DDOS, better Load balancer resiliency, easier to manager, there’s lots of benefits.
On Thu, 17 Aug 2023 at 09:55, Karsten Horsmann <[email protected]> wrote: > Hi Henning, > > Yeah TLS offloading is then not an plus but the benefits from DDOS > prevention and clear transport headers should compensate that. > > > Henning Westerholt <[email protected]> schrieb am Mi., 16. Aug. 2023, 10:09: > >> Hi Karsten, >> >> >> >> interesting scenario, thanks. Regarding TLS off-loading its of course >> less useful then. >> >> >> >> Cheers, >> >> >> >> Henning >> >> >> >> -- >> >> Henning Westerholt – https://skalatan.de/blog/ >> >> Kamailio services – https://gilawa.com >> >> >> >> *From:* Karsten Horsmann <[email protected]> >> *Sent:* Dienstag, 15. August 2023 20:24 >> *To:* Kamailio (SER) - Users Mailing List <[email protected]> >> *Subject:* [SR-Users] Re: Kamailio behind TLS-TCP load balancer >> >> >> >> Hi, >> >> >> >> an benefit from using the AWS loadbalancer is the included DDOS >> prevention. Jonas Swiatek gave that as tipp to me. >> >> >> >> He simple setup self-signed certs on the Kamailio behind the NLB >> loadbalancer. >> >> So it's >> >> >> >> Internet -> TLS NLB/AWS loadbalancer -> TLS self-signed Kamailio. >> >> >> >> Should solve your problems. >> >> >> >> Kind regards >> >> Karsten Horsmann >> >> Henning Westerholt <[email protected]> schrieb am Sa., 12. Aug. 2023, 11:09: >> >> Hello David, >> >> >> >> the simplest way is of course to just not use the AWS load-balancer. 😉 >> Do you have performance concerns using Kamailio for that purpose? >> >> >> >> As you probably know, SIP as a protocol is not really suited for this >> kind of cloud balancing infrastructure, which targets more HTTP and other >> protocols. And Kamailio in a load-balancer scenario is usually the first >> TLS/TCP/UDP endpoint to reach from the client point of view. >> >> >> >> Cheers, >> >> >> >> Henning >> >> >> >> -- >> >> Henning Westerholt – https://skalatan.de/blog/ >> >> Kamailio services – https://gilawa.com >> >> >> >> *From:* David Villasmil <[email protected]> >> *Sent:* Samstag, 12. August 2023 02:55 >> *To:* Kamailio (SER) - Users Mailing List <[email protected]> >> *Subject:* [SR-Users] Kamailio behind TLS-TCP load balancer >> >> >> >> Hello all, >> >> >> >> I’m having lots of problems when trying to configure Kamailio behind an >> AWS tls load balancer to offload tls and receive on tcp on Kamailio. >> Everything else inside is UDP. >> >> I found I need to manually add record-route presets every time and invite >> comes in. And when trying to forward an ACK to the client via tls/tcp load >> balancer Kamailio complaint the socket is not TLS so it fails. >> >> >> >> Is there a simpler way of doing this via some parameters I don’t know? >> >> >> >> Thanks for helping me with this! >> >> >> >> David >> >> -- >> >> Regards, >> >> >> >> David Villasmil >> >> email: [email protected] >> >> phone: +34669448337 >> >> __________________________________________________________ >> Kamailio - Users Mailing List - Non Commercial Discussions >> To unsubscribe send an email to [email protected] >> Important: keep the mailing list in the recipients, do not reply only to >> the sender! >> Edit mailing list options or unsubscribe: >> >> __________________________________________________________ > Kamailio - Users Mailing List - Non Commercial Discussions > To unsubscribe send an email to [email protected] > Important: keep the mailing list in the recipients, do not reply only to > the sender! > Edit mailing list options or unsubscribe: > -- Regards, David Villasmil email: [email protected] phone: +34669448337
__________________________________________________________ Kamailio - Users Mailing List - Non Commercial Discussions To unsubscribe send an email to [email protected] Important: keep the mailing list in the recipients, do not reply only to the sender! Edit mailing list options or unsubscribe:
