[Asterisk-Users] Broadvoice asterisk patch

Steven Sokol ssokol at sokol-associates.com
Wed Nov 10 15:08:21 MST 2004


I can confirm that the patch is legit.  Olle wrote it up last week and 
we have been testing the patch for several days.  I have installed it on 
all of my Asterisk boxes and it appears to do no harm.

The patch is necessary because (I think I have this correct -- forgive 
me if I scramble any of the details) the Asterisk SIP channel was not 
caching the MD5 result of the original authentication dialog, and was 
instead forcing the BroadVoice system to perform the complete 
authentication sequence every 16 seconds for every Asterisk system 
connected.  Apparently this causes a huge drain on their application 
servers. 

If I understand the issue correctly, their SBCs (session border 
controllers) cache the auth for up to 20 seconds.  If you re-register on 
schedule (within 16) the system accepts and extends your registration.  
If it falls outside of the window, or if you send a plain-text REGISTER, 
it forces a complete authentication cycle.

This apparently applies to users running Asterisk boxes behind NATs more 
than to those with Asterisk on public addresses.  The frequent 
registration is used to hold the NAT hole open.

Thanks,

Steve

Ryan Wilkins wrote:

> I was just about to ask a similar question having just received the 
> message.
>
> I'm more concerned about someone trying to spread a virus or something 
> like that.  You have to admit that the URGENT, INSTALL THIS message 
> with an attachment pretty much screams virus, even if its not.
>
> I tried calling Broadvoice support but they want me to leave a message 
> for them to call me later.  Can anyone comment on the validity of this 
> message?
>
> thanks,
> Ryan Wilkins
>
> On Nov 10, 2004, at 2:54 PM, brian at fcu.com wrote:
>
>> Just received this from broadvoice, anyone know if this patch will
>> become part of the CVS tree?
>
>
> _______________________________________________
> Asterisk-Users mailing list
> Asterisk-Users at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-users
> To UNSUBSCRIBE or update options visit:
>   http://lists.digium.com/mailman/listinfo/asterisk-users

-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssokol.vcf
Type: text/x-vcard
Size: 188 bytes
Desc: not available
Url : http://lists.digium.com/pipermail/asterisk-users/attachments/20041110/54a18bc5/ssokol.vcf


More information about the asterisk-users mailing list