I am trying to understand how Iphone decides which IP address to use from 2 IP addresses returned in dns response in this specific scenario below.
Scenario is like this:
1- Iphone sends dns query for an Arecord like "bsf.mncxx.mccxx.pub.3gppnetwork.org" and gets 2 IP addresses in the response.
2- Iphone sends GET requests to one of the IP address to authenticate itself (not important which BSF IP selected at this step)
3- BSF returns 401 Unauthorized with authentication challenge
4- Iphone calculates the response and sends it in 2nd GET request.
Problem starts here. Iphone selects BSF randomly here. The expectation is to send this 2nd GET(with calculated response) to the same BSF in step2. All other phones (Samsung, Huawei, Sony etc) sends it to BSF in step2. But it seems Iphone just randomly selects. If other BSF is selected, authentication fails.
As a workaround, we configured BSF to send Connection:keep-alive in http 401 response, but unfortunately it didn't help. Iphone still selects it randomly.
Here in our setup, BSF IP addresses are in close subnets (BSF1 = 172.31.59.165, BSF2= 172.31.59.181)
It's very strange that, in another setup (not exactly same BSFs with ours but http request and responses similar) same Iphone always selects the same BSF in step2 and step4 (BSF1=10.216.138.78, BSF2= 10.210.149.79). If it selects BSF1 in step2, continues with BSF1 in step4. Same for BSF2.
Is it possible that Iphone checks subnets during decision? Any other guess or suggestion will be highly appreciated.
Thanks White
