I recently setup a GnuGK Gatekeeper to facilitate H.323 Video Conferencing registration outside a client network to allow remote personel to register and make calls into and out of the company network. This setup makes it very easy for clients to register and initiate or receive calls from nearly anywhere, as long as H.460.18 is enabled and tunnelled through the firewall.
One of the issues that I had was calls being dropped 20-40 seconds into the call. After some troubleshooting, a packet capture, and review of the netstat statistics, I noticed that packets were dropping:
15:40:43.418334 IP xxx.xxx.xxx.xxx > 192.168.1.3: ICMP xxx.xxx.xxx.xxx udp port 50024 unreachable, length 208
There were a couple of errors in the gnugk.log file but not many:
2014/10/03 15:08:18.165 3 yasocket.cxx(906) Q931s xxx.xxx.xxx.xxx:7834 Error(0): Input/output error (12:104)
2014/10/03 15:08:18.269 3 ProxyChannel.cxx(12858) Proxy xxx.xxx.xxx.xxx:11191 forward blocked
Further, ‘netstat -s’ showed that the tcp receive buffer size was too low and the gatekeeper host was dropping packets:
9785 packets collapsed in receive queue due to low socket buffer
I increased the size of the send and receive buffers, as well as increased the size of the network max backlog by setting the following values in /etc/sysctl.conf:
# increase socket memory size and backlog buffer size
net.core.netdev_max_backlog = 10000
net.ipv4.tcp_rmem = 20480 174760 25165824
net.ipv4.tcp_wmem = 20480 174760 25165824
I then reloaded with a ‘sysctl -p’ and calls started flowing without any dropped packets.