Copyright © 2013 VoIPEmbedded Inc.
Copyright © 2010
Copyright © 2006 Freenet Cityline GmbH
Table of Contents
List of Examples
parameter at runtime reply_reason
parameter at runtime pl_check
usageTable of Contents
This module implements traffic limiting for SIP requests.
The module defines in an abstract mode the notion of 'pipe', which can be a reference to an IP address, to a network or a trunk. The associtiation of traffic to a pipe is done in the config file, therefore, a pipe could represent SIP traffic coming from a user or the flow of specific SIP requests such as INVITE or REGISTER.
Pipelimit started from ratelimit module, adding support for definition of pipes limits in database and dynamic names. Complexity of keeping everything in a module and make it dual mode functional resulted in a new module which is focused on just traffic shaping policies, the implementation of queues was discarded.
Algorithms are based from the ratelimit module, which describes the algorithms in more detail. The algorithms are used by the pipelimit module to determine if a message should be blocked.
Tail Drop Algorithm (TAILDROP)
This is a trivial algorithm that imposes some risks when used in conjunction with long timer intervals. At the start of each interval an internal counter is reset and incremented for each incoming message. Once the counter hits the configured limit pl_check() returns false (negative value).
Random Early Detection Algorithm (RED)
The Random Early Detection Algorithm tries to circumvent the synchronization problem imposed by the tail drop algorithm by measuring the average load and adapting the drop rate dynamically. When running with the RED algorithm (enabled by default) Kamailio will return errors to the Kamailio routing engine every n'th packet trying to evenly spread the measured load of the last timer interval onto the current interval. As a negative side effect Kamailio might drop messages although the limit might not be reached within the interval. Decrease the timer interval if you encounter this.
Network Algorithm (NETWORK)
This algorithm relies on information provided by network interfaces. The total amount of bytes waiting to be consumed on all the network interfaces is retrieved once every timer_interval seconds. If the returned amount exceeds the limit specified in the modparam, pl_check() returns false (negative value).
Feedback Algorithm (FEEDBACK)
Using the PID Controller model (see Wikipedia page), the drop rate is adjusted dynamically based on the load factor so that the load factor always drifts towards the specified limit (or setpoint, in PID terms).
As reading the CPU load average is relatively expensive (opening /proc/stat, parsing it, etc), this only happens once every timer_interval seconds and consequently the FEEDBACK value is only at these intervals recomputed. This in turn makes it difficult for the drop rate to adjust quickly. Worst case scenarios are request rates going up/down instantly by thousands - it takes up to 20 seconds for the controller to adapt to the new request rate.
The following modules must be loaded before this module:
database connection module.
sl: Stateless Request Handling.
Used to compute the number of slots for the internal hash table, as power of 2 (number of slots = 2^hash_size, aka 1<<hash_size). If you have many pipes, increase this value for proper performances, but don't go too high (hash_size=10 means 1024 slots).
Default value is “6” (64 slots).
URL of the database server to be used.
Default value is “mysql://kamailio:kamailiorw@localhost/kamailio”.
Example 1.2. Set db_url
... modparam("pipelimit", "db_url", "dbdriver://username:password@dbhost/dbname") ...
Name of DB table where data definition for pipes is stores.
Default value is “pl_pipes”.
Example 1.3. Set plp_table_name
... modparam("pipelimit", "plp_table_name", "mypipes") ...
Name of 'pipeid' column.
Default value is “pipeid”.
Example 1.4. Set plp_pipeid_column
... modparam("pipelimit", "plp_pipeid_column", "name") ...
Name of 'limit' column.
Default value is “limit”.
Example 1.5. Set plp_limit_column
... modparam("pipelimit", "plp_limit_column", "name") ...
Name of 'algorithm' column.
Default value is “algorithm”.
Example 1.6. Set plp_algorithm_column
... modparam("pipelimit", "plp_algorithm_column", "name") ...
The length of the timer interval in seconds. Counted messages are reset each timer_interval, therefore the amounts of messages have to be divided by this timer_interval value to get the messages per second value. For example, if you want to allow an average of 10 messages per second with a timer inteval of 10 seconds, then the limit value has to be 100.
Note: A too small value may lead to performance penalties due to timer process overloading.
Default value is 10.
The code of the reply sent by Kamailio while limiting.
Default value is 503.
This value can be modified at runtime using kamcmd
Check the current request against the 'name' pipe.
If algorithm and limit are provided, the function attempts to create a new pipe if one with that name doesn't exit. If it exists, no changes to algorithm is done and the pipe limit is set to the 'limit' parameter value, if this is greater than 0. Algorithm is case sensitive.
The pipe name can be provided via a pseudo variabile.
The method will return:
-2 if no pipe was found
-1 if pipe limit was reached
1 if pipe limit was NOT reached
2 if pipe has NOP algorithm
Meaning of the parameters is as follows:
name - the string or pseudovariable with the pipe name.
algorithm - the string or pseudovariable with the algorithm. The values can be: TAILDROP, RED, NETWORK, or FEEDBACK - see readme of ratelimit module for details on each algorithm.
limit - the integer or pseudovariable with the limit value per timer_interval.
This function can be used from ANY_ROUTE.
Example 1.12. pl_check
... # perform pipe match for current method if (!pl_check("one")) { pl_drop(); exit; } ... # use pipe 'one' for the current method via PV $var(p) = "one"; $var(check_result) = pl_check("$var(p)"); switch($var(check_result)) { case -2: xlog("L_ALERT","pl_check(\"$var(p)\") drop -pipe NOT found\n"); pl_drop(); exit; break; case -1: xlog("L_ALERT","pl_check(\"$var(p)\") drop\n"); pl_drop(); exit; break; case 1: xlog("L_INFO", "pl_check(\"$var(p)\") pass\n"); break; case 2: xlog("L_ALERT","pl_check(\"$var(p)\") pass -NOP algorithm\n"); break; default: xlog("L_ERR","pl_check(\"$var(p)\") dropping \ with unexpected retcode=$var(check_result)\n"); pl_drop(); exit; } ... # perform pipe match for authenticated user $var(limit) = 20; if (!pl_check("$au", "TAILDROP", "$var(limit)")) { pl_drop(); exit; } ... # perform pipe match for INVITE if (is_method("INVITE")) { $var(invlimit) = 10; if (!pl_check("$si", "TAILDROP", "$var(invlimit)")) { pl_drop(); exit; } } ...
For the current request, a "503 - Server Unavailable" reply is sent back. The reply may or may not have a "Retry-After" header. If no parameter is given, there will be no "Retry-After" header. If only the max parameter is given, the reply will contain a "Retry-After: max" header. If both min and max params are given, the reply will contain a "Retry-After: random" header with random being a random value between the given min and max.
Meaning of the parameters is as follows:
min - the minimum value of "Retry-After" header.
max - the maximum value of "Retry-After" header.
Example 1.13. pl_drop
... if (!pl_check("one")) { # send back a "503 - Server Unavailable" # with a "Retry-After: 5" pl_drop("5"); exit; } ...
Lists the parameters and variabiles in the pipelimit module: pipe id, pipe load and pipe couter.
Name: pl.stats
Parameters: none
RPC Command Format:
kamcmd pl.stats
Sets the pipe parameters for the given pipe id.
Name: pl.set_pipe
pipe_id - pipe id.
pipe_algorithm - the algorithm assigned to the given pipe id.
pipe_limit - the limit assigned to the given pipe id.
RPC Command Format:
kamcmd pl.set_pipe 2 RED 10
Gets the list of in use pipes.
Name: pl.get_pipes
Parameters: none
RPC Command Format:
kamcmd pl.get_pipes
Sets the PID Controller parameters for the Feedback Algorithm.
Name: pl.set_pid
ki - the integral parameter.
kp - the proportional parameter.
kd - the derivative parameter.
RPC Command Format:
kamcmd pl.set_pid 0.5 0.5 0.5
Gets the list of in use PID Controller parameters.
Name: pl.get_pid
Parameters: none
RPC Command Format:
kamcmd pl.get_pid