Hello Schneur,
1) If REGISTER request replication properly works (same messages
received on both sides), then the backup should not delete contacts like
you are mentioning.
2) Yes, it will. You can disable this behaviour with
"skip_replicated_db_ops" [1]
3) Any specific ERRORs in the logfile? Please open a GitHub ticket for
any obvious issues [2]
4) Only integrity checking. But that can be bypassed by a potential
attacker. Immediate solutions are the use of private interfaces and/or
iptables rules.
5) Yes, replication is only to be used with floating IPs. Regarding the
distributed redundant setup, a big discussion was started in 2013, yet
did not really come to a final conclusion [3]
[1]:
http://www.opensips.org/html/docs/modules/2.1.x/usrloc.html#skip_replicated_db_ops
[2]: https://github.com/OpenSIPS/opensips/issues
[3]: http://opensips.org/pipermail/users/2013-April/025204.html
Best regards,
Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com
On 18.02.2015 12:19, Schneur Rosenberg wrote:
I have a question regarding binary replication, I was using OpenSIPS
1.7 until now, my backup was passive, because when they were all up at
the same time, the usrloc timer from the backup kept on removing users
from the database, even though I'm using mode 2, I still rely on the
DB for some actions, I recently watched Vlad Paiu video presentation
on Binary Interface replication and he says that he advises to leave
the backup open too, so I built 2 test servers with OpenSIPS 1.11 and
I have a few questions.
1) will this solve the issue of the usrloc timer deleting records?
2) will it also update the backups database if I use mode 2? this way
I dont need to replicate the db's, i will have 2 separate db's and
have each server update its own db, if it does this will also solve
problem 1.
3) I tested the bin replication, when doing a ngrep I see the packet
coming in on the backup when a new user registers, but when doing a
"opensipsctl ul show" it only shows the contact line and nothing else
and it disappears completely after a few moments and it does not
update the db.
4) Does it have a built in security mechanism besides manually doing
it with iptables?
5) It seems like this is mainly used with a floating ip, I have
servers on the same network using floating ip, I also have servers on
different networks using failover dns, how will it affect my
redundancy, I assume the backup server wont be able to reach the
client before the client does a new DNS lookup and re registers,
because the clients NAT wont allow it through, is that correct? and is
there a solution for that?
thanks in advance
S. Rosenberg
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users
_______________________________________________
Users mailing list
Users@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/users