From: "Alexeitsev, D" <[EMAIL PROTECTED]> Can anyone provide a comment on the following situation:
One of the SIP UA implementations, that we are currently testing, makes a DNS lookup before every independent transaction. The DNS server is configured to resolve the domain AOR to several SIP server IP addresses in a round robin manner. Better would be to assign a separate domain name to each server, provide each server with an A record, and then set up the SIP domain to retrieve a set of SRV records that specify all the servers with equal weight. That way, the DNS server can always deliver the same responses, and no DNS caching will ever cause a problem. This causes problems with the digest authentication, as the digest challenge comes from server 1 in a response to the REGISTER request, and the digest response goes to the server 2 due to the DNS lookup. Shall the network of the SIP servers support such client behaviour? This problem will happen in any circumstance where more than one server can receive a request for the same request-URI -- the challenge is in the response to one request, the digest response is in the re-send of the request, and can go to another server. The sipX high-availability system (http://www.sipfoundry.org) deals with this by using nonces (challenges) that are essentially signed, so one server can verify the nonce generated by another server (and the time at which it expires). Dale _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
