[asterisk-bugs] [JIRA] (ASTERISK-29624) Contact identifier is not updated when FDQN resolves to a new address
Jean-Francois Quesnel (JIRA)
noreply at issues.asterisk.org
Mon Sep 13 14:57:33 CDT 2021
[ https://issues.asterisk.org/jira/browse/ASTERISK-29624?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=256281#comment-256281 ]
Jean-Francois Quesnel commented on ASTERISK-29624:
--------------------------------------------------
I'm looking at the code at https://github.com/asterisk/asterisk/blob/master/res/res_pjsip_endpoint_identifier_ip.c
I am not a programmer at all so I may be way off on my assumption.
But from what I can see from the comments in the code of the pjsip_endpoint_identifier_ip module, the resolution from FQDN to IP is only done when you "apply config"
What if the FQDN is a normal A record with a TTL of let's say 24h.
After 24h , you should absolutly resolv again that FQDN, since it is expired.
But this looks like it never happen.
Is there not somewhere in the code that "refresh" the FQDN when its TTL as expired ?
> Contact identifier is not updated when FDQN resolves to a new address
> ---------------------------------------------------------------------
>
> Key: ASTERISK-29624
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-29624
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_pjsip_endpoint_identifier_ip
> Affects Versions: 16.19.0
> Environment: FreePBX : 15.0.17.48
> PBX Distro:12.7.8-2107-3.sng7
> Asterisk Version:16.19.0
> Reporter: Philip Young
> Assignee: Philip Young
>
> We have PJSIP Trunks on server side configured as follows :
> Authentication None
> Registration None
> SIP Server : FQDN
> Everything works fine unless the client's ISP changes the public IP address. The FQDN set in the trunk is updated correctly because I can see the server sending OPTIONS and inbound INVITE to the client's new IP address to which the FDQN now matches. However, outbound calls (from client to this server) are unauthorized. Why ? I noticed the identity in the contact is never updated! I've let it go for 48 hours and it still hasn't updated the identifier of this contact. It will keep the old IP address in the Identifier Match.
>
> Ex :
> Server = 100.200.300.400
> Client = example.wtv.com
> example.wtv.com resolves to 1.2.3.4
> Following a power outage or modem reboot or other the ISP gives the client a new IP address 5.7.8.9
> The FQDN is updated correctly and the server now sends OPTION or INVITE to 5.7.8.9.
> When the client (5.7.8.9) sends OPTION or INVITE, it is unauthorized:
> Server logs : SECURITY[2133] res_security_log.c: SecurityEvent="ChallengeSent",EventTV="2021-08-18T11:53:21.136-0400",Severity="Informational",Service="PJSIP",EventVersion="1",AccountID="<unknown>",SessionID="350543f20dc11068458494337421216d",LocalAddress="IPV4/UDP/100.200.300.400/5060",RemoteAddress="IPV4/UDP/5.7.8.9/5060",Challenge=""
> The peer stays the same :
> Peer :
> Endpoint: democlient Unavailable 0 of inf
> Aor: demo client 0
> Contact: democlient/sip:example.wtv.com:5060 2c5be4772a Unavail nan
> Transport: 0.0.0.0-udp udp 3 96 0.0.0.0:5060
> Identify: democlient/democlient
> Match: 1.2.3.4/32
>
> I think this should be updated to 5.7.8.9!
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list