Using DNS SRV Records with IOS Dial Peers

Ah… IOS. Refreshing after spending a week with ACME Packet’s ACLI. And at the same time it certainly has it’s own frustrations. It took me a while to get this working in my lab (partially because I was in Boston and my lab is most decidedly not), but I have a feeling DNS SRV records with SIP are going to prove very useful to me in the future.

The goal here: use DNS SRV records to minimize the number of dial-peers required in IOS. Typically CUCM is set up in some sort of redundant fashion so that there are multiple call processing servers. Going deeper, the configuration of CUCM is such that CM Groups are created with a max of three servers per group meaning everything needs to be pointed at two or three different servers in case one goes down. So we want to use one dial-peer to send a particular call to a CM Group made up of three servers rather than the usual three.

VoIP dial-peers use session targets to determine where to send a matching call. With no DNS SRV records each pattern would require three dial-peers using preference commands as shown below (Note: The use of an ipv4: target vs dns: target makes no difference here, I am using ipv4 in this example for contrast. DNS A records for each server would still require three dial-peers, it is only with DNS SRV records that we can collapse three dial-peers down into one).

dial-peer voice 1 voip
 destination-pattern 2000
 preference 1
 session protocol sipv2
 session target ipv4:

dial-peer voice 2 voip
 destination-pattern 2000
 preference 2
 session protocol sipv2
 session target ipv4:

dial-peer voice 3 voip
 destination-pattern 2000
 preference 3
 session protocol sipv2
 session target ipv4:

With DNS SRV records we can cut this down to one dial-peer:

dial-peer voice 1 voip
 destination-pattern 2000
 session protocol sipv2
 session target dns:cmgroup1.lab.local

along with a little extra config (to host the DNS SRV records in IOS to remove reliance on the corporate DNS server)

ip host cucm1.lab.local
ip host cucm2.lab.local
ip host cucm3.lab.local

ip host _sip._udp.cmgroup1.lab.local srv 1 50 5060 cucm1.lab.local
ip host _sip._udp.cmgroup1.lab.local srv 1 50 5060 cucm2.lab.local
ip host _sip._udp.cmgroup1.lab.local srv 1 50 5060 cucm3.lab.local

ip name-server
ip domain name lab.local

Finally, in order for a CUCM subscriber server to accept a SIP URI with a destination of @cmgroup1.lab.local rather than @<servername>.lab.local each parent DNS SRV records (cmgroup1.lab.local) must be added to the Cluster FQDN list in Enterprise Parameters. If this step is not completed, expect to see SIP 404 Not Found errors. From the CUCM Help:

This parameter defines one or more Fully Qualified Domain Names (FQDN)
for this cluster. Multiple FQDNs must be separated by a space.
Wildcards can be specified within an FQDN using an asterisk (*).
Examples are and * Requests
containing URLs (for example, SIP calls) whose host portion matches any
of the FQDNs in this parameter will be recognized as a request destined
for this cluster and/or devices attached to it.

Many thanks to these helpful resources, the first in the list is an especially good resource:

Gateway Configuration for SIP Proxy Redundancy

Load Balance Between SIP Dial-Peers
Designing Unified CVP for High Availability
Cisco IOS SIP Configuration Guide, 15.0

Cisco SIP Gateway Troubleshooting


About Ben

UC Engineer, Lego Engineer. Take your pick.

Posted on February 6, 2010, in Tech and tagged , , , , . Bookmark the permalink. 8 Comments.

  1. Hey Ben,
    Are you sure about this?
    The conversation in the “Load Balance Between SIP Dial-Peers” url you posted, there is mention that SRV lookup are only done out of the ‘sip-ua’ contaxt, and not from the session-target statement in the dial-peer.
    Also the example in the first link you mention says:

    dial-peer voice 1000 voip
    session target sip-server

    Kind regards,

  2. Hi Leo,

    I did test this in the lab and it tested succesfully, although it wouldn’t surprise me if the sip-ua context is the only TAC-supported method.


  3. Hello Ben,

    which IOS Version did you use for the SRV loadbalancing?

    Kind regards,


    • Hi Marcel,

      At the time I was using 12.4(15)T11 or T12. SIP support is even better in IOS 12.4(24)T and 15.x. If I were doing this again today I’d go with something in the 15.x train.


  4. Hey Ben,
    I am attempting something similar and am finding a huge delay 1 second to start ringing with IP vs 10 seconds with DNS. While I realize the look up will take a bit, its local on the router so I wouldn’t think it would take quite 10 seconds. Have you experienced any slowness using this technique?

    • Hi Brian,

      It’s been a while since I had this in the lab, but I don’t recall any noticeable delay as you describe. I’d be curious to see from packet caps/SIP messaging what’s causing the delay. My guess is there’s some media renegotiation, a host timeout, extra invites being sent/rejected or something along those lines.


  5. I have seen this is labs bcause the DNS server is not up to the job.. If its a vm make sure u dont let it go to sleep. If the dns server is in production maybe u should ck if you dont need to beef it up..Best way to resolve if it is DNS server is to make an IP HOST entry in the gateway.. If the delay goes away its the DNS server that is the issue..

  6. Hi Ben, thanks for this post, I stumbled upon it looking for methods to create local srv records in ios. There are some cool new methods to accomplish this in newer versions using a session server-group:

    voice class server-group 100
    ipv4 x.x.x.x
    ipv4 x.x.x.x preference 1
    ipv4 x.x.x.x preference 2
    description CUCM SUB01-SUB02-SUB03
    dial-peer voice 100 voip
    session server-group 100

    Unfortunately dns entries aren’t supported with the server-group (at this time). So in a scenario where you want to utilize dns I think the approach is either multiple dial-peers with session-target dns: A records/preference, or I’m going to attempt a single dial-peer with a session-target to a dns local ios srv. As you mentioned this removes a dependency for corporate dns. Thanks for this post from another lego dad.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: