[Devel] Blacklist and failover
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Thu Feb 8 10:33:20 CET 2007
Hi Alex,
Alex wrote:
> Hello,
>
>
>> the 408 timeout was locally generated by openser or was received? if it
>> is the first case, was there any provisional reply received from UAS?
>>
>
> Locally generated by server. It was first try to send packet to another server which was off-line.
> Another requests were not sent and 477 was returned by server.
>
yes - this is a typical case of DNS-based server - your openser detected
the destination server as non-responsive and blocked all requests to if
for the short period of time (4 minutes) - this a self protection
mechanism to avoid bottlenecks and DOS against unreachable destinations.
regards,
bogdan
>
>> I'm asking because a local generated 408 timeout with no reply received
>> is considered a failure that triggers DNS-based failover (RFC3262) and
>> if disable_dns_blacklist=no, the destination IP address will be
>> blacklisted for 4 minutes.
>>
>> can you check if this was the case?
>>
>> you can inspect the content of the blacklist via MI command
>> "list_blacklists"
>>
>
> 200 OK
> List:: dns owner=17 flags=6
> Rule:: flags=0
> IP:: ip
> Mask:: 255.255.255.255
> Proto:: 1
> Port:: port
> Expire:: 556
>
>
More information about the Devel
mailing list