[asterisk-dev] Asterisk 1.4.20-rc1 Now Available
Nic Bellamy
nicb-lists at vadacom.co.nz
Fri May 2 20:36:32 CDT 2008
Russell Bryant wrote:
> Steve Davies wrote:
>
>> Does this mean that the security fix in 1.2.28 suffers from the same
>> performance issues and needs a similar fix? The use of the word
>> "Critical" would suggest that if it exists in 1.2.x it needs fixing.
>> Or perhaps 1.4 got an "enhanced" version of the security fix?
>>
>
> That's a good point ... hrm!
>
> The security fix really kills performance of chan_iax2 in such a way that it
> pretty much makes it unusable under any reasonable load. Backporting this fix
> is certainly possible, but it is pretty invasive to do to 1.2. It means
> backporting astobj2 to Asterisk 1.2.
>
I've actually been meaning to drop a note to the list about this - our
main system here at work has about 100 always-up IAX2 trunks to various
other locations, and performance dropped so severely after updating from
1.2.26.2 to 1.2.28 that, security fix or not, I had to roll it back.
There were also occasions during the few days that I tried this that the
system ended up in what I'd call a "VNAK storm" (about 500 packets per
second) - I'm guessing this part is due to the performance drop causing
too many retransmissions.
So, although in general I'm against such invasive changes in a stable
branch, I think this is a case where we'll just have to bite the bullet.
I vote yes on proposition astobj2 ;-)
Cheers,
Nic.
--
Nic Bellamy,
Head Of Engineering, Vadacom Ltd - http://www.vadacom.co.nz/
More information about the asterisk-dev
mailing list