In this section:
The
ipInterfaceGroup
( that the DNS group uses) is restricted to the same addressContext
as the DNS Group. When configuring the DNS group, the SBC associates the IP Interface Group of the same Address Context only.Within a DNS server group, each server has both a priority and a weight. The SBC sends the requests to the server with highest priority (lower value) first. It uses the servers with lower priority when all higher priority servers are marked unavailable due to previous timeouts. If multiple servers of the same priority exist, requests are load-balanced across servers in proportion to their weights.
The
The
When an SIP endpoint (such as UAC) sends a request to a resource identified by a SIP or Secure SIP (SIPS) URI, it resolves that URI into the IP address, port, and transport protocol. This URI either identifies the desired resource where the request is targeted the URI in the Request-URI), or it identifies an intermediate hop towards that resource (the URI in the Route header).
For a SIP call with an unknown transport protocol, or if the URI cannot derive the transport protocol, the SIP endpoint performs a Naming Authority Pointer (NAPTR) query for the domain name in the URI. After the transport protocol is found from the records returned by the NAPTR query, the client uses the Location of Services (SRV) query on the protocol to target host FQDN and port number. Finally, the client performs an Address (A) record query to resolve the domain names returned by the SRV query to obtain the IP address of the server.
For network configurations where SIP Server domain resolution is not available from external DNS servers, the
The
transportProtocol
configuration object with two options: udp
or tcp
. The default value is udp
. The flag tcpFallback
supports TCP fallback when the configured protocol is UDP. The default value is disabled
.The DNS Group Transport Protocol option allows the user to choose either UDP or TCP transport protocol for a DNS query for the associated DNS Group.
The figure below depicts DNS support when the transport protocol for the DNS server is configured as TCP.
TCP Connection
The
Enable the tcpFallback
flag per DNS server to notify the DNS client to support TCP fallback, when the DNS response on the UDP is received with TC flag.
When enabled, the tcpFallback
and the DNS client receive the TC flag in the response over UDP, and the DNS Client sends the same query again over TCP to the same server.
The figure below depicts TCP Fallback when the initial transport protocol is UDP and tcpFallback
flag is enabled for that particular DNS server:
TCP Fallback
To support backward compatibility, disable the tcpFallback
flag. The default value is disabled. The DNS over TCP works for both IPv4 and IPv6 transport protocol based on the configured address of the DNS server.
The SBC supports, by default, 1,300 Maximum Transmission Unit (MTU) bytes, and the MTU size used by the SBC is configurable. If the initial INVITE message size exceeds the default MTU value, the SBC sends the data over the TCP transport protocol. The TCP transport protocol is used if it is allowed by the transport profile irrespective of its preference order.
The current TCP Fallback feature does the following:
The DNS client maintains the TCP connections in the TCP Pool in order to enable the DNS client to reuse those TCP connections to deliver the DNS query to the same server.Thus, the DNS client avoids opening TCP connection each time the DNS query comes for the same server. However, the DNS client removes the TCP connections periodically from the TCP Pool which are least recently used and their ideal timer expires.
The
The
The
The
Two types of manual queries:
Manual queries which do not include the server: The
If the
The
The
In the above scenarios, the
For more information, refer to Domain Name Server (DNS) Alarms.
The
hostPort
configuration under ipPeer pathCheck
option is updated to 5060
. To enable this feature, set hostPort
under ipPeer pathCheck
option to 0
.When the pathCheck
profile is attached to an FQDN based IP peer with hostPort
set to 0
, the pathCheck
task performs SRV lookup to resolve the port numbers. The resolved port numbers are used to send OPTIONS ping to the IP peer.
pathCheck
profile is attached to an FQDN based IP peer configured with a hostPort
(other than the value 0
), the pathCheck
task does not perform SRV lookup. It uses the configured port to send OPTIONS ping to the IP peer.The pathCheck
task processes DNS SRV response as follows:
pathCheck
task sorts SRV records based on weight and priority and saves all the records. The pathCheck
task then continues through all the SRV records in the same order after the sorting to perform A/AAAA query on each SRV record.The pathCheck
task processes DNS A/AAAA response for each SRV record as follows:
For example, the pathCheck
task performs an SRV query for a given FQDN target, and two SRV records are returned: SRV1 and SRV2. The records are in the same order, after sorting, based on the weight and priority.
The SBC then sends an A or AAAA query for SRV1, followed by SRV2. Assume that the SRV query resulted in two A records.
At this point, there are total of two SRV records with two A records each. The pathCheck
task now sends an OPTIONS ping to all of the IP Address/Port combinations (A1:SRV1, A2:SRV1, A3:SRV2, and A4:SRV2).
The pathCheck
task maintains overall status of an FQDN-based Peer just like it does for the IP based Peer: It tracks and updates status of the FQDN peer using the OPTIONS ping messages sent to all learned SRV record combinations. When the pathCheck
task tries the multiple IP Address/Port combinations:
If a DNS query for an FQDN target fails (error, timeout, or no answer records), the pathCheck
task retries the DNS query after the configured retry duration in the pathCheck
profile.
If an FQDN peer to which the pathCheck
profile is attached to is deleted, the pathCheck
task clears all associated saved DNS records.
If an FQDN peer to which the pathCheck
profile is attached to is modified with a new FQDN, the pathCheck
task clears the associated DNS records for the earlier FQDN and performs a fresh DNS query using the newly updated FQDN.
If the
The
If the alarm is raised for the current RCODE error, it displays the following fields:
If the SBC observes the RCODE error within the configured monitor interval, then the alarms displays only the DNS server IP and DNS Zone name.
Even though the DNS server observes multiple RCODE errors, it generates a single alarm for that DNS server. In other words, the
The
View the INFO logs by entering the following command:
% show table alarm current status
For more information, refer to DNS - DNS Group and DNS Group - CLI.
The SBC provides an option, on a per-DNS-server basis, to specify the Differentiated Services Code Point (DSCP) value that the SBC sends in the IP headers of DNS queries. A DSCP value is a packet header value in the range of 0 to 63 that classifies network traffic into different priority levels. For example, DSCP values are used to request high priority or best effort delivery for traffic.
The following example shows the syntax for specifying a DSCP value within DNS server configuration.
% set addressContext <address context name> dnsGroup <dns group name> server <dns server name> dscpValue <0-63>
For more information on DNS server configuration, refer to DNS Group - CLI.