[sr-dev] dns resolver issue (RFC3263)

Iñaki Baz Castillo ibc at aliax.net
Tue Nov 6 16:44:45 CET 2012


2012/11/6 Iñaki Baz Castillo <ibc at aliax.net>:
> 2012/11/5 Klaus Darilion <klaus.mailinglists at pernau.at>:
>> Indeed, this is not implemented correctly.
>
> What is not implemented correctly? It MUST be correctly implemented,
> what is the exact problem? RFC 3263 is very clear in the steps to
> perform (first NAPTR and when not present try SRV in order of
> preperence based on local policy).
>
> Could you please describe the exact issue in Kamailio about this?
>
> Thanks a lot.

BTW, OverSIP behavior when routing a request to cisco.com:


DEBUG: <RFC3263 4212866> DNS NAPTR error resolving 'cisco.com': dns_error_nodata
DEBUG: <RFC3263 4212866> no NAPTR records, performing SRV queries
DEBUG: <RFC3263 4212866> DNS SRV succeeded for domain 'cisco.com',
service 'sips' and protocol 'tcp'
DEBUG: <RFC3263 4212866> DNS A succeeded for domain 'vcsgw.cisco.com'
DEBUG: <RFC3263 4212866> DNS SRV succeeded for domain 'cisco.com',
service 'sip' and protocol 'tcp'
DEBUG: <RFC3263 4212866> DNS A succeeded for domain 'vcsgw.cisco.com'
DEBUG: <RFC3263 4212866> DNS SRV error resolving domain 'cisco.com',
service 'sip' and protocol 'udp': dns_error_nxdomain
DEBUG: <Proxy proxy_out 4212866> DNS result has multiple values, randomizing
DEBUG: <Proxy proxy_out 4212866> trying target 1 of 2: tls:64.103.25.132:5061
DEBUG: <SIP TLS IPv4 client> TLS handshake not completed yet, waiting
before sending the message
DEBUG: <SIP TLS IPv4 client> received certificate num 1 from server
DEBUG: <SIP TLS IPv4 client> TLS connection established to 64.103.25.132:5061
DEBUG: <SIP TLS IPv4 client> running
OverSIP::SipEvents.on_server_tls_handshake()...
INFO: <SipEvents> [user] validating TLS connection to IP 64.103.25.132
and port 5061
NOTICE: <SipEvents> [user] server provides an invalid TLS certificate
with SIP identities ["tandberg"] (TLS error: 18, description: "self
signed certificate")


It was hard to properly implement full RFC 3263 but it's done. What is
the exact issue in Kamailio with this?


--
Iñaki Baz Castillo
<ibc at aliax.net>



More information about the sr-dev mailing list