[asterisk-users] tired of "midget packet received" warnings

Tim Panton thp at westhawk.co.uk
Fri Nov 7 09:28:12 CST 2008


On 7 Nov 2008, at 09:57, Louis-David Mitterrand wrote:

> On Fri, Nov 07, 2008 at 09:29:20AM +0000, Tim Panton wrote:
>>>>
>>>> Your monitoring app is not sending valid IAX2 packets to the
>>>> server. If
>>>> it was sending a true IAX2 POKE, it would be a valid packet and
>>>> wouldn't
>>>> generate this warning.
>>>
>>> Could asterisk at least _not_ report this harmless, below-warning
>>> event
>>> when using a zero-verbose (asterisk -r) level? That would be nice  
>>> and
>>> logical.
>>
>> I'd take this warning seriously. It means that your monitoring app  
>> isn't
>> monitoring what you think it is.
>
> Granted, the monitoring app is simple minded: it only checks if a port
> is open. In that respect is does a hell of a good job: I hear a  
> beeping
> alarm as soon as an asterisk instance goes south.

Yep, but it won't tell you that the single IAX thread is blocked in a
database access, so asterisk is ignoring your packets, it just hasn't  
closed
the port.

>
>
> So what you are saying is that all monitoring apps should speak native
> iax, else they are bad? Simply checking if a port is open means it's
> "misconfigured" or badly written? I wouldn't go so far. Small generic
> port-monitoring apps should be allowed to check on asterisk without
> raising such spurious warnings. You know what happens when crying wolf
> to often, no one listens after a while. A "midget packet" is not
> corrupted, I do have a stateful firewall (fiaif) to intercept those.

Kinda, certainly I'd be inclined to write a little plug-in that sends a
valid POKE packet. Tell me what your monitor supports and
I'll help you craft a valid packet.

>
>
> <rant>
> AFAIK the onus is on asterisk to adapat: I've suffered too long of the
> infamous iax2 port-clogging bug that would and render a server
> 'unreachable' for no good reason. So much so that I went off iax2
> entirely and use SIP exclusively for inter-asterisk communication. So
> much for the muched touted "new and advanced" pbx communication  
> protocol
> the iax2 was sold for! This deal-breaker bug went unfixed for years
> until recently, despite numerous asterisk users reporting iax2  
> anomalies
> month after month. A I bitter? yes. Do I trust Digium folks to know
> their stuff about what is "correct" or not in networking protocols?  
> I'll
> let you guess the answer.
> </rant>

Yeah, that one took _way_ too long to fix, I think the problem
was that IAX was undocumented so not many people could fix it,
that and the fact that it required a major re-code to get chan_iax2
multithreaded.

Ed Guy et al have done loads of work on the RFC, to the point
where it is actually possible to implement IAX without looking at
the asterisk code :-) so the situation is better now.

>
>
>> I always want to know when I get malformed protocol packets in. It is
>> always bad news, mostly either a misconfiguration (your case), an
>> attack,
>> (ie my firewall is not protecting this service) or a sign of a switch
>> port going bad.
>>
>> Fix the cause not the symptom.

'fraid I stand by that bit....

Tim.




More information about the asterisk-users mailing list