DNS SRV Usage
DNS SRV ( RFC 2782)
DNS SRV is an extension of the standard DNS server specification (independent from SIP, as per RFC 2782). SRV (Service Record) is a type of entry a network administrator may put into the DNS server. A DNS SRV request is used to get one or more IP addresses of servers, each one having its own weight, priority and possible port.
Each entry received when using DNS SRV, depending on its weight and priority, can be used as a primary or backup server or can be part of a load balancing system.
For instance, the client requests the SRV for SIP servers in some domain. The DNS server may return the A, B, and C addresses, which are all SIP servers. Each address has a weight and the client must choose one of those three addresses by using an algorithm that considers the weight.
To use DNS SRV, an administrator must set a service records (SRV) into the DNS servers available on the network.
Type A Query
If you specify a SIP port for the registrar and proxy, the Mediatrix unit will issue a type A query. In this example the requests are sent to server1.media5berlin.com for both the Registrar and Proxy, with the SIP port being 5060 for both.
Wireshark displays the answer to the query as a “type A” answer, which contains the IP address for server1.media5berlin.com. The Mediatrix unit then attempts to register itself to that IP address.
Type A Query to a SRV Record
In the following example, the Mediatrix unit administrator is told to use “media5berlin.com” as FQDN for his registrar and proxy, but is unaware that he should use SRV for his DNS queries. Consequently he does not configure his registrar and proxy ports to 0.
The Wireshark capture shows no additional SRV query and no registration, why?
By specifying the SIP port to 5060, the unit makes a standard A query, and since media5berlin.com is configured as a SRV record, no address is returned. The symptom will be a failed registration with the message “Registrar Unreachable”.
Type SRV Query
As previously stated, setting proxy and registrar ports to 0 will make the Mediatrix unit issue a DNS request of type SRV.
The response contains 2 available SIP servers with the FQDN, IP addresses, priorities, weight (for equal priority) and SIP ports.
At the bottom of the window you can see “Additional records” with server1.media5berlin.com and server2.media5berlin.com. Those are 2 valid type A FQDNs which are offered in the SRV response. If you wished to do so, you could also explicitly enter those FQDNs directly into your Mediatrix proxy configuration field (as done in Scenario #1).
Please note that a NAPTR query is done before the SRV query. NAPTR is used to find Transport method, UPD – TCP – TLS. The establishment of persistent (TLS) connections will not send NAPTR since the transport is already known.
- The host is not an IP address
- And, the port is not explicity specified in the SIP URI (the port is not present or equal to 0)
- And, the SIP URI does not contain a "maddr" with an IP address
- And, the SIP URI does not specify explicity the transport (transport parameter)
The Effects of Priority and Weight
In some rare cases you may have a SRV response where some servers are configured with equal priority. In that case, the clients will use the weight values to determine which host to use. If the weights are also identical, then 50% of the packets will go to host 1 and the rest to host 2 (in a 2 server scenario). In this example, both proxy1 and proxy2 have the same priority, but different weights. 51% of the packets will go to proxy1 and 49% to proxy2.
This may cause an issue where the unit REGISTER is sent to host1 and, after the authentication challenge is sent by the registrar, the answer is sent to host 2 as shown in these screenshots. The initial REGISTER is sent to 192.168.120.11, and the response to the challenge sent to 192.168.120.10. If your hosts are not synchronized, you will get REGISTER or INVITE failures.
Additional Interop Variables
- DNS SRV implementation should imply a shared database between servers since a Register and an INVITE can be sent to any server, not necessarily the same one;
- For those who do not share their database, this must be enabled, allowing INVITEs to be sent to the same Registrar host, thus use the same SRV record
If using DNS SRV and multiple entries are present, this value is the time spent waiting for answers from each entry when one server is unreachable or unresponsive. The default value of this variable is 32 seconds. It has a dramatic effect should a server time out, since a default 32 seconds delay would be introduced at every call.
A maximum value of 2-3 seconds is recommended when using DNS SRV.
- The penalty box feature is used when a given host address times out. When the address times out, it is put into the penalty box for a given amount of time. During that time, the address in question is considered as 'non-responding' for all requests.
- A “timed out” server is considered “not responding” for this amount of time;
- Can be seen as the time it will take to retry a server that failed to respond.
Copyright © 2022 Media5 Corporation.
This document contains information that is proprietary to Media5 Corporation.
Media5 Corporation reserves all rights to this document as well as to the Intellectual Property of the document and the technology and know-how that it includes and represents.
This publication cannot be reproduced, neither in whole nor in part, in any form whatsoever, without written prior approval by Media5 Corporation.
Media5 Corporation reserves the right to revise this publication and make changes at any time and without the obligation to notify any person and/or entity of such revisions and/or changes.