What is the point of dns_naptr_ignore_rfc default value:
dns_naptr_ignore_rfc
If the DNS lookup should ignore the remote side's protocol preferences, as indicated by the Order field in the NAPTR records and mandated by RFC 2915.
dns_naptr_ignore_rfc = yes | no (default yes)
In my (and RFC 2915's) opinion the default should be 'no'.
-- Juha
I have not developed that feature, but many options are not following the recommendations from RFCs with their default values, but more what was the common practice/best supported at that time (e.g., auto-switch protocol to tcp/tls on mtu size).
The DNS NAPTR is also turned off by default, which should be on, based on RFC, iirc, but that adds extra DNS query and slows down everything as most of services I saw so far do no relay on NAPTR.
Cheers, Daniel
On 10.08.20 15:33, Juha Heinanen wrote:
What is the point of dns_naptr_ignore_rfc default value:
dns_naptr_ignore_rfc
If the DNS lookup should ignore the remote side's protocol preferences, as indicated by the Order field in the NAPTR records and mandated by RFC 2915.
dns_naptr_ignore_rfc = yes | no (default yes)
In my (and RFC 2915's) opinion the default should be 'no'.
-- Juha
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
Daniel-Constantin Mierla writes:
The DNS NAPTR is also turned off by default, which should be on, based on RFC, iirc, but that adds extra DNS query and slows down everything as most of services I saw so far do no relay on NAPTR.
It is OK to have NAPTR lookup off by default, but if it is turned on, I don't see any point why order value is not obeyed by default. For example, if TLS preferred, that preference should be respected for security reasons.
-- Juha
On 10.08.20 17:08, Juha Heinanen wrote:
Daniel-Constantin Mierla writes:
The DNS NAPTR is also turned off by default, which should be on, based on RFC, iirc, but that adds extra DNS query and slows down everything as most of services I saw so far do no relay on NAPTR.
It is OK to have NAPTR lookup off by default, but if it is turned on, I don't see any point why order value is not obeyed by default. For example, if TLS preferred, that preference should be respected for security reasons.
I am assuming that the rationale behind the default value was to have the local admin decision precede what remote indicates. There are parameters to set the preference for transports:
- https://www.kamailio.org/wiki/cookbooks/5.4.x/core#dns_sctp_pref_dns_tcp_pre...
Cheers, Daniel
-
Daniel-Constantin Mierla -
Juha Heinanen