[asterisk-dev] Fwd: [JIRA] Commented: (ASTERISK-19846) sip users/peers not matched on incoming invite when there are multiple A records in DNS

John Fawcett john.ml at erba.tv
Mon May 7 03:53:59 CDT 2012 

As suggested by Michael I am raising this on the mail lists. This has
been verified on asterisk 10.4.0

Currently asterisk expected behaviour when a sip provder has multiple A
records for a sip user/peer, is that asterisk uses just the first one
returned by the dns lookup. This leads to issues of calls from other ips
being treated as anonymous instead of matched against configured
users/peers. This can be undesirable behaviour, since to get the calls
you have to accept anonymous calls, something that you might not have
necessarily wanted. Those calls are not following any other settings for
user/peer which you may have wanted.

You can set up multiple trunks, using hard coded ips instead of host
names to cover all your providers ips (a bit of a pain if there are
lots) but can be done. Or you can rely on round robin effect of dns and
set up as many trunks as there are ips but still use host=providers sip
server hostname, since dns will hand out each ip in turn (or it can be
made to with a local caching name server like bind for instance).

However, this still does not catch the case where tomorrow, the provider
adds another ip. When calls come in from that ip you will lose them or
if you accept anonymous calls, they are still not matched to user/peer
settings you specifically set for the provider.

So far I have found two providers that have multiple ips but googling
there are more. As providers increase their size this is likely to
become more and more an issue.

Does any one have some insight into why asterisk would only take the
first A record, whether it would make to change or not change this
behaviour.

If it does not make sense to change it, is there a way of configuring
that would avoid the pitfalls of the workarounds I mentioned above.

If it would make sense to change it, and assuming that someone would
volunteer to make a patch, any thoughts on were that change could be
made? Would it make sense that the structure of sip users and peers
could store multiple ip addresses to be read from dns at configuration
reload or periodically refreshed, then on an incoming call each ip would
be checked?

John


-------- Original Message --------
Subject: 	[JIRA] Commented: (ASTERISK-19846) sip users/peers not matched
on incoming invite when there are multiple A records in DNS
Date: 	Sun, 6 May 2012 21:54:19 -0500 (CDT)
From: 	Michael L. Young (JIRA) <noreply at issues.asterisk.org>
To: 	john at gufonero.com



    [ https://issues.asterisk.org/jira/browse/ASTERISK-19846?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=192504#comment-192504 ] 

Michael L. Young commented on ASTERISK-19846:
---------------------------------------------

This is the current expected behavior.  The first A record returned is what gets used.

A patch to add this feature of handling multiple A records would be needed and would be welcomed.

Features requests are no longer submitted to or accepted through the issue tracker without a patch. Features requests are openly discussed on the mailing lists [1] and Asterisk IRC channels and made note of by Bug Marshals.

[1] http://www.asterisk.org/support/mailing-lists

> sip users/peers not matched on incoming invite when there are multiple A records in DNS
> ---------------------------------------------------------------------------------------
>
>                 Key: ASTERISK-19846
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-19846
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/General
>    Affects Versions: 10.4.0
>         Environment: centos 6.2, asterisk 10.4.0
>            Reporter: John Fawcett
>            Severity: Minor
>
> when a sip provider has multiple A records, for example sip.sipnl.net and a sip user is setup with host=sip.sipnl.net. If an INVITE arrives from an ip which is different to the one registered/stored, then it is not matched against the sip user. So the calls are treated as anonymous even though they would match the host name specified. Seems asterisk checks only a single A record of the specified host.
> One workaround is to have a sip user per IP address (with the IP address configured instead of host name), but this is not maintainable, if the provider changes or adds ips, the system will change behaviour without warning and is undesirable for a production system.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20120507/c6308943/attachment.htm>

More information about the asterisk-dev mailing list