9 Jun
2011
9 Jun
'11
9:26 p.m.
On Thursday 09 June 2011 12:44:11 IƱaki Baz Castillo wrote:
According to NAPTR:
~$ host -t naptr oversip.net
oversip.net has NAPTR record 5 50 "S" "SIPS+D2T" ""
_sips._tcp.oversip.net. oversip.net has NAPTR record 10 50 "S"
"SIP+D2T"
"" _sip._tcp.oversip.net. oversip.net has NAPTR record 20 50 "S"
"SIP+D2U"
"" _sip._udp.oversip.net. oversip.net has NAPTR record 40 50 "S"
"SIP+D2S"
"" _sip._sctp.oversip.net. oversip.net has NAPTR record 50 50 "S"
"SIPS+D2S" "" _sips._sctp.oversip.net.
So it should try TLS over TCP first, if it fails try TCP and if it
fails try UDP.
However it just uses UDP, why??
Even if I set a minor value to dns_tls_preference (so higher priority
I expect) it still uses UDP.
The way I read rfc2915, there is no failover mechanism. The application pick
the first target that it supports and uses that. There is no mention of trying
other records afterwards. Matching/finding NAPTR records stops once the first
match is completed. All other records are discarded. From section 2:
Order
A 16-bit unsigned integer specifying the order in which the NAPTR
records MUST be processed to ensure the correct ordering of
rules. Low numbers are processed before high numbers, and once a
NAPTR is found whose rule "matches" the target, the client MUST
NOT consider any NAPTRs with a higher value for order (except as
noted below for the Flags field).
Note the last sentence.
--
Alex Hermann