database access can be a reason for becoming slower. The above operation does a select of the ip addresses in memory and then an iteration to match them with source ip.Hello list.
I’m having some issues with the Kamailio versión 3.2.0.
I want to ask if someone could give some hints how to optimize the performance of my kamailio server. For some reason and from time to time the kamailio process start to answer slower than usual, making calls fail and register expires. I’m still unable to detect the problem, but I want to know of maybe i´m running my kamailio not under the best conditions.
This is part of my configuration :
#!KAMAILIO
#!define FLT_NATS 5
#!define FLB_NATB 6
#!define FLB_NATSIPPING 7
# ----------- global configuration parameters ------------------------
debug=2 # debug level (cmd line: -dddddddddd)
fork=yes
log_stderror=no # (cmd line: -E)
log_facility=LOG_LOCAL0
children=16
port=5060
memdbg=9
memlog=9
listen=udp:10.0.10:5060
disable_tcp=yes
server_signature=0
port=5060
# ----------------- setting module-specific parameters ---------------
## modparam("registrar", "received_avp", "$avp(s:rcv)")
modparam("usrloc", "db_mode", 1)
modparam("auth_db", "calculate_ha1", 1)
modparam("auth_db", "password_column", "password")
modparam("rr", "enable_full_lr", 1)
modparam("auth_db|permissions|uri_db|usrloc","db_url","mysql://openser:openserrw@localhost/openser")
modparam("permissions", "db_mode", 1)
modparam("permissions", "trusted_table", "trusted")
modparam("avpops", "db_url", "mysql://openser:openserrw@localhost/openser")
modparam("avpops", "avp_table", "usr_preferences")
modparam("domain", "db_mode", 1)
# ----- nathelper params -----
modparam("nathelper", "natping_interval", 20)
modparam("nathelper", "ping_nated_only", 1)
modparam("nathelper", "sipping_bflag", FLB_NATSIPPING)
modparam("nathelper", "sipping_from", "sip:pinger@kamailio.org")
# params needed for NAT traversal in other modules
modparam("nathelper|registrar", "received_avp", "$avp(RECEIVED)")
modparam("usrloc", "nat_bflag", FLB_NATB)
modparam("nathelper","natping_interval", 20)
## modparam("nathelper","received_avp", "$avp(i:42)")
modparam("mediaproxy","mediaproxy_socket", "/var/run/mediaproxy/dispatcher.sock")
modparam("mediaproxy", "signaling_ip_avp", "$avp(s:signaling_ip)")
modparam("registrar|nathelper", "received_avp", "$avp(i:80)")
modparam("mi_fifo", "fifo_name", "/tmp/kamailio_fifo")
#modparam("tm", "fr_timer", 3)
# ------ dialog params -------
modparam("dialog", "dlg_flag", 4)
modparam("dialog", "profiles_with_value", "caller")
# ------ pike params --------
modparam("pike", "sampling_time_unit", 2)
modparam("pike", "reqs_density_per_unit", 25)
modparam("pike", "remove_latency", 4)
# ------ rr params --------
modparam("rr", "enable_full_lr", 1)
# ----- misc_radius params -----
modparam("misc_radius", "radius_config", "/usr/local/etc/radiusclient-ng/radiusclient.conf")
modparam("misc_radius", "caller_service_type", 18)
modparam("misc_radius", "callee_service_type", 19)
modparam("misc_radius", "caller_extra", "Called-Station-Id=$ru")
modparam("misc_radius", "callee_extra", "Called-Station-Id=$fu")
# ---- htable param ---------
modparam("htable", "htable", "a=>size=8;")
modparam("htable", "htable", "ipban=>size=8;autoexpire=300;")
modparam("rtimer", "timer", "name=tst;interval=300;mode=1;")
modparam("rtimer", "exec", "timer=tst;route=STATS")
modparam("sqlops","sqlcon",
"ca=>mysql://openser:openserrw@localhost/openser")
#------ uac ---------------
modparam("uac","rr_store_param","my_param")
modparam("uac","from_restore_mode","auto")
modparam("uac","auth_realm_avp","$avp(i:10)")
modparam("uac","auth_username_avp","$avp(i:11)")
modparam("uac","auth_password_avp","$avp(i:12)")
Beside of this I have syslogd in asyn mode…
This is the info of the kamailio –V
version: kamailio 3.2.0 (x86_64/linux) 639f0a
flags: STATS: Off, USE_IPV6, USE_TCP, USE_TLS, TLS_HOOKS, USE_RAW_SOCKS, DISABLE_NAGLE, USE_MCAST, DNS_IP_HACK, SHM_MEM, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, USE_FUTEX, FAST_LOCK-ADAPTIVE_WAIT, USE_DNS_CACHE, USE_DNS_FAILOVER, USE_NAPTR, USE_DST_BLACKLIST, HAVE_RESOLV_RES
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535, DEFAULT PKG_SIZE 4MB
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
id: 639f0a
compiled on 11:35:43 Oct 28 2011 with gcc 4.5.1
I’m using pike to check flood alerts, but I have a white list stored in the “user_preference” table :
I’m using it like this :
route[REQINIT] {
# flood dection from same IP and traffic ban for a while
# be sure you exclude checking trusted peers, such as pstn gateways
# - local host excluded (e.g., loop to self)
if( !(avp_db_load("pike", "$avp(ip_origen)") && avp_check("$avp(ip_origen)", "eq/$src_ip/gi")) )
#+---------+----------+--------+-----------+----------------+------+---------------------+
#| uuid | username | domain | attribute | value | type | modified |
#+---------+----------+--------+-----------+----------------+------+---------------------+
#| pike | | | ip_origen | 10.0.0.44 | 0 | 2008-01-04 13:24:14 |
#| pike | | | ip_origen | 10.0.0.66 | 0 | 2008-01-04 17:28:59 |
{
if($sht(ipban=>$si)!=$null)
{
# ip is already blocked
xdbg("request from blocked IP - $rm from $fu (IP:$si:$sp)\n");
exit;
}
if (!pike_check_req())
{
xlog("L_ALERT","ALERT: pike blocking $rm from $fu (IP:$si:$sp)\n");
xlog("L_INFO","ALERT: pike blocking from $si\n");
$sht(ipban=>$si) = 1;
exit;
}
}
Is this check method too slow? Or intensive in mysql access request??
-- Daniel-Constantin Mierla -- http://www.asipto.com Kamailio Advanced Training, Dec 5-8, Berlin: http://asipto.com/u/kat http://linkedin.com/in/miconda -- http://twitter.com/miconda