[SR-Users] Re: Kamailio behind TLS-TCP load balancer

2023-08-17 Thread David Villasmil 
DDOS, better Load balancer resiliency, easier to manager, there’s lots of
benefits.

On Thu, 17 Aug 2023 at 09:55, Karsten Horsmann  wrote:

> Hi Henning,
>
> Yeah TLS offloading is then not an plus but the benefits from DDOS
> prevention and clear transport headers should compensate that.
>
>
> Henning Westerholt  schrieb am Mi., 16. Aug. 2023, 10:09:
>
>> Hi Karsten,
>>
>>
>>
>> interesting scenario, thanks. Regarding TLS off-loading its of course
>> less useful then.
>>
>>
>>
>> Cheers,
>>
>>
>>
>> Henning
>>
>>
>>
>> --
>>
>> Henning Westerholt – https://skalatan.de/blog/
>>
>> Kamailio services – https://gilawa.com
>>
>>
>>
>> *From:* Karsten Horsmann 
>> *Sent:* Dienstag, 15. August 2023 20:24
>> *To:* Kamailio (SER) - Users Mailing List 
>> *Subject:* [SR-Users] Re: Kamailio behind TLS-TCP load balancer
>>
>>
>>
>> Hi,
>>
>>
>>
>> an benefit from using the AWS loadbalancer is the included DDOS
>> prevention. Jonas Swiatek gave that as tipp to me.
>>
>>
>>
>> He simple setup self-signed certs on the Kamailio behind the NLB
>> loadbalancer.
>>
>> So it's
>>
>>
>>
>> Internet -> TLS NLB/AWS loadbalancer -> TLS self-signed Kamailio.
>>
>>
>>
>> Should solve your problems.
>>
>>
>>
>> Kind regards
>>
>> Karsten Horsmann
>>
>> Henning Westerholt  schrieb am Sa., 12. Aug. 2023, 11:09:
>>
>> Hello David,
>>
>>
>>
>> the simplest way is of course to just not use the AWS load-balancer. 
>> Do you have performance concerns using Kamailio for that purpose?
>>
>>
>>
>> As you probably know, SIP as a protocol is not really suited for this
>> kind of cloud balancing infrastructure, which targets more HTTP and other
>> protocols. And Kamailio in a load-balancer scenario is usually the first
>> TLS/TCP/UDP endpoint to reach from the client point of view.
>>
>>
>>
>> Cheers,
>>
>>
>>
>> Henning
>>
>>
>>
>> --
>>
>> Henning Westerholt – https://skalatan.de/blog/
>>
>> Kamailio services – https://gilawa.com
>>
>>
>>
>> *From:* David Villasmil 
>> *Sent:* Samstag, 12. August 2023 02:55
>> *To:* Kamailio (SER) - Users Mailing List 
>> *Subject:* [SR-Users] Kamailio behind TLS-TCP load balancer
>>
>>
>>
>> Hello all,
>>
>>
>>
>> I’m having lots of problems when trying to configure Kamailio behind an
>> AWS tls load balancer to offload tls and receive on tcp on Kamailio.
>> Everything else inside is UDP.
>>
>> I found I need to manually add record-route presets every time and invite
>> comes in. And when trying to forward an ACK to the client via tls/tcp load
>> balancer Kamailio complaint the socket is not TLS so it fails.
>>
>>
>>
>> Is there a simpler way of doing this via some parameters I don’t know?
>>
>>
>>
>> Thanks for helping me with this!
>>
>>
>>
>> David
>>
>> --
>>
>> Regards,
>>
>>
>>
>> David Villasmil
>>
>> email: david.villasmil.w...@gmail.com
>>
>> phone: +34669448337
>>
>> __
>> Kamailio - Users Mailing List - Non Commercial Discussions
>> To unsubscribe send an email to sr-users-le...@lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>>
>> __
> Kamailio - Users Mailing List - Non Commercial Discussions
> To unsubscribe send an email to sr-users-le...@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>
-- 
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:

[SR-Users] Re: Kamailio behind TLS-TCP load balancer

2023-08-17 Thread Karsten Horsmann 
Hi Henning,

Yeah TLS offloading is then not an plus but the benefits from DDOS
prevention and clear transport headers should compensate that.


Henning Westerholt  schrieb am Mi., 16. Aug. 2023, 10:09:

> Hi Karsten,
>
>
>
> interesting scenario, thanks. Regarding TLS off-loading its of course less
> useful then.
>
>
>
> Cheers,
>
>
>
> Henning
>
>
>
> --
>
> Henning Westerholt – https://skalatan.de/blog/
>
> Kamailio services – https://gilawa.com
>
>
>
> *From:* Karsten Horsmann 
> *Sent:* Dienstag, 15. August 2023 20:24
> *To:* Kamailio (SER) - Users Mailing List 
> *Subject:* [SR-Users] Re: Kamailio behind TLS-TCP load balancer
>
>
>
> Hi,
>
>
>
> an benefit from using the AWS loadbalancer is the included DDOS
> prevention. Jonas Swiatek gave that as tipp to me.
>
>
>
> He simple setup self-signed certs on the Kamailio behind the NLB
> loadbalancer.
>
> So it's
>
>
>
> Internet -> TLS NLB/AWS loadbalancer -> TLS self-signed Kamailio.
>
>
>
> Should solve your problems.
>
>
>
> Kind regards
>
> Karsten Horsmann
>
> Henning Westerholt  schrieb am Sa., 12. Aug. 2023, 11:09:
>
> Hello David,
>
>
>
> the simplest way is of course to just not use the AWS load-balancer. 
> Do you have performance concerns using Kamailio for that purpose?
>
>
>
> As you probably know, SIP as a protocol is not really suited for this kind
> of cloud balancing infrastructure, which targets more HTTP and other
> protocols. And Kamailio in a load-balancer scenario is usually the first
> TLS/TCP/UDP endpoint to reach from the client point of view.
>
>
>
> Cheers,
>
>
>
> Henning
>
>
>
> --
>
> Henning Westerholt – https://skalatan.de/blog/
>
> Kamailio services – https://gilawa.com
>
>
>
> *From:* David Villasmil 
> *Sent:* Samstag, 12. August 2023 02:55
> *To:* Kamailio (SER) - Users Mailing List 
> *Subject:* [SR-Users] Kamailio behind TLS-TCP load balancer
>
>
>
> Hello all,
>
>
>
> I’m having lots of problems when trying to configure Kamailio behind an
> AWS tls load balancer to offload tls and receive on tcp on Kamailio.
> Everything else inside is UDP.
>
> I found I need to manually add record-route presets every time and invite
> comes in. And when trying to forward an ACK to the client via tls/tcp load
> balancer Kamailio complaint the socket is not TLS so it fails.
>
>
>
> Is there a simpler way of doing this via some parameters I don’t know?
>
>
>
> Thanks for helping me with this!
>
>
>
> David
>
> --
>
> Regards,
>
>
>
> David Villasmil
>
> email: david.villasmil.w...@gmail.com
>
> phone: +34669448337
>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
> To unsubscribe send an email to sr-users-le...@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>
>
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:

[SR-Users] Re: Kamailio behind TLS-TCP load balancer

2023-08-16 Thread David Villasmil 
True, but one gets a lot of benefits from being behind AWS’ load balancer.

On Wed, 16 Aug 2023 at 11:00, Henning Westerholt  wrote:

> Hi Karsten,
>
>
>
> interesting scenario, thanks. Regarding TLS off-loading its of course less
> useful then.
>
>
>
> Cheers,
>
>
>
> Henning
>
>
>
> --
>
> Henning Westerholt – https://skalatan.de/blog/
>
> Kamailio services – https://gilawa.com
>
>
>
> *From:* Karsten Horsmann 
> *Sent:* Dienstag, 15. August 2023 20:24
> *To:* Kamailio (SER) - Users Mailing List 
> *Subject:* [SR-Users] Re: Kamailio behind TLS-TCP load balancer
>
>
>
> Hi,
>
>
>
> an benefit from using the AWS loadbalancer is the included DDOS
> prevention. Jonas Swiatek gave that as tipp to me.
>
>
>
> He simple setup self-signed certs on the Kamailio behind the NLB
> loadbalancer.
>
> So it's
>
>
>
> Internet -> TLS NLB/AWS loadbalancer -> TLS self-signed Kamailio.
>
>
>
> Should solve your problems.
>
>
>
> Kind regards
>
> Karsten Horsmann
>
> Henning Westerholt  schrieb am Sa., 12. Aug. 2023, 11:09:
>
> Hello David,
>
>
>
> the simplest way is of course to just not use the AWS load-balancer. 
> Do you have performance concerns using Kamailio for that purpose?
>
>
>
> As you probably know, SIP as a protocol is not really suited for this kind
> of cloud balancing infrastructure, which targets more HTTP and other
> protocols. And Kamailio in a load-balancer scenario is usually the first
> TLS/TCP/UDP endpoint to reach from the client point of view.
>
>
>
> Cheers,
>
>
>
> Henning
>
>
>
> --
>
> Henning Westerholt – https://skalatan.de/blog/
>
> Kamailio services – https://gilawa.com
>
>
>
> *From:* David Villasmil 
> *Sent:* Samstag, 12. August 2023 02:55
> *To:* Kamailio (SER) - Users Mailing List 
> *Subject:* [SR-Users] Kamailio behind TLS-TCP load balancer
>
>
>
> Hello all,
>
>
>
> I’m having lots of problems when trying to configure Kamailio behind an
> AWS tls load balancer to offload tls and receive on tcp on Kamailio.
> Everything else inside is UDP.
>
> I found I need to manually add record-route presets every time and invite
> comes in. And when trying to forward an ACK to the client via tls/tcp load
> balancer Kamailio complaint the socket is not TLS so it fails.
>
>
>
> Is there a simpler way of doing this via some parameters I don’t know?
>
>
>
> Thanks for helping me with this!
>
>
>
> David
>
> --
>
> Regards,
>
>
>
> David Villasmil
>
> email: david.villasmil.w...@gmail.com
>
> phone: +34669448337
>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
> To unsubscribe send an email to sr-users-le...@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
> To unsubscribe send an email to sr-users-le...@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>
-- 
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:

[SR-Users] Re: Kamailio behind TLS-TCP load balancer

2023-08-16 Thread Henning Westerholt 
Hi Karsten,

interesting scenario, thanks. Regarding TLS off-loading its of course less 
useful then.

Cheers,

Henning

--
Henning Westerholt – https://skalatan.de/blog/
Kamailio services – https://gilawa.com<https://gilawa.com/>

From: Karsten Horsmann 
Sent: Dienstag, 15. August 2023 20:24
To: Kamailio (SER) - Users Mailing List 
Subject: [SR-Users] Re: Kamailio behind TLS-TCP load balancer

Hi,

an benefit from using the AWS loadbalancer is the included DDOS prevention. 
Jonas Swiatek gave that as tipp to me.

He simple setup self-signed certs on the Kamailio behind the NLB loadbalancer.
So it's

Internet -> TLS NLB/AWS loadbalancer -> TLS self-signed Kamailio.

Should solve your problems.

Kind regards
Karsten Horsmann
Henning Westerholt mailto:h...@gilawa.com>> schrieb am Sa., 
12. Aug. 2023, 11:09:
Hello David,

the simplest way is of course to just not use the AWS load-balancer.  Do you 
have performance concerns using Kamailio for that purpose?

As you probably know, SIP as a protocol is not really suited for this kind of 
cloud balancing infrastructure, which targets more HTTP and other protocols. 
And Kamailio in a load-balancer scenario is usually the first TLS/TCP/UDP 
endpoint to reach from the client point of view.

Cheers,

Henning

--
Henning Westerholt – https://skalatan.de/blog/
Kamailio services – https://gilawa.com<https://gilawa.com/>

From: David Villasmil 
mailto:david.villasmil.w...@gmail.com>>
Sent: Samstag, 12. August 2023 02:55
To: Kamailio (SER) - Users Mailing List 
mailto:sr-users@lists.kamailio.org>>
Subject: [SR-Users] Kamailio behind TLS-TCP load balancer

Hello all,

I’m having lots of problems when trying to configure Kamailio behind an AWS tls 
load balancer to offload tls and receive on tcp on Kamailio. Everything else 
inside is UDP.
I found I need to manually add record-route presets every time and invite comes 
in. And when trying to forward an ACK to the client via tls/tcp load balancer 
Kamailio complaint the socket is not TLS so it fails.

Is there a simpler way of doing this via some parameters I don’t know?

Thanks for helping me with this!

David
--
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com<mailto:david.villasmil.w...@gmail.com>
phone: +34669448337
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to 
sr-users-le...@lists.kamailio.org<mailto:sr-users-le...@lists.kamailio.org>
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:

[SR-Users] Re: Kamailio behind TLS-TCP load balancer

2023-08-15 Thread David Villasmil 
Oh you mean public cert on the TLS public side and a self signed cert on
the inside? Meaning Kamailio would still be serving a n TLS? Record-route
problem… that’s cool. I’ll try that.
Thanks!

On Tue, 15 Aug 2023 at 20:49, Karsten Horsmann  wrote:

> Hi,
>
> an benefit from using the AWS loadbalancer is the included DDOS
> prevention. Jonas Swiatek gave that as tipp to me.
>
> He simple setup self-signed certs on the Kamailio behind the NLB
> loadbalancer.
> So it's
>
> Internet -> TLS NLB/AWS loadbalancer -> TLS self-signed Kamailio.
>
> Should solve your problems.
>
> Kind regards
> Karsten Horsmann
>
> Henning Westerholt  schrieb am Sa., 12. Aug. 2023, 11:09:
>
>> Hello David,
>>
>>
>>
>> the simplest way is of course to just not use the AWS load-balancer. 
>> Do you have performance concerns using Kamailio for that purpose?
>>
>>
>>
>> As you probably know, SIP as a protocol is not really suited for this
>> kind of cloud balancing infrastructure, which targets more HTTP and other
>> protocols. And Kamailio in a load-balancer scenario is usually the first
>> TLS/TCP/UDP endpoint to reach from the client point of view.
>>
>>
>>
>> Cheers,
>>
>>
>>
>> Henning
>>
>>
>>
>> --
>>
>> Henning Westerholt – https://skalatan.de/blog/
>>
>> Kamailio services – https://gilawa.com
>>
>>
>>
>> *From:* David Villasmil 
>> *Sent:* Samstag, 12. August 2023 02:55
>> *To:* Kamailio (SER) - Users Mailing List 
>> *Subject:* [SR-Users] Kamailio behind TLS-TCP load balancer
>>
>>
>>
>> Hello all,
>>
>>
>>
>> I’m having lots of problems when trying to configure Kamailio behind an
>> AWS tls load balancer to offload tls and receive on tcp on Kamailio.
>> Everything else inside is UDP.
>>
>> I found I need to manually add record-route presets every time and invite
>> comes in. And when trying to forward an ACK to the client via tls/tcp load
>> balancer Kamailio complaint the socket is not TLS so it fails.
>>
>>
>>
>> Is there a simpler way of doing this via some parameters I don’t know?
>>
>>
>>
>> Thanks for helping me with this!
>>
>>
>>
>> David
>>
>> --
>>
>> Regards,
>>
>>
>>
>> David Villasmil
>>
>> email: david.villasmil.w...@gmail.com
>>
>> phone: +34669448337
>>
> __
>
>
>> Kamailio - Users Mailing List - Non Commercial Discussions
>> To unsubscribe send an email to sr-users-le...@lists.kamailio.org
>> Important: keep the mailing list in the recipients, do not reply only to
>> the sender!
>> Edit mailing list options or unsubscribe:
>>
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
> To unsubscribe send an email to sr-users-le...@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>
-- 
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:

[SR-Users] Re: Kamailio behind TLS-TCP load balancer

2023-08-15 Thread Karsten Horsmann 
Hi,

an benefit from using the AWS loadbalancer is the included DDOS prevention.
Jonas Swiatek gave that as tipp to me.

He simple setup self-signed certs on the Kamailio behind the NLB
loadbalancer.
So it's

Internet -> TLS NLB/AWS loadbalancer -> TLS self-signed Kamailio.

Should solve your problems.

Kind regards
Karsten Horsmann

Henning Westerholt  schrieb am Sa., 12. Aug. 2023, 11:09:

> Hello David,
>
>
>
> the simplest way is of course to just not use the AWS load-balancer. 
> Do you have performance concerns using Kamailio for that purpose?
>
>
>
> As you probably know, SIP as a protocol is not really suited for this kind
> of cloud balancing infrastructure, which targets more HTTP and other
> protocols. And Kamailio in a load-balancer scenario is usually the first
> TLS/TCP/UDP endpoint to reach from the client point of view.
>
>
>
> Cheers,
>
>
>
> Henning
>
>
>
> --
>
> Henning Westerholt – https://skalatan.de/blog/
>
> Kamailio services – https://gilawa.com
>
>
>
> *From:* David Villasmil 
> *Sent:* Samstag, 12. August 2023 02:55
> *To:* Kamailio (SER) - Users Mailing List 
> *Subject:* [SR-Users] Kamailio behind TLS-TCP load balancer
>
>
>
> Hello all,
>
>
>
> I’m having lots of problems when trying to configure Kamailio behind an
> AWS tls load balancer to offload tls and receive on tcp on Kamailio.
> Everything else inside is UDP.
>
> I found I need to manually add record-route presets every time and invite
> comes in. And when trying to forward an ACK to the client via tls/tcp load
> balancer Kamailio complaint the socket is not TLS so it fails.
>
>
>
> Is there a simpler way of doing this via some parameters I don’t know?
>
>
>
> Thanks for helping me with this!
>
>
>
> David
>
> --
>
> Regards,
>
>
>
> David Villasmil
>
> email: david.villasmil.w...@gmail.com
>
> phone: +34669448337
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
> To unsubscribe send an email to sr-users-le...@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:

[SR-Users] Re: Kamailio behind TLS-TCP load balancer

2023-08-12 Thread Richard Chan 
On Sat, 12 Aug 2023, 09:19 David Villasmil,

> I found I need to manually add record-route presets every time and invite
> comes in. And when trying to forward an ACK to the client via tls/tcp load
> balancer Kamailio complaint the socket is not TLS so it fails.
>

Have you tried forcing TCP with t_relay_to_tcp?
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:

[SR-Users] Re: Kamailio behind TLS-TCP load balancer

2023-08-12 Thread Sergey Safarov 
Are you want use AWS load balancer for TLS offload?
Is used Network Load-balncer (NLB)?
Are you have enabled HAproxy protocol on the NLB?
Is TCP + HA proxy works stable for you?

Sergey

On Sat, Aug 12, 2023 at 4:19 AM David Villasmil <
david.villasmil.w...@gmail.com> wrote:

> Hello all,
>
> I’m having lots of problems when trying to configure Kamailio behind an
> AWS tls load balancer to offload tls and receive on tcp on Kamailio.
> Everything else inside is UDP.
> I found I need to manually add record-route presets every time and invite
> comes in. And when trying to forward an ACK to the client via tls/tcp load
> balancer Kamailio complaint the socket is not TLS so it fails.
>
> Is there a simpler way of doing this via some parameters I don’t know?
>
> Thanks for helping me with this!
>
> David
> --
> Regards,
>
> David Villasmil
> email: david.villasmil.w...@gmail.com
> phone: +34669448337
> __
> Kamailio - Users Mailing List - Non Commercial Discussions
> To unsubscribe send an email to sr-users-le...@lists.kamailio.org
> Important: keep the mailing list in the recipients, do not reply only to
> the sender!
> Edit mailing list options or unsubscribe:
>
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe:

[SR-Users] Re: Kamailio behind TLS-TCP load balancer

2023-08-12 Thread Henning Westerholt 
Hello David,

the simplest way is of course to just not use the AWS load-balancer.  Do you 
have performance concerns using Kamailio for that purpose?

As you probably know, SIP as a protocol is not really suited for this kind of 
cloud balancing infrastructure, which targets more HTTP and other protocols. 
And Kamailio in a load-balancer scenario is usually the first TLS/TCP/UDP 
endpoint to reach from the client point of view.

Cheers,

Henning

--
Henning Westerholt – https://skalatan.de/blog/
Kamailio services – https://gilawa.com

From: David Villasmil 
Sent: Samstag, 12. August 2023 02:55
To: Kamailio (SER) - Users Mailing List 
Subject: [SR-Users] Kamailio behind TLS-TCP load balancer

Hello all,

I’m having lots of problems when trying to configure Kamailio behind an AWS tls 
load balancer to offload tls and receive on tcp on Kamailio. Everything else 
inside is UDP.
I found I need to manually add record-route presets every time and invite comes 
in. And when trying to forward an ACK to the client via tls/tcp load balancer 
Kamailio complaint the socket is not TLS so it fails.

Is there a simpler way of doing this via some parameters I don’t know?

Thanks for helping me with this!

David
--
Regards,

David Villasmil
email: david.villasmil.w...@gmail.com
phone: +34669448337
__
Kamailio - Users Mailing List - Non Commercial Discussions
To unsubscribe send an email to sr-users-le...@lists.kamailio.org
Important: keep the mailing list in the recipients, do not reply only to the 
sender!
Edit mailing list options or unsubscribe: