<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<font face="monospace">Hi,<br>
<br>
I hope I managed to get your report here. If so, take a look at
the "no-dns-failover" option when doing the t_relay(). So you can
instruct OpenSIPS not to do the automatic DNS based failover and
give you full control via failure route.<br>
<br>
Regards,<br>
</font>
<pre class="moz-signature" cols="72">Bogdan-Andrei Iancu
OpenSIPS Founder and Developer
<a class="moz-txt-link-freetext" href="https://www.opensips-solutions.com">https://www.opensips-solutions.com</a>
<a class="moz-txt-link-freetext" href="https://www.siphub.com">https://www.siphub.com</a></pre>
<div class="moz-cite-prefix">On 03.06.2025 03:41, nz deals wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CALOQYiu=ibBN2JpyZap0YusguG1Xq+Aauh0woaGtevS_U1+4Fg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div dir="ltr">
<div><span style="font-family:monospace">Is there anyone who has
seen this issue? Seems like a bug to me.</span></div>
<div><span style="font-family:monospace"><br>
</span></div>
<div><span style="font-family:monospace">Thanks.</span></div>
<div><span style="font-family:monospace"><br>
</span></div>
<div>
<div>
<div><span style="font-family:monospace">Regards,</span></div>
<div><span style="font-family:monospace">Jason</span></div>
</div>
<br>
</div>
</div>
<br>
<div class="gmail_quote gmail_quote_container">
<div dir="ltr" class="gmail_attr">On Sun, 1 Jun 2025 at 06:06,
Ben Newlin <<a href="mailto:Ben.Newlin@genesys.com"
moz-do-not-send="true" class="moz-txt-link-freetext">Ben.Newlin@genesys.com</a>>
wrote:<br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div class="msg-4143508055975051625">
<div style="overflow-wrap: break-word;" lang="EN-US">
<div class="m_-4143508055975051625WordSection1">
<p class="MsoNormal"><span style="font-size:11pt">Oh
sorry I missed that in your email. I thought you
were trying to avoid the failover.</span></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt">Dropping
the auth info on the DNS failover I don’t think is
expected, since a DNS failover doesn’t trigger
failure_route so you can’t add it back.</span></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span></p>
<p class="MsoNormal"><span style="font-size:11pt">I’d
recommend opening a bug for this on the Github, but
maybe someone else has ideas.</span></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span></p>
<p class="MsoNormal"><span
style="font-size:11pt;font-family:"Calibri",sans-serif">Ben
Newlin</span><span style="font-size:11pt"></span></p>
<p class="MsoNormal"><span style="font-size:11pt"> </span></p>
<div
id="m_-4143508055975051625mail-editor-reference-message-container">
<div>
<div>
<div
style="border-width:1pt medium medium;border-style:solid none none;border-color:rgb(181,196,223) currentcolor currentcolor;padding:3pt 0in 0in">
<p class="MsoNormal" style="margin-bottom:12pt"><b><span
style="font-size:12pt;color:black">From:
</span></b><span
style="font-size:12pt;color:black">Users
<<a
href="mailto:users-bounces@lists.opensips.org" target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">users-bounces@lists.opensips.org</a>>
on behalf of nz deals <<a
href="mailto:nzdealshelp@gmail.com"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">nzdealshelp@gmail.com</a>><br>
<b>Date: </b>Friday, May 30, 2025 at 10:49</span><span
style="font-size:12pt;font-family:"Arial",sans-serif;color:black"> </span><span
style="font-size:12pt;color:black">PM<br>
<b>To: </b>OpenSIPS users mailling list
<<a
href="mailto:users@lists.opensips.org"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">users@lists.opensips.org</a>><br>
<b>Subject: </b>Re: [OpenSIPS-Users] Issue
with proxy failover and uac_auth()</span></p>
</div>
<div>
<div>
<div>
<div>
<table
style="border-collapse:collapse;border:medium" cellspacing="0"
cellpadding="0" border="1">
<tbody>
<tr>
<td
style="border:1pt solid rgb(182,0,0);background:white;padding:0.75pt">
<p class="MsoNormal"><b><span
style="font-size:12pt;font-family:"Calibri",sans-serif;color:rgb(182,0,0)"> EXTERNAL
EMAIL - Please use caution
with links and attachments </span></b></p>
</td>
</tr>
</tbody>
</table>
</div>
<p class="MsoNormal"><span
style="font-size:12pt;font-family:Helvetica"> </span></p>
<div class="MsoNormal"
style="text-align:center" align="center"><span
style="font-size:12pt;font-family:Helvetica">
<hr width="100%" size="0" align="center">
</span></div>
</div>
<p class="MsoNormal"><span
style="font-size:12pt">Thank you for your
response.</span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt">The problem is,
opensips sends the INVITE to secondary srv
(failed over) without Authorization. It
makes sense that the dns failover is not
managed by opensips but atleast the same
INVITE should be failover to the
secondary. Why the Authorization is
removed when it goes to the secondary. </span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt">Thanks</span></p>
</div>
</div>
<p class="MsoNormal"><span style="font-size:12pt"> </span></p>
<div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt">On Sat, 31 May 2025
at 03:52, Ben Newlin <<a
href="mailto:Ben.Newlin@genesys.com"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Ben.Newlin@genesys.com</a>>
wrote:</span></p>
</div>
<blockquote
style="border-width:medium medium medium 1pt;border-style:none none none solid;border-color:currentcolor currentcolor currentcolor rgb(204,204,204);padding:0in 0in 0in 6pt;margin-left:4.8pt;margin-right:0in">
<div>
<div>
<div>
<p class="MsoNormal"><span
style="font-size:11pt">The issue
here is not really with the uac_auth
module, as that module isn’t sending
the message only updating it with
the correct authentication info.</span><span
style="font-size:12pt"></span></p>
<p class="MsoNormal"><span
style="font-size:11pt"> </span><span
style="font-size:12pt"></span></p>
<p class="MsoNormal"><span
style="font-size:11pt">This is
normal and correct behavior. When
you send the message the second time
using the same DNS, it will follow
the same process as the first,
trying A then timing out and failing
over to B. Standard DNS SRV doesn’t
include any behavior to try to avoid
non-responding nodes.</span><span
style="font-size:12pt"></span></p>
<p class="MsoNormal"><span
style="font-size:11pt"> </span><span
style="font-size:12pt"></span></p>
<p class="MsoNormal"><span
style="font-size:11pt">Ultimately
what you need is to know the actual
IP that elicited the 401 so the next
INVITE with the authentication can
be sent to the same one, using $du
or $dd(:$dp). Have you tried to get
the remote IP in onreply_route and
store it is an AVP using $si [1] or
$socket_in [2]? I don’t think I’ve
ever used one of these in a reply
route. The documentation doesn’t
specify whether it is valid and they
will contain the source of the
reply, not the request.</span><span
style="font-size:12pt"></span></p>
<p class="MsoNormal"><span
style="font-size:11pt"> </span><span
style="font-size:12pt"></span></p>
<p class="MsoNormal"><span
style="font-size:11pt">[1] -
<a
href="https://www.opensips.org/Documentation/Script-CoreVar-3-6#si"
target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">
https://www.opensips.org/Documentation/Script-CoreVar-3-6#si</a></span><span
style="font-size:12pt"></span></p>
<p class="MsoNormal"><span
style="font-size:11pt">[2] -
<a
href="https://www.opensips.org/Documentation/Script-CoreVar-3-6#socket_in"
target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">
https://www.opensips.org/Documentation/Script-CoreVar-3-6#socket_in</a></span><span
style="font-size:12pt"></span></p>
<p class="MsoNormal"><span
style="font-size:11pt"> </span><span
style="font-size:12pt"></span></p>
<div>
<p class="MsoNormal"><span
style="font-size:11pt;font-family:"Calibri",sans-serif">Ben
Newlin</span><span
style="font-size:12pt"></span></p>
</div>
<p class="MsoNormal"><span
style="font-size:11pt"> </span><span
style="font-size:12pt"></span></p>
<div
id="m_-4143508055975051625m_-4494914356532648699mail-editor-reference-message-container">
<div>
<div>
<div
style="border-width:1pt medium medium;border-style:solid none none;padding:3pt 0in 0in;border-color:currentcolor">
<p class="MsoNormal"
style="margin-bottom:12pt"><b><span
style="font-size:12pt;color:black">From:
</span></b><span
style="font-size:12pt;color:black">Users <<a
href="mailto:users-bounces@lists.opensips.org" target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">users-bounces@lists.opensips.org</a>>
on behalf of nz deals <<a
href="mailto:nzdealshelp@gmail.com" target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">nzdealshelp@gmail.com</a>><br>
<b>Date: </b>Thursday, May
29, 2025 at 9:32</span><span
style="font-size:12pt;font-family:"Arial",sans-serif;color:black"> </span><span
style="font-size:12pt;color:black">AM<br>
<b>To: </b>OpenSIPS users
mailling list <<a
href="mailto:users@lists.opensips.org" target="_blank"
moz-do-not-send="true"
class="moz-txt-link-freetext">users@lists.opensips.org</a>><br>
<b>Subject: </b>[OpenSIPS-Users]
Issue with proxy failover
and uac_auth()</span><span
style="font-size:12pt"></span></p>
</div>
<div>
<div>
<div>
<div>
<table
style="border-collapse:collapse" cellspacing="0" cellpadding="0"
border="0">
<tbody>
<tr>
<td
style="border:1pt solid rgb(182,0,0);background:white;padding:0.75pt">
<p
class="MsoNormal"><b><span
style="font-size:12pt;font-family:"Calibri",sans-serif;color:rgb(182,0,0)"> EXTERNAL
EMAIL - Please
use caution
with links and
attachments </span></b><span
style="font-size:12pt"></span></p>
</td>
</tr>
</tbody>
</table>
</div>
<p class="MsoNormal"><span
style="font-size:12pt;font-family:Helvetica"> </span><span
style="font-size:12pt"></span></p>
<div class="MsoNormal"
style="text-align:center"
align="center"><span
style="font-size:12pt;font-family:Helvetica">
<hr width="100%"
size="0"
align="center">
</span></div>
</div>
<p class="MsoNormal"><span
style="font-size:12pt;font-family:"Courier New"">Hi All,</span><span
style="font-size:12pt"></span></p>
<p><span
style="font-size:10pt;font-family:"Courier New"">I'm using
OpenSIPS 3.4 and managing
carrier trunks via the
registrant table. In the
table, I'm using a proxy
value like <a class="moz-txt-link-freetext" href="sips:mysip.xx.x">sips:mysip.xx.x</a></span></p>
<p><span
style="font-size:10pt;font-family:"Courier New"">When the
primary carrier A sbc SRV
record becomes
unreachable, OpenSIPS
correctly times out INVITE
and attempts to fail over
to the secondary A record
(via SRV).</span></p>
<p><span
style="font-size:10pt;font-family:"Courier New"">The secondary
endpoint responds with a
401 Unauthorized and
includes a
WWW-Authenticate
header. At this point, I
assume that opensips
should not try on the
primary carrier A SRV
record otherwise it will
also timeout. but it is
trying to send another
INVITE with Authorization
to the primary. this
timeout because primary A
SRV record is not
responding. opensips sends
another INVITE to
secondary and this time
its
without Authorization. </span></p>
<p><span
style="font-size:10pt;font-family:"Courier New"">Is there any
way to fix this or work
around it? Has anyone
faced a similar problem
when using
<code>uac_auth()</code> in
combination with failover
and the same proxy domain?
</span>
</p>
<p><span
style="font-size:10pt;font-family:"Courier New"">Any advice or
suggestions would be
greatly appreciated.
</span></p>
<p class="MsoNormal"><span
style="font-size:12pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt"> </span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt"> </span></p>
</div>
<div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt;font-family:"Courier New"">Thank you</span><span
style="font-size:12pt"></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt"> </span></p>
</div>
<div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt;font-family:"Courier New"">Regards,</span><span
style="font-size:12pt"></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:12pt;font-family:"Courier New"">Jason</span><span
style="font-size:12pt"></span></p>
</div>
</div>
<p class="MsoNormal"><span
style="font-size:12pt"> </span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><span
style="font-size:12pt">_______________________________________________<br>
Users mailing list<br>
<a
href="mailto:Users@lists.opensips.org"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">Users@lists.opensips.org</a><br>
<a
href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users"
target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a></span></p>
</div>
</blockquote>
</div>
</div>
</div>
</div>
</div>
</div>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opensips.org" target="_blank"
moz-do-not-send="true" class="moz-txt-link-freetext">Users@lists.opensips.org</a><br>
<a
href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users"
rel="noreferrer" target="_blank" moz-do-not-send="true"
class="moz-txt-link-freetext">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a><br>
</div>
</blockquote>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.opensips.org">Users@lists.opensips.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensips.org/cgi-bin/mailman/listinfo/users">http://lists.opensips.org/cgi-bin/mailman/listinfo/users</a>
</pre>
</blockquote>
<br>
</body>
</html>