[Users] DNS queries and TLS

Papadopoulos Georgios geop at altectelecoms.gr
Fri Dec 15 11:53:40 CET 2006


Hi Klaus,

Here are the packets. The ngrep of the DNS lookup does not show much. I
can only see the client IP (in reverse order).
client: 213.5.17.236
Openser: 213.5.43.134, 213.5.8.5
DNS: 213.5.41.8

thank you

U 2006/12/14 12:00:09.612841 213.5.17.236:5060 -> 213.5.43.134:5060
INVITE sip:2116872933 at i-call.gr;user=phone SIP/2.0.
Via: SIP/2.0/UDP 213.5.17.236:5060;branch=z9hG4bK-nykmi2fjal1m;rport.
From: "George Papadopoulos" <sip:geop at i-call.gr>;tag=pt3u7ggbqm.
To: <sip:2116872933 at i-call.gr;user=phone>.
Call-ID: 3c28be1c1adb-0vv5406jgtfv at 213-5-17-236.
CSeq: 2 INVITE.
Max-Forwards: 70.
Contact: <sip:geop at 213.5.17.236:5060;line=9yt55o5b>.
P-Key-Flags: keys="3".
User-Agent: snom190-3.56w.
Accept-Language: en.
Accept: application/sdp.
Allow: INVITE, ACK, CANCEL, BYE, REFER, OPTIONS, NOTIFY, SUBSCRIBE,
PRACK, MESSAGE, INFO.
Allow-Events: talk, hold, refer.
Supported: timer, 100rel, replaces.
Session-Expires: 3600.
Content-Type: application/sdp.
Content-Length: 268.
.
v=0.
o=root 886017132 886017132 IN IP4 213.5.17.236.
s=call.
c=IN IP4 213.5.17.236.
t=0 0.
m=audio 10190 RTP/AVP 0 8 18 101.
a=rtpmap:0 pcmu/8000.
a=rtpmap:8 pcma/8000.
a=rtpmap:18 g729/8000.
a=rtpmap:101 telephone-event/8000.
a=fmtp:101 0-15.
a=ptime:20.
a=sendrecv. 

#
U 2006/12/14 12:00:09.614000 213.5.8.5:50120 -> 213.5.41.8:53
.............236.17.5.213.in-addr.arpa.....
#
U 2006/12/14 12:00:09.618660 213.5.41.8:53 -> 213.5.8.5:50120
.............236.17.5.213.in-addr.arpa.............*0.7.ns0.altectelecom
s.gr.
hostmaster.;w.e...p.... ..:...Q.
#
U 2006/12/14 12:00:09.619325 213.5.43.134:5060 -> 213.5.17.236:5060
SIP/2.0 100 trying -- your call is important to us.
Via: SIP/2.0/UDP
213.5.17.236:5060;branch=z9hG4bK-nykmi2fjal1m;rport=5060.
From: "George Papadopoulos" <sip:geop at i-call.gr>;tag=pt3u7ggbqm.
To: <sip:2116872933 at i-call.gr;user=phone>.
Call-ID: 3c28be1c1adb-0vv5406jgtfv at 213-5-17-236.
CSeq: 2 INVITE.
Server: OpenSer (1.1.0-notls (x86_64/linux)).
Content-Length: 0.
.




> -----Original Message-----
> From: Klaus Darilion [mailto:klaus.mailinglists at pernau.at] 
> Sent: Friday, December 15, 2006 12:42 PM
> To: Papadopoulos Georgios
> Cc: Bogdan-Andrei Iancu; users at openser.org
> Subject: Re: [Users] DNS queries and TLS
> 
> Can you also post the INVITE which is processd and the ngrep 
> of the DNS lookup (which domain is lookup up)
> 
> regards
> klaus
> 
> Papadopoulos Georgios wrote:
> > Hi Bogdan,
> > 
> > I am not using any nat test functions, at least at the part of the 
> > script that handles INVITEs. I am using allow_trusted() in 
> caching mode.
> > But if allow_trusted was doing the DNS query then I should 
> also see it 
> > after the first INVITE and before the "407 Proxy Auth 
> Reqd". I am also 
> > using lcr module. So, is it possible that load_gws() or 
> next_gw() is 
> > responsible for the DNS query?
> > 
> > Regards,
> > 
> > George
> > 
> >  
> > 
> >> -----Original Message-----
> >> From: Bogdan-Andrei Iancu [mailto:bogdan at voice-system.ro]
> >> Sent: Thursday, December 14, 2006 7:14 PM
> >> To: Papadopoulos Georgios
> >> Cc: users at openser.org
> >> Subject: Re: [Users] DNS queries and TLS
> >>
> >> Hi George,
> >>
> >>
> >> TLS = Thread Local Storage
> >>
> >>
> >>
> >> Papadopoulos Georgios wrote:
> >>
> >>> Hello,
> >>>  
> >>> I am having some performance issues with Openser and I tend
> >> to believe
> >>> they are related with DNS. So I am trying to figure out
> >> when and why
> >>> Openser is doing DNS queries. Doing ngrep on port 53 I
> >> realized that
> >>> right before sending out the "100 trying -- your call is
> >> important to
> >>> us" message, Openser is doing a reverse DNS lookup for 
> the IP where 
> >>> the INVITE came from. So the sequence is something like:
> >>> client                            Openser                   DNS
> >>>    |---INVITE------------------------>|
> >>>    |<---407 Proxy Auth Reqd---|
> >>>    |---ACK--------------------------->|
> >>>    |---INVITE------------------------>|
> >>>                                            |---client 
> IP?-------->|
> >>>                                            
> >> |<-------------------------|
> >>>    |<--------------------100 trying---|
> >>>  
> >>>  
> >>> I am using Openser-1.1.0-notls and in my script I have dns=no 
> >>> rev_dns=no So first question is whether this DNS query is 
> necessary 
> >>> and how I could avoid it.
> >> the configuration options are ok (as time you do not use 
> the command 
> >> line -r or -R). I would say the rev dns query is not 
> triggered by the
> >> t_relay() (actually the params control what DNS queries should be 
> >> done when testing the "received" VIA param) - I have 
> tested and I see 
> >> no query before 100 trying, so it should be ok.
> >>
> >> maybe you are using some nat test functions (like
> >> client_nat_test) or any other script functions that mask a dns 
> >> query...can you check on this?
> >>
> >>>  
> >>> What is furthermore confusing is that I have a test 
> system with the 
> >>> same Openser version and same script, where this DNS query is not 
> >>> happening. Looking into the production system I found the 
> following:
> >>> ser2:/usr/local/openser-1.1.0-notls/sbin# ldd openser
> >>>         linux-gate.so.1 =>  (0xffffe000)
> >>>         libdl.so.2 => /lib/tls/libdl.so.2 (0x55571000)
> >>>         libresolv.so.2 => /lib/tls/libresolv.so.2 (0x55574000)
> >>>         libc.so.6 => /lib/tls/libc.so.6 (0x55587000)
> >>>         /lib/ld-linux.so.2 => /lib/ld-linux.so.2
> >> (0x55555000) whereas
> >>> the test system shows:
> >>> sertest:/usr/local/openser-1.1.0-notls/sbin# ldd openser
> >>>         libdl.so.2 => /lib/libdl.so.2 (0x7002c000)
> >>>         libresolv.so.2 => /lib/libresolv.so.2 (0x70040000)
> >>>         libc.so.6 => /lib/libc.so.6 (0x70064000)
> >>>         /lib/ld-linux.so.2 (0x70000000) So the two 
> systems link to 
> >>> different libresolv.so libraries. Is the 
> tls/libresolve.so that is 
> >>> responsible for the DNS query? Given that in both cases I
> >> am using the
> >>> notls version of Openser 1.1, why is there a difference 
> between the 
> >>> two?
> >> the "tls" frm /lib/tls comes from "Thread Local Storage" and there 
> >> are libraries implementations for thread env. It has nothing to do 
> >> with TLS (Transport Layer Security)
> >>
> >> regards,
> >> bogdan
> >>
> >>>  
> >>> thank you for any help
> >>>  
> >>> George
> >>>  
> >>>
> >>>
> >>>   Disclaimer
> >>>
> >>> The information in this e-mail and any attachments is
> >> confidential. It
> >>> is intended solely for the attention and use of the named 
> >>> addressee(s). If you are not the intended recipient, or person 
> >>> responsible for delivering this information to the intended
> >> recipient,
> >>> please notify the sender immediately. Unless you are the intended 
> >>> recipient or his/her representative you are not 
> authorized to, and 
> >>> must not, read, copy, distribute, use or retain this 
> message or any 
> >>> part of it. E-mail transmission cannot be guaranteed to be
> >> secure or
> >>> error-free as information could be intercepted, corrupted, lost, 
> >>> destroyed, arrive late or incomplete, or contain viruses.
> >>>
> >>> -------------------------------------------------------------
> >> ----------
> >>> -
> >>>
> >>> _______________________________________________
> >>> Users mailing list
> >>> Users at openser.org
> >>> http://openser.org/cgi-bin/mailman/listinfo/users
> >>>  
> >>>
> >>
> > 
> > _______________________________________________
> > Users mailing list
> > Users at openser.org
> > http://openser.org/cgi-bin/mailman/listinfo/users
> 
> 
> --
> Klaus Darilion
> nic.at
> 
> 




More information about the Users mailing list