[SR-Users] IMS IPSec does use UDP socket?

H Yavari hyavari at rocketmail.com
Tue Jun 1 20:58:50 CEST 2021 

 Yes, you are right.I just couldn't understand the relation between children and IPsec port/spi ranges.
Regards,Hossein
    On Tuesday, June 1, 2021, 02:48:07 AM PDT, Henning Westerholt <hw at skalatan.de> wrote:  
 
 
Hello,
 
  
 
not sure why you think that the ims_ipsec_pcscf module is listening only on UDP. It seems to be also listening on TCP:
 
  
 
                        //add listen interfaces for IPv4
 
                        if(add_listen_iface(addr4, NULL, ipsec_client_port + i, PROTO_TCP, 0) != 0) {
 
                                LM_ERR("Error adding listen ipsec client TCP interface for IPv4\n");
 
                                return -1;
 
                        }
 
  
 
                        if(add_listen_iface(addr4, NULL, ipsec_server_port + i, PROTO_TCP, 0) != 0) {
 
                                LM_ERR("Error adding listen ipsec server TCP interface for IPv4\n");
 
                                return -1;
 
                        }
 
  
 
                        if(add_listen_iface(addr4, NULL, ipsec_client_port + i, PROTO_UDP, 0) != 0) {
 
                                LM_ERR("Error adding listen ipsec client UDP interface for IPv4\n");
 
                                return -1;
 
                        }
 
  
 
                        if(add_listen_iface(addr4, NULL, ipsec_server_port + i, PROTO_UDP, 0) != 0) {
 
                                LM_ERR("Error adding listen ipsec server UDP interface for IPv4\n");
 
                                return -1;
 
                        }
 
  
 
Cheers,
 
  
 
Henning
 
  
 
-- 
 
Henning Westerholt –https://skalatan.de/blog/
 
Kamailio services –https://gilawa.com
 
  
 
From: sr-users <sr-users-bounces at lists.kamailio.org>On Behalf Of H Yavari
Sent: Thursday, May 20, 2021 3:01 AM
To: Kamailio (SER) - Users Mailing List <sr-users at lists.kamailio.org>
Subject: [SR-Users] IMS IPSec does use UDP socket?
 
  
 
Hi to all,
 
  
 
I am interested in the implementation of IPsec module. When I run Kamailio, it is creating processes based on the below formulate:
 
  
 
UDP children * IPSEC_MAX_CONN * interfaces (v4 and v6) + (TCP+UD) processes for each interface.
 
  
 
For example: 
 
  
 
children = 16
 
tcp_children=16
 
IPSEC_MAX_CONN = 25
 
and two interface : IPv6 and V4
 
  
 
Kamailio process count = (16 * 25 * 2 ) + 16 + 16 = 832
 
  
 
But why IPsec module is listening to UDP not TCP? this is an internal connection?
 
  
 
  
 
  
 
Thank you.
 
  
 
Regards,
 
Hossein
 
  
   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-users/attachments/20210601/3c1b9cce/attachment.htm>

More information about the sr-users mailing list