[Users] am I doing it right?

samuel samu60 at gmail.com
Thu Jul 27 17:09:21 CEST 2006


inline...
2006/7/27, Ohad.Levy at infineon.com <Ohad.Levy at infineon.com>:
> Hi,
>
> Thanks for your reply!
>
> > -----Original Message-----
> > From: samuel [mailto:samu60 at gmail.com]
> > Sent: Thursday, July 27, 2006 9:39 AM
> > To: Levy Ohad (IFKL IT OS TI CS)
> > Cc: users at openser.org
> > Subject: Re: [Users] am I doing it right?
> >
> > Are both proxies using the same remote database???
> >
> modparam("usrloc|lcr|auth_db|avpops|group","db_url","mysql://openser:ope
> ns
> > errw at voip-db.mydomain.com/openser")
> > If this is the case, when a user agent registers again and makes a SRV
> > DNS query, it might get the address of the other server, which tries
> > to add to the database a record which will be understood as a
> > duplicate by the DB because there's already an entry for that user.
>
> Ok this brings up two questions... first is this the "right" way to do
> it, do you see a better way to implement a single database for
> registrations?
> Secondly, doesn't the client knows which server he is registered to and
> keep on using the server?
>

I recommend you to dig into the historic archives of the mailing list
for redundancy and fail over scenarios...it's a really complex topic
which I don't know enough to write it here.

>
> > The other issues about the Warning and message size has nothing to do
> > with DNS "behaviour". It means that the server tries to add a Warning
> > header, which includes information useful for debugging purpouses, but
> > when openSER checks the size of the message, it realises that the
> > message will become bigger than (MTU-200) and therefore it does not
> > add the header because it will might to fragmentation problems in UDP.
> > You can ignore this problem or disable the adition of this warning
> > header if you are not using it.
>
> Ok, does this apply for the warning_builder: buffer size exceeded
> message?
>

Yes
>
> > Hope it helps.
> Yes it does :)
>
> Thanks
>
>
> > Samuel.
> >
> >
> > 2006/7/26, Ohad.Levy at infineon.com <Ohad.Levy at infineon.com>:
> > > Hi All,
> > >
> > > I'm trying to setup a redundant environment with DNS SRV records, 2
> (or
> > > more) SIP registration servers, and Asterisk gateways.
> > > Basically I've setup both OpenSER clients to t_replicate each other
> the
> > > registration message if its coming from a client, and save it to the
> > > database or to memory when its coming from the other OpenSER server.
> > >
> > > However, every once in a while, I get message to big, and or
> duplicate
> > > messages (WARNING: warning skipped -- too big, or ERROR:
> > > warning_builder: buffer size exceeded, submit_query: Duplicate entry
> > > ,db_insert: Error while submitting query...)
> > >
> > > While it seems to work in general, I was not sure that this is the
> > > "right" way to do it.
> > >
> > > I'm attaching my openser.cfg of one of the machines; the other is
> more
> > > or less identical...
> > > Thanks
> > >
> > > # ----------- global configuration parameters
> ------------------------
> > >
> > > debug=9            # debug level (cmd line: -dddddddddd)
> > > fork=yes
> > > log_stderror=no    # (cmd line: -E)
> > >
> > > check_via=no    # (cmd. line: -v)
> > > dns=no          # (cmd. line: -r)
> > > listen=172.28.132.20
> > > rev_dns=no      # (cmd. line: -R)
> > > port=5060
> > > children=4
> > > fifo="/tmp/openser_fifo"
> > > alias="mydomain.com"
> > >
> > > # ------------------ module loading
> ----------------------------------
> > >
> > > loadmodule "/usr/local/lib/openser/modules/mysql.so"
> > > loadmodule "/usr/local/lib/openser/modules/sl.so"
> > > loadmodule "/usr/local/lib/openser/modules/tm.so"
> > > loadmodule "/usr/local/lib/openser/modules/rr.so"
> > > loadmodule "/usr/local/lib/openser/modules/maxfwd.so"
> > > loadmodule "/usr/local/lib/openser/modules/usrloc.so"
> > > loadmodule "/usr/local/lib/openser/modules/registrar.so"
> > > loadmodule "/usr/local/lib/openser/modules/textops.so"
> > > loadmodule "/usr/local/lib/openser/modules/auth.so"
> > > loadmodule "/usr/local/lib/openser/modules/auth_db.so"
> > > loadmodule "/usr/local/lib/openser/modules/lcr.so"
> > > loadmodule "/usr/local/lib/openser/modules/xlog.so"
> > >
> > > # ----------------- setting module-specific parameters
> ---------------
> > >
> > > modparam("usrloc", "db_mode", 2)
> > >
> modparam("usrloc|lcr|auth_db|avpops|group","db_url","mysql://openser:ope
> > > nserrw at voip-db.mydomain.com/openser")
> > > modparam("auth_db", "calculate_ha1", yes) modparam("auth_db",
> > > "password_column", "password")
> > >
> > > modparam("rr", "enable_full_lr", 1)
> > >
> > > # -------------------------  request routing logic
> -------------------
> > >
> > > # main routing logic
> > >
> > > route{
> > >
> > >         # initial sanity checks -- messages with
> > >         # max_forwards==0, or excessively long requests
> > >         if (!mf_process_maxfwd_header("10")) {
> > >                 sl_send_reply("483","Too Many Hops");
> > >                 exit;
> > >         };
> > >
> > >         if (msg:len >=  2048 ) {
> > >                 sl_send_reply("513", "Message too big");
> > >                 exit;
> > >         };
> > >
> > >         # we record-route all messages -- to make sure that
> > >         # subsequent messages will go through our proxy; that's
> > >         # particularly good if upstream and downstream entities
> > >         # use different transport protocol
> > >         if (!method=="REGISTER")
> > >                 record_route();
> > >
> > >         # subsequent messages withing a dialog should take the
> > >         # path determined by record-routing
> > >         if (loose_route()) {
> > >                 # mark routing logic in request
> > >                 append_hf("P-hint: rr-enforced\r\n");
> > >                 route(1);
> > >         };
> > >
> > >         if (!uri==myself) {
> > >                 route(1);
> > >         };
> > >
> > >         # Handle Request logic here
> > >         if (uri==myself) {
> > >                 if (method=="REGISTER") {
> > >                         route(2);
> > >                         exit;
> > >                 }
> > >                 lookup("aliases");
> > >                 if (!uri==myself) {
> > >                         append_hf("P-hint: outbound alias\r\n");
> > >                         route(1);
> > >                 };
> > >
> > >                 if (!load_gws()) {
> > >                         sl_send_reply("500", "Server Internal Error
> -
> > > Cannot load gateways");
> > >                         exit;
> > >                 };
> > >                 if (!next_gw()) {
> > >                         sl_send_reply("503", "Service not available,
> no
> > > gateways found");
> > >                         log (1,"No more gateways");
> > >                 } else {
> > >                         log (1,"Found a gateway");
> > >                 }
> > >                 if (!lookup("location")) {
> > >                         sl_send_reply("404", "Not Found");
> > >                         exit;
> > >                 };
> > >                 append_hf("P-hint: usrloc applied\r\n");
> > >         };
> > >         route(1);
> > > }
> > >
> > >
> > > route[1] {
> > >         # send it out now; use stateful forwarding as it works
> reliably
> > >         # even for UDP2TCP
> > >         if (!t_relay()) {
> > >                 sl_reply_error();
> > >         };
> > >         exit;
> > > }
> > >
> > > route[2] {
> > >         #handle all Registration here....
> > >                         if (search("^(Contact|m):
> > > .*@(voip.mydomain.com)")){
> > >                                log(1, "ALERT: someone trying to set
> > > aor==server address\n");
> > >                                sl_send_reply("476", "Server address
> in
> > > contacts is not allowed" );
> > >                                exit;
> > >                          };
> > >
> > >         # challenge/response
> > >         #if a registration request is coming from another ser
> server, it
> > > means that's it's already authenticated the user and wrote
> > >         #an entry in the database, so lets just write it into our
> > > memory.
> > >                         if (src_ip==172.28.132.21) {
> > >                                 save_memory("location");
> > >                                 log(1, "Registered replicated user
> from
> > > Proxy");
> > >                                 exit;
> > >                         };
> > >                 # this is a new request, lets check that the user is
> > > valid.
> > >                         if (!www_authorize("mydomain.com",
> > > "subscriber")) {
> > >                                 www_challenge("mydomain.com", "0");
> > >                                 log(1, "Authentication challenge
> issued.
> > > Waiting for reply.\n");
> > >                                 exit;
> > >                         };
> > >
> > >         # Authentication successful, add entry to our Contact
> database
> > >                         log(1, "Authentication challenge reply
> ok.\n");
> > >                         if (!save("location")) {
> > >                                 sl_reply_error();
> > >                                 log(1, "ALERT: Unable to save URI to
> > > location database.\n");
> > >                         } else {
> > >         # and replicate the request to the backup server
> > >                                 if (!src_ip==172.28.132.21) {
> > >                                      log(1, "REPLICATE: Replicating
> > > register request\n");
> > >
> > > t_replicate("sip:172.28.132.21:5060");
> > >                                 };
> > >
> > >                         };
> > > }
> > >
> > >
> > > _______________________________________________
> > > Users mailing list
> > > Users at openser.org
> > > http://openser.org/cgi-bin/mailman/listinfo/users
> > >
>




More information about the Users mailing list