[asterisk-dev] SIP Registration Failing randomly (analyzed)

Timo Teräs timo.teras at iki.fi
Thu Sep 30 08:45:30 CDT 2010


Hi all,

I have had for a while pretty strange SIP Registration related issue.
The client seems to randomly fail registration and the registry entry
goes to REG_STATE_NOAUTH. I'm currently using Asterisk 1.6.2.13.

Key observation was that my link seems to have random latency variation
(normally it's maybe 10ms to the SIP Server; sometimes over 100ms).

So what seems to happen is:
 1. Asterisk sends (re)REGISTER
 2. Time passes (~50-60ms), we are having more latency than normal,
retransmit triggers and Asterisk sends REGISTER again thinking the
previous was lost (on the resent packet Cseq is increased and From tag
is new too; so it's maybe new registration attempt and not resend?)
 3. Server receives 1st register and does not like reused nonce thus
challenging us again for new authorization with 401 Unauthorized
 4. Server receives 2nd register and does not like the old nonce at all
anymore: it replies with 403 Forbidden
 5. Asterisk receives 401 and after that 403. Receiving 403 makes
asterisk go the REG_STATE_NOAUTH mode for the server in registry thus
making the number not work at all, and giving up on all reregistration
attempts.

So my guestions are:
 1. Why the nonce is reused at all? The regular digest is vulnurable to
replay if nonce was accepted after reuse.
 2. Any ideas why the reregistration gets triggered after the 50-60ms
with new Cseq and From tag?
 3. Why do we not attempt anything after the 403? I remember seeing
posts on sip-implementers that it would be acceptable try after extended
period of time that.

Any more ideas how to further debug this?

Cheers,
  Timo



More information about the asterisk-dev mailing list