cliffzig

For while now, we have had some strange things going on with our T1 circuits. I have the 61C, with 3 T1 circuits and 24 copper trunk members. The problem lies with my outgoing long distance T1. Well, actually I moved outgoing Long Distance to 2 different T1 circuits with different cards with the same results.

Here is a description of the T1 circuits:

Route 0 Loop 18 24 Channels
AT&T Universal T1 2 way
TKTP: DID

Route 1 Loop 8 24 Channels
AT&T Long Distance 2 way
TKTP: TIE

Currently, the long distance outgoing is on Loop 18. Here is what happens:
Once in a while, we notice we will call a long distance number, and we are having to wait about 20 or 30 seconds before the calls even connects. I go into LD 60 and do a STAT and get something like this:

DTI TRK LOOP 8 - ENBL
FFMT/LCMT/YALMT: ESF/B8Z/FDL
SERVICE RESTORE: YES
YEL ALM PROCESS: YES
ALARM STATUS : NO ALARM
CH 01 - BUSY TIE VOD CH 02 - BUSY TIE VOD
CH 03 - BUSY TIE VOD CH 04 - BUSY TIE VOD
CH 05 - BUSY TIE VOD CH 06 - BUSY TIE VOD
CH 07 - BUSY TIE VOD CH 08 - BUSY TIE VOD
CH 09 - BUSY TIE VOD CH 10 - BUSY TIE VOD
CH 11 - BUSY TIE VOD CH 12 - BUSY TIE VOD
CH 13 - BUSY TIE VOD CH 14 - BUSY TIE VOD
CH 15 - BUSY TIE VOD CH 16 - BUSY TIE VOD
CH 17 - BUSY TIE VOD CH 18 - BUSY TIE VOD
CH 19 - BUSY TIE VOD CH 20 - BUSY TIE VOD
CH 21 - BUSY TIE VOD CH 22 - BUSY TIE VOD
CH 23 - BUSY TIE VOD CH 24 - BUSY TIE VOD

or this, depending on the routing I have set up:

DTI TRK LOOP 18 - ENBL
FFMT/LCMT/YALMT: ESF/B8Z/FDL
SERVICE RESTORE: YES
YEL ALM PROCESS: YES
ALARM STATUS : NO ALARM
CH 01 - BUSY DID VOD CH 02 - BUSY DID VOD
CH 03 - BUSY DID VOD CH 04 - BUSY DID VOD
CH 05 - BUSY DID VOD CH 06 - BUSY DID VOD
CH 07 - BUSY DID VOD CH 08 - BUSY DID VOD
CH 09 - BUSY DID VOD CH 10 - BUSY DID VOD
CH 11 - BUSY DID VOD CH 12 - BUSY DID VOD
CH 13 - BUSY DID VOD CH 14 - BUSY DID VOD
CH 15 - BUSY DID VOD CH 16 - BUSY DID VOD
CH 17 - BUSY DID VOD CH 18 - BUSY DID VOD
CH 19 - BUSY DID VOD CH 20 - BUSY DID VOD
CH 21 - BUSY DID VOD CH 22 - BUSY DID VOD
CH 23 - BUSY DID VOD CH 24 - BUSY DID VOD


Now normally, there will be regular traffic around 1/4 of this. What I mean is, all this should not be full, in a legit situation. This is not a legit situation however. Read on.

So then I go to LD 80 and do a TRAD 8 XX (where XX is the trunk member I want to look at.)

A legit call looks like this:

.TRAD 18 22

ACTIVE TN 018 22
ORIG 012 0 02 07 MARP 0 3971 500 WRLS
TERM 018 22 DID RMBR 0 22
DIAL DN 91214324XXXX
MAIN_PM ESTD
TALKSLOT ORIG 15 TERM 17
QUEU NONE
CALL ID 0 76


PDCA 1 PAD 0 0 PCML MU MU

You can plainly see that is originates on a TN and goes out over a T1 trunk.

The suspicious calls look like this:

.TRAD 18 24

ACTIVE TN 018 22
ORIG 018 24 DID RMBR 0 24
TERM 018 21 DID RMBR 0 21
DIAL DN 90112632xxxx
MAIN_PM ESTD
TALKSLOT ORIG 26 TERM 28
QUEU NONE
CALL ID 0 408


PDCA 1 PAD 0 3 PCML MU MU
PDCA 1 PAD 0 0 PCML MU MU

You see how it originates AND terminates on a trunk member? That's not the best part, this sort of think will keep these circuits open for days, resulting in something like this:

09/08 00:00 944 1281.5 2632xxxx Zimbabwe $ 3959.57 Foreign

or this example:

08/08 00:00 800 3994.2 968500xxxx Oman $13242.11 Foreign

Now, I will mention that we are a hotel, and this activity is originating from guest rooms. The guests DID dial these numbers, but these calls stay open for days at a time, and in the meantime our call accounting system shows that they made more calls. So of course they hung up their phone. What I want to know is, WHY IS THIS HAPPENING?!?

Do we have hotel guests who have exploited some security hole? Is there something wrong with our PBX hardware? Do we have a malfnctioning T1?

Our PBX vendor is pointing the finger at AT&T, and AT&T is pointing the finger back at our PBX vendor. In the meantime, we are stuck paying for the international calls that nobody seemed to make. The prices above shows what the marked up rate would be for our guests, but we are still paying thru the nose for these calls.

Anyone who has any ideas, please help!

Thanks,

Cliff