<div dir="ltr"><div class="gmail_default" style="font-family:arial narrow,sans-serif">Thank you Giacomo for the info!</div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><br></div><div class="gmail_default" style="font-family:arial narrow,sans-serif">We are thinking to use DNS SRV for failover and to use multiple LBs and do some sort of HA on the Load Balancer(s) using keepalived or etcd, etc.... One of my marching orders is to eliminate any single point of failures. </div><div class="gmail_default" style="font-family:arial narrow,sans-serif">Using one set of hosts would definitely simplify my architecture. Are there any security concerns that arise when allowing the LB/Proxy/Registrar/GW to be on the same device and connected to the Public Internet?</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><p><b>Daryn
Johnson</b><span style="color:#1f497d"><br>
</span><i><span style="font-size:9pt">Senior VoIP Engineer<br></span></i></p>
<p><span style="font-size:9pt">248.485.1109
</span><br></p><p>
</p><p><span style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><a href="http://www.telnetww.com" target="_blank"><b><span style="font-size:10.0pt;color:blue">www.telnetww.com</span></b></a></span><b><span style="font-size:10.0pt;font-family:"Calibri","sans-serif";color:#1f497d"><br>
</span></b><span style="font-size:9pt;font-family:Calibri,sans-serif">1175 W. Long Lake Rd</span><span style="font-size:9.0pt;font-family:"Calibri","sans-serif";color:#1f497d">. | </span><span style="font-size:9pt;font-family:Calibri,sans-serif">Suite 101</span><span style="font-size:9.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> | </span><span style="font-size:9pt;font-family:Calibri,sans-serif">Troy, MI 48098</span></p><p><span style="font-size:9pt"><br></span></p></div></div></div></div></div>
<br><div class="gmail_quote">On Thu, Jun 30, 2016 at 11:15 AM, Giacomo Vacca <span dir="ltr"><<a href="mailto:giacomo.vacca@gmail.com" target="_blank">giacomo.vacca@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Daryn,<div>it may not be an overkill, depending on the constrains you have. For example if the clients can possibly only be instructed to connect to a single public IP address (5.5.5.5 in your example), while you want to be able to scale the Kamailio architecture with multiple instances, then it can be a viable approach. Remember though that the Load Balancer will be your Single Point Of Failure. If the Load Balancer dies, for any reason, the service is not available.</div><div><br></div><div>There has been an interesting thread in this mailing list recently, on techniques to provide active/stand-by redundancy to a Kamailio deployment: "High Availability".</div><div><br></div><div>Depending on the capabilities of the clients you may consider removing the Load Balancer from the equation and perform DNS-based load balancing across your Proxy/Registrar/PSTN Gw instances. You'd be removing a SPOF, use one fewer machine, and simplify the architecture. This is not always possible to achieve though, because it delegates load balancing and fail over to the clients.</div><div><br></div><div>Giacomo</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote"><div><div class="h5">On 30 June 2016 at 17:03, Daryn Johnson <span dir="ltr"><<a href="mailto:djohnson@telnetww.com" target="_blank">djohnson@telnetww.com</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><div dir="ltr"><div class="gmail_default" style="font-family:arial narrow,sans-serif">I am interested in opinions and suggestions about load balancing with Kamailio. I work for an ITSP that currently uses Oracle & Broadsoft, and I am working to design and develop an open source solution using Kamailio (Proxy, Registrar, LB) & other Application/Media servers for more flexibility and freedom :) Thank you ALL for the work you have put in on Kamailio!</div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><br></div><div class="gmail_default" style="font-family:arial narrow,sans-serif">After much reading and configuration I have a Kamailio 'proxy' setup, with endpoints registered using the Registrar module, and calls being sent/received to/from the PSTN. I am interested in separating the Load Balancers from the Registrars & logic, for security and in order to be able to scale appropriately. I will be using the dispatcher module for both load balancers and proxies using the following architecture:</div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><br></div><div class="gmail_default" style="font-family:arial narrow,sans-serif">PublicIP = 5.5.5.5; Private IP = <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a></div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><br></div><div class="gmail_default" style="font-family:arial narrow,sans-serif">USERS (Public Internet) ==> (public: 5.5.5.5) [ Kamailio (LoadBalancer, Firewall, Sanity Checks) ] (core:192.168.1.2) ==> [ Kamailio Registrar, Proxy, PSTN GW ] ==> AppServers or PSTN GW</div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><br></div><div class="gmail_default" style="font-family:arial narrow,sans-serif">(we can access our PSTN gateways Via our Core using Private IPs)</div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><br></div><div class="gmail_default" style="font-family:arial narrow,sans-serif">Questions: </div><div class="gmail_default" style="font-family:arial narrow,sans-serif">1) Is it overkill to separate the LB & Proxy/Registrars? </div><div class="gmail_default" style="font-family:arial narrow,sans-serif">2) Is this a common architecture & anyone configured this architecture successfully? </div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><br></div><div class="gmail_default" style="font-family:arial narrow,sans-serif">Thanks in advance for your help!</div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><br></div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><br></div><div class="gmail_default" style="font-family:arial narrow,sans-serif"><b style="font-family:arial,sans-serif">Daryn
Johnson</b></div><div><div data-smartmail="gmail_signature"><div dir="ltr"><div dir="ltr"><p><i><span style="font-size:9pt">Senior VoIP Engineer<br></span></i></p>
<p><br></p><p><span style="font-size:9pt"><br></span></p></div></div></div></div>
</div>
<br></div></div>_______________________________________________<br>
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list<br>
<a href="mailto:sr-users@lists.sip-router.org" target="_blank">sr-users@lists.sip-router.org</a><br>
<a href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br>
<br></blockquote></div><br></div>
<br>_______________________________________________<br>
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list<br>
<a href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a><br>
<a href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users" rel="noreferrer" target="_blank">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br>
<br></blockquote></div><br></div>