Can you run the following commands:
kamcmd cfg.set_now_int core memlog 1 kamcmd corex.shm_summary
Then grab the log messages from syslog related to shared memory summary and send them over here.
Cheers, Daniel
On 17/11/15 14:31, Anthony Messina wrote:
After I reported last night, I restarted Kamailio and even though the 5 UACs did nothing but ensure they had a registration overnight, this morning the issue has recurred. The following is the output you requested. Not sure how the memory is being used up by Kamailio.
# kamctl stats shmem shmem:fragments = 181 shmem:free_size = 8922584 shmem:max_used_size = 58243792 shmem:real_used_size = 58186280 shmem:total_size = 67108864 shmem:used_size = 54346088
On Tuesday, November 17, 2015 09:03:24 AM Daniel-Constantin Mierla wrote:
As you are using the master branch (development), do you run latest version?
Can you look at available shared memory?
kamctl stats shmem
Check it over time and see if the free memory is decreasing.
Cheers, Daniel
On 17/11/15 00:44, Anthony Messina wrote:
I have noticed the following issue which began with builds somewhere between git master commits bff0a08 and 6173ef7. I did not see this issue with my previous builds and haven't been able to pin down the problem, which is why I haven't formally filed a bug.
Any help or guidance is appreciated, because this has crippled my use of Kamailio. Only a restart enables it to work again until the issue recurs.
ERROR: tls [tls_server.c:189]: tls_complete_init(): tls: ssl bug #1491 workaround: not enough memory for safe operation: 8870536 ERROR: <core> [tcp_read.c:1303]: tcp_read_req(): ERROR: tcp_read_req: error reading
I currently build against and run openssl-1.0.1k-12.fc22.x86_64.
I have a very small operation and the only change on the operational side is that all 5 of my mobile UACs (yes, that's all) have switched from CSipSimple/Android to Zoiper/Android, which doesn't yet have support for client-side certificates so verify_certificate and require_certificate are off for both the server and client config.
The server is started with: /usr/sbin/kamailio -P /run/kamailio/kamailio.pid -m 64 -M 8
I have tried modifying the shared mem to 128 but the issue still occurs.
Even right now, I am seeing the error when only one UAC has established a TLS connection:
# kamcmd tls.list {
id: 572 timeout: 3475 src_ip: 10.77.79.156 src_port: 58688 dst_ip: 10.77.79.3 dst_port: 5061 cipher: ECDHE-RSA-RC4-SHA SSLv3 Kx=ECDH Au=RSA Enc=RC4(128) Mac=SHA1 ct_wq_size: 0 enc_rd_buf: 0 flags: 2 state: established}
# kamailio.cfg enable_tls=yes loadmodule "tls.so" modparam("tls", "connection_timeout", 60) #modparam("tls", "tls_log", 1) #modparam("tls", "tls_debug", 1) #modparam("tls", "low_mem_threshold1", -1) #modparam("tls", "low_mem_threshold2", 0) modparam("tls", "session_cache", 1)
# tls.cfg [server:default] method = TLSv1+ verify_certificate = no require_certificate = no private_key = /etc/kamailio/example.org.key.pem certificate = /etc/kamailio/example.org.crt.pem server_name = example.org cipher_list = ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA- AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES 256- SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM- SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4- SHA:AES256-GCM-SHA384:AES256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128- SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128- SHA:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK
[client:default] method = TLSv1+ verify_certificate = no require_certificate = no private_key = /etc/kamailio/example.org.key.pem certificate = /etc/kamailio/example.org.crt.pem cipher_list = ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA- AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES 256- SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM- SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4- SHA:AES256-GCM-SHA384:AES256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128- SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128- SHA:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK
Thanks. -Anthony