Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.
Scenario: Kamailio servers running behind a loadbalancer (AWS network loadbalancer in this case). This causes all packets to come from the same IP address in Kamailio's POV.
The change a902e4a introduced a connection limit per source IP address. This obviously conflicts with the setup mentioned above. We need up to 10000 client connections, which would seem to all come from the same IP address.
Apart from this limit being introduced without a changelog entry (at least I didn't find one), I would expect it to be configurable. But from the commit it looks like it is a compile time option only.
Feb 15 09:24:00 sipproxy /usr/sbin/kamailio[174]: CRITICAL: <core> [core/tcp_main.c:4447]: handle_new_connect(): hit the limit of connections per source IP (100.68.15.172:33334) - rejecting
Feb 15 09:24:01 sipproxy /usr/sbin/kamailio[174]: CRITICAL: <core> [core/tcp_main.c:4447]: handle_new_connect(): hit the limit of connections per source IP (100.68.15.172:1153) - rejecting
Feb 15 09:24:01 sipproxy /usr/sbin/kamailio[174]: CRITICAL: <core> [core/tcp_main.c:4447]: handle_new_connect(): hit the limit of connections per source IP (100.68.15.172:59946) - rejecting
Using the packages from the official Kamailio repository.
kamailio -vversion: kamailio 5.7.4 (x86_64/linux)
flags: USE_TCP, USE_TLS, USE_SCTP, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MMAP, PKG_MALLOC, MEM_JOIN_FREE, Q_MALLOC, F_MALLOC, TLSF_MALLOC, DBG_SR_MEMORY, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLOCKLIST, HAVE_RESOLV_RES, TLS_PTHREAD_MUTEX_SHARED
ADAPTIVE_WAIT_LOOPS 1024, MAX_RECV_BUFFER_SIZE 262144, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 8MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: unknown
compiled with gcc 11.4.0
Ubuntu Jammy
—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.