[SR-Users] Kamailio behind NAT or With Public IP - Which one is highly recommended

Daniel-Constantin Mierla miconda at gmail.com
Wed Feb 27 11:36:30 CET 2019


Hello,

there were companies that pushed hundred thousands of active tls
connections to same kamailio and it went fine. You will have to do some
tuning to kamailio params as well as to the operating system limits, but
if you have powerful hardware, having such number of active tls
connections should be fine.

Cheers,
Daniel

On 27.02.19 11:30, Pintu Lohar wrote:
> Hi Yasin, 
> Not yet tested, My bad - it's 0.1 million with TLS but yes we are yet
> to test ), We need to distribute the users to different Kamailio
> cluster through API server. However, Would like to try Option 2 as
> well and test with it. 
>
> Regards 
> Pintu Lohar 
>
> On Wed, Feb 27, 2019 at 7:16 PM YASIN CANER <caner_yaso at hotmail.com
> <mailto:caner_yaso at hotmail.com>> wrote:
>
>     Hello Pintu
>
>     1 million TLS user? Have u ever test with tester on Kamailio
>     ?Because I remembered in sr-mails that an user tested on 1000
>     client on TLS transport , it consumes so much CPU etc . I guess 1
>     milliyonTLSUser make big impact your system for all registration/call.
>
>     I tested option-2 for relaying registers about 1-2 years ago for
>     proof of concept. It works fine.
>
>     you can replicate user location data by Dmq_usrloc module and can
>     use path header then build a triangle topology to bridge calls. 
>     Or
>     You can build a Location Information service to find which
>     kamailio  has UAC data .
>
>     Best Regards.
>
>     Yasin CANER
>
>     ------------------------------------------------------------------------
>     *From:* Pintu Lohar <pintulohargcetts at gmail.com
>     <mailto:pintulohargcetts at gmail.com>>
>     *Sent:* Wednesday, February 27, 2019 12:27 PM
>     *To:* YASIN CANER
>     *Cc:* Kamailio (SER) - Users Mailing List
>     *Subject:* Re: [SR-Users] Kamailio behind NAT or With Public IP -
>     Which one is highly recommended
>      
>     Hi Yasin, 
>     Thanks indeed for your valuable input for the
>     active-active cluster(Option-1) &  Option-2
>
>     We definitely would like to try setting up an
>     active-active cluster for the next phase if not in current phase.
>     But In order to use  Kamailio in the active-active cluster,  I
>     think we need to forward or replicate registration to both the
>     active-active server?
>     in order to proxy the invite packet through the server where the
>     UA is registered?  
>
>     We use the following use cases   : 
>     1. We use FCM and APNS push to wake up the app.
>     2. Multi forking / Late forking cases are also involved.
>     3. Using Kamailio as a stateful proxy.
>
>     Thanks & Regards 
>     Pintu 
>
>     On Wed, Feb 27, 2019 at 3:10 PM YASIN CANER
>     <caner_yaso at hotmail.com <mailto:caner_yaso at hotmail.com>> wrote:
>
>         Hello,
>
>         My suggestion is that stay away from NAT if you dont have to.
>         various  sip client/Firewalls make out troubles for
>         registration and invites,  even if Kamailio can handle it.  If
>         you have a high load TLS connection / subscriber , I think you
>         should use load balancer and NAT options.
>
>         For example;
>         1 - Load balancer like F5  that balancing your connection
>         active-active Kamailios 
>
>
>         UAC ----> F5 ------> Kamailio -1 (advertises public IP)
>                            |
>                             ------->  Kamailio -2 (advertises public IP)
>
>         2- Use kamailio as MultiHomed that convert transport layer to
>         tcp/udp
>
>         UAC ---------> Kamailio(TLS-PUBLIC IP-mhomed) -------> 
>         Kamailio-1(TCP/UDP)
>                                                                      
>                             |
>                                                                      
>                              ---------> Kamailio-2(TCP/UDP)
>
>
>         Good luck
>
>         Yasin CANER
>
>         ------------------------------------------------------------------------
>         *From:* sr-users <sr-users-bounces at lists.kamailio.org
>         <mailto:sr-users-bounces at lists.kamailio.org>> on behalf of
>         Pintu Lohar <pintulohargcetts at gmail.com
>         <mailto:pintulohargcetts at gmail.com>>
>         *Sent:* Tuesday, February 26, 2019 8:09 AM
>         *To:* sr-users at lists.kamailio.org
>         <mailto:sr-users at lists.kamailio.org>
>         *Subject:* [SR-Users] Kamailio behind NAT or With Public IP -
>         Which one is highly recommended
>          
>         Hi Everyone, 
>
>         Which one among the below option is highly recommended for
>         setting up Kamailio (for production)
>           1.  Kamailio behind NAT *or* 
>            2. Setting up Kamailio using public IP?
>
>          are there any disadvantages if we setup Kamailio behind NAT
>         and use advertise option in listen parameters?
>
>         We have tested both the options, and both the options work
>         great for us( a. Kamailio behind NAT with advertising in
>         listen parameters b.Kamailio setup with public IP).  So
>         wondering which one is best and highly recommended? 
>
>         Some extra info :
>         1. We use TLS
>         2. Using coturn for media 
>          
>         Thanks
>         Pintu 
>
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla -- www.asipto.com
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio World Conference - May 6-8, 2019 -- www.kamailioworld.com
Kamailio Advanced Training - Mar 4-6, 2019 in Berlin; Mar 25-27, 2019, in Washington, DC, USA -- www.asipto.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20190227/49b4fce0/attachment.html>


More information about the sr-users mailing list