Login | Register

Documentation

Documentation -> Manuals -> Manual 2.4 -> Core Parameters

Pages for other versions: devel 3.5 3.4 Older versions: 3.3 3.2 3.1 3.0 2.4 2.3 2.2 2.1 1.11 1.10 1.9 1.8 1.7 1.6 1.5 1.4


Core Parameters v2.4
PrevNext

Table of Contents (hide)

  1. 1. Core Keywords
  2. 2. Core parameters
    1. 2.1 abort_on_assert
    2. 2.2 advertised_address
    3. 2.3 advertised_port
    4. 2.4 alias
    5. 2.5 auto_aliases
    6. 2.6 cfg_file
    7. 2.7 cfg_line
    8. 2.8 check_via
    9. 2.9 children
    10. 2.10 chroot
    11. 2.11 debug_mode
    12. 2.12 db_version_table
    13. 2.13 db_default_url
    14. 2.14 db_max_async_connections
    15. 2.15 disable_503_translation
    16. 2.16 disable_core_dump
    17. 2.17 disable_dns_blacklist
    18. 2.18 disable_dns_failover
    19. 2.19 disable_stateless_fwd
    20. 2.20 dns
    21. 2.21 dns_retr_time
    22. 2.22 dns_retr_no
    23. 2.23 dns_servers_no
    24. 2.24 dns_try_ipv6
    25. 2.25 dns_try_naptr
    26. 2.26 dns_use_search_list
    27. 2.27 dst_blacklist
    28. 2.28 enable_asserts
    29. 2.29 event_pkg_threshold
    30. 2.30 event_shm_threshold
    31. 2.31 exec_dns_threshold
    32. 2.32 exec_msg_threshold
    33. 2.33 include_file
    34. 2.34 import_file
    35. 2.35 listen
    36. 2.36 log_facility
    37. 2.37 log_level
    38. 2.38 log_name
    39. 2.39 log_stderror
    40. 2.40 max_while_loops
    41. 2.41 maxbuffer
    42. 2.42 mem-group
    43. 2.43 mem_warming
    44. 2.44 mem_warming_percentage
    45. 2.45 mem_warming_pattern_file
    46. 2.46 memdump | mem_dump
    47. 2.47 memlog | mem_log
    48. 2.48 mcast_loopback
    49. 2.49 mcast_ttl
    50. 2.50 mhomed
    51. 2.51 mpath
    52. 2.52 open_files_limit
    53. 2.53 poll_method
    54. 2.54 port
    55. 2.55 query_buffer_size
    56. 2.56 query_flush_time
    57. 2.57 rev_dns
    58. 2.58 server_header
    59. 2.59 server_signature
    60. 2.60 shm_hash_split_percentage
    61. 2.61 shm_secondary_hash_size
    62. 2.62 sip_warning
    63. 2.63 tcp_children
    64. 2.64 tcp_accept_aliases
    65. 2.65 tcp_listen_backlog
    66. 2.66 tcp_connect_timeout
    67. 2.67 tcp_connection_lifetime
    68. 2.68 tcp_max_connections
    69. 2.69 tcp_max_msg_time
    70. 2.70 tcp_no_new_conn_bflag
    71. 2.71 tcp_threshold
    72. 2.72 tcp_keepalive
    73. 2.73 tcp_keepcount
    74. 2.74 tcp_keepidle
    75. 2.75 tcp_keepinterval
    76. 2.76 tls_ca_list
    77. 2.77 tls_certificate
    78. 2.78 tls_ciphers_list
    79. 2.79 tls_domain
    80. 2.80 tls_handshake_timeout
    81. 2.81 tls_log
    82. 2.82 tls_method
    83. 2.83 tls_port_no
    84. 2.84 tls_private_key
    85. 2.85 tls_require_certificate
    86. 2.86 tls_send_timeout
    87. 2.87 tls_verify
    88. 2.88 tos
    89. 2.89 user_agent_header
    90. 2.90 wdir
    91. 2.91 xlog_buf_size
    92. 2.92 xlog_force_color
    93. 2.93 xlog_default_level

This section lists the all the parameters exported by OpenSIPS core for script usage (to be used in opensips.cfg).

1.  Core Keywords

All the core keywords along with their accepted core values available in previous versions were eliminated in v2.4 and the use of core variables and core functions is recommended instead. For detailed information about what you can use in place of the deprecated keywords, check the migration page keywords section.

2. Core parameters

Global parameters that can be set in configuration file. Accepted values are, depending on the actual parameters strings, numbers and yes/ no. If you need to specify either "yes" or "no" as part of a string, wrap this in double quotes.

2.1 abort_on_assert

Default value: false


Only relevant if asserts are enabled. Set to true in order to make OpenSIPS shut down immediately in case a script assert fails.

Example of usage:

    abort_on_assert = true

2.2 advertised_address

It can be an IP address or string and represents the address advertised in Via header and other destination lumps (e.g RR header). If empty or not set (default value) the socket address from where the request will be sent is used.

WARNING:

  - don't set it unless you know what you are doing (e.g. nat traversal)
  - you can set anything here, no check is made (e.g. foo.bar will be
  accepted even if foo.bar doesn't exist)

Example of usage:

    advertised_address="opensips.org"

NOTE: Aside this global approach, you can also define an advertise IP and port in a per-interface manner (see the "listen" parameter). When advertise values are defined per interface, they will be used only for traffic leaving that interface only.

2.3 advertised_port

The port advertised in Via header and other destination lumps (e.g. RR). If empty or not set (default value) the port from where the message will be sent is used. Same warnings as for 'advertised_address'.

Example of usage:

    advertised_port=5080

NOTE: Aside this global approach, you can also define an advertise IP and port in a per-interface manner (see the "listen" parameter). When advertise values are defined per interface, they will be used only for traffic leaving that interface only.

2.4 alias

Parameter to set alias hostnames for the server. It can be set many times, each value being added in a list to match the hostname when 'myself' is checked.

If the ":port" part is omitted, all ports of the given "hostname" will be considered an alias (similar behavior to port 0).

It is necessary to include the port (the port value used in the "listen=" definitions) in the alias definition otherwise the loose_route() function will not work as expected for local forwards!

Example of usage:

    alias=udp:other.domain.com:5060
    alias=tcp:another.domain.com:5060

2.5 auto_aliases

This parameter controls if aliases should be automatically discovered and added during fixing listening sockets. The auto discovered aliases are result of the DNS lookup (if listen is a name and not IP) or of a reverse DNS lookup on the listen IP.

Far backward compatibility reasons, the default value is "on".

Example of usage:

    auto_aliases=no
    auto_aliases=0

2.6 cfg_file

Returns the name of the corresponding OpenSIPS config file (useful when multiple config files are included).

2.7 cfg_line

Returns the corresponding line inside the OpenSIPS config file.

2.8 check_via

Check if the address in top most via of replies is local. Default value is 0 (check disabled).

Example of usage:

    check_via=1 

2.9 children

Number of worker processes (children) to be created for each UDP or SCTP interface you have defined. Default value is 8.

Example of usage:

    children=16

NOTE: this global value (applicable for all UDP/SCTP interfaces) can be override if you set a different number of children in the definition of a specific interface - so actually you can define a different number of children for each interface (see the "listen" parameter for syntax).

2.10 chroot

The value must be a valid path in the system. If set, OpenSIPS will chroot (change root directory) to its value.

Example of usage:

    chroot=/other/fakeroot

2.11 debug_mode

Enabling the debug_mode option is a fast way to debug your OpenSIPS. This option will automatically force:

  • staying in foreground (do not detach from console)
  • set logging level to 4 (debug)
  • set logging to standard error
  • enable core dumping
  • set UDP worker processes to 2
  • set TCP worker processes to 2

Default value is false/0 (disabled).

NOTE that enabling this option will override all the other individual parameters like foreground mode, log level, children, etc. This parameter was introduced as a replacement for the old fork options.

2.12 db_version_table

The name of the table version to be used by the DB API to check the version of the used tables.
Default value is "version"

Example of usage:

    db_version_table="version_1_8"

2.13 db_default_url

The default DB URL to be used by modules if no per-module URL is given. Default is NULL (not defined)

Example of usage:

    db_default_url="mysql://opensips:opensipsrw@localhost/opensips"

2.14 db_max_async_connections

Maximum number of TCP connections opened from a single OpenSIPS worker to each individual SQL backend. Default value is 10.

Individual backends are determined from DB URLs as follows:

        [ scheme, user, pass, host, port, database ]

Example of usage:

    db_max_async_connections=220

2.15 disable_503_translation

If 'yes', OpenSIPS will not translate the received 503 replies into 500 replies (RFC 3261 clearly states that a proxy should never relay a 503 response, but instead it must transform it into a 500).

Default value is 'no' (do translation).

2.16 disable_core_dump

Can be 'yes' or 'no'. By default core dump limits are set to unlimited or a high enough value. Set this config variable to 'yes' to disable core dump-ing (will set core limits to 0).

Default value is 'no'.

Example of usage:

    disable_core_dump=yes

2.17 disable_dns_blacklist

The DNS resolver, when configured with failover, can automatically store in a temporary blacklist the failed destinations. This will prevent (for a limited period of time) OpenSIPS to send requests to destination known as failed. So, the blacklist can be used as a memory for the DNS resolver.

The temporary blacklist created by DNS resolver is named "dns" and it is by default selected for usage (no need use the use_blacklist()) function. The rules from this list have a life time of 4 minutes - you can change it at compile time, from resolve.c .

Can be 'yes' or 'no'. By default the blacklist is disabled (Default value is 'yes').

Example of usage:

    disable_dns_blacklist=no

2.18 disable_dns_failover

Can be 'yes' or 'no'. By default DNS-based failover is enabled. Set this config variable to 'yes' to disable the DNS-based failover. This is a global option, affecting the core and the modules also.

Default value is 'no'.

Example of usage:

    disable_dns_failover=yes

2.19 disable_stateless_fwd

Can be 'yes' or 'no'. This parameter controls the handling of stateless replies:

    yes - drop stateless replies if stateless fwd functions (like forward) are not used in script
    no - forward stateless replies

Default value is 'yes'.

2.20 dns

This parameter controls if the SIP server should attempt to lookup its own domain name in DNS. If this parameter is set to yes and the domain name is not in DNS a warning is printed on syslog and a "received=" field is added to the via header.

Default is no.

2.21 dns_retr_time

Time in seconds before retrying a dns request. Default value is system specific, depends also on the '/etc/resolv.conf' content (usually 5s).

Example of usage:

    dns_retr_time=3

2.22 dns_retr_no

Number of dns retransmissions before giving up. Default value is system specific, depends also on the '/etc/resolv.conf' content (usually 4).

Example of usage:

    dns_retr_no=3

2.23 dns_servers_no

How many dns servers from the ones defined in '/etc/resolv.conf' will be used. Default value is to use all of them.

Example of usage:

    dns_servers_no=2

2.24 dns_try_ipv6

Can be 'yes' or 'no'. If it is set to 'yes' and a DNS lookup fails, it will retry it for ipv6 (AAAA record). Default value is 'no'.

Example of usage:

    dns_try_ipv6=yes

2.25 dns_try_naptr

Disables the NAPTR lookups when doing DNS based routing for SIP requests - if disabled, the DNS lookup will start with SRV lookups. Can be 'yes' or 'no'. By default it is enabled, value 'yes'.

Example of usage:

    dns_try_naptr=no

2.26 dns_use_search_list

Can be 'yes' or 'no'. If set to 'no', the search list in '/etc/resolv.conf' will be ignored (=> fewer lookups => gives up faster). Default value is 'yes'.

HINT: even if you don't have a search list defined, setting this option to 'no' will still be "faster", because an empty search list is in fact search "" (so even if the search list is empty/missing there will still be 2 dns queries, eg. foo+'.' and foo+""+'.')

Example of usage:

    dns_use_search_list=no

2.27 dst_blacklist

Definition of a static (read-only) IP/destination blacklist. These lists can be selected from script (at runtime) to filter the outgoing requests, based on IP, protocol, port, etc.

Its primary purposes will be to prevent sending requests to critical IPs (like GWs) due DNS or to avoid sending to destinations that are known to be unavailable (temporary or permanent).

Example of usage:

   # filter out requests going to ips of my gws
   dst_blacklist = gw:{( tcp , 192.168.2.400 , 5060 , "" ),( any , 192.168.2.401 , 0 , "" )}
   # block requests going to "evil" networks
   dst_blacklist = net_filter:{ ( any , 192.168.1.120/255.255.255.0 , 0 , "" )}
   # block message requests with nasty words
   dst_blacklist = msg_filter:{ ( any , 192.168.20.0/255.255.255.0 , 0 , "MESSAGE*ugly_word" )}
   # block requests not going to a specific subnet
   dst_blacklist = net_filter2:{ !( any , 192.468.30.0/255.255.255.0 , 0 , "" )}

Each rule is defined by:

  • protocol : TCP, UDP, TLS or "any" for anything
  • port : number or 0 for any
  • ip/mask
  • test patter - is a filename like matching (see "man 3 fnmatch") applied on the outgoing request buffer (first_line+hdrs+body)

2.28 enable_asserts

Default value: false


Set to true in order to enable the assert script statement.

Example of usage:

    enable_asserts = true

2.29 event_pkg_threshold

A number representing the percentage threshold above which the E_CORE_PKG_THRESHOLD event is raised, warning about low amount of free private memory. It accepts integer values between 0 and 100.

Default value is 0 ( event disabled ).

Example of usage:

    event_pkg_threshold = 90

2.30 event_shm_threshold

A number representing the percentage threshold above which the E_CORE_SHM_THRESHOLD event is raised, warning about low amount of free shared memory. It accepts integer values between 0 and 100.

Default value is 0 ( event disabled ).

Example of usage:

    event_shm_threshold = 90

2.31 exec_dns_threshold

A number representing the maximum number of microseconds a DNS query is expected to last. Anything above the set number will trigger a warning message to the logging facility.

Default value is 0 ( logging disabled ).

Example of usage:

    exec_dns_threshold = 60000

2.32 exec_msg_threshold

A number representing the maximum number of microseconds the processing of a SIP msg is expected to last. Anything above the set number will trigger a warning message to the logging facility. Aside from the message and the processing time, the most time consuming function calls from the script will also be logged.

Default value is 0 ( logging disabled ).

Example of usage:

    exec_msg_threshold = 60000

2.33 include_file

Can be called from outside route blocks to load additional routes/blocks or from inside them to simply preform more functions. The file path can be relative or absolute. If it is not an absolute path, first attempt is to locate it relative to current directory. If that fails, second try is relative to directory of the file that includes it. Will throw an error if file is not found.

Example of usage:

    include_file "proxy_regs.cfg"

2.34 import_file

Same as include_file but will not throw an error if file is not found.

Example of usage:

    import_file "proxy_regs.cfg"

2.35 listen

Set the network addresses the SIP server should listen to. Its syntax is protocol:address[:port], where:

  • protocol: should be one of the transport modules loaded in the config file (e.g., udp, tcp, tls)
  • address: can be an IP address, a hostname, a network interface id, or the * wildcard which makes OpenSIPS listen on all possible interfaces for that protocol
  • port: optional, the port used by the listener - if absent, the default port exported by the transport module is used.

This parameter can be set multiple times in same configuration file, the server listening on all addresses specified.

The listen definition may accept several optional parameters for:

  • configuring an advertised IP and port only for an interface. Syntax "AS 11.22.43.44:5060"
  • setting a different number of children for this interface only (for UDP, SCTP and HEP_UDP interfaces only). This will override the global "children" parameter. Syntax "use_children 5"
  • marking the interface as an anycast IP, using the "anycast" token.

Remember that the above parameters only affect the interface they are configured for; if they are not defined for a given interface, the global values will be used instead.

Examples of usage:

    listen = udp:*
    listen = udp:eth1
    listen = tcp:eth1:5062
    listen = tls:localhost:5061
    listen = hep_udp:10.10.10.10:5064
    listen = ws:127.0.0.1:5060 use_children 5
    listen = sctp:127.0.0.1:5060 as 99.88.44.33:5060 use_children 3
    listen = udp:10.10.10.10:5060 anycast

On startup, OpenSIPS reports all the interfaces that it is listening on. The TCP engine processes will be created regardless if you specify only UDP interfaces here.

2.36 log_facility

If OpenSIPS logs to syslog, you can control the facility for logging. Very useful when you want to divert all OpenSIPS logs to a different log file. See the man page syslog(3) for more details.

Default value is LOG_DAEMON.

Example of usage:

    log_facility=LOG_LOCAL0

2.37 log_level

Set the logging level (how verbose OpenSIPS should be). Higher values make OpenSIPS to print more messages.

Examples of usage:

    log_level=1 -- print only important messages (like errors or more critical situations) 
    - recommended for running proxy as daemon

    log_level=4 -- print a lot of debug messages - use it only when doing debugging sessions

Actual values are:

  • -3 - Alert level
  • -2 - Critical level
  • -1 - Error level
  • 1 - Warning level
  • 2 - Notice level
  • 3 - Info level
  • 4 - Debug level

The 'log_level' parameter is usually used in concordance with 'log_stderror' parameter.

Value of 'log_level' parameter can also be get and set dynamically using log_level Core MI function or $log_level script variable.

2.38 log_name

Set the id to be printed in syslog. The value must be a string and has effect only when OpenSIPS runs in daemon mode (fork=yes), after daemonize. Default value is argv[0].

Example of usage:

    log_name="osips-5070"

2.39 log_stderror

With this parameter you can make OpenSIPS to write log messages to standard error. Possible values are:

- "yes" - write the messages to standard error

- "no" - write the messages to syslog

Default value is "no".

Example of usage:

    log_stderror=yes

2.40 max_while_loops

The parameters set the value of maximum loops that can be done within a "while". Comes as a protection to avoid infinite loops in config file execution. Default is 100.

Example of usage:

    max_while_loops=200

2.41 maxbuffer

The size in bytes not to be exceeded during the auto-probing procedure of discovering the maximum buffer size for receiving UDP messages. Default value is 262144.

Example of usage:

    maxbuffer=65536

2.42 mem-group

Defines a group of modules (by name) to get separate memory statistics. OpenSIPS will provide per-group memory information - the number of allocated fragments, the amount of used memory and the amount of real used memory (with memory manager overhead). This is useful if you want to monitor the memory usage of a certain module (or group of modules).

In order for the feature to work you have to run "make generate-mem-stats" and complile with the variable SHM_EXTRA_STATS defined.

Usage example:

    mem-group = "interest": "core" "tm"
    mem-group = "runtime": "dialog" "usrloc" "tm"

For the above example the generated statistics will be named: shmem_group_interest:fragments, shmem_group_interest:memory_used, shmem_group_interest:real_used.

Multiple groups can be defined, but they must not have the same name.

If you want to generate the statistics for the default group (all the other modules not included in a group) you have to complile with the variable SHM_SHOW_DEFAULT_GROUP defined.

2.43 mem_warming

Default value: off


Only relevant when the HP_MALLOC compile flag is enabled. If set to "on", on each startup, OpenSIPS will attempt to restore the memory fragmentation pattern it had before the stop/restart. If no pattern_file from a previous run is found, memory warming is skipped, and the memory allocator simply starts with a big chunk of memory, like all other allocators.


Memory warming is useful when dealing with high volumes of traffic (thousands of cps on multi-core machines - the more cores, the more useful), because processes must mutually exclude themselves when chopping up the initial big memory chunk. By performing fragmentation on startup, OpenSIPS will also behave optimally in the first minute(s) after a restart. Fragmentation usually lasts a few seconds (e.g. ~5 seconds on an 8GB shm pool and 2.4Ghz CPU) - traffic will not be processed at all during this period.

Example of usage:

    mem_warming = on

2.44 mem_warming_percentage

Default value: 75


How much of OpenSIPS's memory should be fragmented with the pattern of the previous run, upon a restart. Used at startup, if mem_warming is enabled.

Example of usage:

    mem_warming_percentage = 50

2.45 mem_warming_pattern_file

Default value: "CFG_DIR/mem_warming_pattern"


Only relevant if mem_warming is enabled. It contains the memory fragmentation pattern of a previous OpenSIPS run. This file is overwritten during each OpenSIPS shutdown, and is used during startup in order to restore the service behavior as soon as possible.

Example of usage:

    mem_warming_pattern_file = "/var/tmp/my_memory_pattern"

mem_dump

2.46 memdump | mem_dump

Log level to print memory status information (runtime and shutdown). It has to be less than the value of 'log_level' parameter if you want memory info to be logged. Default: memdump=L_DBG (4)

Example of usage:

    memdump=2

NOTE that setting memlog (see below), will also set the memdump parameter - if you want different values for memlog and memdump, you need to first set memlog and then memdump.

mem_log

2.47 memlog | mem_log

Log level to print memory debug info. It has to be less than the value of 'log_level' parameter if you want memory info to be logged. Default: memlog=L_DBG (4)

Example of usage:

    memlog=2

NOTE: by setting memlog parameter, the memdump will automatically be set to the same value (see memdump docs).

2.48 mcast_loopback

It can be 'yes' or 'no'. If set to 'yes', multicast datagram are sent over loopback. Default value is 'no'.

Example of usage:

    mcast_loopback=yes

2.49 mcast_ttl

Set the value for multicast ttl. Default value is OS specific (usually 1).

Example of usage:

    mcast_ttl=32

2.50 mhomed

Set the server to try to locate outbound interface on multihomed host. By default is not (0) - it is rather time consuming.

Example of usage:

    mhomed=1

2.51 mpath

Set the module search path. This can be used to simplify the loadmodule parameter

Example of usage:

    mpath="/usr/local/lib/opensips/modules"
    loadmodule "mysql.so"
    loadmodule "uri.so"
    loadmodule "uri_db.so"
    loadmodule "sl.so"
    loadmodule "tm.so"
    ...

2.52 open_files_limit

If set and bigger than the current open file limit, OpenSIPS will try to increase its open file limit to this number. Note: OpenSIPS must be started as root to be able to increase a limit past the hard limit (which, for open files, is 1024 on most systems).

Example of usage:

    open_files_limit=2048

2.53 poll_method

The poll method to be used by the I/O internal reactor - by default the best one for the current OS is selected. The available types are: poll, epoll, sigio_rt, select, kqueue, /dev/poll.

Example of usage:

    poll_method=select

2.54 port

The port the SIP server listens to. The default value for it is 5060.

Example of usage:

    port=5080

2.55 query_buffer_size

If set to a value greater than 1, inserts to DB will not be flushed one by one. Rows to be inserted will be kept in memory until until they gather up to query_buffer_size rows, and only then they will be flushed to the database.

Example of usage:

    query_buffer_size=5

2.56 query_flush_time

If query_buffer_size is set to a value greater than 1, a timer will trigger once every query_flush_time seconds, ensuring that no row will be kept for too long in memory.

Example of usage:

     query_flush_time=10

2.57 rev_dns

This parameter controls if the SIP server should attempt to lookup its own IP address in DNS. If this parameter is set to yes and the IP address is not in DNS a warning is printed on syslog and a "received=" field is added to the via header.

Default is no.

2.58 server_header

The body of Server header field generated by OpenSIPS when it sends a request as UAS. It defaults to "OpenSIPS (<version> (<arch>/<os>))".

Example of usage:

server_header="Server: My Company SIP Proxy"

Please note that you have to add the header name "Server:", otherwise OpenSIPS will just write a header like:

My Company SIP Proxy

2.59 server_signature

This parameter controls the "Server" header in any locally generated message.

Example of usage:

     server_signature=no

If it is enabled (default=yes) a header is generated as in the following example:

     Server: OpenSIPS (0.9.5 (i386/linux))

2.60 shm_hash_split_percentage

Only relevant when the HP_MALLOC compile flag is enabled. It controls how many memory buckets will be optimized. (e.g. setting it to 2% will optimize the first 81 most used buckets as frequency). The default value is 1.

2.61 shm_secondary_hash_size

Only relevant when the HP_MALLOC compile flag is enabled. It represents the optimization factor of a single bucket (e.g. setting it to 4 will cause the optimized buckets to be further split into 4). The default value is 8.

2.62 sip_warning

Can be 0 or 1. If set to 1 (default value is 0) a 'Warning' header is added to each reply generated by OpenSIPS. The header contains several details that help troubleshooting using the network traffic dumps.

Example of usage:

    sip_warning=0

2.63 tcp_children

Number of children processes to be created for reading from TCP connections. If no value is explicitly set, the same number of TCP children as UDP children (see "children" parameter) will be used.

Example of usage:

    tcp_children=4

2.64 tcp_accept_aliases

Default value 0 (disabled). If enabled, OpenSIPS will enforce RFC 5923 behaviour when detecting an ";alias" Via header field parameter and will reuse any TCP (or TLS, WS, WSS) connection opened for such SIP requests (source IP + Via port + proto) when sending other SIP requests backwards, towards the same (source IP + Via port + proto) pair. The final purpose of RFC 5923, after all, is to minimize the number of TLS connections a SIP proxy must open, due to the large CPU overhead of the connection setup phase.


On top of RFC 5923's connection reusage (aliasing) mechanism, TCP connections in OpenSIPS are also persistent across multiple SIP dialogs. This can be controlled with the tcp_connection_lifetime global parameter.


WARNING! Enabling the global tcp_accept_aliases parameter (RFC 5923) for end-user initiated connections (who are most likely grouped by one or more public IPs) is an open vector for call hijacking! In such platforms, we recommend using the force_tcp_alias() core function, in order to employ RFC 5923 behaviour only in conjunction with adjacent SIP proxies.

2.65 tcp_listen_backlog

The backlog argument defines the maximum length to which the queue of pending connections for the TCP listeners may grow. If a connection request arrives when the queue is full, the client may receive an error with an indication of ECONNREFUSED or, if the underlying protocol supports retransmission, the request may be ignored so that a later reattempt at connection succeeds.

Default configured value is 10.

2.66 tcp_connect_timeout

Time in milliseconds before an ongoing blocking attempt to connect will be aborted. Default value is 100ms.

Example of usage:

    tcp_connect_timeout = 5

2.67 tcp_connection_lifetime

Lifetime in seconds for TCP sessions. TCP sessions which are inactive for >tcp_connection_lifetime will be closed by OpenSIPS. Default value is defined in tcp_conn.h: #define DEFAULT_TCP_CONNECTION_LIFETIME 120. Setting this value to 0 will close the TCP connection pretty quick ;-). You can also set the TCP lifetime to the expire value of the REGISTER by using the tcp_persistent_flag parameter of the registrar module.

Example of usage:

    tcp_connection_lifetime = 3600

2.68 tcp_max_connections

Maximum number of active TCP accepted connections (i.e. initiated by remote endpoints). Once the limit is reached, any new incoming TCP connections will be rejected. The default is 2048. For outgoing TCP connections (initiated by OpenSIPS), there is currently no limit.

Example of usage:

    tcp_max_connections = 4096

2.69 tcp_max_msg_time

The maximum number of seconds that a SIP message is expected to arrive via TCP. If a single SIP packet is still not fully received after this number of seconds, the connection is dropped ( either the connection is very overloaded and this leads to high fragmentation - or we are the victim of an ongoing attack where the attacker is sending the traffic very fragmented in order to decrease our performance ). Default value is 4

Example of usage:

    tcp_max_msg_time = 8

2.70 tcp_no_new_conn_bflag

A branch flag to be used as marker to instruct OpenSIPS not to attempt to open a new TCP connection when delivering a request, but only to reuse an existing one (if available). If no existing conn, a generic send error will be returned.

This is intended to be used in NAT scenarios, where makes no sense to open a TCP connection towards a destination behind a NAT (like TCP connection created during registration was lost, so there is no way to contact the device until it re-REGISTER). Also this can be used to detect when a NATed registered user lost his TCP connection, so that opensips can disable his registration as useless.

Example of usage:

     tcp_no_new_conn_bflag = TCP_NO_CONNECT
     ...
     route {
         ...
         if (isflagset(DST_NATED) && $proto == "TCP")
             setbflag(TCP_NO_CONNECT);
         ...
         t_relay("0x02"); # no auto error reply
         $var(retcode) = $rc;
         if ($var(retcode) == -6) {
             #send error
             xlog("unable to send request to destination");
             send_reply("404", "Not Found");
             exit;
         } else if ($var(retcode) < 0) {
             sl_reply_error();
             exit;
         }
     }

2.71 tcp_threshold

A number representing the maximum number of microseconds sending of a TCP request is expected to last. Anything above the set number will trigger a warning message to the logging facility.

Default value is 0 ( logging disabled ).

Example of usage:

    tcp_threshold = 60000

2.72 tcp_keepalive

Enable or disable TCP keepalive (OS level).

Enabled by default.

Example of usage:

    tcp_keepalive = 1

2.73 tcp_keepcount

Number of keepalives to send before closing the connection (Linux only). Default value is Operating System dependent and can be found using cat /proc/sys/net/ipv4/tcp_keepalive_probes. Common value is 9.

Setting tcp_keepcount to any value will enable tcp_keepalive.

Example of usage:

    tcp_keepcount = 5

2.74 tcp_keepidle

Amount of time before OpenSIPS will start to send keepalives if the connection is idle (Linux only). Default value is Operating System dependent and can be found using cat /proc/sys/net/ipv4/tcp_keepalive_time. Common value is 7200 seconds.

Setting tcp_keepidle to any value will enable tcp_keepalive.

Example of usage:

    tcp_keepidle = 30

2.75 tcp_keepinterval

Interval between keepalive probes, if the previous one failed (Linux only). Default value is Operating System dependent and can be found using cat /proc/sys/net/ipv4/tcp_keepalive_intvl. Common value is 75 seconds.

Setting tcp_keepinterval to any value will enable tcp_keepalive.

Example of usage:

    tcp_keepinterval = 10

2.76 tls_ca_list

2.77 tls_certificate

2.78 tls_ciphers_list

2.79 tls_domain

2.80 tls_handshake_timeout

2.81 tls_log

2.82 tls_method

2.83 tls_port_no

2.84 tls_private_key

2.85 tls_require_certificate

2.86 tls_send_timeout

2.87 tls_verify

2.88 tos

The TOS (Type Of Service) to be used for the sent IP packages (both TCP and UDP).

Example of usage:

    tos=IPTOS_LOWDELAY
    tos=0x10
    tos=IPTOS_RELIABILITY

2.89 user_agent_header

The body of User-Agent header field generated by OpenSIPS when it sends a request as UAC. It defaults to "OpenSIPS (<version> (<arch>/<os>))".

Example of usage:

user_agent_header="User-Agent: My Company SIP Proxy"

Please note that you have to include the header name "User-Agent:" as OpenSIPS does not add it and you will get an erroneous header like:

My Company SIP Proxy

2.90 wdir

The working directory used by OpenSIPS at runtime. You might find it usefull when come to generating core files :)

Example of usage:

     wdir="/usr/local/opensips"
     or
     wdir=/usr/opensips_wd

2.91 xlog_buf_size

Default value: 4096


Size of the buffer used to print a single line on the chosen logging facility of OpenSIPS. If the buffer is too small, an overflow error will be printed, and the concerned line will be skipped.

Usage example:

    xlog_buf_size = 8388608 #given in bytes

2.92 xlog_force_color

Default value: false


Only relevant when xlog is set to true. Enables the use of the color escape sequences, otherwise they will have no effect.

Usage example:

    xlog_force_color = true

2.93 xlog_default_level

Default value: -1


Default value for the logging level of the xlog core function, when the log_level parameter is omitted.

Usage example:

    xlog_default_level = 2 #L_NOTICE

↑ Contents


Page last modified on March 06, 2019, at 01:32 PM