sr-users June 2006

sr-users@lists.kamailio.org

203 participants
495 discussions

[Users] Does OpenSER support more than one CPU, performance testing procedure

by Mark Kent

>> I have a small configuration (pstn gateway ser.cfg) running ... One of the things you have to be careful of with these tests is just how realistic is the test? We can come up with all these magic numbers about cps and #users, etc., but if the configs don't include sufficient security checks to make it safe to put such a server on the Internet then it could be a bit misleading. I like openser and I'm enjoying learning about it and experimenting. But I'm afraid that it's going to get a black-eye in the press due to some significant security scandal. We need to put together a "Security Considerations" section for the documentation, so that would at least increase awareness among users (I'll work with someone to do this, but I don't know enough yet to do it alone.) Now some of you are going to say: Hey, use a commercial package if you can't program the necessary security! But it's not me I'm worried about, it's everyone else (OK, I am worried about me too :-) Consider the path of sendmail. It took a long time for sendmail to "ship" with arbitrary email relaying turned OFF by default. This created big problems in the real world. Likewise look how long it took for the default inetd.conf to have virtually nothing defined in it, or for inetd itself to be turned off by default. Previous default configurations caused big problems in the real world. The only security note in openser I recall seeing in two months of reading and experimenting is about preventing someone from registering with the same IP as one of your gateways. Here's the thing: if you give people working configs then they will use them and some will use them on the open Internet. How does one person's deficient openser.cfg affect you? I don't know, but one thing I hope we've all learned from the past dozen of so years of Internet growth is that security at site A can be exploited to affect site B in ways that we hadn't previously thought of. Think of spam, distributed denial of service attacks, identity spoofing. Thanks, -mark

18 years, 4 months

RE: [Serusers] Rtpproxy howto

by İlker Aktuna \(Koç.net\)

Hi, In ser v10, I see a mediaproxy module and it points me to following address for a mediaproxy. http://mediaproxy.ag-projects.com/ Could it be that this is the recent version of rtpproxy ? should I use rtpproxy or mediaproxy ? Thanks, ________________________________ From: ram [mailto:talk2ram@gmail.com] Sent: Friday, June 16, 2006 5:12 PM To: İlker Aktuna (Koç.net) Subject: Re: [Serusers] Rtpproxy howto Hi In my i said get the Source of ser0.9.7 ( do not install ser of this version) inside you can see rtpproxy source directory install from that only rtpproxy. ram On 6/16/06, İlker Aktuna (Koç. net ) <ilkera(a)koc.net> wrote: Hi, I can't use ser0.9.7 because I need presence. I already have ser v10 installed and running. How can I add rtpproxy to it ? Thanks, ilker ________________________________ From: ram [mailto:talk2ram@gmail.com] Sent: Friday, June 16, 2006 5:01 PM To: İlker Aktuna (Koç.net <http://koç.net/> ) Cc: serusers(a)lists.iptel.org Subject: Re: [Serusers] Rtpproxy howto Hi just download from onsip site ser0.9.7 untar that, and make rtpproxy from that and run rtpproxy its very simple ram On 6/16/06, İlker Aktuna (Koç. net ) <ilkera(a)koc.net > wrote: Hi, I will try to install RTP proxy for my internal users. Is there a simple RTP proxy howto/handbook for this process ? Thanks, ilker <http://387555.sigclick.mailinfo.com/sigclick/020C0F07/04004D09/01020F4E/038…> _____________________________________________________________________________________________________________________________________________ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez. This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence. _____________________________________________________________________________________________________________________________________________ <http://387555.sigclick.mailinfo.com/sigclick/020D0506/05044E03/01030A4F/022…> _____________________________________________________________________________________________________________________________________________ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez. This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence. _____________________________________________________________________________________________________________________________________________

18 years, 4 months

[Users] Does OpenSER support more than one CPU, performance testing procedure

by rod

Hello all, I'm guessing if OpenSER supports more than one CPU. I ask for this to know if I can achieve to double the call per second (cps) rate or registration rate using two processors instead of one. I suppose that many of us have read the excellent "getting started 5" guide and use the scripts provided in this guide to start their first SER/OpenSER proxy. I would like to know if other users using these scripts would like to share their experience on the amount of users their OpenSER platform is able to handle, and on which hardware. It could be interesting if some users can post their OpenSER performance (cps, registration rate, number of user) with a particular "getting started" script, for example : "Authenticating ser.cfg", "call forwarding ser.cfg". Moreover, it could be great if we could think of a standard procedure to stress test the proxy. I have heard of Sipp, so do you think this program could be the base of this procedure? I understand that OpenSER performance greatly depends of the ser.cfg, nat configuration, avpops, the database backend, but I think that it could be great to delimit some standards configurations and show what we can expect on different hardware specifications. I'm wondering about this, cause I'd like to know if one or two OpenSER will easily support 30 000 to 40 000 users, call forwarding, redirection to voicemail; or will I have to buy a commercial product to do this. I have a small configuration (pstn gateway ser.cfg) running with 50 users, registering every 60s and a peak of 20cps (limited by my pstn connectivity), running like a charm on a small Intel P3 700 Mhz with 256MB (it's a small test box running on my desk). If somebody could help to define a test, it will be a pleasure to share my experience on an IBM HS20 blade with a bi Xeon 3,06 Ghz and 4GB of RAM. Thanks to all for the daily support, rod.

18 years, 4 months

[Users] UsrLoc version dose not match Location

by zhan li

Hi All, When I tried to start openser with accounting module, I got error: 0(0) db_init: Connection 'mysql://openser:openserrw@localhost/openser' not found in pool 0(0) new_connection: Opening MySQL connection: mysql://openser:openserrw@localhost/openser 0(0) new_connection: Connection type is Localhost via UNIX socket 0(0) new_connection: Protocol version is 10 0(0) new_connection: Server version is 4.0.18-standard 0(0) usrloc:preload_udomain: Wrong version v136545352 for table <location>, expected v1001 0(0) register_udomain(): Error while preloading domain 'location' 0(0) pool_remove: Removing connection from the pool 0(0) domain_fixup(): Error while registering domain ERROR: error -1 while trying to fix configuration I tried to execute : openser_mysql drop openser_mysql create After this, I start openser, the same erroe message. I realy need help in this issue. Thanks John

18 years, 4 months

RE: [Serusers] Rtpproxy howto

by İlker Aktuna \(Koç.net\)

Hi, I can't use ser0.9.7 because I need presence. I already have ser v10 installed and running. How can I add rtpproxy to it ? Thanks, ilker ________________________________ From: ram [mailto:talk2ram@gmail.com] Sent: Friday, June 16, 2006 5:01 PM To: İlker Aktuna (Koç.net) Cc: serusers(a)lists.iptel.org Subject: Re: [Serusers] Rtpproxy howto Hi just download from onsip site ser0.9.7 untar that, and make rtpproxy from that and run rtpproxy its very simple ram On 6/16/06, İlker Aktuna (Koç. net ) <ilkera(a)koc.net> wrote: Hi, I will try to install RTP proxy for my internal users. Is there a simple RTP proxy howto/handbook for this process ? Thanks, ilker <http://387555.sigclick.mailinfo.com/sigclick/020C0F07/04004D09/01020F4E/038…> _____________________________________________________________________________________________________________________________________________ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez. This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence. _____________________________________________________________________________________________________________________________________________

18 years, 4 months

[Serusers] Rtpproxy howto

by İlker Aktuna \(Koç.net\)

Hi, I will try to install RTP proxy for my internal users. Is there a simple RTP proxy howto/handbook for this process ? Thanks, ilker <http://387555.sigclick.mailinfo.com/sigclick/0A090F07/05044F00/09070C4E/021…> _____________________________________________________________________________________________________________________________________________ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez. This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence. _____________________________________________________________________________________________________________________________________________

18 years, 4 months

[Serusers] replicate problems with openser.

by Shenen Shenen

This is my openser.cfg; I'm using it to replicate the SIP registration from one asterisk to another one (to have always the same registration status of SIP in all 2 asterisk,in case of falls, every 2 ,have the same configuration and softphones run without registration problem...(this is my purpose....) . # demo script showing how to set-up usrloc replication # SCRIPT PER COPIARE LO STATO DELLE REGISTRAZIONI DEI SIP DAL .12 all' .11 # ----------- global configuration parameters ------------------------ debug=3 # debug level (cmd line: -dddddddddd) fork=no log_stderror=yes # (cmd line: -E) #listen= 192.16.25.11 port=5060 # ------------------ module loading ---------------------------------- loadmodule "/usr/local/lib/openser/modules/mysql.so" loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" #loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" #loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" # ----------------- setting module-specific parameters --------------- # digest generation secret; use the same in backup server; # also, make sure that the backup server has sync'ed time modparam("auth", "secret", "alsdkhglaksdhfkloiwr") # ------------------------- request routing logic ------------------- # main routing logic route{ # initial sanity checks -- messages with # max_forwars==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); return; }; #if (len_gt( max_len )) { if ( msg:len > max_len ){ sl_send_reply("513", "Message too big"); return; }; # if the request is for other domain use UsrLoc # (in case, it does not work, use the following command # with proper names and addresses in it) if (uri==myself) { if (method=="REGISTER") { # verify credentials if (!www_authorize("", "subscriber")) { www_challenge("", "0"); return; }; # if ok, update contacts and ... save("location"); # ... if this REGISTER is not a replica from our # peer server, replicate to the peer server if (!src_ip== 192.16.25.12) { t_replicate("192.16.25.12","5060"); }; return; }; # do whatever else appropriate for your domain log("non-REGISTER\n"); }; } When I run openser happens this: [root@asterisk11 ~]# openser 0(3294) WARNING: fix_socket_list: could not rev. resolve 192.16.25.11 0(3294) WARNING: fix_socket_list: could not rev. resolve 192.16.25.11 Listening on udp: 127.0.0.1 [127.0.0.1]:5060 udp: 192.16.25.11 [ 192.16.25.11]:5060 tcp: 127.0.0.1 [127.0.0.1]:5060 tcp: 192.16.25.11 [ 192.16.25.11]:5060 Aliases: tcp: asterisk11.local:5060 udp: asterisk11.local :5060 WARNING: no fork mode and more than one listen address found(will use only the the first one) stateless - initializing 0(0) Maxfwd module- initializing 0(0) AUTH module - initializing 0(0) AUTH_DB module - initializing 0(0) INFO: udp_init: SO_RCVBUF is initially 110592 0(0) INFO: udp_init: SO_RCVBUF is finally 221184 0(0) WARNING: using only the first listen address (no fork) and then the windows doesn't respond.....is all stop....where is the problem? 10000000 thanks!

18 years, 4 months

[Serusers] Again softphone not connected using port number other than 5060

by sumit dengri

sir Sorry to disturb you once again but my softphone (X lite) is still not connected to ser. I also checked its log and it is sending requests to port 5065. so PLZ tell all the possiblities and their corrections as well. so that I wont disturb you again. regards. __________________________________________________________ Yahoo! India Answers: Share what you know. Learn something new http://in.answers.yahoo.com/

18 years, 4 months

RE: [Serusers] Presentity & Rls databases

by İlker Aktuna \(Koç.net\)

Thank you :) -----Original Message----- From: Vaclav Kubart [mailto:vaclav.kubart@iptel.org] Sent: Friday, June 16, 2006 10:31 AM To: İlker Aktuna (Koç.net) Cc: serusers(a)lists.iptel.org Subject: Re: [Serusers] Presentity & Rls databases See module parameters in presence handbook. Vaclav On Fri, Jun 16, 2006 at 10:27:40AM +0300, ?lker Aktuna (Koç.net) wrote: > Hi, > > Anyone who has information about this ? > > thanks > ilker > > ________________________________ > > From: serusers-bounces(a)lists.iptel.org > [mailto:serusers-bounces@lists.iptel.org] On Behalf Of ?lker Aktuna > (Koç.net) > Sent: Thursday, June 15, 2006 9:33 AM > To: serusers(a)lists.iptel.org > Subject: [Serusers] Presentity & Rls databases > > > > Hi, > > > In my Ser installation with mysql db, I see some tables for presentity > and RLS such as; > | presentity | > | presentity_contact | > | presentity_notes | > | presentity_persons | > | rls_subscription | > | rls_vs | > | rls_vs_names | > > But they are empty tables and seems that they are not used anyhow. > How can I make use of these tables ? > > I wonder how to save presence info on db. > > Thanks for any information. > > Regards, > ilker > <http://387555.sigclick.mailinfo.com/sigclick/020A0507/03014E02/0104014E/043…> _____________________________________________________________________________________________________________________________________________ Bu e-posta mesaji kisiye ozel olup, gizli bilgiler iceriyor olabilir. Eger bu e-posta mesaji size yanlislikla ulasmissa, icerigini hic bir sekilde kullanmayiniz ve ekli dosyalari acmayiniz. Bu durumda lutfen e-posta mesajini kullaniciya hemen geri gonderiniz ve tum kopyalarini mesaj kutunuzdan siliniz. Bu e-posta mesaji, hic bir sekilde, herhangi bir amac icin cogaltilamaz, yayinlanamaz ve para karsiligi satilamaz. Bu e-posta mesaji viruslere karsi anti-virus sistemleri tarafindan taranmistir. Ancak yollayici, bu e-posta mesajinin - virus koruma sistemleri ile kontrol ediliyor olsa bile - virus icermedigini garanti etmez ve meydana gelebilecek zararlardan dogacak hicbir sorumlulugu kabul etmez. This message is intended solely for the use of the individual or entity to whom it is addressed , and may contain confidential information. If you are not the intended recipient of this message or you receive this mail in error, you should refrain from making any use of the contents and from opening any attachment. In that case, please notify the sender immediately and return the message to the sender, then, delete and destroy all copies. This e-mail message, can not be copied, published or sold for any reason. This e-mail message has been swept by anti-virus systems for the presence of computer viruses. In doing so, however, sender cannot warrant that virus or other forms of data corruption may not be present and do not take any responsibility in any occurrence. _____________________________________________________________________________________________________________________________________________

18 years, 4 months

Re: [Serusers] replicate problems with openser.

by Andrey Kouprianov

1. Specify "listen=x.x.x.x" and add "children=N" directive as well (e.g. children=5) 2. Could not resolve blah-blah comes from the fact that you do not have a DNS reverse entry for this IP address. Try specifying the following directives. They might help. dns=no rev_dns=no Regards, Andrey. P.S. - This is just a warning, so dont worry too much. Nevertheless, seeing warnings is not that pleasant anyway. I understand your concern. ;-)

18 years, 4 months

← Newer
1
...
23
24
25
26
27
28
29
...
50
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

sr-users June 2006