diff --git a/kamailio/defs.cfg b/kamailio/defs.cfg
index 2c0d87b..25cd001 100644
--- a/kamailio/defs.cfg
+++ b/kamailio/defs.cfg
@@ -118,8 +118,6 @@ kazoo.override_media_reply_480 = OVERRIDE_MEDIA_REPLY_480 descr "sip code to sen
 
 #!trydef KZ_MULTI_HOMED 0
 
-#!trydef KZ_PERMISSIONS_CACHE 0
-
 #!endif
 
 # vim: tabstop=4 softtabstop=4 shiftwidth=4 expandtab
diff --git a/kamailio/trusted.cfg b/kamailio/trusted.cfg
index 8d1d3f5..9184eb9 100644
--- a/kamailio/trusted.cfg
+++ b/kamailio/trusted.cfg
@@ -1,25 +1,31 @@
 ####### Permissions module ##########
+
+#!trydef KZ_PERMISSIONS_MAX_SUBNET 2048
+#!trydef KZ_PERMISSIONS_CACHE 0
+#!trydef TRUSTED_AMQP_FLAGS 2048
+
+
 loadmodule "permissions.so"
 modparam("permissions", "db_url", "KAZOO_DB_URL")
 modparam("permissions", "db_mode", KZ_PERMISSIONS_CACHE)
 modparam("permissions", "peer_tag_avp", "$avp(trusted_x_header)")
+modparam("permissions", "max_subnets", KZ_PERMISSIONS_MAX_SUBNET)
 
-modparam("rtimer", "timer", "name=trusted_reload;interval=20;mode=1;")
+modparam("rtimer", "timer", "name=trusted_reload;interval=30;mode=1;")
 modparam("rtimer", "exec", "timer=trusted_reload;route=TRUSTED_RELOAD")
 modparam("rtimer", "exec", "timer=trusted_reload;route=TRUSTED_QUERY")
 
 modparam("pv", "shvset", "trusted_query=i:1")
 
-#!trydef TRUSTED_AMQP_FLAGS 2048
-
 route[TRUSTED_LOAD]
 {
-    $shv(trusted_query) = 0;
+    $shv(trusted_query) = 2;
+    $shv(trusted_reload) = 0;
 
     $var(amqp_payload_request) = $_s({"Event-Category" : "trusted" , "Event-Name" : "query"});
     $var(amqp_routing_key) = "trusted.query";
 
-    xlog("L_DEBUG", "event|trusted|publishing to acl => $var(amqp_routing_key) : $var(amqp_payload_request)\n");
+    xlog("L_INFO", "event|trusted|publishing to acl => $var(amqp_routing_key) : $var(amqp_payload_request)\n");
     if(kazoo_query("trusted", $var(amqp_routing_key), $var(amqp_payload_request), "$def(TRUSTED_AMQP_FLAGS)") != 1) {
         if($(kzR{kz.json,Event-Name}) == "message_returned" ) {
             xlog("L_WARNING", "event|trusted|message was returned by broker $(kzR{kz.json,Error-Code}) $(kzR{kz.json,Error-Reason})\n");
@@ -30,16 +36,19 @@ route[TRUSTED_LOAD]
         return;
     }
 
-    xlog("L_DEBUG", "event|trusted|query got reply $kzR\n");
+    xlog("L_INFO", "event|trusted|query got reply\n");
     avp_delete("$avp(TrustedKeys)/g");
     if(kazoo_json_keys($kzR, "Trusted", "$avp(TrustedKeys)") != 1) {
         xlog("L_WARNING", "event|trusted|no keys for Trusted\n");
+        $shv(trusted_query) = 0;
         return;
     }
+    xlog("L_INFO", "event|trusted|cleaning address table\n");
     sql_query("exec", "delete from address");
     $var(total) = 0;
     $var(Count) = $cnt($avp(TrustedKeys));
     $var(Idx) = 0;
+    xlog("L_INFO", "event|trusted|count for trusted is $var(Count)\n");
     while($var(Idx) < $var(Count)) {
          $var(KeyName) = $(avp(TrustedKeys)[$var(Idx)]);
          $var(Key) = $(var(KeyName){s.replace,.,%});
@@ -69,18 +78,19 @@ route[TRUSTED_LOAD]
             $var(portIdx) = 0;
             while($var(portIdx) < $var(port_count)) {
                 $var(sql) = $_s(insert into address(ip_addr, mask, port, tag) values("$var(ip)", $var(mask), $(avp(ports)[$var(portIdx)]), "$var(token)"));
-                sql_query("exec", "$var(sql)");            
+                sql_query("exec", "$var(sql)");
                 $var(portIdx) = $var(portIdx) + 1;
+                $var(total) = $var(total) + 1;
             }
 
             $var(cidr_idx) = $var(cidr_idx) + 1;
-            $var(total) = $var(total) + 1;
          }
          $var(Idx) = $var(Idx) + 1;
     }
     
     xlog("L_NOTICE", "event|trusted|loaded $var(total) entries into address table\n");
     $shv(trusted_reload) = 1;
+    $shv(trusted_query) = 0;
 
 }
 
@@ -88,14 +98,16 @@ route[RELOAD_TRUSTED]
 {
     jsonrpc_exec('{"jsonrpc": "2.0", "method": "permissions.addressReload"}');
     xlog("L_NOTICE", "event|trusted|reload $(jsonrpl(body){kz.json,result})\n");
+    $shv(trusted_reload) = 0;
 }
 
 route[TRUSTED_RELOAD]
 {
    if($shv(trusted_reload) == 1) {
+      $shv(trusted_reload) = 2;
+   } else if($shv(trusted_reload) == 2) {
       route(RELOAD_TRUSTED);
    };
-   $shv(trusted_reload) = 0;
 }
 
 route[TRUSTED_QUERY]
@@ -121,5 +133,10 @@ route[TRUSTED_BINDINGS]
 event_route[kazoo:consumer-event-trusted-reload]
 {
     xlog("L_NOTICE", "event|trusted|received trusted reload\n");
-    $shv(trusted_query) = 1;
+    if ($shv(trusted_query) == 0) {
+        xlog("L_NOTICE", "event|trusted|signaling trusted reload\n");
+        $shv(trusted_query) = 1;
+    } else {
+        xlog("L_NOTICE", "event|trusted|signal already active for trusted reload\n");
+    }
 }