[SR-Users] Kamailio behind HAProxy
Sergey Safarov
s.safarov at gmail.com
Wed Nov 11 09:38:09 CET 2020
Now I not use pike.
On Wed, Nov 11, 2020 at 10:21 AM Joey Golan <joeygo at gmail.com> wrote:
> So on your AWS deployment are you working without ANTIFLOOD(pike)?
>
> I still don’t understand how and why to use tcp_accept_haproxy.
> On 9 Nov 2020, 11:49 +0200, Sergey Safarov <s.safarov at gmail.com>, wrote:
>
> In AWS I now use the network load balancer without enabled HAproxy
> protocol.
> On EC2 instances used two ENI.
> First for traffic via NLB for Inbound traffic.
> And second ENI for outbound traffic.
>
> This works but, maybe complex to implement.
>
> Now I looking to:
> 1) enable TCP + HAproxy protocol support in Kamailio;
> 2) add UDP + HAproxy protocol feature support;
> 3) add connection support "with" and "without" HAproxy protocol.
>
> But I am not a developer and cannot say when it implemented.
>
> If your usage case, is business requirements and need extended HAproxy
> implementation in Kamailio, then your company can hire devs from the
> community.
>
>
> On Mon, Nov 9, 2020 at 11:22 AM Joey Golan <joeygo at gmail.com> wrote:
>
>> Maybe I miss understood you.
>> For local installations you mean HAProxy with transparent mode?
>>
>> I have a functioning setup without proxy protocol enabled but without
>> anitflood enabled because all traffic comes from same HAProxy address.
>>
>> I’m not sure I understand the purpose of tcp_accept_haproxy. When and how
>> this parameter should be used?
>>
>> Thanks,
>> Joey.
>> On 9 Nov 2020, 0:27 +0200, Sergey Safarov <s.safarov at gmail.com>, wrote:
>>
>> Why you cannot use this in the local installation?
>>
>> On AWS I have multiple kamailio servers behind ELB.
>>
>> Why you do not use a network load-balancer? NLB also offers HAproxy
>> protocol support (TCP and UDP).
>>
>> In AWS installation you can use dedicated Kamailio groups for inbound
>> connections and SIP clients with registration.
>> And use other Kamailio group for outbound connections like carriers.
>>
>> Sergey
>>
>> On Sun, Nov 8, 2020 at 9:07 PM Joey Golan <joeygo at gmail.com> wrote:
>>
>>> It doesn’t make much sense to me.
>>> On local installations (on-premise) I have 1 HAProxy and multiple
>>> kamailio servers.
>>> On AWS I have multiple kamailio servers behind ELB.
>>> On 8 Nov 2020, 19:45 +0200, Sergey Safarov <s.safarov at gmail.com>, wrote:
>>>
>>> you can try place haproxy + NAT on your own Linux router.
>>> In this case inbound connections with be delivered via HAproxy.
>>> Outbound connections will be NAT-ed on the same host, to the same IP.
>>>
>>> On Sun, Nov 8, 2020 at 6:31 PM Joey Golan <joeygo at gmail.com> wrote:
>>>
>>>> Hello,
>>>> I have a kamailio server running behind HAProxy with proxy protocol v2
>>>> enabled.
>>>> In Kamailio I have set the parameter tcp_accept_haproxy=yes and loaded
>>>> tcpops module.
>>>> UEs are registered using TLS and kamailio sees that the message has
>>>> received from their real ip address + port and not HAProxy ip + port.
>>>> When UE A calls UE B, kamailio is trying to reach UE B using his real
>>>> ip address and port instead of HAProxy IP address + port.
>>>>
>>>> I know I can get the tcp ip and port of HAProxy using $tcp(c_si) and
>>>> $tcp(c_sp) but I can’t make it work.
>>>> What is the right way to do this? How should I use these variables
>>>> properly in order to establish the call successfully?
>>>>
>>>> Thanks,
>>>> Joey.
>>>> _______________________________________________
>>>> Kamailio (SER) - Users Mailing List
>>>> sr-users at lists.kamailio.org
>>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>>> _______________________________________________
>>> Kamailio (SER) - Users Mailing List
>>> sr-users at lists.kamailio.org
>>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
>> _______________________________________________
>> Kamailio (SER) - Users Mailing List
>> sr-users at lists.kamailio.org
>> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20201111/a28ace7a/attachment.htm>
More information about the sr-users
mailing list