[SR-Users] Kamailio behind HAProxy
Joey Golan
joeygo at gmail.com
Wed Nov 11 08:12:45 CET 2020
So on your AWS deployment are you working without ANTIFLOOD(pike)?
I still don’t understand how and why to use tcp_accept_haproxy.
On 9 Nov 2020, 11:49 +0200, Sergey Safarov <s.safarov at gmail.com>, wrote:
> In AWS I now use the network load balancer without enabled HAproxy protocol.
> On EC2 instances used two ENI.
> First for traffic via NLB for Inbound traffic.
> And second ENI for outbound traffic.
>
> This works but, maybe complex to implement.
>
> Now I looking to:
> 1) enable TCP + HAproxy protocol support in Kamailio;
> 2) add UDP + HAproxy protocol feature support;
> 3) add connection support "with" and "without" HAproxy protocol.
>
> But I am not a developer and cannot say when it implemented.
>
> If your usage case, is business requirements and need extended HAproxy implementation in Kamailio, then your company can hire devs from the community.
>
>
> > On Mon, Nov 9, 2020 at 11:22 AM Joey Golan <joeygo at gmail.com> wrote:
> > > Maybe I miss understood you.
> > > For local installations you mean HAProxy with transparent mode?
> > >
> > > I have a functioning setup without proxy protocol enabled but without anitflood enabled because all traffic comes from same HAProxy address.
> > >
> > > I’m not sure I understand the purpose of tcp_accept_haproxy. When and how this parameter should be used?
> > >
> > > Thanks,
> > > Joey.
> > > On 9 Nov 2020, 0:27 +0200, Sergey Safarov <s.safarov at gmail.com>, wrote:
> > > > Why you cannot use this in the local installation?
> > > >
> > > > On AWS I have multiple kamailio servers behind ELB.
> > > >
> > > > Why you do not use a network load-balancer? NLB also offers HAproxy protocol support (TCP and UDP).
> > > >
> > > > In AWS installation you can use dedicated Kamailio groups for inbound connections and SIP clients with registration.
> > > > And use other Kamailio group for outbound connections like carriers.
> > > >
> > > > Sergey
> > > >
> > > > > On Sun, Nov 8, 2020 at 9:07 PM Joey Golan <joeygo at gmail.com> wrote:
> > > > > > It doesn’t make much sense to me.
> > > > > > On local installations (on-premise) I have 1 HAProxy and multiple kamailio servers.
> > > > > > On AWS I have multiple kamailio servers behind ELB.
> > > > > > On 8 Nov 2020, 19:45 +0200, Sergey Safarov <s.safarov at gmail.com>, wrote:
> > > > > > > you can try place haproxy + NAT on your own Linux router.
> > > > > > > In this case inbound connections with be delivered via HAproxy.
> > > > > > > Outbound connections will be NAT-ed on the same host, to the same IP.
> > > > > > >
> > > > > > > > On Sun, Nov 8, 2020 at 6:31 PM Joey Golan <joeygo at gmail.com> wrote:
> > > > > > > > > Hello,
> > > > > > > > > I have a kamailio server running behind HAProxy with proxy protocol v2 enabled.
> > > > > > > > > In Kamailio I have set the parameter tcp_accept_haproxy=yes and loaded tcpops module.
> > > > > > > > > UEs are registered using TLS and kamailio sees that the message has received from their real ip address + port and not HAProxy ip + port.
> > > > > > > > > When UE A calls UE B, kamailio is trying to reach UE B using his real ip address and port instead of HAProxy IP address + port.
> > > > > > > > >
> > > > > > > > > I know I can get the tcp ip and port of HAProxy using $tcp(c_si) and $tcp(c_sp) but I can’t make it work.
> > > > > > > > > What is the right way to do this? How should I use these variables properly in order to establish the call successfully?
> > > > > > > > >
> > > > > > > > > Thanks,
> > > > > > > > > Joey.
> > > > > > > > > _______________________________________________
> > > > > > > > > Kamailio (SER) - Users Mailing List
> > > > > > > > > sr-users at lists.kamailio.org
> > > > > > > > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> > > > > > > _______________________________________________
> > > > > > > Kamailio (SER) - Users Mailing List
> > > > > > > sr-users at lists.kamailio.org
> > > > > > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> > > > > > _______________________________________________
> > > > > > Kamailio (SER) - Users Mailing List
> > > > > > sr-users at lists.kamailio.org
> > > > > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> > > > _______________________________________________
> > > > Kamailio (SER) - Users Mailing List
> > > > sr-users at lists.kamailio.org
> > > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> > > _______________________________________________
> > > Kamailio (SER) - Users Mailing List
> > > sr-users at lists.kamailio.org
> > > https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20201111/dfe97280/attachment.htm>
More information about the sr-users
mailing list