16 May
2024
16 May
'24
3:03 a.m.
Hello,
On 15.05.24 22:09, H Yavari via sr-users wrote:
Hi all,
I was reviewing the `ims_ipsec_pcscf` code and noticed that this
module creates a pool of sockets using different ports
(ipsec_max_connections). I'm unclear on the necessity of this
approach. Can't we simply create one server listener and one client
listener to handle all UE connections? If this is feasible, is there
still a need to create the pool at startup?
I'm curious if this is due to an architectural limitation or if the
IPSec module can be modified to replace the current implementation
with a more efficient one.
technically it is no restriction to have one client socket and one
server socket. I am not much active in the VoLTE or VoNR, although I
played lately with the later, but from some past discussions I
understood that the specs suggest/recommend this approach with a pool of
sockets -- I haven't read the specs to confirm personally if that's the
case.
Anyhow, during the OSMNT'24 and KamailioWorld'24 conferences, I had
discussions with some participants interested in the topic and switching
to (or adding the option of) single client/server socket was considered
to be done in the future.
For now, if you are concerned of using too many resources due to many
children processes, you can use development version (git master branch)
where you have the option to have threads for receiving traffic on UDP
sockets, with a single pool of processes to handle the UDP SIP traffic:
-
https://www.kamailio.org/wikidocs/cookbooks/devel/core/#udp_receiver_mode
Or, even better, if you can develop the code for having single
client/server socket, just do it and make a PR.
Cheers,
Daniel
--
Daniel-Constantin Mierla (@ asipto.com)
twitter.com/miconda -- linkedin.com/in/miconda
Kamailio Consultancy, Training and Development Services -- asipto.com