ChristianBergerSipgate created an issue (kamailio/kamailio#4281)

Description

The rtpengine module uses a cookie field in the Protocol controlling rtpengines. This field needs to be unique, and is derived from the server_id field set in the Kamailio, the pid as well as the value of a variable myseqn.

In many conditions, this is random enough. However particularly when using docker, the pid will be identical across servers, reducing the randomness and causing collisions.

Expected behavior

The 34 bytes of the cookie should be as unique as possible.

Actual observed behavior

We get collisions many times per day, as different kamailio instances randomly choose the same value.

Possible Solutions

1. Set myseqn to a random value during module load.
2. Add an additional random value to the gencookie function.
3. Use %x instead of %d to squeeze more entropy into the 33 characters available, and perhaps use fixed length fields.

The problem probably also exists in the following other modules:

1. rtpproxy
2. lrkproxy

We are not using those modules so we have not yet experienced collisions here.

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <kamailio/kamailio/issues/4281@github.com>