Hi Henning, Yeah TLS offloading is then not an plus but the benefits from DDOS prevention and clear transport headers should compensate that.
Henning Westerholt <h...@gilawa.com> schrieb am Mi., 16. Aug. 2023, 10:09: > Hi Karsten, > > > > interesting scenario, thanks. Regarding TLS off-loading its of course less > useful then. > > > > Cheers, > > > > Henning > > > > -- > > Henning Westerholt β https://skalatan.de/blog/ > > Kamailio services β https://gilawa.com > > > > *From:* Karsten Horsmann <khorsm...@gmail.com> > *Sent:* Dienstag, 15. August 2023 20:24 > *To:* Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org> > *Subject:* [SR-Users] Re: Kamailio behind TLS-TCP load balancer > > > > Hi, > > > > an benefit from using the AWS loadbalancer is the included DDOS > prevention. Jonas Swiatek gave that as tipp to me. > > > > He simple setup self-signed certs on the Kamailio behind the NLB > loadbalancer. > > So it's > > > > Internet -> TLS NLB/AWS loadbalancer -> TLS self-signed Kamailio. > > > > Should solve your problems. > > > > Kind regards > > Karsten Horsmann > > Henning Westerholt <h...@gilawa.com> schrieb am Sa., 12. Aug. 2023, 11:09: > > Hello David, > > > > the simplest way is of course to just not use the AWS load-balancer. π > Do you have performance concerns using Kamailio for that purpose? > > > > As you probably know, SIP as a protocol is not really suited for this kind > of cloud balancing infrastructure, which targets more HTTP and other > protocols. And Kamailio in a load-balancer scenario is usually the first > TLS/TCP/UDP endpoint to reach from the client point of view. > > > > Cheers, > > > > Henning > > > > -- > > Henning Westerholt β https://skalatan.de/blog/ > > Kamailio services β https://gilawa.com > > > > *From:* David Villasmil <david.villasmil.w...@gmail.com> > *Sent:* Samstag, 12. August 2023 02:55 > *To:* Kamailio (SER) - Users Mailing List <sr-users@lists.kamailio.org> > *Subject:* [SR-Users] Kamailio behind TLS-TCP load balancer > > > > Hello all, > > > > Iβm having lots of problems when trying to configure Kamailio behind an > AWS tls load balancer to offload tls and receive on tcp on Kamailio. > Everything else inside is UDP. > > I found I need to manually add record-route presets every time and invite > comes in. And when trying to forward an ACK to the client via tls/tcp load > balancer Kamailio complaint the socket is not TLS so it fails. > > > > Is there a simpler way of doing this via some parameters I donβt know? > > > > Thanks for helping me with this! > > > > David > > -- > > Regards, > > > > David Villasmil > > email: david.villasmil.w...@gmail.com > > phone: +34669448337 > > __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to sr-users-le...@lists.kamailio.org > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: > >
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to sr-users-le...@lists.kamailio.org Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
