Traditionally this service is provided via its supplied Fritzbox router, utilising its FXS port to supply telephony to analogue devices.

As the service is SIP based, it is possible to connect direct via SIP phones or Asterisk which is ideal should the Fritzbox not be suitable for your requirements. While this is permitted by Zen, it is unsupported.

Here are a couple of examples of getting connected to Zen DV without the use of the Fritzbox.

A Pre-Setup Warning

This process involves exposing a SIP server / device to the internet, this protocol is constantly targeted by hackers and fraudsters due to its reward for exposing a vulnerable system.

For example, hackers can exploit a system to generate high volumes of calls on your account for either their own benefit (calling a premium rate number they setup) or for the sheer fun of it, while fraudsters could use your “line” to make robocalls to other phone numbers.

Therefore, it is imperative to limit the service’s exposure to only the IP’s listed below, if your router is unable to open ports to specified addresses, consider upgrading or not proceeding.

Network

From a network point of view, VoIP is split into two sections; Signalling (SIP) that deals with the actions of a call, such as “start ringing” and “hangup now”. The Media (RTP) solely deals with the audio of the call and its setup is defined via the SIP signalling.

Uniquely For the DV service, Zen employs a separate server each for inbound and outbound calls:

SIP Inbound:
voip.zen.co.uk – 212.23.7.228

SIP Outbound:
voip2.zen.co.uk – 212.23.7.235

Media uses a common range:

RTP Media:

62.3.88.0/28
62.3.88.16/28

Ports used by the service are the standard:

SIP: 5060
RTP: 10000 – 20000

Setup

As we are trying to mimic the Fritzbox, which is the first point of contact from the internet, the above ports need to be passed onto your SIP device. As this could pass any internet traffic on these ports to the device it’s a good idea to limit these open ports to only the IPs above too.

This will differ depending on the router used, as an example this is how to set it up on a Draytek router:

Allowed Client List / Whitelist

In the router’s web interface, navigate to Objects Setting >> IP Object, add the IPs:

These need to be grouped together, in Objects Setting >> IP Groups, add these IPs into the group:

Open Ports

Now there is a list of allowed IPs, the ports can be opened, in NAT >> Open Ports, edit an index, setting:

WAN Interface: Port connected to Zen internet
Source IP: The group created above
Private IP: Local IP of SIP device
Ports: Open UDP ports 5060 and a range 10000-20000

Now VoIP traffic is forwarding to the device, it can be configured…

SIP

To authenticate with the service the phone number {number} (full number including area code, in national format, i.e starting 01 or 02) will be used as the username, and you’ll need the password {password}(secret). The password is available via the old Zen portal for legacy customer (https://portal.zen.co.uk/) or by contacting Zen and asking for “your VoIP password”.

Asterisk

As there are two servers in use for SIP signalling, two trunks are required on the PBX:

Trunk 1 – Inbound; This just needs to accept calls from Zen’s server so is pretty basic:

type=peer
trustrpid=yes
nat=yes
insecure=invite
host=voip.zen.co.uk
disallow=all
allow=alaw

Trunk 2 – Outbound; This contains authentication to login (register) to the service and make calls:

type=peer
secret={password}
host=voip2.zen.co.uk
fromuser={number}
disallow=all
authuser={number}
allow=alaw
nat=yes
insecure=invite
fromdomain=voip2.zen.co.uk
defaultuser={number}

The outbound trunk also requires the registration details, this allows Zen’s servers to recognise that your service is online and ready for calls:

{number}:{password}@voip2.zen.co.uk/{number}

If you’d like to monitor the connection, you’d see this in sngrep:

Note even when setup correctly, the initial registration attempt will fail as Asterisk attempts to register without authentication, upon the 401 error it will then attempt registration with authentication details and receive the 200 OK response and so registered to the service.

SIP Phone

To connect directly to SIP device, it’s mainly a case of just getting the phone to register, from there the Zen server will know it is logged in for calls and take it from there. The generic details needed are below, apply this best to the terminology used by the device:

Username / Register Name: {number}
Password / Secret: {password}

Server / Registrar / Host: voip2.zen.co.uk
Transport / Protocol: UDP
Port: 5060

For example, this is a setup of a Yealink phone:

If setup correctly, the registration status should state “Registered”.

This is for Yealink devices but will likely be applicable for other vendors, you will need to change the following settings in Features >> General Information:

Accept SIP Trust Server Only: This needs to be disabled as inbound calls come from a different server than the device is registered to.

Allow IP Call: Important to disable especially if there is no IP whitelisting on the router, this stops random or “ghost” calls generated by hackers trying to find a response from internet facing phones. This will not be an issue if you are able to restrict open WAN ports to allowed IP’s, but if not, this helps.

Conclusion

Setup, you should be able to use your Zen DV number with your VoIP / SIP devices.

For a single phone this is a simple solution, but for multiple phones around the home your either limited to only cordless phones from the likes of Yealink or Gigaset (where the base unit is the controller and SIP registration device).

But for a combination of landline and cordless, the VoIP revolution means the end of an era of running an extension cable to the next phone, you’ll need a local PBX of some sort to handle signalling.

Finale

This is also likely an end of an era for my VoIP based posts, as I have left my telecoms role for something different.

I may return sporadically to VoIP postings if I find a home use for it, or revive a post that didn’t quite get there. But for now, it’s a goodbye to SIP.

For background, I was previously in a FTTC environment getting average speeds due to my distance from the cab, however good enough to assumably be overlooked for the next phase of the Openreach Ultrafast rollout. Not that I’m complaining, 2020 is the year my speed gets a much-needed boost.

2020 also turns out to be the inaugural international work from home year, so had the opportunity to have a front seat view from my home office on the activity and timeline that brought FTTP home.

I’d like to share my observations and timeline as an example of what you can expect should you get the inkling of fibre coming to your street soon.

Before we get started, as my expectations rose, I found this post by Andy’s World invaluable for identifying activity and helping me confirm that FTTP was on its way.

Background

As mentioned, I was already in a FTTC enabled area. From the cab the copper “last mile” travelled underground from the cab to my nearest telegraph pole, then overhead to my property.

I was getting speeds on average of 40Mbps down and 5Mbps up due to the distance from the cab, I also suffered loss of sync approx. every other day. I notice that my overhead line was a lot older than others on the pole, identified by the greying colour and how you could identify both cores on the cable rather than the single looking shielded core of adjacent cables. A 48h MTBF was not ideal but well within Openreach service levels, meaning I couldn’t get this drop cable replaced without a significant cost.

Being in an FTTC area, no matter how bad the connection is usually meaning that it is not up for consideration for upcoming phases of an Openreach FTTP rollout. Couple this to a Virgin media rollout along my street the previous year and this would reason that the demand for FTTP would be low.

Timeline

Early days – May 2020

Entering my second month of working from home, notice a lot of Openreach vans passing my door. I may be more observant of these given my profession, but it was a lot of activity over the normal fault-based callouts.

Later and as I started venturing out of the house again, it looks as though they were commissioning a new cabinet a couple of streets up, therefore assumed the activity was for this.

June 2020

I happen to live near a train station, and was intrigued by the letters through the door.

Since moving in a year earlier, I’ve received a couple of letters of this type. But a new ticketing system combined with increased Openreach activity made me think if maybe this would include fibre. Hopes were still low at this point, but even if the rail infrastructure went for leased line circuits, this would increase the likelihood of FTTP.

Hopes were increased later in the month, when I noticed active involvement in the pole supplying my house.

To coincide, another letter relating to communications works on the rail system piqued my interest further.

August 2020

Another letter, this time for roadworks to clear blocked ducts for Openreach, with my and adjacent poles labelled for work.

This was very telling, as FTTC was already available with a on pole distribution point (DP), either this was to increase the number of copper circuits, or for deployment of a new technology.

25^th August 2020

The conformation I needed; thanks to the Andy’s World post I knew what to look for.

This day a cherry picker arrived soon after 9am, and then commenced the installation of a FTTP termination at my local pole. It was a day later before the “Fibre lines overhead” label appeared but it was clear FTTP was on its way.

Through my work I’m able to check and order connectivity for premises, so now began my daily check to see if/when FTTP would be available.

10^th Sepember  2020

Daily ISP provision check 16, and FTTP appeared as an order option, at 9am it appeared as an option but unable to order to lack of capacity, but an hour later it was fully available:

Before getting ahead and ordering the full 1000/115Mbps, time for a reality check to see what my current router can actually process, resulting in an order of 220/30Mbps later that day.

My ISP like many others allow me to upgrade speed within contract but now downgrade, so this will be a good starting point with the option to increase should I get a router upgrade.

Activation date was set for Wednesday 23/09/2020.

Monday 21^st September 2020

Activation week, and more activity around the Openreach pole. Involving a cherry picker, a team of 3 descended to check over the FTTP distribution point.

Also noticed that the tensioners (Or the metal wire that attaches to the ring on top of the pole and is wrapped around the drop cable hold it to the pole) of my current copper drop cable were unwound slightly.

Tuesday 22^nd September 2020

The day before I had an unexpected reconnaissance visit from the Openreach engineer assigned to my activation the next day.

My previous drop cable for reasons I cannot fathom was run into the house via a corner of the uPVC window frame, so was eager to have the fibre enter the house via a new route. And the five-minute visit was worth it as it was determined that a cherry picker was needed at pole side due to the slope of the road.

Wednesday 23^rd September 2020 – Install Day

ONT- Optical Network Termination – The modem that converts light to electrical data.

Openreach engineer turned up at 9am as promised, and a recap of the installation path.

The assumed installation work would disconnect the copper to the building, and replace the analogue master socket like for like with the new ONT. I needed the FTTC to remain in use while I transition IP addresses so at request the old copper would remain active.

Sub-plan was to leave the copper untouched, and run a new route of fibre only cable into the house. However, when the cherry picker turned up so did a supply of combined copper/fibre cable, allowing the supply of all services via the new route, and to replace the aging copper.

Installation

Fibre installation comes in two parts, the distribution point (either overhead or underground) to the outside of the property, and a fibre from the ONT inside the property out to meet the other.

First the hole was drilled close to the ONT location, the ONT was mounted on the wall and the internal fibre ran to the outside. The internal fibre is much thinner than from the pole due to the less armoured sheathing and benefits with more flexibility, although this comes at a risk of snapping or kinking the fibre, resulting in light loss and ultimately network loss.

Next stage with the help of the cherry picker was to plug in the fibre to the DP on the pole, and run it overhead towards the house. The fibre was secured to the house and run down the side of the building. During this the old copper was disconnected and new was connected at the pole.

Thirdly, the internal and external fibres are joined together. A new box is attached to the external wall that has inside a spool that will hold a few windings of each fibre, as the joining of the cables is considered a failure point, as few windings are included during the initial installation to give extra fibre should the cables need to be re-joined in future.

A portable splicing machine is used to join both fibres by lining them up, heating to fuse the two together, and shrink wrapping the join for protection. The unit also checks the light levels at this location, mine being 17 at this join, 14 at pole.

The fibre is coiled in the external box and closed, completing the installation of the fibre.

Commissioning is a simple as Openreach completing the order, then waiting for the PON light on the modem to illuminate. Such is the technology, there’s no fine tuning or testing of the signal, as long as the light levels at the splicing phase is good, the connection should just would. Although a sanity check wouldn’t go a miss and a quick speed test confirmed I was running on the new connection.

Fibre installed, the analogue side was reconnected with the use of a new mk5c socket, the copper in the new combo cable is extremely thin to the point where you’d struggle to believe it’s a pair. That so, VDSL sync speeds are comparable to the old drop cable, although I don’t think longevity was in mind with this design.

Equipment

As FTTP enters a maturity, the efficiency and cost saving measures improve (depending on your side of the fence).

Early installations had modems which included a PSTN port for analogue phones, and were accompanied by a battery backup unit to keep the phone line active during power failures. Later units dropped the PSTN and battery options, in favour of four RJ45 ports, with the potential to provide 4 separate internet connections via the single fibre and modem.

The new ONT supplied for my residential installation was something new to me, a Nokia G-010G-Q. This unit is far smaller than previously seen, and is sized perfectly to replace in situ a BT analogue master socket. The compromise is from the bare minimum of I/O, with the only connections being power, fibre termination and a single RJ45 port for modulated data.

Results

As expected, my internet connection has been perfectly stable and just what I need when working from home, in particular the upload speed and lower latency is a much-needed improvement for this website, which I host from a home server.

Ironically the install of FTTP has greatly improved the FTTC connection its replacing, now it syncs for days at a time instead of a hopeful 48hour maximum.

If you are like me and insist on using your own router, double check the WAN throughput before deciding on a speed profile. Even though Draytek advertises a 400Mbps firewall throughput, I’m reliably getting a maximum of only 180Mbps. This I would attribute to three active WAN and a couple of VPN all with load balancing options applied.