Are both proxies using the same remote database??? modparam("usrloc|lcr|auth_db|avpops|group","db_url","mysql://openser:openserrw@voip-db.mydomain.com/openser") If this is the case, when a user agent registers again and makes a SRV DNS query, it might get the address of the other server, which tries to add to the database a record which will be understood as a duplicate by the DB because there's already an entry for that user.
The other issues about the Warning and message size has nothing to do with DNS "behaviour". It means that the server tries to add a Warning header, which includes information useful for debugging purpouses, but when openSER checks the size of the message, it realises that the message will become bigger than (MTU-200) and therefore it does not add the header because it will might to fragmentation problems in UDP. You can ignore this problem or disable the adition of this warning header if you are not using it.
Hope it helps.
Samuel.
2006/7/26, Ohad.Levy@infineon.com Ohad.Levy@infineon.com:
Hi All,
I'm trying to setup a redundant environment with DNS SRV records, 2 (or more) SIP registration servers, and Asterisk gateways. Basically I've setup both OpenSER clients to t_replicate each other the registration message if its coming from a client, and save it to the database or to memory when its coming from the other OpenSER server.
However, every once in a while, I get message to big, and or duplicate messages (WARNING: warning skipped -- too big, or ERROR: warning_builder: buffer size exceeded, submit_query: Duplicate entry ,db_insert: Error while submitting query...)
While it seems to work in general, I was not sure that this is the "right" way to do it.
I'm attaching my openser.cfg of one of the machines; the other is more or less identical... Thanks
# ----------- global configuration parameters ------------------------
debug=9 # debug level (cmd line: -dddddddddd) fork=yes log_stderror=no # (cmd line: -E)
check_via=no # (cmd. line: -v) dns=no # (cmd. line: -r) listen=172.28.132.20 rev_dns=no # (cmd. line: -R) port=5060 children=4 fifo="/tmp/openser_fifo" alias="mydomain.com"
# ------------------ module loading ----------------------------------
loadmodule "/usr/local/lib/openser/modules/mysql.so" loadmodule "/usr/local/lib/openser/modules/sl.so" loadmodule "/usr/local/lib/openser/modules/tm.so" loadmodule "/usr/local/lib/openser/modules/rr.so" loadmodule "/usr/local/lib/openser/modules/maxfwd.so" loadmodule "/usr/local/lib/openser/modules/usrloc.so" loadmodule "/usr/local/lib/openser/modules/registrar.so" loadmodule "/usr/local/lib/openser/modules/textops.so" loadmodule "/usr/local/lib/openser/modules/auth.so" loadmodule "/usr/local/lib/openser/modules/auth_db.so" loadmodule "/usr/local/lib/openser/modules/lcr.so" loadmodule "/usr/local/lib/openser/modules/xlog.so"
# ----------------- setting module-specific parameters ---------------
modparam("usrloc", "db_mode", 2) modparam("usrloc|lcr|auth_db|avpops|group","db_url","mysql://openser:ope nserrw@voip-db.mydomain.com/openser") modparam("auth_db", "calculate_ha1", yes) modparam("auth_db", "password_column", "password")
modparam("rr", "enable_full_lr", 1)
# ------------------------- request routing logic -------------------
# main routing logic
route{
# initial sanity checks -- messages with # max_forwards==0, or excessively long requests if (!mf_process_maxfwd_header("10")) { sl_send_reply("483","Too Many Hops"); exit; }; if (msg:len >= 2048 ) { sl_send_reply("513", "Message too big"); exit; }; # we record-route all messages -- to make sure that # subsequent messages will go through our proxy; that's # particularly good if upstream and downstream entities # use different transport protocol if (!method=="REGISTER") record_route(); # subsequent messages withing a dialog should take the # path determined by record-routing if (loose_route()) { # mark routing logic in request append_hf("P-hint: rr-enforced\r\n"); route(1); }; if (!uri==myself) { route(1); }; # Handle Request logic here if (uri==myself) { if (method=="REGISTER") { route(2); exit; } lookup("aliases"); if (!uri==myself) { append_hf("P-hint: outbound alias\r\n"); route(1); }; if (!load_gws()) { sl_send_reply("500", "Server Internal Error -Cannot load gateways"); exit; }; if (!next_gw()) { sl_send_reply("503", "Service not available, no gateways found"); log (1,"No more gateways"); } else { log (1,"Found a gateway"); } if (!lookup("location")) { sl_send_reply("404", "Not Found"); exit; }; append_hf("P-hint: usrloc applied\r\n"); }; route(1); }
route[1] { # send it out now; use stateful forwarding as it works reliably # even for UDP2TCP if (!t_relay()) { sl_reply_error(); }; exit; }
route[2] { #handle all Registration here.... if (search("^(Contact|m): .*@(voip.mydomain.com)")){ log(1, "ALERT: someone trying to set aor==server address\n"); sl_send_reply("476", "Server address in contacts is not allowed" ); exit; };
# challenge/response #if a registration request is coming from another ser server, itmeans that's it's already authenticated the user and wrote #an entry in the database, so lets just write it into our memory. if (src_ip==172.28.132.21) { save_memory("location"); log(1, "Registered replicated user from Proxy"); exit; }; # this is a new request, lets check that the user is valid. if (!www_authorize("mydomain.com", "subscriber")) { www_challenge("mydomain.com", "0"); log(1, "Authentication challenge issued. Waiting for reply.\n"); exit; };
# Authentication successful, add entry to our Contact database log(1, "Authentication challenge reply ok.\n"); if (!save("location")) { sl_reply_error(); log(1, "ALERT: Unable to save URI tolocation database.\n"); } else { # and replicate the request to the backup server if (!src_ip==172.28.132.21) { log(1, "REPLICATE: Replicating register request\n");
t_replicate("sip:172.28.132.21:5060"); };
};}
Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users