[asterisk-dev] Asterisk 1.4.20-rc1 Now Available

Nic Bellamy nicb-lists at vadacom.co.nz
Fri May 2 20:36:32 CDT 2008

Russell Bryant wrote:
> Steve Davies wrote:
>> Does this mean that the security fix in 1.2.28 suffers from the same
>> performance issues and needs a similar fix? The use of the word
>> "Critical" would suggest that if it exists in 1.2.x it needs fixing.
>> Or perhaps 1.4 got an "enhanced" version of the security fix?
> That's a good point ... hrm!
> The security fix really kills performance of chan_iax2 in such a way that it
> pretty much makes it unusable under any reasonable load.  Backporting this fix
> is certainly possible, but it is pretty invasive to do to 1.2.  It means
> backporting astobj2 to Asterisk 1.2.
I've actually been meaning to drop a note to the list about this - our 
main system here at work has about 100 always-up IAX2 trunks to various 
other locations, and performance dropped so severely after updating from to 1.2.28 that, security fix or not, I had to roll it back.

There were also occasions during the few days that I tried this that the 
system ended up in what I'd call a "VNAK storm" (about 500 packets per 
second) - I'm guessing this part is due to the performance drop causing 
too many retransmissions.

So, although in general I'm against such invasive changes in a stable 
branch, I think this is a case where we'll just have to bite the bullet. 
I vote yes on proposition astobj2 ;-)


Nic Bellamy,
Head Of Engineering, Vadacom Ltd - http://www.vadacom.co.nz/

More information about the asterisk-dev mailing list