Hello,
do people here have (implemented) special ways to properly start rtpengine with kernel forwarding after system reboot?
From rtpengine readme:
"""
A typical start-up sequence including in-kernel forwarding might look like this:
# this only needs to be one once after system (re-) boot modprobe xt_RTPENGINE iptables -I INPUT -p udp -j RTPENGINE --id 0 ip6tables -I INPUT -p udp -j RTPENGINE --id 0
# ensure that the table we want to use doesn't exist - usually needed after a daemon # restart, otherwise will error echo 'del 0' > /proc/rtpengine/control
# start daemon /usr/sbin/rtpengine --table=0 --interface=10.64.73.31 --interface=2001:db8::4f3:3d \ --listen-ng=127.0.0.1:2223 --tos=184 --pidfile=/run/rtpengine.pid --no-fallback
"""
I was relying on shell scripts executed on boot time, but now that systemd is more common, I am looking to see what are "standard"/"recommended" ways for running additional scripts besides the start/stop daemon, which makes it also easier to build packages not worrying about the type of OS and how it can run scripts at startup.
Systemd seems to have the "ExecStartPre" option, is it what people use to ensure the rtpengine kernel module is loaded and iptables rule exists?
Any systemd-specific wayt to run a script only once after system boot? I have seen workarounds on the net for creating like a rc.local service, but they didn't look to be systemd-native, ...
Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts.
Cheers, Daniel
Systemd seems to have the "ExecStartPre" option, is it what people use to ensure the rtpengine kernel module is loaded and iptables rule exists?
yes, that is option But this command will be executed for Every daemon start.
Any systemd-specific wayt to run a script only once after system boot? I have seen workarounds on the net for creating like a rc.local service, but they didn't look to be systemd-native
I can recommend create dedicated systemd unit file "prepare-rtpengine.service" Like this
[Unit] Description=prepare rpengine
[Service] Type=oneshot RemainAfterExit=yes ExecStartPre=/usr/sbin/modprobe xt_RTPENGINE ExecStart=/usr/sbin/iptables -I INPUT -p udp -j RTPENGINE --id 0 ExecStartPost=ip6tables -I INPUT -p udp -j RTPENGINE --id 0 StandardOutput=syslog StandardError=syslog
[Install] RequiredBy=rtpengine.service WantedBy=basic.target
and then systemctl enable prepare-rtpengine.service
This will create dependency that will be execute one tme before rtpengine daemon started.
On Fri, Jan 17, 2020 at 5:03 PM Daniel-Constantin Mierla miconda@gmail.com wrote:
Hello,
do people here have (implemented) special ways to properly start rtpengine with kernel forwarding after system reboot?
From rtpengine readme:
"""
A typical start-up sequence including in-kernel forwarding might look like this:
# this only needs to be one once after system (re-) boot modprobe xt_RTPENGINE iptables -I INPUT -p udp -j RTPENGINE --id 0 ip6tables -I INPUT -p udp -j RTPENGINE --id 0
# ensure that the table we want to use doesn't exist - usually needed after a daemon # restart, otherwise will error echo 'del 0' > /proc/rtpengine/control
# start daemon /usr/sbin/rtpengine --table=0 --interface=10.64.73.31 --interface=2001:db8::4f3:3d \ --listen-ng=127.0.0.1:2223 --tos=184 --pidfile=/run/rtpengine.pid --no-fallback
"""
I was relying on shell scripts executed on boot time, but now that systemd is more common, I am looking to see what are "standard"/"recommended" ways for running additional scripts besides the start/stop daemon, which makes it also easier to build packages not worrying about the type of OS and how it can run scripts at startup.
Systemd seems to have the "ExecStartPre" option, is it what people use to ensure the rtpengine kernel module is loaded and iptables rule exists?
Any systemd-specific wayt to run a script only once after system boot? I have seen workarounds on the net for creating like a rc.local service, but they didn't look to be systemd-native, ...
Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts.
Cheers, Daniel
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts.
Could you clarify of correct order rtpengine start? What is happen if ipables have rule ``` iptables -I INPUT -p udp -j RTPENGINE --id 0 ``` And then rtpengine failed to start? Is any issue here?
On Fri, Jan 17, 2020 at 5:30 PM Sergey Safarov s.safarov@gmail.com wrote:
Systemd seems to have the "ExecStartPre" option, is it what people use to ensure the rtpengine kernel module is loaded and iptables rule exists?
yes, that is option But this command will be executed for Every daemon start.
Any systemd-specific wayt to run a script only once after system boot? I have seen workarounds on the net for creating like a rc.local service, but they didn't look to be systemd-native
I can recommend create dedicated systemd unit file "prepare-rtpengine.service" Like this
[Unit] Description=prepare rpengine
[Service] Type=oneshot RemainAfterExit=yes ExecStartPre=/usr/sbin/modprobe xt_RTPENGINE ExecStart=/usr/sbin/iptables -I INPUT -p udp -j RTPENGINE --id 0 ExecStartPost=ip6tables -I INPUT -p udp -j RTPENGINE --id 0 StandardOutput=syslog StandardError=syslog
[Install] RequiredBy=rtpengine.service WantedBy=basic.target
and then systemctl enable prepare-rtpengine.service
This will create dependency that will be execute one tme before rtpengine daemon started.
On Fri, Jan 17, 2020 at 5:03 PM Daniel-Constantin Mierla < miconda@gmail.com> wrote:
Hello,
do people here have (implemented) special ways to properly start rtpengine with kernel forwarding after system reboot?
From rtpengine readme:
"""
A typical start-up sequence including in-kernel forwarding might look like this:
# this only needs to be one once after system (re-) boot modprobe xt_RTPENGINE iptables -I INPUT -p udp -j RTPENGINE --id 0 ip6tables -I INPUT -p udp -j RTPENGINE --id 0
# ensure that the table we want to use doesn't exist - usually needed after a daemon # restart, otherwise will error echo 'del 0' > /proc/rtpengine/control
# start daemon /usr/sbin/rtpengine --table=0 --interface=10.64.73.31 --interface=2001:db8::4f3:3d \ --listen-ng=127.0.0.1:2223 --tos=184 --pidfile=/run/rtpengine.pid --no-fallback
"""
I was relying on shell scripts executed on boot time, but now that systemd is more common, I am looking to see what are "standard"/"recommended" ways for running additional scripts besides the start/stop daemon, which makes it also easier to build packages not worrying about the type of OS and how it can run scripts at startup.
Systemd seems to have the "ExecStartPre" option, is it what people use to ensure the rtpengine kernel module is loaded and iptables rule exists?
Any systemd-specific wayt to run a script only once after system boot? I have seen workarounds on the net for creating like a rc.local service, but they didn't look to be systemd-native, ...
Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts.
Cheers, Daniel
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
On 17.01.20 15:37, Sergey Safarov wrote:
Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts.
Could you clarify of correct order rtpengine start? What is happen if ipables have rule
iptables -I INPUT -p udp -j RTPENGINE --id 0
AFAIK, if the rule is already in iptables, nothing should happen, all is ok.
And then rtpengine failed to start?
If the rule in iptables doesn't exist, rtpengine starts fine, but is doing user space forwarding, not kernel forwarding. Calls run fine, only that more cpu is used on rtpengine system (and maybe a little bit more delay, but nothing that can be noticed or to worry about) -- cpu usage is still low for couple of hundred active calls (when I tested), so it is not easy to notice always if the rtpengine does user space forwarding or kernel based forwarding. That's why I asked here to see what would be the best way to ensure everything is prepared for kernel based forwarding.
Cheers, Daniel
Is any issue here?
On Fri, Jan 17, 2020 at 5:30 PM Sergey Safarov <s.safarov@gmail.com mailto:s.safarov@gmail.com> wrote:
Systemd seems to have the "ExecStartPre" option, is it what people use to ensure the rtpengine kernel module is loaded and iptables rule exists? yes, that is option But this command will be executed for Every daemon start. Any systemd-specific wayt to run a script only once after system boot? I have seen workarounds on the net for creating like a rc.local service, but they didn't look to be systemd-native I can recommend create dedicated systemd unit file "prepare-rtpengine.service" Like this [Unit] Description=prepare rpengine [Service] Type=oneshot RemainAfterExit=yes ExecStartPre=/usr/sbin/modprobe xt_RTPENGINE ExecStart=/usr/sbin/iptables -I INPUT -p udp -j RTPENGINE --id 0 ExecStartPost=ip6tables -I INPUT -p udp -j RTPENGINE --id 0 StandardOutput=syslog StandardError=syslog [Install] RequiredBy=rtpengine.service WantedBy=basic.target and then systemctl enable prepare-rtpengine.service This will create dependency that will be execute one tme before rtpengine daemon started. On Fri, Jan 17, 2020 at 5:03 PM Daniel-Constantin Mierla <miconda@gmail.com <mailto:miconda@gmail.com>> wrote: Hello, do people here have (implemented) special ways to properly start rtpengine with kernel forwarding after system reboot? From rtpengine readme: """ A typical start-up sequence including in-kernel forwarding might look like this: # this only needs to be one once after system (re-) boot modprobe xt_RTPENGINE iptables -I INPUT -p udp -j RTPENGINE --id 0 ip6tables -I INPUT -p udp -j RTPENGINE --id 0 # ensure that the table we want to use doesn't exist - usually needed after a daemon # restart, otherwise will error echo 'del 0' > /proc/rtpengine/control # start daemon /usr/sbin/rtpengine --table=0 --interface=10.64.73.31 --interface=2001:db8::4f3:3d \ --listen-ng=127.0.0.1:2223 <http://127.0.0.1:2223> --tos=184 --pidfile=/run/rtpengine.pid --no-fallback """ I was relying on shell scripts executed on boot time, but now that systemd is more common, I am looking to see what are "standard"/"recommended" ways for running additional scripts besides the start/stop daemon, which makes it also easier to build packages not worrying about the type of OS and how it can run scripts at startup. Systemd seems to have the "ExecStartPre" option, is it what people use to ensure the rtpengine kernel module is loaded and iptables rule exists? Any systemd-specific wayt to run a script only once after system boot? I have seen workarounds on the net for creating like a rc.local service, but they didn't look to be systemd-native, ... Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com <http://www.kamailioworld.com> _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org <mailto:sr-users@lists.kamailio.org> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Nice to hear about oneshot systemd service type, thanks!
So this should executed only once, before the start of rtpengine service. Does it require to put something in rtpengine.service file (like after run after service)? Or systemd figures it out by itself?
Cheers, Daniel
On 17.01.20 15:30, Sergey Safarov wrote:
Systemd seems to have the "ExecStartPre" option, is it what people use to ensure the rtpengine kernel module is loaded and iptables rule exists?
yes, that is option But this command will be executed for Every daemon start.
Any systemd-specific wayt to run a script only once after system boot? I have seen workarounds on the net for creating like a rc.local service, but they didn't look to be systemd-native
I can recommend create dedicated systemd unit file "prepare-rtpengine.service" Like this
[Unit] Description=prepare rpengine
[Service] Type=oneshot RemainAfterExit=yes ExecStartPre=/usr/sbin/modprobe xt_RTPENGINE ExecStart=/usr/sbin/iptables -I INPUT -p udp -j RTPENGINE --id 0 ExecStartPost=ip6tables -I INPUT -p udp -j RTPENGINE --id 0 StandardOutput=syslog StandardError=syslog
[Install] RequiredBy=rtpengine.service WantedBy=basic.target
and then systemctl enable prepare-rtpengine.service
This will create dependency that will be execute one tme before rtpengine daemon started.
On Fri, Jan 17, 2020 at 5:03 PM Daniel-Constantin Mierla <miconda@gmail.com mailto:miconda@gmail.com> wrote:
Hello, do people here have (implemented) special ways to properly start rtpengine with kernel forwarding after system reboot? From rtpengine readme: """ A typical start-up sequence including in-kernel forwarding might look like this: # this only needs to be one once after system (re-) boot modprobe xt_RTPENGINE iptables -I INPUT -p udp -j RTPENGINE --id 0 ip6tables -I INPUT -p udp -j RTPENGINE --id 0 # ensure that the table we want to use doesn't exist - usually needed after a daemon # restart, otherwise will error echo 'del 0' > /proc/rtpengine/control # start daemon /usr/sbin/rtpengine --table=0 --interface=10.64.73.31 --interface=2001:db8::4f3:3d \ --listen-ng=127.0.0.1:2223 <http://127.0.0.1:2223> --tos=184 --pidfile=/run/rtpengine.pid --no-fallback """ I was relying on shell scripts executed on boot time, but now that systemd is more common, I am looking to see what are "standard"/"recommended" ways for running additional scripts besides the start/stop daemon, which makes it also easier to build packages not worrying about the type of OS and how it can run scripts at startup. Systemd seems to have the "ExecStartPre" option, is it what people use to ensure the rtpengine kernel module is loaded and iptables rule exists? Any systemd-specific wayt to run a script only once after system boot? I have seen workarounds on the net for creating like a rc.local service, but they didn't look to be systemd-native, ... Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts. Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com <http://www.kamailioworld.com> _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org <mailto:sr-users@lists.kamailio.org> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
On 17/01/2020 09.01, Daniel-Constantin Mierla wrote:
Hello,
do people here have (implemented) special ways to properly start rtpengine with kernel forwarding after system reboot?
On our own systems, we have xt_RTPENGINE loaded through modules-load.d, and the iptables rule added through iptables-persistent. But obviously this is not a generic solution as there are dependencies.
Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts.
This is not actually required any more. The daemon itself handles this on startup now.
Cheers
On 17.01.20 15:50, Richard Fuchs wrote:
On 17/01/2020 09.01, Daniel-Constantin Mierla wrote:
Hello,
do people here have (implemented) special ways to properly start rtpengine with kernel forwarding after system reboot?
On our own systems, we have xt_RTPENGINE loaded through modules-load.d, and the iptables rule added through iptables-persistent. But obviously this is not a generic solution as there are dependencies.
Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts.
This is not actually required any more. The daemon itself handles this on startup now.
Thanks for clarifying its status!
Cheers, Daniel
Hi Daniel For my needs i installed rtpengine also. To be sure rtpengine in kernel forwarding mode I configured
systemd unit file
[root@ip-44-230-120-21 ~]# cat /etc/systemd/system/rtpengine.service [Unit] Description=NGCP RtpEngine - RTP Media Proxy Wants=network-online.target After=network-online.target
[Service] Type=simple ExecStart=/usr/sbin/rtpengine -f ExecStartPost=/sbin/iptables -I INPUT -p udp -j RTPENGINE --id 0 ExecStartPost=/sbin/ip6tables -I INPUT -p udp -j RTPENGINE --id 0 ExecStopPost=-/sbin/iptables -D INPUT -p udp -j RTPENGINE --id 0 ExecStopPost=-/sbin/ip6tables -D INPUT -p udp -j RTPENGINE --id 0 Restart=on-failure
[Install] WantedBy=multi-user.target
And inside /etc/rtpengine/rtpengine.conf I defined "no-fallback = true"
With "no-fallback = true" rtpengine wont start if kernel module not available.
Sergey
On Tue, Jan 21, 2020 at 12:28 PM Daniel-Constantin Mierla miconda@gmail.com wrote:
On 17.01.20 15:50, Richard Fuchs wrote:
On 17/01/2020 09.01, Daniel-Constantin Mierla wrote:
Hello,
do people here have (implemented) special ways to properly start rtpengine with kernel forwarding after system reboot?
On our own systems, we have xt_RTPENGINE loaded through modules-load.d, and the iptables rule added through iptables-persistent. But obviously this is not a generic solution as there are dependencies.
Not strictly related, but if someone is aware or had some experiences with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is really needed because on a system where I forgot to have it in the scripts (well, was commented), I haven't noticed any issues after rtpengine restarts.
This is not actually required any more. The daemon itself handles this on startup now.
Thanks for clarifying its status!
Cheers, Daniel
-- Daniel-Constantin Mierla -- www.asipto.com www.twitter.com/miconda -- www.linkedin.com/in/miconda Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Hello,
On 16.03.20 12:49, Sergey Safarov wrote:
Hi Daniel For my needs i installed rtpengine also. To be sure rtpengine in kernel forwarding mode I configured
systemd unit file
[root@ip-44-230-120-21 ~]# cat /etc/systemd/system/rtpengine.service [Unit] Description=NGCP RtpEngine - RTP Media Proxy Wants=network-online.target After=network-online.target
[Service] Type=simple ExecStart=/usr/sbin/rtpengine -f ExecStartPost=/sbin/iptables -I INPUT -p udp -j RTPENGINE --id 0 ExecStartPost=/sbin/ip6tables -I INPUT -p udp -j RTPENGINE --id 0 ExecStopPost=-/sbin/iptables -D INPUT -p udp -j RTPENGINE --id 0 ExecStopPost=-/sbin/ip6tables -D INPUT -p udp -j RTPENGINE --id 0 Restart=on-failure
[Install] WantedBy=multi-user.target
And inside /etc/rtpengine/rtpengine.conf I defined "no-fallback = true"
With "no-fallback = true" rtpengine wont start if kernel module not available.
This is just to be sure it starts only with kernel module and in-kernel forwarding mode, right? So you do not want at all userspace forwarding, better fail than being less performant.
Cheers, Daniel
Sergey
On Tue, Jan 21, 2020 at 12:28 PM Daniel-Constantin Mierla <miconda@gmail.com mailto:miconda@gmail.com> wrote:
On 17.01.20 15:50, Richard Fuchs wrote: > On 17/01/2020 09.01, Daniel-Constantin Mierla wrote: >> Hello, >> >> do people here have (implemented) special ways to properly start >> rtpengine with kernel forwarding after system reboot? > On our own systems, we have xt_RTPENGINE loaded through > modules-load.d, and the iptables rule added through > iptables-persistent. But obviously this is not a generic solution as > there are dependencies. >> Not strictly related, but if someone is aware or had some experiences >> with, I am curious if "echo 'del 0' > /proc/rtpengine/control" is >> really needed because on a system where I forgot to have it in the >> scripts (well, was commented), I haven't noticed any issues after >> rtpengine restarts. > > This is not actually required any more. The daemon itself handles this > on startup now. Thanks for clarifying its status! Cheers, Daniel -- Daniel-Constantin Mierla -- www.asipto.com <http://www.asipto.com> www.twitter.com/miconda <http://www.twitter.com/miconda> -- www.linkedin.com/in/miconda <http://www.linkedin.com/in/miconda> Kamailio Advanced Training - March 9-11, 2020, Berlin - www.asipto.com <http://www.asipto.com> Kamailio World Conference - April 27-29, 2020, in Berlin -- www.kamailioworld.com <http://www.kamailioworld.com> _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org <mailto:sr-users@lists.kamailio.org> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-
Daniel-Constantin Mierla -
Richard Fuchs -
Sergey Safarov