[Users] am I doing it right?

Ohad.Levy at infineon.com Ohad.Levy at infineon.com
Thu Jul 27 11:32:28 CEST 2006


Hi,

Thanks for your reply!

> -----Original Message-----
> From: samuel [mailto:samu60 at gmail.com]
> Sent: Thursday, July 27, 2006 9:39 AM
> To: Levy Ohad (IFKL IT OS TI CS)
> Cc: users at openser.org
> Subject: Re: [Users] am I doing it right?
> 
> Are both proxies using the same remote database???
>
modparam("usrloc|lcr|auth_db|avpops|group","db_url","mysql://openser:ope
ns
> errw at voip-db.mydomain.com/openser")
> If this is the case, when a user agent registers again and makes a SRV
> DNS query, it might get the address of the other server, which tries
> to add to the database a record which will be understood as a
> duplicate by the DB because there's already an entry for that user.

Ok this brings up two questions... first is this the "right" way to do
it, do you see a better way to implement a single database for
registrations?
Secondly, doesn't the client knows which server he is registered to and
keep on using the server? 

 
> The other issues about the Warning and message size has nothing to do
> with DNS "behaviour". It means that the server tries to add a Warning
> header, which includes information useful for debugging purpouses, but
> when openSER checks the size of the message, it realises that the
> message will become bigger than (MTU-200) and therefore it does not
> add the header because it will might to fragmentation problems in UDP.
> You can ignore this problem or disable the adition of this warning
> header if you are not using it.

Ok, does this apply for the warning_builder: buffer size exceeded
message?


> Hope it helps.
Yes it does :)

Thanks


> Samuel.
> 
> 
> 2006/7/26, Ohad.Levy at infineon.com <Ohad.Levy at infineon.com>:
> > Hi All,
> >
> > I'm trying to setup a redundant environment with DNS SRV records, 2
(or
> > more) SIP registration servers, and Asterisk gateways.
> > Basically I've setup both OpenSER clients to t_replicate each other
the
> > registration message if its coming from a client, and save it to the
> > database or to memory when its coming from the other OpenSER server.
> >
> > However, every once in a while, I get message to big, and or
duplicate
> > messages (WARNING: warning skipped -- too big, or ERROR:
> > warning_builder: buffer size exceeded, submit_query: Duplicate entry
> > ,db_insert: Error while submitting query...)
> >
> > While it seems to work in general, I was not sure that this is the
> > "right" way to do it.
> >
> > I'm attaching my openser.cfg of one of the machines; the other is
more
> > or less identical...
> > Thanks
> >
> > # ----------- global configuration parameters
------------------------
> >
> > debug=9            # debug level (cmd line: -dddddddddd)
> > fork=yes
> > log_stderror=no    # (cmd line: -E)
> >
> > check_via=no    # (cmd. line: -v)
> > dns=no          # (cmd. line: -r)
> > listen=172.28.132.20
> > rev_dns=no      # (cmd. line: -R)
> > port=5060
> > children=4
> > fifo="/tmp/openser_fifo"
> > alias="mydomain.com"
> >
> > # ------------------ module loading
----------------------------------
> >
> > loadmodule "/usr/local/lib/openser/modules/mysql.so"
> > loadmodule "/usr/local/lib/openser/modules/sl.so"
> > loadmodule "/usr/local/lib/openser/modules/tm.so"
> > loadmodule "/usr/local/lib/openser/modules/rr.so"
> > loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
> > loadmodule "/usr/local/lib/openser/modules/usrloc.so"
> > loadmodule "/usr/local/lib/openser/modules/registrar.so"
> > loadmodule "/usr/local/lib/openser/modules/textops.so"
> > loadmodule "/usr/local/lib/openser/modules/auth.so"
> > loadmodule "/usr/local/lib/openser/modules/auth_db.so"
> > loadmodule "/usr/local/lib/openser/modules/lcr.so"
> > loadmodule "/usr/local/lib/openser/modules/xlog.so"
> >
> > # ----------------- setting module-specific parameters
---------------
> >
> > modparam("usrloc", "db_mode", 2)
> >
modparam("usrloc|lcr|auth_db|avpops|group","db_url","mysql://openser:ope
> > nserrw at voip-db.mydomain.com/openser")
> > modparam("auth_db", "calculate_ha1", yes) modparam("auth_db",
> > "password_column", "password")
> >
> > modparam("rr", "enable_full_lr", 1)
> >
> > # -------------------------  request routing logic
-------------------
> >
> > # main routing logic
> >
> > route{
> >
> >         # initial sanity checks -- messages with
> >         # max_forwards==0, or excessively long requests
> >         if (!mf_process_maxfwd_header("10")) {
> >                 sl_send_reply("483","Too Many Hops");
> >                 exit;
> >         };
> >
> >         if (msg:len >=  2048 ) {
> >                 sl_send_reply("513", "Message too big");
> >                 exit;
> >         };
> >
> >         # we record-route all messages -- to make sure that
> >         # subsequent messages will go through our proxy; that's
> >         # particularly good if upstream and downstream entities
> >         # use different transport protocol
> >         if (!method=="REGISTER")
> >                 record_route();
> >
> >         # subsequent messages withing a dialog should take the
> >         # path determined by record-routing
> >         if (loose_route()) {
> >                 # mark routing logic in request
> >                 append_hf("P-hint: rr-enforced\r\n");
> >                 route(1);
> >         };
> >
> >         if (!uri==myself) {
> >                 route(1);
> >         };
> >
> >         # Handle Request logic here
> >         if (uri==myself) {
> >                 if (method=="REGISTER") {
> >                         route(2);
> >                         exit;
> >                 }
> >                 lookup("aliases");
> >                 if (!uri==myself) {
> >                         append_hf("P-hint: outbound alias\r\n");
> >                         route(1);
> >                 };
> >
> >                 if (!load_gws()) {
> >                         sl_send_reply("500", "Server Internal Error
-
> > Cannot load gateways");
> >                         exit;
> >                 };
> >                 if (!next_gw()) {
> >                         sl_send_reply("503", "Service not available,
no
> > gateways found");
> >                         log (1,"No more gateways");
> >                 } else {
> >                         log (1,"Found a gateway");
> >                 }
> >                 if (!lookup("location")) {
> >                         sl_send_reply("404", "Not Found");
> >                         exit;
> >                 };
> >                 append_hf("P-hint: usrloc applied\r\n");
> >         };
> >         route(1);
> > }
> >
> >
> > route[1] {
> >         # send it out now; use stateful forwarding as it works
reliably
> >         # even for UDP2TCP
> >         if (!t_relay()) {
> >                 sl_reply_error();
> >         };
> >         exit;
> > }
> >
> > route[2] {
> >         #handle all Registration here....
> >                         if (search("^(Contact|m):
> > .*@(voip.mydomain.com)")){
> >                                log(1, "ALERT: someone trying to set
> > aor==server address\n");
> >                                sl_send_reply("476", "Server address
in
> > contacts is not allowed" );
> >                                exit;
> >                          };
> >
> >         # challenge/response
> >         #if a registration request is coming from another ser
server, it
> > means that's it's already authenticated the user and wrote
> >         #an entry in the database, so lets just write it into our
> > memory.
> >                         if (src_ip==172.28.132.21) {
> >                                 save_memory("location");
> >                                 log(1, "Registered replicated user
from
> > Proxy");
> >                                 exit;
> >                         };
> >                 # this is a new request, lets check that the user is
> > valid.
> >                         if (!www_authorize("mydomain.com",
> > "subscriber")) {
> >                                 www_challenge("mydomain.com", "0");
> >                                 log(1, "Authentication challenge
issued.
> > Waiting for reply.\n");
> >                                 exit;
> >                         };
> >
> >         # Authentication successful, add entry to our Contact
database
> >                         log(1, "Authentication challenge reply
ok.\n");
> >                         if (!save("location")) {
> >                                 sl_reply_error();
> >                                 log(1, "ALERT: Unable to save URI to
> > location database.\n");
> >                         } else {
> >         # and replicate the request to the backup server
> >                                 if (!src_ip==172.28.132.21) {
> >                                      log(1, "REPLICATE: Replicating
> > register request\n");
> >
> > t_replicate("sip:172.28.132.21:5060");
> >                                 };
> >
> >                         };
> > }
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at openser.org
> > http://openser.org/cgi-bin/mailman/listinfo/users
> >




More information about the sr-users mailing list