[Users] am I doing it right?
Ohad.Levy at infineon.com
Ohad.Levy at infineon.com
Thu Jul 27 11:32:28 CEST 2006
Hi,
Thanks for your reply!
> -----Original Message-----
> From: samuel [mailto:samu60 at gmail.com]
> Sent: Thursday, July 27, 2006 9:39 AM
> To: Levy Ohad (IFKL IT OS TI CS)
> Cc: users at openser.org
> Subject: Re: [Users] am I doing it right?
>
> Are both proxies using the same remote database???
>
modparam("usrloc|lcr|auth_db|avpops|group","db_url","mysql://openser:ope
ns
> errw at voip-db.mydomain.com/openser")
> If this is the case, when a user agent registers again and makes a SRV
> DNS query, it might get the address of the other server, which tries
> to add to the database a record which will be understood as a
> duplicate by the DB because there's already an entry for that user.
Ok this brings up two questions... first is this the "right" way to do
it, do you see a better way to implement a single database for
registrations?
Secondly, doesn't the client knows which server he is registered to and
keep on using the server?
> The other issues about the Warning and message size has nothing to do
> with DNS "behaviour". It means that the server tries to add a Warning
> header, which includes information useful for debugging purpouses, but
> when openSER checks the size of the message, it realises that the
> message will become bigger than (MTU-200) and therefore it does not
> add the header because it will might to fragmentation problems in UDP.
> You can ignore this problem or disable the adition of this warning
> header if you are not using it.
Ok, does this apply for the warning_builder: buffer size exceeded
message?
> Hope it helps.
Yes it does :)
Thanks
> Samuel.
>
>
> 2006/7/26, Ohad.Levy at infineon.com <Ohad.Levy at infineon.com>:
> > Hi All,
> >
> > I'm trying to setup a redundant environment with DNS SRV records, 2
(or
> > more) SIP registration servers, and Asterisk gateways.
> > Basically I've setup both OpenSER clients to t_replicate each other
the
> > registration message if its coming from a client, and save it to the
> > database or to memory when its coming from the other OpenSER server.
> >
> > However, every once in a while, I get message to big, and or
duplicate
> > messages (WARNING: warning skipped -- too big, or ERROR:
> > warning_builder: buffer size exceeded, submit_query: Duplicate entry
> > ,db_insert: Error while submitting query...)
> >
> > While it seems to work in general, I was not sure that this is the
> > "right" way to do it.
> >
> > I'm attaching my openser.cfg of one of the machines; the other is
more
> > or less identical...
> > Thanks
> >
> > # ----------- global configuration parameters
------------------------
> >
> > debug=9 # debug level (cmd line: -dddddddddd)
> > fork=yes
> > log_stderror=no # (cmd line: -E)
> >
> > check_via=no # (cmd. line: -v)
> > dns=no # (cmd. line: -r)
> > listen=172.28.132.20
> > rev_dns=no # (cmd. line: -R)
> > port=5060
> > children=4
> > fifo="/tmp/openser_fifo"
> > alias="mydomain.com"
> >
> > # ------------------ module loading
----------------------------------
> >
> > loadmodule "/usr/local/lib/openser/modules/mysql.so"
> > loadmodule "/usr/local/lib/openser/modules/sl.so"
> > loadmodule "/usr/local/lib/openser/modules/tm.so"
> > loadmodule "/usr/local/lib/openser/modules/rr.so"
> > loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
> > loadmodule "/usr/local/lib/openser/modules/usrloc.so"
> > loadmodule "/usr/local/lib/openser/modules/registrar.so"
> > loadmodule "/usr/local/lib/openser/modules/textops.so"
> > loadmodule "/usr/local/lib/openser/modules/auth.so"
> > loadmodule "/usr/local/lib/openser/modules/auth_db.so"
> > loadmodule "/usr/local/lib/openser/modules/lcr.so"
> > loadmodule "/usr/local/lib/openser/modules/xlog.so"
> >
> > # ----------------- setting module-specific parameters
---------------
> >
> > modparam("usrloc", "db_mode", 2)
> >
modparam("usrloc|lcr|auth_db|avpops|group","db_url","mysql://openser:ope
> > nserrw at voip-db.mydomain.com/openser")
> > modparam("auth_db", "calculate_ha1", yes) modparam("auth_db",
> > "password_column", "password")
> >
> > modparam("rr", "enable_full_lr", 1)
> >
> > # ------------------------- request routing logic
-------------------
> >
> > # main routing logic
> >
> > route{
> >
> > # initial sanity checks -- messages with
> > # max_forwards==0, or excessively long requests
> > if (!mf_process_maxfwd_header("10")) {
> > sl_send_reply("483","Too Many Hops");
> > exit;
> > };
> >
> > if (msg:len >= 2048 ) {
> > sl_send_reply("513", "Message too big");
> > exit;
> > };
> >
> > # we record-route all messages -- to make sure that
> > # subsequent messages will go through our proxy; that's
> > # particularly good if upstream and downstream entities
> > # use different transport protocol
> > if (!method=="REGISTER")
> > record_route();
> >
> > # subsequent messages withing a dialog should take the
> > # path determined by record-routing
> > if (loose_route()) {
> > # mark routing logic in request
> > append_hf("P-hint: rr-enforced\r\n");
> > route(1);
> > };
> >
> > if (!uri==myself) {
> > route(1);
> > };
> >
> > # Handle Request logic here
> > if (uri==myself) {
> > if (method=="REGISTER") {
> > route(2);
> > exit;
> > }
> > lookup("aliases");
> > if (!uri==myself) {
> > append_hf("P-hint: outbound alias\r\n");
> > route(1);
> > };
> >
> > if (!load_gws()) {
> > sl_send_reply("500", "Server Internal Error
-
> > Cannot load gateways");
> > exit;
> > };
> > if (!next_gw()) {
> > sl_send_reply("503", "Service not available,
no
> > gateways found");
> > log (1,"No more gateways");
> > } else {
> > log (1,"Found a gateway");
> > }
> > if (!lookup("location")) {
> > sl_send_reply("404", "Not Found");
> > exit;
> > };
> > append_hf("P-hint: usrloc applied\r\n");
> > };
> > route(1);
> > }
> >
> >
> > route[1] {
> > # send it out now; use stateful forwarding as it works
reliably
> > # even for UDP2TCP
> > if (!t_relay()) {
> > sl_reply_error();
> > };
> > exit;
> > }
> >
> > route[2] {
> > #handle all Registration here....
> > if (search("^(Contact|m):
> > .*@(voip.mydomain.com)")){
> > log(1, "ALERT: someone trying to set
> > aor==server address\n");
> > sl_send_reply("476", "Server address
in
> > contacts is not allowed" );
> > exit;
> > };
> >
> > # challenge/response
> > #if a registration request is coming from another ser
server, it
> > means that's it's already authenticated the user and wrote
> > #an entry in the database, so lets just write it into our
> > memory.
> > if (src_ip==172.28.132.21) {
> > save_memory("location");
> > log(1, "Registered replicated user
from
> > Proxy");
> > exit;
> > };
> > # this is a new request, lets check that the user is
> > valid.
> > if (!www_authorize("mydomain.com",
> > "subscriber")) {
> > www_challenge("mydomain.com", "0");
> > log(1, "Authentication challenge
issued.
> > Waiting for reply.\n");
> > exit;
> > };
> >
> > # Authentication successful, add entry to our Contact
database
> > log(1, "Authentication challenge reply
ok.\n");
> > if (!save("location")) {
> > sl_reply_error();
> > log(1, "ALERT: Unable to save URI to
> > location database.\n");
> > } else {
> > # and replicate the request to the backup server
> > if (!src_ip==172.28.132.21) {
> > log(1, "REPLICATE: Replicating
> > register request\n");
> >
> > t_replicate("sip:172.28.132.21:5060");
> > };
> >
> > };
> > }
> >
> >
> > _______________________________________________
> > Users mailing list
> > Users at openser.org
> > http://openser.org/cgi-bin/mailman/listinfo/users
> >
More information about the sr-users
mailing list