580:
552:
and media payloads. This feature provides benefits for traversing
16:"IAX" redirects here. For the airline with the ICAO code IAX, see
703:
664:
603:
591:, data from multiple sessions are merged into a single stream of
663:
used to detect these application vulnerabilities was posted on
660:
377:
271:
170:
150:
630:(NAT) transparency. It was intended to be easy to use behind
644:
565:
398:
176:
506:, PBX systems, and softphones. It is used for transporting
659:
considered vulnerable and should be monitored closely. The
366:
361:
331:
281:
201:
166:
186:
548:, by default 4569, between endpoints for both session
745:"Asterisk Project Security Advisory - AST-2009-006"
614:Both versions of the IAX protocol were created by
812:
502:(PBX) software, and is supported by a few other
742:
725:. VoIPER : VoIP Exploit Research toolkit
465:
472:
458:
785:
556:at network boundaries, as it simplifies
782:IANA Registration for Enumservice 'iax'
720:
813:
775:IAX: Inter-Asterisk eXchange Version 2
786:Boucadair, Mohamed (February 2009).
697:
572:(MGCP), which carry media with the
528:
13:
587:channels over a single link. When
20:. For the Type Iax supernova, see
14:
842:
765:
736:
714:
691:
682:
570:Media Gateway Control Protocol
1:
743:Russell Bryant (2009-09-03).
721:Cornell, Blake (2009-05-19).
675:
517:The original IAX protocol is
637:
574:Real-time Transport Protocol
535:voice over Internet protocol
7:
831:Application layer protocols
628:network address translation
562:Session Initiation Protocol
554:network address translators
10:
847:
15:
723:"udp IAX protocol fuzzer"
700:"udp IAX protocol fuzzer"
667:. and is included in the
609:
514:and to terminal devices.
107:
97:
85:
77:
67:
57:
47:
39:
32:
621:
533:IAX is a binary-encoded
500:private branch exchange
493:communications protocol
485:Inter-Asterisk eXchange
126:Internet protocol suite
28:Inter-Asterisk eXchange
544:(UDP) data stream and
542:User Datagram Protocol
34:Communication protocol
510:telephony sessions
29:
540:IAX uses a single
27:
22:Type Iax supernova
18:Island Express Air
803:978-0-470-77072-6
482:
481:
133:Application layer
120:
119:
92:Application layer
838:
807:
759:
758:
756:
755:
740:
734:
733:
731:
730:
718:
712:
711:
706:. Archived from
698:Cornell, Blake.
695:
689:
686:
529:Basic properties
474:
467:
460:
122:
121:
73:
30:
26:
846:
845:
841:
840:
839:
837:
836:
835:
811:
810:
804:
768:
763:
762:
753:
751:
741:
737:
728:
726:
719:
715:
696:
692:
687:
683:
678:
640:
624:
612:
531:
512:between servers
478:
298:Transport layer
71:
25:
12:
11:
5:
844:
834:
833:
828:
826:Asterisk (PBX)
823:
821:VoIP protocols
809:
808:
802:
783:
776:
767:
766:External links
764:
761:
760:
735:
713:
710:on 2010-02-14.
690:
680:
679:
677:
674:
673:
672:
656:
639:
636:
623:
620:
611:
608:
530:
527:
495:native to the
480:
479:
477:
476:
469:
462:
454:
451:
450:
449:
448:
441:
436:
431:
426:
418:
417:
411:
410:
409:
408:
401:
396:
391:
386:
381:
371:
370:
369:
364:
351:
350:
348:Internet layer
344:
343:
342:
341:
334:
329:
324:
319:
314:
309:
301:
300:
294:
293:
292:
291:
284:
279:
274:
269:
264:
259:
254:
249:
244:
239:
234:
229:
224:
219:
214:
209:
204:
199:
194:
189:
184:
179:
174:
164:
159:
154:
144:
136:
135:
129:
128:
118:
117:
111:
105:
104:
101:
95:
94:
89:
83:
82:
79:
75:
74:
69:
65:
64:
59:
55:
54:
49:
45:
44:
41:
37:
36:
9:
6:
4:
3:
2:
843:
832:
829:
827:
824:
822:
819:
818:
816:
805:
799:
795:
791:
790:
784:
781:
777:
774:
770:
769:
750:
746:
739:
724:
717:
709:
705:
701:
694:
685:
681:
670:
666:
662:
657:
654:
650:
646:
642:
641:
635:
633:
629:
619:
617:
607:
605:
600:
598:
594:
590:
586:
582:
579:IAX supports
577:
575:
571:
567:
563:
559:
555:
551:
547:
543:
538:
536:
526:
524:
523:informational
520:
515:
513:
509:
508:voice over IP
505:
501:
498:
494:
490:
486:
475:
470:
468:
463:
461:
456:
455:
453:
452:
447:
446:
442:
440:
437:
435:
432:
430:
427:
425:
422:
421:
420:
419:
416:
413:
412:
407:
406:
402:
400:
397:
395:
392:
390:
387:
385:
382:
379:
375:
372:
368:
365:
363:
360:
359:
358:
355:
354:
353:
352:
349:
346:
345:
340:
339:
335:
333:
330:
328:
325:
323:
320:
318:
315:
313:
310:
308:
305:
304:
303:
302:
299:
296:
295:
290:
289:
285:
283:
280:
278:
275:
273:
270:
268:
265:
263:
260:
258:
255:
253:
250:
248:
245:
243:
240:
238:
235:
233:
230:
228:
225:
223:
220:
218:
215:
213:
210:
208:
205:
203:
200:
198:
195:
193:
190:
188:
185:
183:
180:
178:
175:
172:
168:
165:
163:
160:
158:
155:
152:
148:
145:
143:
140:
139:
138:
137:
134:
131:
130:
127:
124:
123:
116:
112:
110:
106:
102:
100:
96:
93:
90:
88:
84:
80:
76:
70:
66:
63:
60:
56:
53:
50:
46:
42:
38:
35:
31:
23:
19:
788:
752:. Retrieved
738:
727:. Retrieved
716:
708:the original
693:
684:
668:
625:
616:Mark Spencer
613:
601:
585:multiplexing
578:
539:
532:
516:
504:softswitches
488:
484:
483:
444:
404:
337:
287:
68:Introduction
62:Mark Spencer
58:Developer(s)
40:Abbreviation
546:port number
815:Categories
754:2013-05-28
729:2013-05-28
676:References
568:, and the
519:deprecated
415:Link layer
78:Influenced
778:RFC
771:RFC
638:Drawbacks
632:firewalls
597:bandwidth
550:signaling
113:RFC
87:OSI layer
749:Asterisk
589:trunking
581:trunking
558:firewall
497:Asterisk
72: ()
704:milw0rm
665:milw0rm
604:AES-128
593:packets
576:(RTP).
564:(SIP),
491:) is a
445:more...
429:Tunnels
405:more...
338:more...
288:more...
277:TLS/SSL
232:ONC/RPC
169: (
99:Port(s)
48:Purpose
800:
669:VoIPer
661:fuzzer
651:, and
610:Origin
272:Telnet
171:HTTP/3
109:RFC(s)
794:Wiley
645:H.323
622:Goals
566:H.323
399:IPsec
177:HTTPS
798:ISBN
780:6315
773:5456
653:MGCP
394:IGMP
374:ICMP
332:QUIC
327:RSVP
322:SCTP
317:DCCP
282:XMPP
262:SNMP
257:SMTP
242:RTSP
217:OSPF
207:NNTP
202:MQTT
197:MGCP
192:LDAP
182:IMAP
167:HTTP
147:DHCP
115:5456
103:4569
81:IAX2
52:VoIP
649:SIP
489:IAX
439:MAC
434:PPP
424:ARP
389:ECN
384:NDP
312:UDP
307:TCP
267:SSH
252:SIP
247:RIP
237:RTP
227:PTP
222:POP
212:NTP
187:IRC
162:FTP
157:DNS
142:BGP
43:IAX
817::
796:.
792:.
747:.
702:.
647:,
634:.
606:.
599:.
583:,
378:v6
367:v6
362:v4
357:IP
151:v6
806:.
757:.
732:.
655:.
487:(
473:e
466:t
459:v
380:)
376:(
173:)
153:)
149:(
24:.
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.