On 10/25/12 4:33 PM, Alex Hermann wrote:
On Thursday 25 October 2012, Juha Heinanen wrote:
an ipv6 address can thus never be a valid domain name. an ipv4 address, on the other hand, is syntactically valid domain name and perhaps someone has populated their local name server with such names.
But the application (kamailio) should not attempt a DNS lookup if the hostname is an IP(v4/v6) address, from RFC1123, section 2.1:
It does not if it is ipv4 and the target would be an A record, as well as when it is ipv6 and the target would be an AAAA record.
The thing here relates to disabling ipv6, resulting in only possible target A record, for which ipv6 does not match an ipv4 format, resulting in using the ipv6 for querying an A record.
So some extra validation has to be added when one address family is disabled by config, but such addresses can actually occur.
Perhaps what Juha suggested with detecting an invalid hostname is the best, avoiding querying for broken dns tokens.
Cheers, Daniel
======== Whenever a user inputs the identity of an Internet host, it SHOULD be possible to enter either (1) a host domain name or (2) an IP address in dotted-decimal ("#.#.#.#") form. The host SHOULD check the string syntactically for a dotted-decimal number before looking it up in the Domain Name System. . . . However, a valid host name can never have the dotted-decimal form #.#.#.#, since at least the highest-level component label will be alphabetic. ========
It would be nice if Kamailio refuses to lookup both IPv4 and IPv6 addresses independent of the address family of listening sockets (see my emails about dispatcher and IPv6, where DNS lookups on IPv6 addressed are only skipped if Kamailio is listening on an IPv6 address).