Module: sip-router Branch: master Commit: 95ec00f6ddc3b8e5b8059b1dce0d1f4c8ae29064 URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=95ec00f… Author: oej <oej(a)edvina.net> Committer: oej <oej(a)edvina.net> Date: Sat Oct 10 16:48:02 2009 +0200 Typos, server name --- doc/dst_blacklist.txt | 66 ++++++++++++++++++++++++++----------------------- 1 files changed, 35 insertions(+), 31 deletions(-) diff --git a/doc/dst_blacklist.txt b/doc/dst_blacklist.txt index 8130ff4..93e914f 100644 --- a/doc/dst_blacklist.txt +++ b/doc/dst_blacklist.txt @@ -6,67 +6,71 @@ # Overview +-------- The destination blacklist (dst_blacklist) is used to try to mark bad - destination and avoid possible future expensive send operation to them. - A destination is added to the blacklist when trying to send to it fails (e.g. - timeout while trying to send or connect on tcp), or when a sip timeout occurs - while trying to forward statefully an invite (using tm) and the remote side + destinations and avoid possible future expensive send operation to them. + A destination is added to the blacklist when an attempt to send to it fails (e.g. + timeout while trying to send or connect on TCP), or when a SIP timeout occurs + while trying to forward statefully an INVITE (using tm) and the remote side doesn't send back any response. - The blacklist (if enabled) is checked before any send attempt. + The blacklist (if enabled) is checked before any send attempt. Drawbacks - +--------- Using the destination blacklist will cause some performance degradation, especially on multi cpu machines. If you don't need it you can easily - disable it, either in ser's config or at compile time. Disabling it at - compile time is slightly better (but not in a "measurable" way) then - disabling it at runtime, from the config file. - Whether the destination blacklist is better to be on or off depends a lot - on the setup. In general is better to turn it on when: - - sending to clients that don't respond is expensive (e.g. lots of clients - use tcp and they have the habit of silently discarding tcp traffic from time - to time) - - statefull forwarding is used (tm) and lower memory usage is desired - (a transaction will fail immediately if the destination is already - blacklisted by a previous transaction to the same destination that failed - due to timeout) - - faster dns failover is desired, especially when statefull forwarding (tm) - and udp are used - - better chances of DOS survival are important + disable it, either in sip-router's config or at compile time. Disabling it at + compile time is slightly better (but not in a "measurable" way) than + disabling it at runtime, from the config file. + Whether the destination blacklist is a good solution for you depends a lot + on the setup. In general it is better to turn it on when: + - sending to clients that don't respond is expensive (e.g. lots of clients + use tcp and they have the habit of silently discarding tcp traffic from time + to time) + - stateful forwarding is used (tm) and lower memory usage is desired + (a transaction will fail immediately if the destination is already + blacklisted by a previous transaction to the same destination that failed + due to timeout) + - faster dns failover is desired, especially when stateful forwarding (tm) + and UDP are used + - better chances of DOS attack survival are important Config Variables +---------------- use_dst_blacklist = on | off (default off) - enable the destination blacklist: - if on each failed send attempt will cause the destination to be blacklisted. - Before any send this blacklist will be checked and if a match is found the + If on each failed send attempt will cause the destination to be blacklisted. + Before any send operation this blacklist will be checked and if a match is found the send is no longer attempted (an error is returned immediately). Note: using the blacklist incurs a small performance penalty. dst_blacklist_mem = size in Kb (default 250 Kb) - maximum shared memory amount used for keeping the blacklisted destinations. - dst_blacklist_expire = time in s (default 60 s) - how much time a + dst_blacklist_expire = time in s (default 60 s) - how long time a blacklisted destination will be kept in the blacklist (w/o any update). dst_blacklist_gc_interval = time in s (default 60 s) - how often the garbage collection will run (eliminating old, expired entries). dst_blacklist_init = on | off (default on) - if off, the blacklist - is not initialized at startup and cannot be enabled runtime, - that saves some memory. + is not initialized at startup and cannot be enabled at runtime, + which saves some memory. -Compile Options +Compile Time Options +-------------------- USE_DST_BLACKLIST - if defined the blacklist support will be compiled-in (default). - Note: To remove a compile options, edit ser's Makefile.defs and remove it - form DEFS list. To add a compile options add it to the make command line, + Note: To remove a compile time option, edit the file Makefile.defs and remove + USE_DST_BLACKLIST from the list named DEFS. + To add a compile time option, just add it to the make command line, e.g.: make proper; make all extra_defs=-DUSE_DNS_FAILOVER - or for a permanent solution, edit Makefile.defs and add it to DEFS - (don't forget to prefix it with -D). + or for a permanent solution, edit Makefile.defs and add it to DEFS + (don't forget to prefix it with -D).