[Devel] unmatched cancel again

Juha Heinanen jh at tutpro.com
Mon Oct 24 03:32:10 CEST 2005


it occurred to me that my earlier proposal on creating an invite
transaction for an unmatched cancel is not a good idea, because it would
open yet another opportunity for DoS attacks.  neither is any solution
that would occupy proxy's transaction resources.

in my opinion, the best solution is again the simplest one: silently
discard any unmatched cancels.

if the cancel was for real, but invite got delayed or lost, cancel will
be resend by the UAC and no harm was done by discarding the first
cancel.

even if you decide to implement something more complex, i would very
much appreciate a tm configuration variable

discard_unmatched_cancels

which, if set, would cause the above simple behavior.

-- juha



More information about the Devel mailing list