extented haproxy protocol support #3731
Conversation
|
We work to clean warning |
src/core/forward.h
Outdated
| if(!dst->id) { | ||
| dst->id = con->id; | ||
| } | ||
|
|
There was a problem hiding this comment.
Any more details about why this is needed? I cannot easy relate it to the commit message.
There was a problem hiding this comment.
This change is needed for siptrace. Below in this file at the line 334 dst is passed as an argument to the SREV_NET_DATA_SENT related function call.
If the tcp connection ID is assigned to dst param then the tcp_connection search is correct and we have a proper siptrace with HAPROXY IP addresses (IP address of client and IP address of HAPROXY) , otherwise tcp connection search is based on real IP addresses (IP addresses of haproxy and IP address of kamailio) and in this case the siptrace contains not the correct IP-addresses.
src/core/msg_translator.c
Outdated
| @@ -2845,6 +2876,47 @@ int branch_builder(unsigned int hash_index, | |||
| return size; | |||
| } | |||
|
|
|||
| static int is_haproxy(struct dest_info *send_info, struct receive_info *haproxy_rcv) { | |||
There was a problem hiding this comment.
Can you add some comment to describe the purpose of the function? The name is rather generic, from C code point of view it looks like it tries to figure out if the target via via haproxy...
There was a problem hiding this comment.
The function goal is as follows:
- it retrieves the tcp_connetion_id from the
dest_infoparameter - if this TCP connection is a haproxy connection, then the
haproxy_rcvparam is filled with the corresponding haproxy data and the function returns non-zero value - otherwise if the TCP connection is not a connection to haproxy then the function returns zero value.
We will add the comments for this function in the source code.
src/core/parser/msg_parser.h
Outdated
| @@ -396,6 +396,7 @@ typedef struct sip_msg | |||
| char *unparsed; /*!< here we stopped parsing*/ | |||
|
|
|||
| struct receive_info rcv; /*!< source & dest ip, ports, proto a.s.o*/ | |||
| struct receive_info haproxy_rcv; /*!< source & dest ip, ports, proto a.s.o for the message from haproxy*/ | |||
There was a problem hiding this comment.
Traffic via haproxy is not very common, does it make sense to add a full value-structure for every message instead of a pointer that is allocated only when it is the case. Practically the size of message increases for common traffic over direct UDP/TCP/TLS/SCTP/WebSocket. On the other hand, cloning in shm has to be done if allocated. This is just to ponder on what would be better...
There was a problem hiding this comment.
Thanks for highlighting that.
We will check what would be less expensive in terms of resource usage - to have a full value-structure, or to have a pointer that needs to be cloned in shm.
src/core/tcp_read.c
Outdated
| local_timer_add(&tcp_reader_ltimer, &con->timer, | ||
| S_TO_TICKS(TCP_CHILD_TIMEOUT), t); | ||
| if(con->rcv.proto_reserved2 && con->type == PROTO_WSS) { | ||
| //not setting up timers for haproxy WSS connections |
There was a problem hiding this comment.
The patch is quite consistent to important parts of the core. It has to be reviewed properly, so far I did a quick walk through, other developers are welcome to jump in.
There was a problem hiding this comment.
Please pay attention at this particular change - from line 1846 to line 1856.
The purpose of this change is to keep the WSS connection connected. When testing this haproxy change without this particular piece of change (from line 1846 to line 1856) we observed that kamailio was dropping WSS connection by timer, and this drop looked strange, because it happened in about 5-7 seconds after the connection was established. One of the requirement for haproxy was to keep TLS/WSS connection established during all the dialog and not to drop it without any important reason. I tried to find how to make it not to be dropped by timer, but found the only way is to not to set the timer up for WSS. Also the drop cause is still not cleat for me.
I don't think this is a good solution, but I was not able to find a better one. I would appreciate if you check this change attentively. If needed I can provide with the logs where kamailio drops WSS connection.
|
I was thinking. Could we have something generic that abstracts the rcv parameter of the message? |
|
Indeed, it would be good to try to find a more generic way to approach this kind of needs to store intermediary hop address. The patch is rather consistent for the core part and couldn't assert the impact so far. |
sergey-safarov
force-pushed
the
gh3683
branch
2 times, most recently
from
361326d
to
b0efcbe
Compare
…cessing - updated TCP connection selection when relaying through haproxy - Via header content is changed onto haproxy address if haproxy is used
|
This PR is stale because it has been open 6 weeks with no activity. Remove stale label or comment or this will be closed in 2 weeks. |
Pre-Submission Checklist
in
doc/subfolder, the README file is autogenerated)Type Of Change
Checklist:
Description
Allow creating Record-Route and Via header using destination address and port in the haproxy protocol header.
PR created behalf @ivanuschak