DNS SRV Usage

This configuration note will help you to add some configuration on the Mediatrix gateways to contact a backup server in case of failure with the first one or to do load balancing.

DNS SRV is an extension of the standard DNS server specification (independent from SIP, as per RFC 2782). SRV (Service Record) is a type of entry a network administrator may put into the DNS server. A DNS SRV request is used to get one or more IP addresses of servers, each one having its own weight, priority and possible port.

Each entry received when using DNS SRV, depending on its weight and priority, can be used as a primary or backup server or can be part of a load balancing system.

For instance, the client requests the SRV for SIP servers in some domain. The DNS server may return the A, B, and C addresses, which are all SIP servers. Each address has a weight and the client must choose one of those three addresses by using an algorithm that considers the weight.

To use DNS SRV, an administrator must set a service records (SRV) into the DNS servers available on the network.

If you specify a SIP port for the registrar and proxy, the Mediatrix unit will issue a type A query. In this example the requests are sent to server1.media5berlin.com for both the Registrar and Proxy, with the SIP port being 5060 for both.

Wireshark displays the answer to the query as a “type A” answer, which contains the IP address for server1.media5berlin.com. The Mediatrix unit then attempts to register itself to that IP address.

In the following example, the Mediatrix unit administrator is told to use “media5berlin.com” as FQDN for his registrar and proxy, but is unaware that he should use SRV for his DNS queries. Consequently he does not configure his registrar and proxy ports to 0.

The Wireshark capture shows no additional SRV query and no registration, why?

By specifying the SIP port to 5060, the unit makes a standard A query, and since media5berlin.com is configured as a SRV record, no address is returned. The symptom will be a failed registration with the message “Registrar Unreachable”.

As previously stated, setting proxy and registrar ports to 0 will make the Mediatrix unit issue a DNS request of type SRV.

The response contains 2 available SIP servers with the FQDN, IP addresses, priorities, weight (for equal priority) and SIP ports.

At the bottom of the window you can see “Additional records” with server1.media5berlin.com and server2.media5berlin.com. Those are 2 valid type A FQDNs which are offered in the SRV response. If you wished to do so, you could also explicitly enter those FQDNs directly into your Mediatrix proxy configuration field (as done in Scenario #1).

Please note that a NAPTR query is done before the SRV query. NAPTR is used to find Transport method, UPD – TCP – TLS. The establishment of persistent (TLS) connections will not send NAPTR since the transport is already known.

A NAPTR query is made if:

• The host is not an IP address
• And, the port is not explicity specified in the SIP URI (the port is not present or equal to 0)
• And, the SIP URI does not contain a "maddr" with an IP address
• And, the SIP URI does not specify explicity the transport (transport parameter)

In some rare cases you may have a SRV response where some servers are configured with equal priority. In that case, the clients will use the weight values to determine which host to use. If the weights are also identical, then 50% of the packets will go to host 1 and the rest to host 2 (in a 2 server scenario). In this example, both proxy1 and proxy2 have the same priority, but different weights. 51% of the packets will go to proxy1 and 49% to proxy2.

This may cause an issue where the unit REGISTER is sent to host1 and, after the authentication challenge is sent by the registrar, the answer is sent to host 2 as shown in these screenshots. The initial REGISTER is sent to 192.168.120.11, and the response to the challenge sent to 192.168.120.10. If your hosts are not synchronized, you will get REGISTER or INVITE failures.