[SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended

YASIN CANER caner_yaso at hotmail.com
Wed Feb 27 11:16:39 CET 2019


Hello Pintu

1 million TLS user? Have u ever test with tester on Kamailio ?Because I remembered in sr-mails that an user tested on 1000 client on TLS transport , it consumes so much CPU etc . I guess 1 milliyonTLSUser make big impact your system for all registration/call.

I tested option-2 for relaying registers about 1-2 years ago for proof of concept. It works fine.

you can replicate user location data by Dmq_usrloc module and can use path header then build a triangle topology to bridge calls.
Or
You can build a Location Information service to find which kamailio  has UAC data .

Best Regards.

Yasin CANER

________________________________
From: Pintu Lohar <pintulohargcetts at gmail.com>
Sent: Wednesday, February 27, 2019 12:27 PM
To: YASIN CANER
Cc: Kamailio (SER) - Users Mailing List
Subject: Re: [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended

Hi Yasin,
Thanks indeed for your valuable input for the active-active cluster(Option-1) &  Option-2

We definitely would like to try setting up an active-active cluster for the next phase if not in current phase.
But In order to use  Kamailio in the active-active cluster,  I think we need to forward or replicate registration to both the active-active server?
in order to proxy the invite packet through the server where the UA is registered?

We use the following use cases   :
1. We use FCM and APNS push to wake up the app.
2. Multi forking / Late forking cases are also involved.
3. Using Kamailio as a stateful proxy.

Thanks & Regards
Pintu

On Wed, Feb 27, 2019 at 3:10 PM YASIN CANER <caner_yaso at hotmail.com<mailto:caner_yaso at hotmail.com>> wrote:
Hello,

My suggestion is that stay away from NAT if you dont have to. various  sip client/Firewalls make out troubles for registration and invites,  even if Kamailio can handle it.  If you have a high load TLS connection / subscriber , I think you should use load balancer and NAT options.

For example;
1 - Load balancer like F5  that balancing your connection active-active Kamailios


UAC ----> F5 ------> Kamailio -1 (advertises public IP)
                   |
                    ------->  Kamailio -2 (advertises public IP)

2- Use kamailio as MultiHomed that convert transport layer to tcp/udp

UAC ---------> Kamailio(TLS-PUBLIC IP-mhomed) ------->  Kamailio-1(TCP/UDP)
                                                                                  |
                                                                                   ---------> Kamailio-2(TCP/UDP)


Good luck

Yasin CANER

________________________________
From: sr-users <sr-users-bounces at lists.kamailio.org<mailto:sr-users-bounces at lists.kamailio.org>> on behalf of Pintu Lohar <pintulohargcetts at gmail.com<mailto:pintulohargcetts at gmail.com>>
Sent: Tuesday, February 26, 2019 8:09 AM
To: sr-users at lists.kamailio.org<mailto:sr-users at lists.kamailio.org>
Subject: [SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended

Hi Everyone,

Which one among the below option is highly recommended for setting up Kamailio (for production)
  1.  Kamailio behind NAT or
   2. Setting up Kamailio using public IP?

 are there any disadvantages if we setup Kamailio behind NAT and use advertise option in listen parameters?

We have tested both the options, and both the options work great for us( a. Kamailio behind NAT with advertising in listen parameters b.Kamailio setup with public IP).  So wondering which one is best and highly recommended?

Some extra info :
1. We use TLS
2. Using coturn for media

Thanks
Pintu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20190227/52f1a465/attachment.html>


More information about the sr-users mailing list