Andrei Pelinescu-Onciul wrote: [snip]
So all the packets comming from the same ip will be sent to the same fron end SER? (hashing after src ip)?
Yes, using ciscos "Sticky IP" which I admit, I do not know about, but I'm told it will do this job properly.
Anyway there are some problems related to the nat traversal:
- nat ping - nat ping needs to access usrloc, so that it would know
which users to ping. However on your setup the front-end servers have no ideea about this, so they wouldn't be able to nat ping. The "main" server (User accounts) knows who to ping but its ping won't traverse a symmetric nat (the nat will have an open binding only with the outbound proxy, which would be one of the load balanced front-ends).
I do realize this now, so I'm considering running a non-persistent usr_loc (no mysql back end) on all the front end servers, and using t_replicate between all of them. I admit I have not verified if this is possible, so please forgive me if I'm talking non-sense here at this stage. My concern here, as I mentioned in my reply to Klaus's post, is that if I use t_replicate will all my front end ser servers, will they all spit udp at a single natted client when the client has only one udp session with one front end server?
- consider user A calling user B, where at least B is behind a nat.
The invite would reach the "main" server which will look up B and will try to send the message to B's address. Unfortunately B's nat will drop the packet, because it has an open binding only between B and the load balanced ip. (this will work only if B has a full cone nat which is very very unlikely)
I'm not sure on the solution here. I will need to make the call go via the front end ser server that has the active udp session with the client. I'm going to sleep on this!
- assuming the above stuff will work somehow, you still have to be very
carefull to open only one rtp proxy session (since each front end has its own rtp proxy you should make sure you use force_rtp_proxy on only one of them, for the same call)
I agree, and I realize that I'm making some challenging issues for myself :) Thank you Andrei for your comments!
-Jev