[Kamailio-Users] [Sip-implementors] Secure VoIP

Olle E. Johansson oej at edvina.net
Fri Feb 27 11:52:19 CET 2009


26 feb 2009 kl. 18.27 skrev Daniel-Constantin Mierla:

> On 02/26/2009 07:08 PM, Iñaki Baz Castillo wrote:
>> 2009/2/26 Daniel-Constantin Mierla <miconda at gmail.com>:
>>
>>> However, being out there so many phones without such support, it is
>>> practically unusable since service providers won't deploy  
>>> different server
>>> solutions for each group of devices, so they stick to one size  
>>> fits all and
>>> that is not DNS for now.
>>>
>>
>> Devices don't implement it, so service providers don't implement it,
>> so devices don't implement it, so...  XD
>>
> I think the sip server implementations are pretty good here. Besides
> that, for client interaction it is required only DNS server
> configuration, nothing in sip server.
>
> What I meant is the headache for sip server providers to deploy two
> different fault tolerant solution:
> - one based on DNS
> - one based on shared/virtual IP or load balancer
>
> Each of them will require maintenance, man power, etc... Anyway, even
> with second option, good DNS in phones does not harm.

A problem here is of course the good old NAT issue. Even if the phones  
have
DNS support, having a NAT in between the phone and a provider's server
more or less force a provider to use some IP failover solution to be  
able
to keep the NAT binding.

DNS helps with failover and some load balancing from the client side,
so it's a good complement.

I have not yet received requests for NAPTR support in Asterisk, even  
though
with our recent baby steps into the TLS/TCP world, we really do need  
them.

/O


More information about the Users mailing list