[SR-Users] does ipops module dns_int_match_ip(hostname, ipaddr) search all returned records?

Daniel-Constantin Mierla miconda at gmail.com
Mon Mar 16 12:09:11 CET 2015


Hello,


On 12/03/15 17:51, canuck15 wrote:
> I am reading the documentation for the ipops module dns_int_match_ip()
> function and it states the following:
>
> "Returns TRUE if ipaddr is associated by DNS to hostname. FALSE
> otherwise. It uses internal DNS resolver. At this moment, the function
> might not check all the IP addresses as returned by
> dns_sys_match_ip(), because the internal resolver targets to discover
> the first address to be used for relaying SIP traffic. Thus is better
> to use dns_sys_match_ip() if the host you want to check has many IP
> addresses, in different address famililies (IPv4/6)."
>
> I am not sure what that statement means.  I will be using this for IP
> authentication where the records it is checking against are in a mysql
> database and may or may not be be using the DNS name instead of the
> IP.  Many of those DNS names could return several IP addresses and the
> incoming call could be on any one of those IP addresses.  So when I do
> a check of a hostname against an IP address I want all returned A or
> srv IP's to be checked against the IP.  Not just the first IP returned
> when checked.  I do not believe dns_sys_match() will be fast enough on
> a busy server so I would prefer to using dns_int_match_ip().
>
> If anyone can clarify what that statement means regarding "internal
> resolver targets to discover the first address" and whether that would
> affect my use it would be greatly appreciated.
>
> On a related note, is there any way to check the contents of the dns
> resolver cache?  I looked through kamctl and kamcmd but didn't find
> anything.  I tried "kamctl address show" but that didn't return anything.
the internal DNS resolver is optimized for sending out SIP requests and
uses an embedded cache. It can result that some DNS responses are cached
and kept in memory for a while. Also, there are parameters in core of
kamailio to tune what kind of dns requests to do (NAPTR, SRV, ...).
Based on those, not all options to discover the ip of a hostname for sip
forwarding are tried. E.g., it can try only SRV for UDP/IPv6 if that is
the highest configured priority and has a result for forwarding the SIP
packet.

In other words, internal DNS doesn't try to discover all the IP
addresses associated with a hostname, only those relevant for sip and
can stop at first valid response, not following other dns query options
that could be eventually done.

Cheers,
Daniel

-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio World Conference, May 27-29, 2015
Berlin, Germany - http://www.kamailioworld.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20150316/a1fdfe13/attachment.html>


More information about the sr-users mailing list