02-16-2014 11:18 AM - edited 03-18-2019 02:36 AM
Hi Everyone
I have a general query about SRV records and just need a bit of clarification. I have a customer who has registered a domain for their VCS express, (tp.example.com). When I do a dns lookup it brings back the correct public ip address of the vcse. Now I will be confuring this system shortly however I dont know anything about SRV records.
Do I have to get the customer to forward the relevant SRV records to their ISP for their external dns host?
Also the customers public domain is the same as their internal domain. Im guessing the exact SRV records need to be added to their internal DNS server too?
Thanks for your help
p.s If there is a good guide on adding srv files etc then ide appreciate it if you could forward me the link. Thanks again
Solved! Go to Solution.
02-16-2014 12:24 PM
As we do not know your deployment its hard to say, Like if you have a cluster internally
you should use SRV records to register clients to allow failover. But that would most likely be
some additional DNS entries and not neccessary the same ones than on the outside.
If systems are registered internally they can work fine with no SRV record for the video domain.
For external connectivity SRV records are more important.
If you have a provider handling the external DNS entries this is the one to ask to set up
the SRV records.
Please remember to rate helpful responses and identify helpful or correct answers.
Please remember to rate helpful responses and identify
02-16-2014 12:24 PM
As we do not know your deployment its hard to say, Like if you have a cluster internally
you should use SRV records to register clients to allow failover. But that would most likely be
some additional DNS entries and not neccessary the same ones than on the outside.
If systems are registered internally they can work fine with no SRV record for the video domain.
For external connectivity SRV records are more important.
If you have a provider handling the external DNS entries this is the one to ask to set up
the SRV records.
Please remember to rate helpful responses and identify helpful or correct answers.
Please remember to rate helpful responses and identify
02-18-2014 01:41 PM
Thanks for the reply Martin. Ive advised the customer to get in touch with their ISP to get the SRV records added.
02-18-2014 02:09 PM
My internal DNS folks were a great help setting our SRV records up... and helping educate me a bit on how they work
I now know enough to know what I want and to be dangerous
Standard DNS "A" records are pretty easy to look at with the nslookup command, however I struggeled with the the command line options to use nslookup for SRV records..
Someone recommend http://digwebinterface.com/ and oncce I figured out how the site worked, I was able to lookup and see our SRV records easily
In the VCS X7.2.2 web interface there is also a DNS lookup function...
Maintenace/Tools/Networkutilities/DNS lookup
If you go there and enter Cisco.com or Tandberg.com and then select SRV records from the pull down you can see what SRV records are out there...
I also think there is more than 1 right answer... especially when there are multiple VCS-Expressways and at multiple sites. I think at the time I gave my internal DNS folks a screenshot of how the public Cisco/Tandberg records were setup and they better understood what I wanted.
There are lots of posts on the forum that talk about SIP based attacks to try to access ISDN gateways for Toll Fraud, we killed alot of those attempts by disabling SIP UDP... in retro, I probably would no ask that the SIP UDP SRV records be published, since they are off in the VCS-E...
Security folks indicated that UDP traffic is easly spoofed and that is why the attacks are UDP based
Good Luck
02-21-2014 11:22 PM
Hi
Thanks for that
Ive just used to the website to do an srv record lookup and it doesnt look as though they're set up. It does point to the correct ip address though. Do you think I can still get video calls working using the domain name to call without the srv records?
02-22-2014 12:17 AM
If the external sites support DNS A record lookup, then yes, if not, then no.
In that case they can still connect using Alias@VCS-E_IP_address.
(You might have to configure appropriate transform and search rules to cover this option, unless already in place.)
But external SRV records should really be in place for both H.323 and SIP.
/jens
Please rate replies and mark question(s) as "answered" if applicable.
02-24-2014 05:47 AM
I agree with Jens above...
I believe that the originating system should try to lookup/use the SRV record first, then fall back to the A Record, this behavior will vary greatlky based on vendor and software version.
When we test external IP connected systems, here is the general process we perform:
#1 - Have the external party dial Alias@domain e.g. 123456@abc.com
(If this works, they can reach all of our endpoints and dial in to any of bridge calls.... no further testing needed)
If the above fails
#2 - Have them dial the IP address of the VCS-Expressway (This is H.323 only)
We have the fallback alias set for one of out systems in our support center
If this works, at least you know they are reaching you and if you have 2 way audio/video and there is no FW issue
#3 - If the above works, we have them dial alias@ipaddress e.g. 123456@111.111.111.111
This is like #1 above but without the DNS lookup for the domain
If this works, we at least narrowed the issue to DNS domain resolution, they can dial this way if they want or fix the
DNS issue
Most of our external calls are H.323, there are lots of accepatble dial plans for H.323
but we have seen some that come in SIP, in my experience I have seen less one-way video when using SIP
I have also leaned that an endpoint calling to our VCS-Expressway will connect differenly than an endpoint behind a proxy (e.g.Gatekeeper/VCS) the port used are differant
Have you used
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide