We have over 4 proxies running openser-1.1.0-notls. Recently we started to see the following error in the logs of one of the proxies:
Feb 4 06:46:21 proxy01 /usr/local/sbin/openser[4670]: ERROR: udp_send: sendto(sock,0xb3c35898,594,0,0xb3c257f4,16): Invalid argument(22) Feb 4 06:46:21 proxy01 /usr/local/sbin/openser[4670]: CRITICAL: invalid sendtoparameters one possible reason is the server is bound to localhost and attempts to send to the net Feb 4 06:46:21 proxy01 /usr/local/sbin/openser[4670]: msg_send: ERROR: udp_send failed Feb 4 06:46:21 proxy01 /usr/local/sbin/openser[4670]: ERROR:tm:t_forward_nonack: sending request failed
Now the errors suggests a binding to localhost, however our openser.cfg has the following:
listen=eth0:5060
After a brief search we came across a couple of over people having a similar problem. Once of the suggested fixes was to add a mhomed=1 line to the cfg.
Well we tried this (even though we are not multi homed) and the error changed to:
Feb 5 02:54:09 proxy01 /usr/local/sbin/openser[2209]: ERROR: get_out_socket: connect failed: Invalid argument Feb 5 02:54:09 proxy01 /usr/local/sbin/openser[2209]: ERROR: get_out_socket: no socket found Feb 5 02:54:09 proxy01 /usr/local/sbin/openser[2209]: ERROR:tm:add_uac: can't fwd to af 2, proto 1 (no corresponding listening socket) Feb 5 02:54:09 proxy01 /usr/local/sbin/openser[2209]: ERROR:tm:t_forward_nonack: failure to add branches
Does anyone have any suggestions or ideas as to what is causing this error.
Thanks
mburns
Thanks for your reply Bogdan,
There is definitely both UDP and TCP listening:
Starting openser: openserListening on udp: xx.xx.xx.xxx [xx.xx.xx.xxx]:5060 tcp: xx.xx.xx.xxx [xx.xx.xx.xxx]:5060 Aliases: ......
Is it possible that there is simply too many messages for the server to handle?
At the moment the server is configured with:
children=20 tcp_children=2
and an ngrep suggests quite a few messages per second.
Thanks
Martin
On 2/5/07, Bogdan-Andrei Iancu bogdan@voice-system.ro wrote:
Martin,
after all, it look the root problem is the destination address - the detection of the egress socket (triggered by mhomed) also fails because of an Invalid Argument (as originally).
my guess is that an invalid ip or port is used for sending the message. If you cannot track this down, I can try to prepare a patch to print the destination address/port in case of error.
regards, bogdan
Martin Burns wrote:
Bogdan,
You are right it is the destination. I added the following to udp_server.c when the error occurs:
LOG(L_ERR, "sa = %d, %s, %d\n", to->sin.sin_family, inet_ntoa(to->sin.sin_addr), ntohs(to->sin.sin_port));
Which logs:
sa = 2, 0.0.1.244, 5060
This address is clearly invalid. Interesting thing though is that I ran an ngrep to see if I could locate a message that contains this IP and could not find one:
ngrep -p port 5060 | grep "0.0.1.244"
The above came up clean even though the log kept reporting the error.
Any more ideas?
Martin
On 2/5/07, Bogdan-Andrei Iancu bogdan@voice-system.ro wrote:
Martin,
most probably you cannot get anything via ngrep because: 1 - the outbound message is not sent 2 - the inbound message may contain a domain name which leads to 0.0.1.244 via DNS.
try to monitor the DNS traffic also to see if this address comes up.
what version of openser are you using?
regards, bogdan
Martin Burns wrote:
Bogdan,
We will check the DNS. We are also using openser-1.1.0-notls
Thanks for you help.
Martin
On 2/6/07, Bogdan-Andrei Iancu bogdan@voice-system.ro wrote:
OK- just let me know if you find the source of the bogus IP.
I was asking about version as the 1.2.x (devel) contains IP blacklists you could use to block such addresses: http://www.openser.org/pipermail/users/2007-January/008848.html
regards, bogdan
Martin Burns wrote:
-
Bogdan-Andrei Iancu -
Martin Burns