Hey Hossein,

I haven't tested that many registrations. Max. I have tested is 10 simultaneous connection.

In this case, Kamailio creates sockets to UEs IP:PORT on demand for sending out ?

Yes, Kamailio establishes IPSec connections between the ports mentioned in "Security-Client" header and the Kamailio IPSec Server and Client port when it receives SIP REGISTER with "Security-Client" header during UE IMS registration.

Best Regards,
Supreeth


On Tue, 21 May 2024 at 19:53, H Yavari <hyavari@rocketmail.com> wrote:
Hi Supreeth,

Thank you, but can we expect Kamailio to handle for example 10K registrations with this configuration?
In this case, Kamailio creates sockets to UEs IP:PORT on demand for sending out ?

Regards,
Hossein



On Tuesday, May 21, 2024 at 07:38:24 AM PDT, Supreeth Herle <herlesupreeth@gmail.com> wrote:


Hello Hossein,

You can potentially limit the ipsec connections to only one port (1 server port and 1 client port) if you set the below configuration parameter to 1.

modparam("ims_ipsec_pcscf", "ipsec_max_connections", 1)
Hope it helps. Please ignore the formatting of this email.
Best Regards,
Supreeth 

On Thu 16. May 2024 at 11:04, H Yavari via sr-users <sr-users@lists.kamailio.org> wrote:
Hi Daniel,

Thank you for the reply.
I will work on it.

Regards,
Hossein

On Thursday, May 16, 2024 at 12:03:34 AM PDT, Daniel-Constantin Mierla <miconda@gmail.com> wrote:


Hello,

On 15.05.24 22:09, H Yavari via sr-users wrote:
Hi all,

I was reviewing the `ims_ipsec_pcscf` code and noticed that this module creates a pool of sockets using different ports (ipsec_max_connections). I'm unclear on the necessity of this approach. Can't we simply create one server listener and one client listener to handle all UE connections? If this is feasible, is there still a need to create the pool at startup?

I'm curious if this is due to an architectural limitation or if the IPSec module can be modified to replace the current implementation with a more efficient one.

technically it is no restriction to have one client socket and one server socket. I am not much active in the VoLTE or VoNR, although I played lately with the later, but from some past discussions I understood that the specs suggest/recommend this approach with a pool of sockets -- I haven't read the specs to confirm personally if that's the case.

Anyhow, during the OSMNT'24 and KamailioWorld'24 conferences, I had discussions with some participants interested in the topic and switching to (or adding the option of) single client/server socket was considered to be done in the future.

For now, if you are concerned of using too many resources due to many children processes, you can use development version (git master branch) where you have the option to have threads for receiving traffic on UDP sockets, with a single pool of processes to handle the UDP SIP traffic:

  - https://www.kamailio.org/wikidocs/cookbooks/devel/core/#udp_receiver_mode

Or, even better, if you can develop the code for having single client/server socket, just do it and make a PR.

Cheers,
Daniel

-- 
Daniel-Constantin Mierla (@ asipto.com)
twitter.com/miconda -- linkedin.com/in/miconda
Kamailio Consultancy, Training and Development Services -- asipto.com
__________________________________________________________
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-leave@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the sender!
Edit mailing list options or unsubscribe: