ChristianBergerSipgate created an issue (kamailio/kamailio#4281)
### Description
The rtpengine module uses a `cookie` field in the Protocol controlling rtpengines. This field needs to be unique, and is derived from the `server_id` field set in the Kamailio, the `pid` as well as the value of a variable `myseqn`.
In many conditions, this is random enough. However particularly when using docker, the `pid` will be identical across servers, reducing the randomness and causing collisions.
### Expected behavior
The 34 bytes of the cookie should be as unique as possible.
#### Actual observed behavior
We get collisions many times per day, as different kamailio instances randomly choose the same value.
### Possible Solutions
1. Set `myseqn` to a random value during module load. 2. Add an additional random value to the `gencookie` function. 3. Use `%x` instead of `%d` to squeeze more entropy into the 33 characters available, and perhaps use fixed length fields.
The problem probably also exists in the following other modules:
1. rtpproxy 2. lrkproxy
We are not using those modules so we have not yet experienced collisions here.
henningw left a comment (kamailio/kamailio#4281)
Thanks for the report. I have some pending changes related to randomness in other areas as well, let me have a look to it.
henningw left a comment (kamailio/kamailio#4281)
Should be fixed in 33b80fcc4d84f - if you can give it a try. It will be backported to the stable releases soon as well.
henningw left a comment (kamailio/kamailio#4281)
As a note, it should be also improved now for rtpproxy (04686c40d380e) and lrkproxy (4935196ee8ce)
Closed #4281 as completed.
ChristianBergerSipgate left a comment (kamailio/kamailio#4281)
Cool, but we were able to work around the issue with server_id and testing new releases currently is a bit hard for us. However I've looked over the code and it looks good. Thank you very much!
-
Christian Berger -
Henning Westerholt