[Users] DNS queries and TLS

Papadopoulos Georgios geop at altectelecoms.gr
Thu Dec 14 10:29:49 CET 2006 

Hello,
 
I am having some performance issues with Openser and I tend to believe
they are related with DNS. So I am trying to figure out when and why
Openser is doing DNS queries. Doing ngrep on port 53 I realized that
right before sending out the "100 trying -- your call is important to
us" message, Openser is doing a reverse DNS lookup for the IP where the
INVITE came from. So the sequence is something like:
client                            Openser                   DNS
   |---INVITE------------------------>|
   |<---407 Proxy Auth Reqd---|
   |---ACK--------------------------->|
   |---INVITE------------------------>|
                                           |---client IP?-------->|
                                           |<-------------------------|
   |<--------------------100 trying---|
 
 
I am using Openser-1.1.0-notls and in my script I have 
dns=no
rev_dns=no
So first question is whether this DNS query is necessary and how I could
avoid it.
 
What is furthermore confusing is that I have a test system with the same
Openser version and same script, where this DNS query is not happening.
Looking into the production system I found the following:
ser2:/usr/local/openser-1.1.0-notls/sbin# ldd openser
        linux-gate.so.1 =>  (0xffffe000)
        libdl.so.2 => /lib/tls/libdl.so.2 (0x55571000)
        libresolv.so.2 => /lib/tls/libresolv.so.2 (0x55574000)
        libc.so.6 => /lib/tls/libc.so.6 (0x55587000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x55555000)
whereas the test system shows:
sertest:/usr/local/openser-1.1.0-notls/sbin# ldd openser
        libdl.so.2 => /lib/libdl.so.2 (0x7002c000)
        libresolv.so.2 => /lib/libresolv.so.2 (0x70040000)
        libc.so.6 => /lib/libc.so.6 (0x70064000)
        /lib/ld-linux.so.2 (0x70000000)

So the two systems link to different libresolv.so libraries. Is the
tls/libresolve.so that is responsible for the DNS query? Given that in
both cases I am using the notls version of Openser 1.1, why is there a
difference between the two? 
 
thank you for any help
 
George
 

Disclaimer
The information in this e-mail and any attachments is confidential. It is intended solely for the attention and use of the named addressee(s). If you are not the intended recipient, or person responsible for delivering this information to the intended recipient, please notify the sender immediately. Unless you are the intended recipient or his/her representative you are not authorized to, and must not, read, copy, distribute, use or retain this message or any part of it. E-mail transmission cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, destroyed, arrive late or incomplete, or contain viruses.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20061214/5fda1152/attachment.htm>

More information about the sr-users mailing list