[VOIPSEC] EMTA under RSIP LOOP
Geoff Devine
gdevine at cedarpointcom.com
Fri Jul 14 13:44:07 CDT 2006
andred <andred at superig.com.br> writes:
> Does anyone know what could cause a EMTA to enter a state of
> loop of RSIP messages?? This problem is incresing at extreme
> levels our firewall due to the extense amount of messages
> exchange.
I chased a problem like that a few months ago. What happened in our
case was that the line was not provisioned at the CMS and the CMS
responded with a 5xx (but not 521 which tells the MTA to redirect to
another CMS). The MTA is supposed to stop transmitting but it did not
due to an MTA database mis-configuration. We had several thousand MTAs
in the field stuck in an RSIP loop. After 'N' instances of this, our
implementation treated it as a denial of service attack and quarantined
each looping MTA. The MTAs continued to send the CMS RSIPs that never
received any response.
There are a number of MTA provisioning parameters for timers that
control this operation in the MTA config file. I never knew what value
got changed but it might be pktcNcsEndPntConfigMWD; which controls
Restart. There are a number of other configurable timers that control
the protocol such as pktcNcsEndPntConfigThist that might be causing the
problem. I suggest you ask your MTA vendor for specific support.
Geoff Devine
Chief Architect
Cedar Point Communications
More information about the Voipsec
mailing list