[Asterisk-Users] Broadvoice asterisk patch
Sathya Weerasooriya
sathyaw at sbcglobal.net
Wed Nov 10 19:26:02 MST 2004
Steve,
My asterisk server is on public internet, since applying this patch I see my
asterisk is sending re registration requests every 14 seconds.
Nov 10 18:14:30 NOTICE[1089948224]: chan_sip.c:4023 sip_reregister: --
Re-registration for XXX2280146 at sip.broadvoice.com
Nov 10 18:14:30 NOTICE[1089948224]: chan_sip.c:6795 handle_response:
Outbound Registration: Expiry for sip.broadvoice.com is 159 sec (Scheduling
reregistration in 144000 ms)
Nov 10 18:16:54 NOTICE[1089948224]: chan_sip.c:4023 sip_reregister: --
Re-registration for XXX2280146 at sip.broadvoice.com
So it may be a good patch for * behind nat, not so good for * on the public
net ?
Cheers
Sathya
> -----Original Message-----
> From: Steven Sokol [mailto:ssokol at sokol-associates.com]
> Sent: Wednesday, November 10, 2004 2:08 PM
> To: Asterisk Users Mailing List - Non-Commercial Discussion
> Subject: Re: [Asterisk-Users] Broadvoice asterisk patch
>
>
> I can confirm that the patch is legit. Olle wrote it up last week and
> we have been testing the patch for several days. I have installed it on
> all of my Asterisk boxes and it appears to do no harm.
>
> The patch is necessary because (I think I have this correct -- forgive
> me if I scramble any of the details) the Asterisk SIP channel was not
> caching the MD5 result of the original authentication dialog, and was
> instead forcing the BroadVoice system to perform the complete
> authentication sequence every 16 seconds for every Asterisk system
> connected. Apparently this causes a huge drain on their application
> servers.
>
> If I understand the issue correctly, their SBCs (session border
> controllers) cache the auth for up to 20 seconds. If you re-register on
> schedule (within 16) the system accepts and extends your registration.
> If it falls outside of the window, or if you send a plain-text REGISTER,
> it forces a complete authentication cycle.
>
> This apparently applies to users running Asterisk boxes behind NATs more
> than to those with Asterisk on public addresses. The frequent
> registration is used to hold the NAT hole open.
>
> Thanks,
>
> Steve
>
> Ryan Wilkins wrote:
>
> > I was just about to ask a similar question having just received the
> > message.
> >
> > I'm more concerned about someone trying to spread a virus or something
> > like that. You have to admit that the URGENT, INSTALL THIS message
> > with an attachment pretty much screams virus, even if its not.
> >
> > I tried calling Broadvoice support but they want me to leave a message
> > for them to call me later. Can anyone comment on the validity of this
> > message?
> >
> > thanks,
> > Ryan Wilkins
> >
> > On Nov 10, 2004, at 2:54 PM, brian at fcu.com wrote:
> >
> >> Just received this from broadvoice, anyone know if this patch will
> >> become part of the CVS tree?
> >
> >
> > _______________________________________________
> > Asterisk-Users mailing list
> > Asterisk-Users at lists.digium.com
> > http://lists.digium.com/mailman/listinfo/asterisk-users
> > To UNSUBSCRIBE or update options visit:
> > http://lists.digium.com/mailman/listinfo/asterisk-users
>
>
More information about the asterisk-users
mailing list