[OpenSIPS-Users] disable_dns_blacklist=no side effect

Daniel Nihlén daniel at grandtotal.se
Wed Apr 24 15:46:46 CEST 2013


Hi,

Yes, the call attempt is timed out.

So, destination will be added to "dns" list even if dns was never used to route this request?  In other words, dns based failover is done even if the r-uri contains IP (and not domain name)?

Thanks
Daniel



On Wednesday 24 April 2013 at 14:15, Bogdan-Andrei Iancu wrote:

> Hello Daniel,
>  
> and your call times out ? or how is completed the call attempt. Because, per RFC DNs-based failover should be done if (1) transport error or (2) SIP error - timeout or 50x replies.
>  
> In this cases opensips will consider it a failure, will try to do a DNS-based failover (if multiple IPs are available) and add the failed destination to the "dns" list.
>  
> Regards,
> Bogdan-Andrei Iancu OpenSIPS Founder and Developer http://www.opensips-solutions.com  
> On 04/24/2013 10:46 AM, Daniel Nihlén wrote:  
> > Hi,  
> >  
> > Thanks, I somehow manage to get IP-addresses that are never supposed to be looked up by dns added to the dns blacklist. Is it someway I accidentally cause lookup even when routing on IP?  
> >  
> > Here is what i do (public ip replaced by me)  
> >  
> > 1. INVITE request received with sip:0852281833 at sip.mydomain.com;user=phone  
> > 2. I do some custom logic to route from db-saved destinations
> > 3. r-uri rewritten to sip:087123456 at 10.10.10.10:5060
> >  
> > 4. 10.10.10.10 offline - 10.10.10.10 is added to blacklist.
> >  
> > From the config, involved lines:  
> > avp_db_query("SELECT dest_ip from my_forward_table where number='$rU'", "$avp(result_dest_ip)")
> > $var(toruri) = "sip:" + $rU +"@" + $avp(result_dest_ip);
> > $ru = $var(tovururi);
> > t_relay()
> >  
> >  
> >  
> > From command line  
> > > opensipsctl fifo list_blacklists
> > List:: dns owner=17 flags=6
> > Rule::  flags=0
> > IP:: 10.10.10.10
> > Mask:: 255.255.255.255
> > Proto:: 1
> > Port:: 5060
> > Expire:: 1474
> >  
> >  
> >  
> > BR  
> > Daniel Nihlen
> >  
> >  
> > On Tuesday 23 April 2013 at 11:54, Bogdan-Andrei Iancu wrote:
> >  
> > > Hello Daniel,
> > >  
> > > disable_dns_blacklist is used to store failed IPs which were discovered via DNS (NAPTR + SRV + A). Once an IP is blacklisted, it will be blocked in all cases, doesn't matter if calling via FQDN or directly IP.
> > >  
> > > Regards,
> > > Bogdan-Andrei Iancu OpenSIPS Founder and Developer http://www.opensips-solutions.com  
> > > On 04/23/2013 11:30 AM, Daniel Nihlén wrote:  
> > > > Hi,  
> > > >  
> > > > (opensips 1.7.2)  
> > > >  
> > > > I have   
> > > > disable_dns_blacklist=no
> > > >  
> > > > Good: Blacklisting for destinations that are discovered by srv record but not responding are working.  
> > > >  
> > > > Bad: But I also get blacklisting on destinations that are addressed with ip-address. Ex sip:087123456 at x.x.x.x:5060. I was under the assumption that routing by IP-address should not be blacklisted (judging by the _dns_ in the parameter name. :).   
> > > >  
> > > > Is this the designed behavior am I accidentally using dns for IP-destiantions?  
> > > >  
> > > > Thanks  
> > > > Daniel Nihlen
> > > > +46706604530
> > > >  
> > > > _______________________________________________ Users mailing list Users at lists.opensips.org (mailto:Users at lists.opensips.org) http://lists.opensips.org/cgi-bin/mailman/listinfo/users  
> > > >  
> > >  
> > >  
> > >  
> > >  
> >  
> >  
> > _______________________________________________ Users mailing list Users at lists.opensips.org (mailto:Users at lists.opensips.org) http://lists.opensips.org/cgi-bin/mailman/listinfo/users  

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20130424/082cf048/attachment-0001.htm>


More information about the Users mailing list