7 Jan
2020
7 Jan
'20
10:38 p.m.
Hi,
I wanted to get clarity on a rather basic question:
When using Kamailio with TCP, is it possible to end up with fragments of
multiple SIP messages in a single "on-the-wire" packet?
From what I understand, the purpose of Kamailio's
setting TCP_NODELAY is
to prevent such bundling--as much as it is possible to
control the
fragmentation/packetisation behaviour of the transport protocol from a
user-space application.
-- Alex
--
Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free)
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
7 Jan
7 Jan
11:29 p.m.
Alex Balashov <abalashov(a)evaristesys.com> writes:
I wanted to get clarity on a rather basic question:
When using Kamailio with TCP, is it possible to end up with fragments of
multiple SIP messages in a single "on-the-wire" packet?
From what I understand, the purpose of Kamailio's setting TCP_NODELAY is
to prevent such bundling--as much as it is possible to control the
fragmentation/packetisation behaviour of the transport protocol from a
user-space application.
From a standards point of view, there is no real
meaning to the end
applications to what bytes of user payload are in which TCP
segments
within packets. TCP_NODELAY is a hint that coalescing small writes is
not needed, to avoid a time delay waiting until that next chunk of data
might arrive. However, that's not a guarantee.
My question to you might be why you care, or if you are having a
problem.
11:30 p.m.
On Tue, Jan 07, 2020 at 03:29:13PM -0500, Greg Troxel wrote:
there is no real meaning to the end applications to
what bytes of user
payload are in which TCP segments within packets.
No, not to the application. But perhaps to third-party packet analysis
systems which reconstruct SIP state from what they see on the wire. :-)
-- Alex
--
Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free)
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
8 Jan
8 Jan
1:50 a.m.
Alex Balashov <abalashov(a)evaristesys.com> writes:
On Tue, Jan 07, 2020 at 03:29:13PM -0500, Greg Troxel
wrote:
They need to reassemble segments and cope anyway. There's a long
history of evading firewalls by creative fragmentation.
there is no real meaning to the end applications
to what bytes of user
payload are in which TCP segments within packets.
No, not to the application. But perhaps to third-party packet analysis
systems which reconstruct SIP state from what they see on the wire. :-)
2:39 a.m.
Yes, I understand the formal properties of TCP and that anything is
possible. Thank you for explaining.
What I am asking is whether Kamailio takes pains to ensure--I suppose,
if one must be labouriously precise, to maximise the probability--that
multiple SIP messages are packaged into separate packets. To the extent
it can do so.
On Tue, Jan 07, 2020 at 05:50:18PM -0500, Greg Troxel wrote:
Alex Balashov <abalashov(a)evaristesys.com>
writes:
--
Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free)
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
On Tue, Jan 07, 2020 at 03:29:13PM -0500, Greg
Troxel wrote:
They need to reassemble segments and cope anyway. There's a long
history of evading firewalls by creative fragmentation. there is no real meaning to the end applications
to what bytes of user
payload are in which TCP segments within packets.
No, not to the application. But perhaps to third-party packet analysis
systems which reconstruct SIP state from what they see on the wire. :-)
2:49 a.m.
Alex Balashov <abalashov(a)evaristesys.com> writes:
Yes, I understand the formal properties of TCP and
that anything is
possible. Thank you for explaining.
What I am asking is whether Kamailio takes pains to ensure--I suppose,
if one must be labouriously precise, to maximise the probability--that
multiple SIP messages are packaged into separate packets. To the extent
it can do so.
A fair question. I would expect that it would arrange to call write()
on an entire message, to avoid multiple packets. I would be surprised
to see a deliberate attempt to delay between writes of different
messages. I would try using ktrace/ktruss/strace or whatever and look
at the write messages and their timing. (I realize you are asking if
anyone else really knows.)
9 Jan
9 Jan
7:51 p.m.
Hello Alex,
I just briefly looked into it, did not digged into the code much.
Kamailio is doing some queuing in TCP async mode (default) e.g. if there
is some delay in sending out the data.
One idea - have a look to the core parameters
- tcp_wq_blk_size
- tcp_conn_wq_max
and change them to see if it makes a difference in your particular
situation.
Cheers,
Henning
Am 08.01.20 um 00:39 schrieb Alex Balashov:
Yes, I understand the formal properties of TCP and
that anything is
possible. Thank you for explaining.
What I am asking is whether Kamailio takes pains to ensure--I suppose,
if one must be labouriously precise, to maximise the probability--that
multiple SIP messages are packaged into separate packets. To the extent
it can do so.
On Tue, Jan 07, 2020 at 05:50:18PM -0500, Greg Troxel wrote:
> Alex Balashov <abalashov(a)evaristesys.com> writes:
>
>> On Tue, Jan 07, 2020 at 03:29:13PM -0500, Greg Troxel wrote:
>>
>>> there is no real meaning to the end applications to what bytes of user
>>> payload are in which TCP segments within packets.
>> No, not to the application. But perhaps to third-party packet analysis
>> systems which reconstruct SIP state from what they see on the wire. :-)
> They need to reassemble segments and cope anyway. There's a long
> history of evading firewalls by creative fragmentation.
--
Kamailio Merchandising - https://skalatan.de/merchandising/
Kamailio services - https://skalatan.de/services
Henning Westerholt - https://skalatan.de/blog/
10 Jan
10 Jan
2:23 a.m.
Henning,
Thanks a lot for looking into it! I appreciate it.
On Thu, Jan 09, 2020 at 04:51:32PM +0000, Henning Westerholt wrote:
Hello Alex,
I just briefly looked into it, did not digged into the code much.
Kamailio is doing some queuing in TCP async mode (default) e.g. if there
is some delay in sending out the data.
One idea - have a look to the core parameters
- tcp_wq_blk_size
- tcp_conn_wq_max
and change them to see if it makes a difference in your particular
situation.
Cheers,
Henning
Am 08.01.20 um 00:39 schrieb Alex Balashov:
--
Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free)
Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
Yes, I understand the formal properties of TCP
and that anything is
possible. Thank you for explaining.
What I am asking is whether Kamailio takes pains to ensure--I suppose,
if one must be labouriously precise, to maximise the probability--that
multiple SIP messages are packaged into separate packets. To the extent
it can do so.
On Tue, Jan 07, 2020 at 05:50:18PM -0500, Greg Troxel wrote:
> Alex Balashov <abalashov(a)evaristesys.com> writes:
>
>> On Tue, Jan 07, 2020 at 03:29:13PM -0500, Greg Troxel wrote:
>>
>>> there is no real meaning to the end applications to what bytes of user
>>> payload are in which TCP segments within packets.
>> No, not to the application. But perhaps to third-party packet analysis
>> systems which reconstruct SIP state from what they see on the wire. :-)
> They need to reassemble segments and cope anyway. There's a long
> history of evading firewalls by creative fragmentation.
--
Kamailio Merchandising - https://skalatan.de/merchandising/
Kamailio services - https://skalatan.de/services
Henning Westerholt - https://skalatan.de/blog/
1781
days inactive
1783
days old
7 comments
3 participants
participants (3)
-
Alex Balashov -
Greg Troxel -
Henning Westerholt