Hi Bradley,<br><br>Another option is to set:<br>modparam("auth", "disable_nonce_check", 1)<br><br>Opensips has two mechanisms for making a nonce stale: the time-based mechanism (nonce_expire) and a use-once mechanism ('disable_nonce_check"). The 2nd mechanism doesn't set the stale=1 flag. Not sure why, but I think maybe because authors assume that if this happened it was a malicious attack, not a retransmission. The first mechanism will set stale=1. So you can perform auth statelessly, and even if you get retransmissions on the "edge" of your timer, the stale=1 should make everything recover.<br>
<br>That said, if auth is taking > 500ms, you really might want to handle things statefully via t_newtran(), because otherwise you're always going to get retransmissions.<br><br>Speaking of retransmissions and REGISTRATION, if you handle them statelessly you might want to change usrloc.cseq_delay from the default 20sec to ~32sec. With default value, any retransmissions that occur after 20sec and before a standard UAC stops restransmitting (32sec) will trigger a 4xx response (bad cseq).<br>
<br>Regards,<br>Kennard<br><br><div class="gmail_quote">2010/10/29 Stanisław Pitucha <span dir="ltr"><<a href="mailto:viraptor@gmail.com">viraptor@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div class="im">On 29/10/10 06:06, Bradley Falzon wrote:<br>
> This issue had been discussed before on this list, I don't have the<br>
> exact conversation, however, the advise seemed to be "make the proxy<br>
> stateful".<br>
<br>
</div>You can either look for the stale=true solution (I don't know how to<br>
implement that one, I'd like to know the solution), or go stateful with:<br>
<br>
if (is_method("REGISTER"))<br>
t_newtran();<br>
<br>
at the beginning of the script. You still have a very short window of<br>
time when the problem can happen, but it's much safer already.<br>
<br>
Regards,<br>
Stan<br>
<div><div></div><div class="h5"><br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a><br>
<a href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users" target="_blank">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
</div></div></blockquote></div><br>