Hi Everyone,
Which one among the below option is highly recommended for setting up Kamailio (for production) 1. Kamailio behind NAT *or* 2. Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for us( a. Kamailio behind NAT with advertising in listen parameters b.Kamailio setup with public IP). So wondering which one is best and highly recommended?
Some extra info : 1. We use TLS 2. Using coturn for media
Thanks Pintu
Am Dienstag, 26. Februar 2019, 06:09:08 CET schrieb Pintu Lohar:
Which one among the below option is highly recommended for setting up Kamailio (for production)
- Kamailio behind NAT *or*
- Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for us( a. Kamailio behind NAT with advertising in listen parameters b.Kamailio setup with public IP). So wondering which one is best and highly recommended?
Some extra info :
- We use TLS
- Using coturn for media
Hello Pintu,
generally speaking, if you have the choice between a network setup with NAT and without NAT (everything else equal) - my recommendation would to choose the one without NAT. It will be easier to debug in case of problems on your side or the client side.
Best regards,
Henning
I second that. And to add to Henning's suggestion...
We recently tested that same setup, and we found one "thing": Using advertise, you will need a second port (listen transport:ip:port) to talk to internal servers that require you to *keep* the private IP. Otherwise all outgoing request from that kamailio will have the IP replaced by whatever the advertise says and that can mess up your internal routing.
Not an issue, as I said you can configure a second port, but just something to know depending on what your setup is gong to look like.
Good luck! Joel.
On Tue, Feb 26, 2019 at 1:28 PM Henning Westerholt hw@kamailio.org wrote:
Am Dienstag, 26. Februar 2019, 06:09:08 CET schrieb Pintu Lohar:
Which one among the below option is highly recommended for setting up Kamailio (for production)
- Kamailio behind NAT *or*
- Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for us(
a.
Kamailio behind NAT with advertising in listen parameters b.Kamailio
setup
with public IP). So wondering which one is best and highly recommended?
Some extra info :
- We use TLS
- Using coturn for media
Hello Pintu,
generally speaking, if you have the choice between a network setup with NAT and without NAT (everything else equal) - my recommendation would to choose the one without NAT. It will be easier to debug in case of problems on your side or the client side.
Best regards,
Henning
-- Henning Westerholt - https://skalatan.de/blog/ Kamailio services - https://skalatan.de/services Kamailio security assessment - https://skalatan.de/de/assessment
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
I third that. NAT by definition adds complications and overhead, even if they are not significant from a modern economic perspective. If you have the luxury to take NAT out of the equation, you definitely should. But if you can't, Kamailio copes with this very well and has an ample feature set to accommodate that type of deployment, given how common it is nowadays to deploy Kamailio in NAT-only environments such as AWS.
On Tue, Feb 26, 2019 at 01:47:36PM -0800, Joel Serrano wrote:
I second that. And to add to Henning's suggestion...
We recently tested that same setup, and we found one "thing": Using advertise, you will need a second port (listen transport:ip:port) to talk to internal servers that require you to *keep* the private IP. Otherwise all outgoing request from that kamailio will have the IP replaced by whatever the advertise says and that can mess up your internal routing.
Not an issue, as I said you can configure a second port, but just something to know depending on what your setup is gong to look like.
Good luck! Joel.
On Tue, Feb 26, 2019 at 1:28 PM Henning Westerholt hw@kamailio.org wrote:
Am Dienstag, 26. Februar 2019, 06:09:08 CET schrieb Pintu Lohar:
Which one among the below option is highly recommended for setting up Kamailio (for production)
- Kamailio behind NAT *or*
- Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for us(
a.
Kamailio behind NAT with advertising in listen parameters b.Kamailio
setup
with public IP). So wondering which one is best and highly recommended?
Some extra info :
- We use TLS
- Using coturn for media
Hello Pintu,
generally speaking, if you have the choice between a network setup with NAT and without NAT (everything else equal) - my recommendation would to choose the one without NAT. It will be easier to debug in case of problems on your side or the client side.
Best regards,
Henning
-- Henning Westerholt - https://skalatan.de/blog/ Kamailio services - https://skalatan.de/services Kamailio security assessment - https://skalatan.de/de/assessment
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
El mar., 26 de feb. de 2019 a la(s) 17:53, Alex Balashov ( abalashov@evaristesys.com) escribió:
I third that. NAT by definition adds complications and overhead, even if
i agree with! i currently have a confusion: as i pointed here: https://lists.kamailio.org/pipermail/sr-users/2019-February/104862.html i have kamailio+rtpproxy/rtpengine and asterisk in realtime mode but if i not bind the asterisk ports agains the public ip there's its no sound.. i mean, i want only let rtpproxy/rtpengine (whatever of two no both) only agains public ip
is nowadays to deploy Kamailio in NAT-only environments such as AWS.
i cannot find some info about deploy agains AWS flavored OS, where the public ip are kind of NAT.. and cannot take as real interface ... some help with that are appreciated!
On Tue, Feb 26, 2019 at 01:47:36PM -0800, Joel Serrano wrote:
I second that. And to add to Henning's suggestion...
We recently tested that same setup, and we found one "thing": Using advertise, you will need a second port (listen transport:ip:port) to talk to internal servers that require you to *keep* the private IP. Otherwise all outgoing request from that kamailio will have the IP replaced by whatever the advertise says and that can mess up your internal routing.
Not an issue, as I said you can configure a second port, but just
something
to know depending on what your setup is gong to look like.
Good luck! Joel.
On Tue, Feb 26, 2019 at 1:28 PM Henning Westerholt hw@kamailio.org
wrote:
Am Dienstag, 26. Februar 2019, 06:09:08 CET schrieb Pintu Lohar:
Which one among the below option is highly recommended for setting up Kamailio (for production)
- Kamailio behind NAT *or*
- Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for
us(
a.
Kamailio behind NAT with advertising in listen parameters b.Kamailio
setup
with public IP). So wondering which one is best and highly
recommended?
Some extra info :
- We use TLS
- Using coturn for media
Hello Pintu,
generally speaking, if you have the choice between a network setup with NAT and without NAT (everything else equal) - my recommendation would to choose the one without NAT. It will be easier to debug in case of problems on your side or the client side.
Best regards,
Henning
-- Henning Westerholt - https://skalatan.de/blog/ Kamailio services - https://skalatan.de/services Kamailio security assessment - https://skalatan.de/de/assessment
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Alex Balashov | Principal | Evariste Systems LLC
Tel: +1-706-510-6800 / +1-800-250-5920 (toll-free) Web: http://www.evaristesys.com/, http://www.csrpswitch.com/
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hi Henning, Joel, Thanks for your valuable input.
One of our setup for production looks like below for around 1 million users initially : / --------------> Kamailio (active node, as of now private) \ Client -- > LB(public IP- l4 switch)--
---------->Centralized database \ --------------> Kamailio (passive node, as of now private) /
In the future, we have a plan to add another domain and allow calls between different domain.
Thanks & Regards Pintu
On Wed, Feb 27, 2019 at 6:47 AM Joel Serrano joel@textplus.com wrote:
I second that. And to add to Henning's suggestion...
We recently tested that same setup, and we found one "thing": Using advertise, you will need a second port (listen transport:ip:port) to talk to internal servers that require you to *keep* the private IP. Otherwise all outgoing request from that kamailio will have the IP replaced by whatever the advertise says and that can mess up your internal routing.
Not an issue, as I said you can configure a second port, but just something to know depending on what your setup is gong to look like.
Good luck! Joel.
On Tue, Feb 26, 2019 at 1:28 PM Henning Westerholt hw@kamailio.org wrote:
Am Dienstag, 26. Februar 2019, 06:09:08 CET schrieb Pintu Lohar:
Which one among the below option is highly recommended for setting up Kamailio (for production)
- Kamailio behind NAT *or*
- Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for
us( a.
Kamailio behind NAT with advertising in listen parameters b.Kamailio
setup
with public IP). So wondering which one is best and highly recommended?
Some extra info :
- We use TLS
- Using coturn for media
Hello Pintu,
generally speaking, if you have the choice between a network setup with NAT and without NAT (everything else equal) - my recommendation would to choose the one without NAT. It will be easier to debug in case of problems on your side or the client side.
Best regards,
Henning
-- Henning Westerholt - https://skalatan.de/blog/ Kamailio services - https://skalatan.de/services Kamailio security assessment - https://skalatan.de/de/assessment
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hello,
My suggestion is that stay away from NAT if you dont have to. various sip client/Firewalls make out troubles for registration and invites, even if Kamailio can handle it. If you have a high load TLS connection / subscriber , I think you should use load balancer and NAT options.
For example; 1 - Load balancer like F5 that balancing your connection active-active Kamailios
UAC ----> F5 ------> Kamailio -1 (advertises public IP) | -------> Kamailio -2 (advertises public IP)
2- Use kamailio as MultiHomed that convert transport layer to tcp/udp
UAC ---------> Kamailio(TLS-PUBLIC IP-mhomed) -------> Kamailio-1(TCP/UDP) | ---------> Kamailio-2(TCP/UDP)
Good luck
Yasin CANER
________________________________ From: sr-users sr-users-bounces@lists.kamailio.org on behalf of Pintu Lohar pintulohargcetts@gmail.com Sent: Tuesday, February 26, 2019 8:09 AM To: sr-users@lists.kamailio.org Subject: [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended
Hi Everyone,
Which one among the below option is highly recommended for setting up Kamailio (for production) 1. Kamailio behind NAT or 2. Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for us( a. Kamailio behind NAT with advertising in listen parameters b.Kamailio setup with public IP). So wondering which one is best and highly recommended?
Some extra info : 1. We use TLS 2. Using coturn for media
Thanks Pintu
Hi Yasin, Thanks indeed for your valuable input for the active-active cluster(Option-1) & Option-2
We definitely would like to try setting up an active-active cluster for the next phase if not in current phase. But In order to use Kamailio in the active-active cluster, I think we need to forward or replicate registration to both the active-active server? in order to proxy the invite packet through the server where the UA is registered?
We use the following use cases : 1. We use FCM and APNS push to wake up the app. 2. Multi forking / Late forking cases are also involved. 3. Using Kamailio as a stateful proxy.
Thanks & Regards Pintu
On Wed, Feb 27, 2019 at 3:10 PM YASIN CANER caner_yaso@hotmail.com wrote:
Hello,
My suggestion is that stay away from NAT if you dont have to. various sip client/Firewalls make out troubles for registration and invites, even if Kamailio can handle it. If you have a high load TLS connection / subscriber , I think you should use load balancer and NAT options.
For example; 1 - Load balancer like F5 that balancing your connection active-active Kamailios
UAC ----> F5 ------> Kamailio -1 (advertises public IP) | -------> Kamailio -2 (advertises public IP)
2- Use kamailio as MultiHomed that convert transport layer to tcp/udp
UAC ---------> Kamailio(TLS-PUBLIC IP-mhomed) -------> Kamailio-1(TCP/UDP)
| ---------> Kamailio-2(TCP/UDP)Good luck
Yasin CANER
*From:* sr-users sr-users-bounces@lists.kamailio.org on behalf of Pintu Lohar pintulohargcetts@gmail.com *Sent:* Tuesday, February 26, 2019 8:09 AM *To:* sr-users@lists.kamailio.org *Subject:* [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended
Hi Everyone,
Which one among the below option is highly recommended for setting up Kamailio (for production)
- Kamailio behind NAT *or*
- Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for us( a. Kamailio behind NAT with advertising in listen parameters b.Kamailio setup with public IP). So wondering which one is best and highly recommended?
Some extra info :
- We use TLS
- Using coturn for media
Thanks Pintu
Hello Pintu
1 million TLS user? Have u ever test with tester on Kamailio ?Because I remembered in sr-mails that an user tested on 1000 client on TLS transport , it consumes so much CPU etc . I guess 1 milliyonTLSUser make big impact your system for all registration/call.
I tested option-2 for relaying registers about 1-2 years ago for proof of concept. It works fine.
you can replicate user location data by Dmq_usrloc module and can use path header then build a triangle topology to bridge calls. Or You can build a Location Information service to find which kamailio has UAC data .
Best Regards.
Yasin CANER
________________________________ From: Pintu Lohar pintulohargcetts@gmail.com Sent: Wednesday, February 27, 2019 12:27 PM To: YASIN CANER Cc: Kamailio (SER) - Users Mailing List Subject: Re: [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended
Hi Yasin, Thanks indeed for your valuable input for the active-active cluster(Option-1) & Option-2
We definitely would like to try setting up an active-active cluster for the next phase if not in current phase. But In order to use Kamailio in the active-active cluster, I think we need to forward or replicate registration to both the active-active server? in order to proxy the invite packet through the server where the UA is registered?
We use the following use cases : 1. We use FCM and APNS push to wake up the app. 2. Multi forking / Late forking cases are also involved. 3. Using Kamailio as a stateful proxy.
Thanks & Regards Pintu
On Wed, Feb 27, 2019 at 3:10 PM YASIN CANER <caner_yaso@hotmail.commailto:caner_yaso@hotmail.com> wrote: Hello,
My suggestion is that stay away from NAT if you dont have to. various sip client/Firewalls make out troubles for registration and invites, even if Kamailio can handle it. If you have a high load TLS connection / subscriber , I think you should use load balancer and NAT options.
For example; 1 - Load balancer like F5 that balancing your connection active-active Kamailios
UAC ----> F5 ------> Kamailio -1 (advertises public IP) | -------> Kamailio -2 (advertises public IP)
2- Use kamailio as MultiHomed that convert transport layer to tcp/udp
UAC ---------> Kamailio(TLS-PUBLIC IP-mhomed) -------> Kamailio-1(TCP/UDP) | ---------> Kamailio-2(TCP/UDP)
Good luck
Yasin CANER
________________________________ From: sr-users <sr-users-bounces@lists.kamailio.orgmailto:sr-users-bounces@lists.kamailio.org> on behalf of Pintu Lohar <pintulohargcetts@gmail.commailto:pintulohargcetts@gmail.com> Sent: Tuesday, February 26, 2019 8:09 AM To: sr-users@lists.kamailio.orgmailto:sr-users@lists.kamailio.org Subject: [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended
Hi Everyone,
Which one among the below option is highly recommended for setting up Kamailio (for production) 1. Kamailio behind NAT or 2. Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for us( a. Kamailio behind NAT with advertising in listen parameters b.Kamailio setup with public IP). So wondering which one is best and highly recommended?
Some extra info : 1. We use TLS 2. Using coturn for media
Thanks Pintu
Hi Yasin, Not yet tested, My bad - it's 0.1 million with TLS but yes we are yet to test ), We need to distribute the users to different Kamailio cluster through API server. However, Would like to try Option 2 as well and test with it.
Regards Pintu Lohar
On Wed, Feb 27, 2019 at 7:16 PM YASIN CANER caner_yaso@hotmail.com wrote:
Hello Pintu
1 million TLS user? Have u ever test with tester on Kamailio ?Because I remembered in sr-mails that an user tested on 1000 client on TLS transport , it consumes so much CPU etc . I guess 1 milliyonTLSUser make big impact your system for all registration/call.
I tested option-2 for relaying registers about 1-2 years ago for proof of concept. It works fine.
you can replicate user location data by Dmq_usrloc module and can use path header then build a triangle topology to bridge calls. Or You can build a Location Information service to find which kamailio has UAC data .
Best Regards.
Yasin CANER
*From:* Pintu Lohar pintulohargcetts@gmail.com *Sent:* Wednesday, February 27, 2019 12:27 PM *To:* YASIN CANER *Cc:* Kamailio (SER) - Users Mailing List *Subject:* Re: [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended
Hi Yasin, Thanks indeed for your valuable input for the active-active cluster(Option-1) & Option-2
We definitely would like to try setting up an active-active cluster for the next phase if not in current phase. But In order to use Kamailio in the active-active cluster, I think we need to forward or replicate registration to both the active-active server? in order to proxy the invite packet through the server where the UA is registered?
We use the following use cases :
- We use FCM and APNS push to wake up the app.
- Multi forking / Late forking cases are also involved.
- Using Kamailio as a stateful proxy.
Thanks & Regards Pintu
On Wed, Feb 27, 2019 at 3:10 PM YASIN CANER caner_yaso@hotmail.com wrote:
Hello,
My suggestion is that stay away from NAT if you dont have to. various sip client/Firewalls make out troubles for registration and invites, even if Kamailio can handle it. If you have a high load TLS connection / subscriber , I think you should use load balancer and NAT options.
For example; 1 - Load balancer like F5 that balancing your connection active-active Kamailios
UAC ----> F5 ------> Kamailio -1 (advertises public IP) | -------> Kamailio -2 (advertises public IP)
2- Use kamailio as MultiHomed that convert transport layer to tcp/udp
UAC ---------> Kamailio(TLS-PUBLIC IP-mhomed) -------> Kamailio-1(TCP/UDP)
| ---------> Kamailio-2(TCP/UDP)Good luck
Yasin CANER
*From:* sr-users sr-users-bounces@lists.kamailio.org on behalf of Pintu Lohar pintulohargcetts@gmail.com *Sent:* Tuesday, February 26, 2019 8:09 AM *To:* sr-users@lists.kamailio.org *Subject:* [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended
Hi Everyone,
Which one among the below option is highly recommended for setting up Kamailio (for production)
- Kamailio behind NAT *or*
- Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for us( a. Kamailio behind NAT with advertising in listen parameters b.Kamailio setup with public IP). So wondering which one is best and highly recommended?
Some extra info :
- We use TLS
- Using coturn for media
Thanks Pintu
Hello,
there were companies that pushed hundred thousands of active tls connections to same kamailio and it went fine. You will have to do some tuning to kamailio params as well as to the operating system limits, but if you have powerful hardware, having such number of active tls connections should be fine.
Cheers, Daniel
On 27.02.19 11:30, Pintu Lohar wrote:
Hi Yasin, Not yet tested, My bad - it's 0.1 million with TLS but yes we are yet to test ), We need to distribute the users to different Kamailio cluster through API server. However, Would like to try Option 2 as well and test with it.
Regards Pintu Lohar
On Wed, Feb 27, 2019 at 7:16 PM YASIN CANER <caner_yaso@hotmail.com mailto:caner_yaso@hotmail.com> wrote:
Hello Pintu 1 million TLS user? Have u ever test with tester on Kamailio ?Because I remembered in sr-mails that an user tested on 1000 client on TLS transport , it consumes so much CPU etc . I guess 1 milliyonTLSUser make big impact your system for all registration/call. I tested option-2 for relaying registers about 1-2 years ago for proof of concept. It works fine. you can replicate user location data by Dmq_usrloc module and can use path header then build a triangle topology to bridge calls. Or You can build a Location Information service to find which kamailio has UAC data . Best Regards. Yasin CANER ------------------------------------------------------------------------ *From:* Pintu Lohar <pintulohargcetts@gmail.com <mailto:pintulohargcetts@gmail.com>> *Sent:* Wednesday, February 27, 2019 12:27 PM *To:* YASIN CANER *Cc:* Kamailio (SER) - Users Mailing List *Subject:* Re: [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended Hi Yasin, Thanks indeed for your valuable input for the active-active cluster(Option-1) & Option-2 We definitely would like to try setting up an active-active cluster for the next phase if not in current phase. But In order to use Kamailio in the active-active cluster, I think we need to forward or replicate registration to both the active-active server? in order to proxy the invite packet through the server where the UA is registered? We use the following use cases : 1. We use FCM and APNS push to wake up the app. 2. Multi forking / Late forking cases are also involved. 3. Using Kamailio as a stateful proxy. Thanks & Regards Pintu On Wed, Feb 27, 2019 at 3:10 PM YASIN CANER <caner_yaso@hotmail.com <mailto:caner_yaso@hotmail.com>> wrote: Hello, My suggestion is that stay away from NAT if you dont have to. various sip client/Firewalls make out troubles for registration and invites, even if Kamailio can handle it. If you have a high load TLS connection / subscriber , I think you should use load balancer and NAT options. For example; 1 - Load balancer like F5 that balancing your connection active-active Kamailios UAC ----> F5 ------> Kamailio -1 (advertises public IP) | -------> Kamailio -2 (advertises public IP) 2- Use kamailio as MultiHomed that convert transport layer to tcp/udp UAC ---------> Kamailio(TLS-PUBLIC IP-mhomed) -------> Kamailio-1(TCP/UDP) | ---------> Kamailio-2(TCP/UDP) Good luck Yasin CANER ------------------------------------------------------------------------ *From:* sr-users <sr-users-bounces@lists.kamailio.org <mailto:sr-users-bounces@lists.kamailio.org>> on behalf of Pintu Lohar <pintulohargcetts@gmail.com <mailto:pintulohargcetts@gmail.com>> *Sent:* Tuesday, February 26, 2019 8:09 AM *To:* sr-users@lists.kamailio.org <mailto:sr-users@lists.kamailio.org> *Subject:* [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended Hi Everyone, Which one among the below option is highly recommended for setting up Kamailio (for production) 1. Kamailio behind NAT *or* 2. Setting up Kamailio using public IP? are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters? We have tested both the options, and both the options work great for us( a. Kamailio behind NAT with advertising in listen parameters b.Kamailio setup with public IP). So wondering which one is best and highly recommended? Some extra info : 1. We use TLS 2. Using coturn for media Thanks Pintu
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hi Daniel,
Thanks for you reply , Yes we indeed do use powerful hardware configuration server ,and we would tune to (centos) OS limits. There are many good blogs available on kamailio for high throughput and performance, we refer the same . One of them is https://github.com/kamailio/kamailio/blob/master/doc/tutorials/tcp_tunning.t...
Thanks again. Warm Regards Pintu
On Wed, Feb 27, 2019, 7:36 PM Daniel-Constantin Mierla miconda@gmail.com wrote:
Hello,
there were companies that pushed hundred thousands of active tls connections to same kamailio and it went fine. You will have to do some tuning to kamailio params as well as to the operating system limits, but if you have powerful hardware, having such number of active tls connections should be fine.
Cheers, Daniel On 27.02.19 11:30, Pintu Lohar wrote:
Hi Yasin, Not yet tested, My bad - it's 0.1 million with TLS but yes we are yet to test ), We need to distribute the users to different Kamailio cluster through API server. However, Would like to try Option 2 as well and test with it.
Regards Pintu Lohar
On Wed, Feb 27, 2019 at 7:16 PM YASIN CANER caner_yaso@hotmail.com wrote:
Hello Pintu
1 million TLS user? Have u ever test with tester on Kamailio ?Because I remembered in sr-mails that an user tested on 1000 client on TLS transport , it consumes so much CPU etc . I guess 1 milliyonTLSUser make big impact your system for all registration/call.
I tested option-2 for relaying registers about 1-2 years ago for proof of concept. It works fine.
you can replicate user location data by Dmq_usrloc module and can use path header then build a triangle topology to bridge calls. Or You can build a Location Information service to find which kamailio has UAC data .
Best Regards.
Yasin CANER
*From:* Pintu Lohar pintulohargcetts@gmail.com *Sent:* Wednesday, February 27, 2019 12:27 PM *To:* YASIN CANER *Cc:* Kamailio (SER) - Users Mailing List *Subject:* Re: [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended
Hi Yasin, Thanks indeed for your valuable input for the active-active cluster(Option-1) & Option-2
We definitely would like to try setting up an active-active cluster for the next phase if not in current phase. But In order to use Kamailio in the active-active cluster, I think we need to forward or replicate registration to both the active-active server? in order to proxy the invite packet through the server where the UA is registered?
We use the following use cases :
- We use FCM and APNS push to wake up the app.
- Multi forking / Late forking cases are also involved.
- Using Kamailio as a stateful proxy.
Thanks & Regards Pintu
On Wed, Feb 27, 2019 at 3:10 PM YASIN CANER caner_yaso@hotmail.com wrote:
Hello,
My suggestion is that stay away from NAT if you dont have to. various sip client/Firewalls make out troubles for registration and invites, even if Kamailio can handle it. If you have a high load TLS connection / subscriber , I think you should use load balancer and NAT options.
For example; 1 - Load balancer like F5 that balancing your connection active-active Kamailios
UAC ----> F5 ------> Kamailio -1 (advertises public IP) | -------> Kamailio -2 (advertises public IP)
2- Use kamailio as MultiHomed that convert transport layer to tcp/udp
UAC ---------> Kamailio(TLS-PUBLIC IP-mhomed) -------> Kamailio-1(TCP/UDP)
| ---------> Kamailio-2(TCP/UDP)Good luck
Yasin CANER
*From:* sr-users sr-users-bounces@lists.kamailio.org on behalf of Pintu Lohar pintulohargcetts@gmail.com *Sent:* Tuesday, February 26, 2019 8:09 AM *To:* sr-users@lists.kamailio.org *Subject:* [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended
Hi Everyone,
Which one among the below option is highly recommended for setting up Kamailio (for production)
- Kamailio behind NAT *or*
- Setting up Kamailio using public IP?
are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?
We have tested both the options, and both the options work great for us( a. Kamailio behind NAT with advertising in listen parameters b.Kamailio setup with public IP). So wondering which one is best and highly recommended?
Some extra info :
- We use TLS
- Using coturn for media
Thanks Pintu
Kamailio (SER) - Users Mailing Listsr-users@lists.kamailio.orghttps://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-- Daniel-Constantin Mierla -- www.asipto.comwww.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com Kamailio Advanced Training - Mar 4-6, 2019 in Berlin; Mar 25-27, 2019, in Washington, DC, USA -- www.asipto.com
-
Alex Balashov -
Daniel-Constantin Mierla -
Henning Westerholt -
Joel Serrano -
PICCORO McKAY Lenz -
Pintu Lohar -
YASIN CANER