pipelimit Module

Daniel-Constantin Mierla

Hendrik Scholz

Edited by

Ovidiu Sas

Edited by

Daniel-Constantin Mierla

   Copyright © 2013 VoIPEmbedded Inc.

   Copyright © 2010 Asipto.com

   Copyright © 2006 Freenet Cityline GmbH
     __________________________________________________________________

   Table of Contents

   1. Admin Guide

        1. Overview

              1.1. Algorithms

        2. Dependencies

              2.1. Kamailio Modules
              2.2. External Libraries or Applications

        3. Parameters

              3.1. hash_size (int)
              3.2. db_url (string)
              3.3. plp_table_name (string)
              3.4. plp_pipeid_column (string)
              3.5. plp_limit_column (string)
              3.6. plp_algorithm_column (string)
              3.7. timer_interval (integer)
              3.8. reply_code (integer)
              3.9. reply_reason (string)

        4. Functions

              4.1. pl_check(name [, algorithm, limit])
              4.2. pl_drop([ [min ], max ])

        5. RPC Commands

              5.1. pl.stats
              5.2. pl.set_pipe
              5.3. pl.get_pipes
              5.4. pl.set_pid
              5.5. pl.get_pid
              5.6. pl.push_load

   List of Examples

   1.1. Set hash_size parameter
   1.2. Set db_url parameter
   1.3. Set plp_table_name parameter
   1.4. Set plp_pipeid_column parameter
   1.5. Set plp_limit_column parameter
   1.6. Set plp_algorithm_column parameter
   1.7. Set timer_interval parameter
   1.8. Set reply_code parameter
   1.9. Set reply_code parameter at runtime
   1.10. Set reply_reason parameter
   1.11. Set reply_reason parameter at runtime
   1.12. pl_check usage
   1.13. pl_drop usage

Chapter 1. Admin Guide

   Table of Contents

   1. Overview

        1.1. Algorithms

   2. Dependencies

        2.1. Kamailio Modules
        2.2. External Libraries or Applications

   3. Parameters

        3.1. hash_size (int)
        3.2. db_url (string)
        3.3. plp_table_name (string)
        3.4. plp_pipeid_column (string)
        3.5. plp_limit_column (string)
        3.6. plp_algorithm_column (string)
        3.7. timer_interval (integer)
        3.8. reply_code (integer)
        3.9. reply_reason (string)

   4. Functions

        4.1. pl_check(name [, algorithm, limit])
        4.2. pl_drop([ [min ], max ])

   5. RPC Commands

        5.1. pl.stats
        5.2. pl.set_pipe
        5.3. pl.get_pipes
        5.4. pl.set_pid
        5.5. pl.get_pid
        5.6. pl.push_load

1. Overview

   1.1. Algorithms

   This module implements traffic limiting for SIP requests.

   The module defines in an abstract mode the notion of 'pipe', which can
   be a reference to an IP address, to a network or a trunk. The
   association of traffic to a pipe is done in the config file, therefore,
   a pipe could represent SIP traffic coming from a user or the flow of
   specific SIP requests such as INVITE or REGISTER.

   Pipelimit started from ratelimit module, adding support for definition
   of pipes limits in database and dynamic names. Complexity of keeping
   everything in a module and make it dual mode functional resulted in a
   new module which is focused on just traffic shaping policies, the
   implementation of queues was discarded.

1.1. Algorithms

   Algorithms are based from the ratelimit module, which describes the
   algorithms in more detail. The algorithms are used by the pipelimit
   module to determine if a message should be blocked.

   Tail Drop Algorithm (TAILDROP)

   This is a trivial algorithm that imposes some risks when used in
   conjunction with long timer intervals. At the start of each interval an
   internal counter is reset and incremented for each incoming message.
   Once the counter hits the configured limit pl_check() returns false
   (negative value).

   Random Early Detection Algorithm (RED)

   The Random Early Detection Algorithm tries to circumvent the
   synchronization problem imposed by the tail drop algorithm by measuring
   the average load and adapting the drop rate dynamically. When running
   with the RED algorithm (enabled by default) Kamailio will return errors
   to the Kamailio routing engine every n'th packet trying to evenly
   spread the measured load of the last timer interval onto the current
   interval. As a negative side effect Kamailio might drop messages
   although the limit might not be reached within the interval. Decrease
   the timer interval if you encounter this.

   Network Algorithm (NETWORK)

   This algorithm relies on information provided by network interfaces.
   The total amount of bytes waiting to be consumed on all the network
   interfaces is retrieved once every timer_interval seconds. If the
   returned amount exceeds the limit specified in the modparam, pl_check()
   returns false (negative value).

   Feedback Algorithm (FEEDBACK)

   Using the PID Controller model (see Wikipedia page), the drop rate is
   adjusted dynamically based on the load factor so that the load factor
   always drifts towards the specified limit (or setpoint, in PID terms).

   As reading the CPU load average is relatively expensive (opening
   /proc/stat, parsing it, etc), this only happens once every
   timer_interval seconds and consequently the FEEDBACK value is only at
   these intervals recomputed. This in turn makes it difficult for the
   drop rate to adjust quickly. Worst case scenarios are request rates
   going up/down instantly by thousands - it takes up to 20 seconds for
   the controller to adapt to the new request rate.

2. Dependencies

   2.1. Kamailio Modules
   2.2. External Libraries or Applications

2.1. Kamailio Modules

   The following modules must be loaded before this module:
     * database connection module.
     * sl: Stateless Request Handling.

2.2. External Libraries or Applications

   The following libraries or applications must be installed before
   running Kamailio with this module loaded:
     * None.

3. Parameters

   3.1. hash_size (int)
   3.2. db_url (string)
   3.3. plp_table_name (string)
   3.4. plp_pipeid_column (string)
   3.5. plp_limit_column (string)
   3.6. plp_algorithm_column (string)
   3.7. timer_interval (integer)
   3.8. reply_code (integer)
   3.9. reply_reason (string)

3.1. hash_size (int)

   Used to compute the number of slots for the internal hash table, as
   power of 2 (number of slots = 2^hash_size, aka 1<<hash_size). If you
   have many pipes, increase this value for proper performances, but don't
   go too high (hash_size=10 means 1024 slots).

   Default value is “6” (64 slots).

   Example 1.1. Set hash_size parameter
...
modparam("pipelimit", "hash_size", 10)
...

3.2. db_url (string)

   URL of the database server to be used.

   Default value is “mysql://kamailio:kamailiorw@localhost/kamailio”.

   Example 1.2. Set db_url parameter
...
modparam("pipelimit", "db_url", "dbdriver://username:password@dbhost/dbname")
...

3.3. plp_table_name (string)

   Name of DB table where data definition for pipes is stores.

   Default value is “pl_pipes”.

   Example 1.3. Set plp_table_name parameter
...
modparam("pipelimit", "plp_table_name", "mypipes")
...

3.4. plp_pipeid_column (string)

   Name of 'pipeid' column.

   Default value is “pipeid”.

   Example 1.4. Set plp_pipeid_column parameter
...
modparam("pipelimit", "plp_pipeid_column", "name")
...

3.5. plp_limit_column (string)

   Name of 'limit' column.

   Default value is “limit”.

   Example 1.5. Set plp_limit_column parameter
...
modparam("pipelimit", "plp_limit_column", "name")
...

3.6. plp_algorithm_column (string)

   Name of 'algorithm' column.

   Default value is “algorithm”.

   Example 1.6. Set plp_algorithm_column parameter
...
modparam("pipelimit", "plp_algorithm_column", "name")
...

3.7. timer_interval (integer)

   The length of the timer interval in seconds. Counted messages are reset
   each timer_interval, therefore the amounts of messages have to be
   divided by this timer_interval value to get the messages per second
   value. For example, if you want to allow an average of 10 messages per
   second with a timer interval of 10 seconds, then the limit value has to
   be 100.

   Note: A too small value may lead to performance penalties due to timer
   process overloading.

   Default value is 10.

   Example 1.7. Set timer_interval parameter
...
modparam("pipelimit", "timer_interval", 5)
...

3.8. reply_code (integer)

   The code of the reply sent by Kamailio while limiting.

   Default value is 503.

   Example 1.8. Set reply_code parameter
...
modparam("pipelimit", "reply_code", 505)
...

   This value can be modified at runtime using kamcmd

   Example 1.9.  Set reply_code parameter at runtime
kamcmd cfg.set_now_int pipelimit reply_code 505

3.9. reply_reason (string)

   The reason of the reply sent by Kamailio while limiting.

   Default value is "Server Unavailable".

   Example 1.10. Set reply_reason parameter
...
modparam("pipelimit", "reply_reason", "Limiting")
...

   This value can be modified at runtime using kamcmd

   Example 1.11.  Set reply_reason parameter at runtime
kamcmd cfg.set_now_string pipelimit reply_reason "Limiting"

4. Functions

   4.1. pl_check(name [, algorithm, limit])
   4.2. pl_drop([ [min ], max ])

4.1.  pl_check(name [, algorithm, limit])

   Check the current request against the 'name' pipe.

   If algorithm and limit are provided, the function attempts to create a
   new pipe if one with that name doesn't exit. If it exists, no changes
   to algorithm is done and the pipe limit is set to the 'limit' parameter
   value, if this is greater than 0. Algorithm is case sensitive.

   The pipe name can be provided via a pseudo variable.

   The method will return:
     * -2 if no pipe was found
     * -1 if pipe limit was reached
     * 1 if pipe limit was NOT reached
     * 2 if pipe has NOP algorithm

   Meaning of the parameters is as follows:
     * name - the string or pseudovariable with the pipe name.
     * algorithm - the string or pseudovariable with the algorithm. The
       values can be: TAILDROP, RED, NETWORK, or FEEDBACK - see readme of
       ratelimit module for details on each algorithm.
     * limit - the integer or pseudovariable with the limit value per
       timer_interval.

   This function can be used from ANY_ROUTE.

   Example 1.12. pl_check usage
...
        # perform pipe match for current method
        if (!pl_check("one")) {
                pl_drop();
                exit;
        }
...
        # use pipe 'one' for the current method via PV
        $var(p) = "one";
        $var(check_result) = pl_check("$var(p)");
        switch($var(check_result)) {
        case -2:
                xlog("L_ALERT","pl_check(\"$var(p)\") drop -pipe NOT found\n");
                pl_drop();
                exit;
                break;
        case -1:
                xlog("L_ALERT","pl_check(\"$var(p)\") drop\n");
                pl_drop();
                exit;
                break;
        case 1:
                xlog("L_INFO", "pl_check(\"$var(p)\") pass\n");
                break;
        case 2:
                xlog("L_ALERT","pl_check(\"$var(p)\") pass -NOP algorithm\n");
                break;
        default:
                xlog("L_ERR","pl_check(\"$var(p)\") dropping \
with unexpected retcode=$var(check_result)\n");
                pl_drop();
                exit;
        }
...
        # perform pipe match for authenticated user
        $var(limit) = 20;
        if (!pl_check("$au", "TAILDROP", "$var(limit)")) {
                pl_drop();
                exit;
        }
...
        # perform pipe match for INVITE
        if (is_method("INVITE")) {
                $var(invlimit) = 10;
                if (!pl_check("$si", "TAILDROP", "$var(invlimit)")) {
                        pl_drop();
                        exit;
                }
        }
...

4.2.  pl_drop([ [min ], max ])

   For the current request, a "503 - Server Unavailable" reply is sent
   back. The reply may or may not have a "Retry-After" header. If no
   parameter is given, there will be no "Retry-After" header. If only the
   max parameter is given, the reply will contain a "Retry-After: max"
   header. If both min and max params are given, the reply will contain a
   "Retry-After: random" header with random being a random value between
   the given min and max.

   Meaning of the parameters is as follows:
     * min - the minimum value of "Retry-After" header.
     * max - the maximum value of "Retry-After" header.

   This function can be used from
   REQUEST_ROUTE|BRANCH_ROUTE|FAILURE_ROUTE|ONSEND_ROUTE.

   Example 1.13. pl_drop usage
...
        if (!pl_check("one")) {
                # send back a "503 - Server Unavailable"
                # with a "Retry-After: 5"
                pl_drop("5");
                exit;
        }
...

5. RPC Commands

   5.1. pl.stats
   5.2. pl.set_pipe
   5.3. pl.get_pipes
   5.4. pl.set_pid
   5.5. pl.get_pid
   5.6. pl.push_load

5.1.  pl.stats

   Lists the parameters and variables in the pipelimit module: pipe id,
   pipe load and pipe counter.

   Name: pl.stats

   Parameters: none

   RPC Command Format:
        kamcmd pl.stats

5.2.  pl.set_pipe

   Sets the pipe parameters for the given pipe id.

   Name: pl.set_pipe

   Parameters:
     * pipe_id - pipe id.
     * pipe_algorithm - the algorithm assigned to the given pipe id.
     * pipe_limit - the limit assigned to the given pipe id.

   RPC Command Format:
        kamcmd pl.set_pipe 2 RED 10

5.3.  pl.get_pipes

   Gets the list of in use pipes.

   Name: pl.get_pipes

   Parameters: none

   RPC Command Format:
        kamcmd pl.get_pipes

5.4.  pl.set_pid

   Sets the PID Controller parameters for the Feedback Algorithm.

   Name: pl.set_pid

   Parameters:
     * ki - the integral parameter.
     * kp - the proportional parameter.
     * kd - the derivative parameter.

   RPC Command Format:
        kamcmd pl.set_pid 0.5 0.5 0.5

5.5.  pl.get_pid

   Gets the list of in use PID Controller parameters.

   Name: pl.get_pid

   Parameters: none

   RPC Command Format:
        kamcmd pl.get_pid

5.6.  pl.push_load

   Force the value of the load parameter. This command is useful for
   testing the Feedback algorithm.

   Name: pl.push_load

   Parameters:
     * load - the forced value of load (it must be greater then 0.0 and
       smaller then 1.0).

   RPC Command Format:
        kamcmd pl.push_load 0.85