[OpenSIPS-Users] disable_dns_blacklist=no side effect

Bogdan-Andrei Iancu bogdan at opensips.org
Wed Apr 24 14:15:24 CEST 2013


Hello Daniel,

and your call times out ? or how is completed the call attempt. Because, 
per RFC DNs-based failover should be done if (1) transport error or (2) 
SIP error - timeout or 50x replies.

In this cases opensips will consider it a failure, will try to do a 
DNS-based failover (if multiple IPs are available) and add the failed 
destination to the "dns" list.

Regards,

Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
http://www.opensips-solutions.com


On 04/24/2013 10:46 AM, Daniel Nihlén wrote:
> Hi,
>
> Thanks, I somehow manage to get IP-addresses that are never supposed 
> to be looked up by dns added to the dns blacklist. Is it someway I 
> accidentally cause lookup even when routing on IP?
>
> Here is what i do (public ip replaced by me)
>
> 1. INVITE request received with sip:0852281833 at sip.mydomain.com;user=phone
> 2. I do some custom logic to route from db-saved destinations
> 3. r-uri rewritten to sip:087123456 at 10.10.10.10:5060
> 4. 10.10.10.10 offline - 10.10.10.10 is added to blacklist.
>
> From the config, involved lines:
> avp_db_query("SELECT dest_ip from my_forward_table where 
> number='$rU'", "$avp(result_dest_ip)")
> $var(toruri) = "sip:" + $rU +"@" + $avp(result_dest_ip);
> $ru = $var(tovururi);
> t_relay()
>
> From command line
> > opensipsctl fifo list_blacklists
> List:: dns owner=17 flags=6
> Rule::  flags=0
> IP:: 10.10.10.10
> Mask:: 255.255.255.255
> Proto:: 1
> Port:: 5060
> Expire:: 1474
>
>
> BR
> Daniel Nihlen
>
> On Tuesday 23 April 2013 at 11:54, Bogdan-Andrei Iancu wrote:
>
>> Hello Daniel,
>>
>> disable_dns_blacklist is used to store failed IPs which were 
>> discovered via DNS (NAPTR + SRV + A). Once an IP is blacklisted, it 
>> will be blocked in all cases, doesn't matter if calling via FQDN or 
>> directly IP.
>>
>> Regards,
>> Bogdan-Andrei Iancu
>> OpenSIPS Founder and Developer
>> http://www.opensips-solutions.com
>>
>> On 04/23/2013 11:30 AM, Daniel Nihlén wrote:
>>> Hi,
>>>
>>> (opensips 1.7.2)
>>>
>>> I have
>>> disable_dns_blacklist=no
>>>
>>> Good: Blacklisting for destinations that are discovered by srv 
>>> record but not responding are working.
>>>
>>> Bad: But I also get blacklisting on destinations that are addressed 
>>> with ip-address. Ex sip:087123456 at x.x.x.x:5060. I was under the 
>>> assumption that routing by IP-address should not be blacklisted 
>>> (judging by the _dns_ in the parameter name. :).
>>>
>>> Is this the designed behavior am I accidentally using dns for 
>>> IP-destiantions?
>>>
>>> Thanks
>>> Daniel Nihlen
>>> +46706604530
>>>
>>>
>>> _______________________________________________
>>> Users mailing list
>>> Users at lists.opensips.org  <mailto:Users at lists.opensips.org>
>>> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20130424/415dd14a/attachment.htm>


More information about the Users mailing list