No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade
MENU
Knowledge Base

FAQ-eSpace U1960 stop handling register request from IP Phone because message overflow

Publication Date:  2019-06-19  |   Views:  385  |   Downloads:  0  |   Author:  SU1001299054  |   Document ID:  EKB1000084070

Contents
Issue Description Solution

Issue Description

a customer from one country, feedback one issue that their IP Phone will lost registration sometimes, and registration will restore after some seconds.

we request the U1960 logs and make an analysis. we found customer's network is not safe, and our U1960 was attacked by some device in public network, and caused our U1960 message overflow.

U1960 message overflow:(U1960 will receive 188 times register request at the worst situation)

[100][0x00000015][2015-08-03 15:19:43.62][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (178/s)
[109][0x00000015][2015-08-03 15:19:43.62][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.62][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (179/s)
[109][0x00000015][2015-08-03 15:19:43.62][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.62][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (180/s)
[109][0x00000015][2015-08-03 15:19:43.62][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.63][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (181/s)
[109][0x00000015][2015-08-03 15:19:43.63][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.63][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (182/s)
[109][0x00000015][2015-08-03 15:19:43.63][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.64][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (183/s)
[109][0x00000015][2015-08-03 15:19:43.64][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.64][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (184/s)
[109][0x00000015][2015-08-03 15:19:43.64][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.65][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (185/s)
[109][0x00000015][2015-08-03 15:19:43.65][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.65][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (186/s)
[109][0x00000015][2015-08-03 15:19:43.65][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.66][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (187/s)
[109][0x00000015][2015-08-03 15:19:43.66][sipstktptdhalftc.c 814]Sip REGISTER Message limit flux! Drop REGISTER Message!
[100][0x00000015][2015-08-03 15:19:43.66][sipmain.c 10397]Occur Sip REGISTER  message limit flux!! Flux (188/s)

and we found this register message come from public network, but customer's sip termianl located in subnet. so this is obvious that customer netwrok was attacked.

Solution

we feedback this analysis result to our customer. and suggest them to reinforce their network to avoid to be attacked again. 
Feedback
Related resources
Documentation Software Download Bulletins Tools
Related searches
By Author
Help us to improve
Write an article
Enterprise APP

Copyright © 2020 Huawei Technologies Co., Ltd. All rights reserved.