Session Initiation Protocol overload protection
SIP overload protects the system from two overload conditions: memory overload and CPU overload. Container managed overload protection (CMOP) and proxy managed overload protection (PMOP) allow for real-time protection based on the overload settings information.
SIP container managed overload protection
In a stand-alone server deployment, SIP container managed overload protection (CMOP) provides the only defense against both memory and CPU overload conditions. An administrator can set up several static thresholds using SIP container settings. When these thresholds are exceeded, the container begins to drop new requests by responding to any requests that initiate new dialogs with a 503 response until the container is no longer overloaded. This includes settings that affect memory and CPU usage.
In an ND deployment, CMOP allows the container to use the same SIP container settings to notify the proxy server when the container is in an overloaded state. After the proxy server receives this notification, it begins to drop new requests instead of forwarding them to the containers. All memory overload conditions in ND are prevented by CMOP regardless of the configuration.
Overload protection is calculated based on the virtual memory settings and the maximum throughput that a container can handle. We can specify a value for the following SIP container settings from the administrative console for CMOP.
- Maximum application sessions
- Maximum messages per averaging period
- Maximum response time
- Maximum dispatch queue size
We can also specify a value for these SIP container custom properties for CMOP.
- message.queue.burst.factor
- thread.message.queue.max.size
- weight.overload.watermark
SIP proxy managed overload protection
SIP Proxy Managed overload protection (PMOP) is the best line of defense against container overload. In a typical deployment, CMOP alone does not provide optimal results. The following conditions might occur if CMOP is deployed without deploying PMOP at the proxy server.
- The on or off mechanism might become too granular
- Admission rates might fluctuate
- An absolute cap on load might be difficult to establish
- Unstable loads might be sent to the containers
When PMOP is deployed, the proxy server utilizes admission rate controllers for each container. When a container is overloaded, instead of either accepting or rejecting new load for a period of time, new workload can be sent to the backend containers without completely shutting down the flow of new traffic. This allows the proxy server to offer a consistent load to the containers without exceeding the maximum values for the container settings.
SIP proxy managed overload controls are not supported when a SIP DMZ proxy is deployed. We can set SIP proxy managed overload controls at the SIP application server to enable the application server to protect itself from overload..
The SIP proxy server calculates a maximum value for message throughput to each backend container based on a percentage of the configured Maximum Messages per Averaging Period (MMAP) setting specified for the container. The maximum value for message throughput is called the Maximum Throughput Factor (MTF).
MTF is disabled by default and can only be enabled by specifying a value for the maxThroughputFactor custom property. The value specified for the MTF custom property should be less than 100 percent to prevent CPU overload at the container. For example, we might set this value to 90 percent.
When the value of the MTF custom property is set to less than 100 percent, the total throughput to the container should never exceed the maximum value specified for the MMAP container setting. This process protects the container from handling excessive loads when coming out of an overloaded condition.
The MTF value should always be specified when stable and accurate overload protection is required. Specifying the MTF setting provides the best results for loads that range up to twice the capacity of the system. We should consider the system capacity when configuring for overload protection.
The algorithm utilized by the SIP proxy server relies on several features to provide stable and accurate loads to the backend container.
- Per-server rate control managed at the proxy server
- Auto-adjusting, per second admission rate controller
- Ratio of in-dialog to non-dialog averages used to control rate
- Auto-rate reduction when in an overloaded state
- Ability to absorb fast load transitions
- Burst tolerance to allow for short occasional load burst without triggering overload
- Stabilization control to prevent excessive overload when there is a transition in the cluster
We can specify a value for the following SIP proxy server custom properties for PMOP.
- burstResetFactor
- deflatorRatio
- dropOverloadPackets
- inDialogAveragingPeriod
- maxThroughputFactor
- outDialogAveragingPeriod
- perSecondBurstFactor
- proxyTransitionPeriod
- sipProxyStartupDelay
SIP container settings SIP proxy server custom properties SIP container custom properties