After I reported last night, I restarted Kamailio and even though the 5 UACs did nothing but ensure they had a registration overnight, this morning the issue has recurred. The following is the output you requested. Not sure how the memory is being used up by Kamailio.
# kamctl stats shmem
shmem:fragments = 181
shmem:free_size = 8922584
shmem:max_used_size = 58243792
shmem:real_used_size = 58186280
shmem:total_size = 67108864
shmem:used_size = 54346088
On Tuesday, November 17, 2015 09:03:24 AM Daniel-Constantin Mierla wrote:
> As you are using the master branch (development), do you run latest version?
>
> Can you look at available shared memory?
>
> kamctl stats shmem
>
> Check it over time and see if the free memory is decreasing.
>
> Cheers,
> Daniel
>
> On 17/11/15 00:44, Anthony Messina wrote:
> > I have noticed the following issue which began with builds somewhere
> > between git master commits bff0a08 and 6173ef7. I did not see this issue
> > with my previous builds and haven't been able to pin down the problem,
> > which is why I haven't formally filed a bug.
> >
> > Any help or guidance is appreciated, because this has crippled my use of
> > Kamailio. Only a restart enables it to work again until the issue recurs.
> >
> > ERROR: tls [tls_server.c:189]: tls_complete_init(): tls: ssl bug #1491
> > workaround: not enough memory for safe operation: 8870536
> > ERROR: <core> [tcp_read.c:1303]: tcp_read_req(): ERROR: tcp_read_req:
> > error
> > reading
> >
> > I currently build against and run openssl-1.0.1k-12.fc22.x86_64.
> >
> > I have a very small operation and the only change on the operational side
> > is that all 5 of my mobile UACs (yes, that's all) have switched from
> > CSipSimple/Android to Zoiper/Android, which doesn't yet have support for
> > client-side certificates so verify_certificate and require_certificate are
> > off for both the server and client config.
> >
> > The server is started with:
> > /usr/sbin/kamailio -P /run/kamailio/kamailio.pid -m 64 -M 8
> >
> > I have tried modifying the shared mem to 128 but the issue still occurs.
> >
> > Even right now, I am seeing the error when only one UAC has established a
> > TLS connection:
> >
> > # kamcmd tls.list
> > {
> >
> > id: 572
> > timeout: 3475
> > src_ip: 10.77.79.156
> > src_port: 58688
> > dst_ip: 10.77.79.3
> > dst_port: 5061
> > cipher: ECDHE-RSA-RC4-SHA SSLv3 Kx=ECDH Au=RSA Enc=RC4(128)
> > Mac=SHA1
> > ct_wq_size: 0
> > enc_rd_buf: 0
> > flags: 2
> > state: established
> >
> > }
> >
> > # kamailio.cfg
> > enable_tls=yes
> > loadmodule "tls.so"
> > modparam("tls", "connection_timeout", 60)
> > #modparam("tls", "tls_log", 1)
> > #modparam("tls", "tls_debug", 1)
> > #modparam("tls", "low_mem_threshold1", -1)
> > #modparam("tls", "low_mem_threshold2", 0)
> > modparam("tls", "session_cache", 1)
> >
> > # tls.cfg
> > [server:default]
> > method = TLSv1+
> > verify_certificate = no
> > require_certificate = no
> > private_key = /etc/kamailio/example.org.key.pem
> > certificate = /etc/kamailio/example.org.crt.pem
> > server_name = example.org
> > cipher_list =
> > ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-
> > AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES
> > 256-
> > SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-
> > SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-
> > SHA:AES256-GCM-SHA384:AES256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-
> > SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-
> > SHA:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK
> >
> > [client:default]
> > method = TLSv1+
> > verify_certificate = no
> > require_certificate = no
> > private_key = /etc/kamailio/example.org.key.pem
> > certificate = /etc/kamailio/example.org.crt.pem
> > cipher_list =
> > ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-
> > AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES
> > 256-
> > SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-
> > SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-
> > SHA:AES256-GCM-SHA384:AES256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-
> > SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-
> > SHA:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK
> >
> >
> > Thanks. -Anthony
--
Anthony - https://messinet.com/ - https://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
