[Freeswitch-users] Best practices question about SIP registration
lconroy at insensate.co.uk
Wed Jan 9 03:04:41 MSK 2013
Hi again Steven,
with apologies for top-posting ...
Many of us have sup-domains for different classes of users -- looks like your sub-domain is sip.flowroute.com.
However, flowroute.com does have a NAPTR (it has two):
;; ANSWER SECTION:
flowroute.com. 21600 IN NAPTR 100 10 "s" "SIP+D2U" "" _sip._udp.flowroute.com.
flowroute.com. 21600 IN NAPTR 102 20 "s" "SIP+D2T" "" _sip._tcp.flowroute.com.
Also, the _sip._udp.flowroute SRV shows:
;; ANSWER SECTION:
_sip._udp.flowroute.com. 43200 IN SRV 20 10 5060 sip-ca1.flowroute.com.
_sip._udp.flowroute.com. 43200 IN SRV 10 10 5060 sip-nv1.flowroute.com.
as does the _sip.tcp.flowroute.com SRV:
;; ANSWER SECTION:
_sip._tcp.flowroute.com. 43200 IN SRV 10 10 5060 sip-nv1.flowroute.com.
_sip._tcp.flowroute.com. 43200 IN SRV 20 10 5060 sip-ca1.flowroute.com.
so -- if a client is trying to call to sip:1000 at flowroute.com, that client looks up the NAPTR set for flowroute.com (the sip domainpart), gets back the two entries, and chooses to look for a SRV under _sip._udp.flowroute.com (if it wants to call using UDP) or _sip.tcp.flowroute.com (if it wants to call using TCP or use sips:).
flowroute would prefer that you contacted them by UDP (it has a lower preference -- 10 versus the D2T's 20).
If you do contact them, they'd prefer that you used sip-nv1.flowroute.com. (as that has a better/lower preference than sip-cal).
On to the polycoms -- I don't have any of these, so I'm guessing, but ...
It looks strongly like the registration server is at fs.domain.local, which has an IP address of 10.10.10.11 for the DNS-challenged, and is listening on port 5060.
The AuthID/UserID for this 'phone to use 1000, which is kinda apparent from the SIP address the phone has, which is sip:1000 at fs.domain.local.
I'd AssUMe that there's also a password field :).
So ... if you had mydomain.com, and for your internal use you had a sub-domain of, say, internal.mydomain.com, and you had one fS handling your local 'phones, running on a machine called fs.internal.domain.com which had an IP address of 10.10.10.11, I'd put into the local view of DNS:
internal.mydomain.com. IN NAPTR 100 10 "s" "SIP+D2U" "" _sip._udp.internal.mydomain.com.
_sip._udp.internal.mydomain.com. IN SRV 10 10 5060 fs.internal.mydomain.com
fs.internal.mydomain.com. IN A 10.10.10.11
Note that I'm assuming that you'd be using a split-view DNS (i.e., your local DNS server would only give these answers to its local machines)
as it's kinda impolite to give private addresses like 10.10.10.11 to the outside world -- clients are sometimes too dumb to realise they can't contact that server using this address.
[...which is why we have one way audio -- stupid implementers :]p
Hope that helps,
On 8 Jan 2013, at 23:02, Steven Schoch wrote:
> On Tue, Jan 8, 2013 at 1:56 PM, Lawrence Conroy <lconroy at insensate.co.uk>wrote:
>> Hi there,
>> at the risk of butting in on someone else's party ...
>> Nope; your interpretations is NOT best practice.
> This party is open to all. I appreciate these answers, and as usual I have
> noticed that the fastest way to learn is to do it wrong, and then have
> somebody correct me! Thanks!
>> With SIP (see RFC 3263), you do a lookup on the SRV record (at
>> _sip._udp.<sipdomain>) to find the machine that handles SIP
>> registrations/incalls for the domain. That also gives you the port on
>> which that machine is listening.
> For example, I did a lookup:
> $ dig SRV _sip._udp.sip.flowroute.com.
> This returns:
> _sip._udp.sip.flowroute.com. 43200 IN SRV 20 10 5060
> _sip._udp.sip.flowroute.com. 43200 IN SRV 10 10 5060
>> (Yup, you can also have a NAPTR record in the domain to tell you where the
>> SRV record is, but many folks don't bother -- for Best Practice, you
>> should, but ...)
> $ dig NAPTR sip.flowroute.com
> sip.flowroute.com. 42818 IN NAPTR 100 10 "s" "SIP+D2U" ""
> sip.flowroute.com. 42818 IN NAPTR 102 20 "s" "SIP+D2U" ""
> I found that _sip._tcp.sip.flowroute.com does not have a SRV record. I
> don't know what that means. The RFC says that you should use "SIP+D2T" for
> Now, as this relates to the Polycom phone example, there are these fields:
> reg.1.address="1000 at fs.domain.local"
> Since this is a VoIP phone that loads its configuration from the server,
> not VoIP software that is configured by the user, it really only needs the
> IP address, so the server address field is kind of moot.
> But the example domain here is "fs.domain.local". Why not just
> "domain.local"? Why didn't Flowroute use "flowroute.com" instead of "
> And my other question was how is the address "1000 at fs.domain.local" used?
> Does FreeSwitch use that or does it just use the auth.userId?
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> Official FreeSWITCH Sites
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users