24 Mar
2009
24 Mar
'09
8:23 a.m.
Hello,
we are running kamailio 1.4.
Some days ago one of our subscribers SIP phone went crazy and
bombarded our proxy with thousands of REGISTER requests. Actually, it
didn't wait for any response of the proxy, it just kept sending
REGISTER messages (same packet always). Since we are running with
nonce_reuse disabled, it stalled the server due to "auth:challenge:
failed to generate nonce".
I don't have the whole figure but the packet capture I inspected
showed that the terminal sent more than 200 thousand REGISTER messages
in 15 seconds.
We may not be able to replace those terminals at this moment. So to
avoid this problem to happen again, we enabled nonce_reuse. However
this only will solve the nonce problem but still we will have a lot of
hits to database.
So I was thinking, maybe I should create a transaction before sending
the challenge so that REGISTER retransmissions would be absorbed. I
was thinking in doing something like this:
if (!proxy_authorize("", "subscriber")) {
t_newtran();
proxy_challenge("", "0");
exit;
}
Does anyone see any problem/shortcoming with this?
regards,
takeshi
24 Mar
24 Mar
8:28 a.m.
New subject: [Kamailio-Users] Dealing with REGISTER "retransmissions"
mayamatakeshi writes:
So I was thinking, maybe I should create a transaction
before sending
the challenge so that REGISTER retransmissions would be absorbed. I
was thinking in doing something like this:
if (!proxy_authorize("", "subscriber")) {
t_newtran();
proxy_challenge("", "0");
exit;
}
Does anyone see any problem/shortcoming with this?
you could also use pike module to drop too frequent requests.
-- juha
11:43 a.m.
try this one:
http://www.kamailio.org/docs/modules/devel/htable.html#id2454064
mayamatakeshi schrieb:
Hello,
we are running kamailio 1.4.
Some days ago one of our subscribers SIP phone went crazy and
bombarded our proxy with thousands of REGISTER requests. Actually, it
didn't wait for any response of the proxy, it just kept sending
REGISTER messages (same packet always). Since we are running with
nonce_reuse disabled, it stalled the server due to "auth:challenge:
failed to generate nonce".
I don't have the whole figure but the packet capture I inspected
showed that the terminal sent more than 200 thousand REGISTER messages
in 15 seconds.
We may not be able to replace those terminals at this moment. So to
avoid this problem to happen again, we enabled nonce_reuse. However
this only will solve the nonce problem but still we will have a lot of
hits to database.
So I was thinking, maybe I should create a transaction before sending
the challenge so that REGISTER retransmissions would be absorbed. I
was thinking in doing something like this:
if (!proxy_authorize("", "subscriber")) {
t_newtran();
proxy_challenge("", "0");
exit;
}
Does anyone see any problem/shortcoming with this?
regards,
takeshi
_______________________________________________
Kamailio (OpenSER) - Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
7:03 p.m.
On Tue, Mar 24, 2009 at 6:43 PM, Klaus Darilion
<klaus.mailinglists(a)pernau.at> wrote:
Thanks. I can't use this right now as I'm still working with branch 1.4.
I'll go with it when we migrate to a newer branch.
mayamatakeshi schrieb:
>
> Hello,
> we are running kamailio 1.4.
> Some days ago one of our subscribers SIP phone went crazy and
> bombarded our proxy with thousands of REGISTER requests. Actually, it
> didn't wait for any response of the proxy, it just kept sending
> REGISTER messages (same packet always). Since we are running with
> nonce_reuse disabled, it stalled the server due to "auth:challenge:
> failed to generate nonce".
> I don't have the whole figure but the packet capture I inspected
> showed that the terminal sent more than 200 thousand REGISTER messages
> in 15 seconds.
> We may not be able to replace those terminals at this moment. So to
> avoid this problem to happen again, we enabled nonce_reuse. However
> this only will solve the nonce problem but still we will have a lot of
> hits to database.
> So I was thinking, maybe I should create a transaction before sending
> the challenge so that REGISTER retransmissions would be absorbed. I
> was thinking in doing something like this:
>
> if (!proxy_authorize("", "subscriber")) {
> t_newtran();
> proxy_challenge("", "0");
> exit;
> }
25 Mar
25 Mar
10:09 a.m.
On 03/24/2009 07:03 PM, mayamatakeshi wrote:
--
Daniel-Constantin Mierla
SIP Router Masterclass - Kamailio (OpenSER) Training
http://www.asipto.com/index.php/sip-router-masterclass/
On Tue, Mar 24, 2009 at 6:43 PM, Klaus Darilion
<klaus.mailinglists(a)pernau.at> wrote:
Thanks. I can't use this right now as I'm still working with branch 1.4.
I'll go with it when we migrate to a newer branch.
if one really needs htable, then you can just copy from 1.5 to 1.4,
compile&install. I am using it in may 1.4 deployments.
Cheers,
Daniel
mayamatakeshi schrieb:
> Hello,
> we are running kamailio 1.4.
> Some days ago one of our subscribers SIP phone went crazy and
> bombarded our proxy with thousands of REGISTER requests. Actually, it
> didn't wait for any response of the proxy, it just kept sending
> REGISTER messages (same packet always). Since we are running with
> nonce_reuse disabled, it stalled the server due to "auth:challenge:
> failed to generate nonce".
> I don't have the whole figure but the packet capture I inspected
> showed that the terminal sent more than 200 thousand REGISTER messages
> in 15 seconds.
> We may not be able to replace those terminals at this moment. So to
> avoid this problem to happen again, we enabled nonce_reuse. However
> this only will solve the nonce problem but still we will have a lot of
> hits to database.
> So I was thinking, maybe I should create a transaction before sending
> the challenge so that REGISTER retransmissions would be absorbed. I
> was thinking in doing something like this:
>
> if (!proxy_authorize("", "subscriber")) {
> t_newtran();
> proxy_challenge("", "0");
> exit;
> }
>
_______________________________________________
Kamailio (OpenSER) - Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
24 Mar
24 Mar
12:37 p.m.
2009/3/24 mayamatakeshi <mayamatakeshi(a)gmail.com>om>:
So I was thinking, maybe I should create a transaction
before sending
the challenge so that REGISTER retransmissions would be absorbed. I
was thinking in doing something like this:
if (!proxy_authorize("", "subscriber")) {
t_newtran();
proxy_challenge("", "0");
exit;
}
Do all the REGISTER have the same "branch" parameter? If not,
t_newtran will do nothing since they are not retransmissions.
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
7:20 p.m.
On Tue, Mar 24, 2009 at 7:37 PM, Iñaki Baz Castillo <ibc(a)aliax.net> wrote:
2009/3/24 mayamatakeshi
<mayamatakeshi(a)gmail.com>om>:
Yes. The UA was not trying to register, it was simply sending the
exact same message all the time. So it should work, but I'll try the
pike module instead.
So I was thinking, maybe I should create a
transaction before sending
the challenge so that REGISTER retransmissions would be absorbed. I
was thinking in doing something like this:
if (!proxy_authorize("", "subscriber")) {
t_newtran();
proxy_challenge("", "0");
exit;
}
Do all the REGISTER have the same "branch" parameter? If not,
t_newtran will do nothing since they are not retransmissions. 
9:31 p.m.
New subject: [Kamailio-Users] t_forward_nonack
Hello
I'm getting this error when I try to do URI calls:
LOG ---> T_ON_REPLY
ERROR:tm:t_forward_nonack: no branch for forwarding
ERROR:tm:w_t_relay: t_forward_nonack failed
CRITICAL:tm:t_should_relay_response: pick_branch failed (lowest==-1) for
code 408
And X-Lite says: "Server error occurred"
My config is based in the sample configuration file that comes with
Kamailio.
Here is my route[1], where the call should be routed:
route[1] {
if (check_route_param("nat=yes")) {
setbflag(6);
}
if (isflagset(5) || isbflagset(6)) {
route(5);
}
/* example how to enable some additional event routes */
if (is_method("INVITE")) {
#t_on_branch("1");
log(3, "LOG ---> T_ON_REPLY \n");
t_on_reply("1");
t_on_failure("1");
}
if (!t_relay()) {
sl_reply_error();
}
exit;
}
My "branch_route", "on_reply_route" and "failure_route" are
just like in
kamailio.cfg.sample.
What could be causing this errors?
Thanks
Regards
Joao Pereira
25 Mar
25 Mar
10:05 a.m.
New subject: [Kamailio-Users] t_forward_nonack
Hello,
do you call t_relay() or route(1) in your failure route?
Post your failure route here. Seems you try to forward a failed
transaction without adding a new branch.
Cheers,
Daniel
On 03/24/2009 09:31 PM, Joao Gomes Pereira wrote:
Hello
I'm getting this error when I try to do URI calls:
LOG ---> T_ON_REPLY
ERROR:tm:t_forward_nonack: no branch for forwarding
ERROR:tm:w_t_relay: t_forward_nonack failed
CRITICAL:tm:t_should_relay_response: pick_branch failed (lowest==-1) for
code 408
And X-Lite says: "Server error occurred"
My config is based in the sample configuration file that comes with
Kamailio.
Here is my route[1], where the call should be routed:
route[1] {
if (check_route_param("nat=yes")) {
setbflag(6);
}
if (isflagset(5) || isbflagset(6)) {
route(5);
}
/* example how to enable some additional event routes */
if (is_method("INVITE")) {
#t_on_branch("1");
log(3, "LOG ---> T_ON_REPLY \n");
t_on_reply("1");
t_on_failure("1");
}
if (!t_relay()) {
sl_reply_error();
}
exit;
}
My "branch_route", "on_reply_route" and "failure_route" are
just like in
kamailio.cfg.sample.
What could be causing this errors?
Thanks
Regards
Joao Pereira
_______________________________________________
Kamailio (OpenSER) - Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
--
Daniel-Constantin Mierla
SIP Router Masterclass - Kamailio (OpenSER) Training
http://www.asipto.com/index.php/sip-router-masterclass/
6:10 p.m.
New subject: [Kamailio-Users] t_forward_nonack
Hello
here is the failure route:
failure_route[1] {
if (is_method("INVITE")
&& (isbflagset(6) || isflagset(5))) {
unforce_rtp_proxy();
}
if (t_was_cancelled()) {
exit;
}
}
Do I need to add t_relay() or route(1) ?
Thanks
Joao Pereira
Daniel-Constantin Mierla wrote:
Hello,
do you call t_relay() or route(1) in your failure route?
Post your failure route here. Seems you try to forward a failed
transaction without adding a new branch.
Cheers,
Daniel
On 03/24/2009 09:31 PM, Joao Gomes Pereira wrote:
--
StarTel - A Rede Livre
Joao Gomes Pereira
www.startel.pt
+351 304500650
sip: gomespereira(a)startel.pt
Hello
I'm getting this error when I try to do URI calls:
LOG ---> T_ON_REPLY ERROR:tm:t_forward_nonack: no branch for forwarding
ERROR:tm:w_t_relay: t_forward_nonack failed
CRITICAL:tm:t_should_relay_response: pick_branch failed (lowest==-1)
for code 408
And X-Lite says: "Server error occurred"
My config is based in the sample configuration file that comes with
Kamailio.
Here is my route[1], where the call should be routed:
route[1] {
if (check_route_param("nat=yes")) {
setbflag(6);
}
if (isflagset(5) || isbflagset(6)) {
route(5);
}
/* example how to enable some additional event routes */
if (is_method("INVITE")) {
#t_on_branch("1");
log(3, "LOG ---> T_ON_REPLY \n");
t_on_reply("1");
t_on_failure("1");
}
if (!t_relay()) {
sl_reply_error();
}
exit;
}
My "branch_route", "on_reply_route" and "failure_route" are
just like
in kamailio.cfg.sample.
What could be causing this errors?
Thanks
Regards
Joao Pereira
_______________________________________________
Kamailio (OpenSER) - Users mailing list
Users(a)lists.kamailio.org
http://lists.kamailio.org/cgi-bin/mailman/listinfo/users
http://lists.openser-project.org/cgi-bin/mailman/listinfo/users
6:54 p.m.
New subject: [Kamailio-Users] t_forward_nonack
2009/3/24 Joao Gomes Pereira <gomespereira(a)startel.pt>pt>:
Inline:
Hello
I'm getting this error when I try to do URI calls:
LOG ---> T_ON_REPLY
ERROR:tm:t_forward_nonack: no branch for forwarding
ERROR:tm:w_t_relay: t_forward_nonack failed
CRITICAL:tm:t_should_relay_response: pick_branch failed (lowest==-1) for
code 408
And X-Lite says: "Server error occurred"
My config is based in the sample configuration file that comes with
Kamailio.
Here is my route[1], where the call should be routed:
route[1] {
Add a xlog here and show the $ru
if (check_route_param("nat=yes")) {
setbflag(6);
}
if (isflagset(5) || isbflagset(6)) {
route(5);
}
/* example how to enable some additional event routes */
if (is_method("INVITE")) {
#t_on_branch("1");
log(3, "LOG ---> T_ON_REPLY \n");
t_on_reply("1");
t_on_failure("1");
}
if (!t_relay()) {
sl_reply_error();
}
exit;
}
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
5727
days inactive
5728
days old
11 comments
6 participants
participants (6)
-
Daniel-Constantin Mierla -
Iñaki Baz Castillo -
jh@tutpro.com -
Joao Gomes Pereira -
Klaus Darilion -
mayamatakeshi