Hi Largo,
the replicated REGISTER should not be authenticated by the other server
as the request was already authenticate by it. You should do something
like this:
if (src==other server) {
save();
} else {
do auth
save()
replicate()
}
regards,
Bogdan
Largo wrote:
Hi Bogdan,
I got a problem regarding the t_replicate function.
I got an openser server working as a loadbalancer with (DISPATCHER);
let´s call it OPENSER-0.
He is dispatching to 2 openser servers ; let s call them OPENSER-1 and
OPENSER-2.
Everything works fine, but if one analyses the packets and the error
logs closely, we observed the following:
- Every day there is only one of the servers who is correctly woking ,
the second one sends always a "404 Not Found".
- There are problems by replicating: OPENSER-1 as example, receives a
"401 Unauthorized" back from the OPENSER-2
- And in the syslog files , I see this:
/Jul 14 13:58:56 OPENSER-2 /usr/local/sbin/openser[30005]: PG[224]
str2valp got string f3415bc4b2e66989142d134d0d33be91
Jul 14 13:58:56 OPENSER-2 /usr/local/sbin/openser[30005]: PG[224]
str2valp got string Jul 14 13:58:56 OPENSER-2
/usr/local/sbin/openser[30005]: SRC not 23: Replicating...
/
- Here are scarps from the openser.cfg Files of the 3 servers (only
important configs)
--------------------------------------------------------
#OPENSER-0 (DISPATCHER)
listen=192.168.1.21
alias="openser_0.XXX.com"
...
route{
# log all incomming requests
xlog("L_INFO", "RECV: <$rm> signal from ip <$si> r-uri <$ru>
from <$fu> to <$tu> contact <$ct>\n");
if (!mf_process_maxfwd_header("10")) {
sl_send_reply("483","Too Many Hops");
exit;
};
if (msg:len >= 2048 ) {
sl_send_reply("513", "Message too big");
exit;
};
ds_select_dst("2", "0");
forward(uri:host, uri:port);
}
--------------------------------------------------------
--------------------------------------------------------
#OPENSER-1
listen=0.0.0.0
alias="openser_0.XXX.com"
...
if (method=="REGISTER") {
# Uncomment this if you want to use digest
authentication
if
(!www_authorize("sip-main.kh.emindgroup.com", "subscriber")) {
www_challenge("sip-main.kh.emindgroup.com", "0");
exit;
};
if(!save("location"))
{
sl_reply_error();
}
else if( !src_ip==ip-of-openser-server-2 )
{
xlog("L_INFO", "SRC not
openser-server-4: Replicating...");
#if(t_newtran())
#{
# xlog("L_INFO", "NewTran:
Replicating...");
t_replicate("ip-of-openser-server-2",
"5060");
#}
}
else
{
xlog("L_INFO", "SRC 24: do nothing...");
}
exit;
};
--------------------------------------------------------
--------------------------------------------------------
#OPENSER-2
listen=0.0.0.0
alias="openser_0.XXX.com"
...
if (method=="REGISTER")
{
# Uncomment this if you want to use digest
authenticatio
n
if
(!www_authorize("sip-main.kh.emindgroup.com", "subscr
iber")) {
www_challenge("sip-main.kh.emindgroup.com", "0")
;
exit;
};
if(!save("location"))
{
sl_reply_error();
}
else if( !src_ip==^ )
{
xlog("L_INFO", "SRC not
openser-server-1: Replicating...");
#if(t_newtran())
#{
#xlog("L_INFO", "NewTran:
Replicating...");
t_replicate("ip-of-openser-server-1",
"5060");
#}
}
else
{
xlog("L_INFO", "SRC 23: do nothing...");
}
exit;
};
lookup("aliases");
if (!uri==myself) {
append_hf("P-hint: outbound alias\r\n");
route(1);
};
# native SIP destinations are handled using our USRLOC DB
if (!lookup("location")) {
sl_send_reply("404", "Not Found");
exit;
};
append_hf("P-hint: usrloc applied\r\n");
};
route(1);
}
--------------------------------------------------------------------------
Thanks in advance
Largo !
_______________________________________________
Users mailing list
[email protected]
http://openser.org/cgi-bin/mailman/listinfo/users
