Hi Mark,

even if the same subscriber table is used, they will generate different nonces. What you can do is to drop authentication on second proxy if the source address is the first proxy.

regards, bogdan

Mark Price wrote:

Hi, I'm attempting to use t_replicate in order to load balance the registration proxy. However, when the REGISTER packet goes to proxy2, it says "401 Unauthorized".

Both openser installations are working off of the same mysql database. The first proxy has a srv record for the domain being served, the second does not.

The first openser.cfg looks like this:

    if (uri==myself) {
            if (method=="REGISTER") {
                    # Uncomment this if you want to use digest 

authentication if (!www_authorize("voipcall.com http://voipcall.com", "subscriber")) { www_challenge("voipcall.com http://voipcall.com", "0"); exit; }; save("location"); t_replicate('proxy2'); exit; };

the second looks like this: if (uri==myself) { if (method=="REGISTER") { # Uncomment this if you want to use digest authentication if (!www_authorize("voipcall.com http://voipcall.com", "subscriber")) { www_challenge("voipcall.com http://voipcall.com", "0"); exit; }; save("location"); exit; };

Both openser instances have aliases for the domain, and as I said before, are operating off of the same database backend. Furthermore, if I set the sip client's sip domain so that it will register directly with proxy2, the phone registers with now problem.

However, when the t_replicate executes, syslog says this: Dec 4 23:26:01 /usr/sbin/openser[15365]: check_nonce(): comparing [4574af56734dbd1d5c2c81242a74ba5cb5703c79] and [4574af56989148c2191ea66c5c3c1d75726da244] Dec 4 23:26:01 /usr/sbin/openser[15365]: pre_auth(): Invalid nonce value received

Thanks, Mark

---

---

Users mailing list Users@openser.org http://openser.org/cgi-bin/mailman/listinfo/users