One document matched: draft-ietf-mmusic-sip-100rel-01.txt
Differences from draft-ietf-mmusic-sip-100rel-00.txt
Reliability of Provisional Responses in SIP
STATUS OF THIS MEMO
This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as work in progress.
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
This document specifies an extension to the Session Initiation
Protocol (SIP) providing reliable provisional response messages.
1 Introduction
The Session Initiation Protocol (SIP) [1] is a request-response
protocol for initiating, maintaining, and terminating multimedia
sessions. Each SIP request is followed by one or more provisional
responses, followed by a one or more definitive responses. These
provisional responses, also called informational responses, have
status codes within the 100-199 range. They are most commonly used
for responses to an INVITE request. They provide information on call
progress, such as trying (100), alerting (180), and queueing (182).
However, when run over UDP, SIP does not guarantee that these
J.Rosenberg,H.Schulzrinne [Page 1]
Internet Draft 100 Reliability May 20, 1999
messages are delivered reliably, or in order.
However, a number of applications require reliability and in-order
delivery of provisional responses to INVITE. These include gateway
applications, wireless phones, ACD servers, and call queueing
systems. Generally, these applications make use of the provisional
responses to drive state machinery. This is especially true for the
180 Ringing provisional response, which maps to the Q.931 ALERTING
message.
This document provides a simple extension to SIP for ensuring that
provisional responses to INVITEs are delivered reliably, independent
of the underlying transport mechanism. The extension applies only to
the INVITE method. Reliability of provisional responses for other
methods is not provided. The extension is simple, requiring two new
header fields, and no new methods. It fits well within the generic
framework of SIP reliability. It is partly backwards compatible, so
that a Require header is not needed (it can be included if the UAC
insists on the feature, of course), although a Proxy-Require header
is needed.
2 Terminology
In this document, the key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" are to be interpreted as described in RFC 2119 [2] and
indicate requirement levels for compliant implementations.
3 Overview
The reliability mechanism is based on the standard windowed
acknowledgement technique. When a server generates a provisional
response which is to be delivered reliably, it places a sequence
number (via the RSeq header field) in the provisional response. These
sequence numbers always start at zero, since they are defined only
within the context of a transaction. This elimiates the need for SYN
handshakes as in TCP. The provisional response is then retransmitted
with an exponential backoff.
The UAC maintains a variable, sn, which is the highest sequence
number seen in a reliable response. When the client receives a
provisional response that has been sent reliably, and this response
has a sequence number one higher than sn, sn is incremented, and the
request is retransmitted. Otherwise, if the response has a sequence
number greater than one higher, sn is not incremented. Either way,
the request is retransmitted, and the value of sn is placed in the
RAck header in the request.
J.Rosenberg,H.Schulzrinne [Page 2]
Internet Draft 100 Reliability May 20, 1999
When the server sees a request retransmission with an RAck header
with a value equalling the sequence number in the last reliably
transmitted response, it stops retransmitting that response, and is
free to send the next provisional response, with a higher sequence
number.
The mechanism is similar to TCP, but with a constant window of one.
The use of a fixed size window comes at the penalty of reduced
response throughput. The througput of responses is fairly low (1 per
RTT without loss, lower with loss). However, as the provisional
responses are used to signal changes in phone call states, which
generally occur on timescales on the order of hundreds of
milliseconds to seconds, such a limited throughput appears
acceptable. The mechanism can be extended to support larger window
sizes, if necessary.
The server can still generate unreliable provisional responses by
sending them without an RSeq header. A UAC which receives a
provisional response without a RSeq does not retransmit the request.
This allows for backwards compatibility; a UAS which doesn't know how
to transmit reliable responses will never place an RSeq header in a
response, and so the SIP transaction will proceed normally.
Similarly, the initial INVITE from the client contains an RAck
header. This serves as an indicator to the server than the client
supports the reliability mechanism. A UAS which doesn't see this
header in a request knows it cannot provide reliable provisional
responses.
4 Detailed Protocol Semantics
A transaction begins when the client sends a request. The client
sends the INVITE request as per RFC2543 [1]. The RAck header MUST be
placed in the request, with a value of zero, if the client
understands and is willing to support this extension for the
transaction.
When the initial INVITE is received by the server, it MAY send a 100
response (depending on whether it is a proxy or not). A 100 response
is normally sent reliably according to the current SIP specification.
This is because the client retransmits its request until a response
(i.e., 100) is received, and the server retransmits the 100 response
upon request retransmission. As a result, no additional means is
needed to reliably send a 100 response over a single hop.
Furthermore, the SIP specification mandates that the 100 response is
not forwarded through a proxy. For these reasons, 100 responses MUST
NOT contain an RSeq header.
J.Rosenberg,H.Schulzrinne [Page 3]
Internet Draft 100 Reliability May 20, 1999
The server maintains a window of size 1, which is effectively the
value of the highest unacknowledged provisional response that has
been transmitted; call this rn. The client maintains a single
variable, sn, which represents the highest in order provisional
response received so far. Both sn and rn MUST be initialized to 0.
The server MAY send a reliable response if the initial INVITE request
from the client contained a RAck header with a value of 0. If the
request contained a Require header, and the server is a UAS, the UAS
SHOULD send all non-100 provisional responses reliably. If the
request contained a Proxy-Require header, and the server is a proxy,
the server SHOULD send all locally generated non-100 provisional
responses reliably. It also SHOULD reliably send upstream any
responses received reliably from a downstream server. The server MUST
NOT send a reliable response if the initial INVITE request did not
contain an RAck header with a value of zero. When the server decides
to send a provisional response reliably, it MUST increment rn, and
MUST place this incremented value in the RSeq header in the response.
The provisional response SHOULD be retransmitted at intervals with an
exponential backoff, starting at T1 (default of 500ms), and doubling
after each retransmission.
When a client receives a provisional response, it checks for the
presence of the RSeq header. If it is not present, the response was
an unreliable provisional response. The client MUST NOT retransmit
the request. As per [1], the client also ceases exponentially backing
off request retransmissions when any response (with or without the
RSeq header) is received.
If the server does not understand this extension, it will
behave according to the base SIP specification, and
retransmit responses upon request retransmissions. A client
which retransmits requests upon response retransmissions
would cause a feedback loop of constant request and
response retransmissions. By checking for the RSeq header,
the client can determine whether the server is supporting
this extension for this response.
If, however, the provisional response contains an RSeq header, the
value is compared against sn. If it is one higher than the current
value of sn, sn is incremented, otherwise sn is unchanged. The client
SHOULD then resend the original request (independently of whether the
value of sn has changed), and MUST include the sequence number sn in
the request in the header field RAck.
When a request is received at a server, it checks for the presence of
the RAck header. If it is not present, the server retransmits the
J.Rosenberg,H.Schulzrinne [Page 4]
Internet Draft 100 Reliability May 20, 1999
last response that was sent. If the RAck header is present, and the
value is lower than the value of rn, the last reliable response is
retransmitted. If the RAck header was present in the request, and the
value is equal to the current value of rn, the exponentially backing
off response retransmissions cease. Additional copies of the request
with the same or lower value of RAck that are received by the server
SHOULD NOT cause the server to retransmit any response (as they would
in the above case if RAck were lower), unless rn is zero. The server
always retransmits the last response sent (provisional, reliable
provisional, or otherwise) when a request is received with both RAck
and rn equal to 0.
This handles the case where a proxy server doesn't send a
100 response, but transmits a reliable response as the
first response. To make sure the initial request is
transmitted reliably, the server has to retransmit the
first response upon request retransmissions.
Once a request has arrived with RAck equal to rn, the server is free
to increment rn and transmit another provisional response. The server
MUST NOT ever generate an additional reliable response until it has
received a request with an RAck header with a value equal to rn.
When the server is ready to send a final response, it does so
according to [1]. An ACK request causes retransmissions of the final
response to cease. The server SHOULD NOT continue to retransmit any
reliable provisional responses once a final response has been sent.
5 Header Syntax
Two new header fields are defined, RSeq and RAck. The BNF for these
are:
RSeq = "RSeq" ":" 1*DIGIT
RAck = "RAck" ":" 1*DIGIT
RSeq is a response header field. RAck is a request header field.
If a client insists that all provisional responses (those generated
by proxies and UAS's) be sent reliably, it MUST include both the
Require and Proxy-Require headers in all requests. A UAC MAY
alternately send requests only with the Proxy-Require header. This
will cause all non-100 provisional responses generated by proxies to
be sent reliably. Responses sent by UAS's may, or may not be sent
J.Rosenberg,H.Schulzrinne [Page 5]
Internet Draft 100 Reliability May 20, 1999
reliably, at the discretion of the UAS.
This document specifies the named extension org.ietf.sip.reliable-
100.
6 Operation with Proxies
A SIP request may pass through any number of proxies, some of which
may fork the request. The reliability mechanism defined here requires
proxies to be aware of the extension. Consider what would happen if a
proxy receives a request with a RSeq header, but no Proxy-Require
header, and the proxy does not know the extension. As per normal SIP
rules, the proxy would forward the request, with the RSeq header in
tact, to the downstream proxy. If that proxy did understand the
extension, it might try and send a reliable response to the first
proxy. The first proxy would see the provisional response
retransmissions, but never resend the request. This would cause an
excess of network traffic, and block transmission of other
provisional responses at the downstream proxy.
The situation would be even more catastrophic for a forking proxy.
Consider the case where the first proxy forks the request to
downstream proxies A and B. Both A and B understand the extension,
and each try to send a reliable response. The first proxy forwards
both responses upstream. But, since it does not understand the
extension, it does not remove or change the value of the RSeq header
in either response. Thus, the client receiving these requests will
think they are retransmissions, rather than being two separate
responses.
Implementation of this extension in a stateless proxy is not done
according to the rules in section 4. A stateless proxy implementing
this extension MUST forward all requests it receives downstream, and
MUST forward all responses it receives upstream, including
provisional responses. Actual reliability is achieved between the
first pair of stateful proxies.
A stateful proxy implementing this extension MUST act as a virtual
UAS-UAC in the algorithm described in the previous section. When any
non-100 provisional response is received reliably at a proxy, the
proxy MUST reliably transmit it upstream towards the next stateful
proxy. When any non-100 provisional response is received unreliably
at the proxy, the proxy MUST send the response unreliably upstream.
Any provisional responses generated by the proxy itself (excepting
100) MUST be sent reliably upstream.
Since a proxy may be receiving reliable provisional responses from
several branches of a forked request, it will need to merge the
J.Rosenberg,H.Schulzrinne [Page 6]
Internet Draft 100 Reliability May 20, 1999
provisional response streams together. There are no requirements
about the ordering of provisional responses across branches. However,
all provisional responses from a given branch MUST be transmitted
reliably upstream in the same order they were received along a
branch. For example, consider a forking proxy A which sends a request
to UAS's B and C. B sends provisional response 0 towards A, and once
it has been received, sends response 1. Similarly, B sends
provisional response 2, and once received and acknowledged by A,
sends provisional response 3. Proxy A may forward the provisional
responses towards the UAS in any one of the following orders:
0,1,2,3
0,2,1,3
2,3,0,1
2,0,3,1
0,2,3,1
2,0,1,3
Since responses from several branches may be merged at a forking
proxy, a proxy MUST renumber the provisional responses (always
starting at zero, however) when forwarding them upstream. As this
requires changing the RSeq value, the RSeq header field cannot be
protected by either end-to-end encryption or authentication.
Similarly, a stateful proxy will need to remove the RAck header from
all requests it receives, and insert its own value into proxied
requests.
7 Examples
7.1 Message Formatting
In this example, a UAC wishes to send an INVITE message and receive
reliable 100-class responses. Such an INVITE might look like:
C->S: INVITE sip:watson@bell-tel.com SIP/2.0
Via: SIP/2.0/UDP saturn.bell-tel.com
RAck: 0
From: sip:alexander@bell-tel.com
To: sip:watson@bell-tel.com
Call-ID: 70710@saturn.bell-tel.com
CSeq: 1 INVITE
Subject: Come here Watson
J.Rosenberg,H.Schulzrinne [Page 7]
Internet Draft 100 Reliability May 20, 1999
Require: org.ietf.sip.reliable-100
Proxy-Require: org.ietf.sip.reliable-100
The server wishes to send a 180 Ringing provisional response
reliably. The response will look like:
S->C: SIP/2.0 180 Ringing
Via: SIP/2.0/UDP saturn.bell-tel.com
RSeq: 1
From: sip:alexander@bell-tel.com
To: sip:watson@bell-tel.com
Call-ID: 70710@saturn.bell-tel.com
CSeq: 1 INVITE
This response is retransmitted with an exponential backoff. When the
UAC receives the response, it retransmits the request, but adds the
RAck header field:
C->S: INVITE sip:watson@bell-tel.com SIP/2.0
RAck: 1
Via: SIP/2.0/UDP saturn.bell-tel.com
From: sip:alexander@bell-tel.com
To: sip:watson@bell-tel.com
Call-ID: 70710@saturn.bell-tel.com
CSeq: 1 INVITE
Subject: Come here Watson
Require: org.ietf.sip.reliable-100
Proxy-Require: org.ietf.sip.reliable-100
7.2 Message Flows
This section illustrates a number of message flows using this
extension. We abbreviate an INVITE request with a RAck header value
of N as "INV N", and a provisional response with a RSeq header value
of M as "1xx M". Packets which are lost are shown with an "X" in
front of them.
7.2.1 UAC to UAS, with Require
In this case, the UAC sends a request directly to a UAS, and includes
J.Rosenberg,H.Schulzrinne [Page 8]
Internet Draft 100 Reliability May 20, 1999
the Require header, naming this extension. The extension is supported
by the UAS. The UAS sends a 100 response first, and then a 180
reliably.
UAC UAS
-------INV 0-------------->
X<.......100.........
-------INV 0--->X
-------INV 0-------------->
(request <..........100.............
retransmissions
cease)
X<...180 1............ (180 retransmits start, sn=1)
(rn inc to 1) <.........180 1............
-------INV 1---->
<.........180 1............
-------INV 1--------------> (180 retransmits cease)
X<....300............... (300 class retransmits start)
<........300...............
-----------ACK------------>
7.2.2 UAC to UAS, without Require, UAS doesn't understand
In this case, a UAC sends a request directly to the UAS, and doesn't
include the Require header in the request. The UAS doesn't support
the extension. The UAS sends a single 180 before sending a final
response.
UAC UAS
-------INV 0-------------->
X<.......100.........
-------INV 0--->X
-------INV 0-------------->
(request <..........100.............
retransmissions
cease)
J.Rosenberg,H.Schulzrinne [Page 9]
Internet Draft 100 Reliability May 20, 1999
<..........180 ............
X<....300............... (300 class retransmits start)
<........300...............
-----------ACK------------>
Note that after reception of the 180, the request is not
retransmitted, since the response did not contain an RSeq header.
7.2.3 UAC to proxy to UAS
In this case, a UAC sends a request to a proxy, which forwards it to
the final UAS. Both the Require and Proxy-Require headers are present
in the request. The local proxy generates its own provisional
response (188), and the UAS generates a 180:
UAC PROXY UAS
-----INV 0-------------> ----INV 0-->X
-----INV 0-------------> ----INV 0------------->
X<....100........
X<....100........ <....100...............
<........100............
X<......188 1.......
<...........188 1.......
---------INV 1-->X
<...........188 1.......
--------INV 1---------->
X<....180 1.....
<......180 1.............
-------INV 1--->X
X<....180 2..... <......180 1.............
-------INV 1------------>
<...........180 2.....
-----INV 2------------>
Note that the proxy renumbers the two provisional responses before
sending them upstream.
8 Open Issues
J.Rosenberg,H.Schulzrinne [Page 10]
Internet Draft 100 Reliability May 20, 1999
There are a number of open issues:
1. Currently, SIP requests with the same values of the To,
From, Call-ID and CSeq fields are isomorphic. It is
possible that certain implementations may discard non-
isomorphic requests with identical values for these header
fields. By adding the RAck header into a request
retransmission, we break the isomorphism of retransmitted
requests. Is this a problem?
2. The mechanism currently requires proxies to understand it
to work. It is possible to hack a solution without this
constraint, by placing the RAck value as a parameter in the
Via header, rather than its own header. The result would be
those pairs of proxies which both understand provisional
reliability would provide it, those that don't, would not.
Is this useful?
9 Security Considerations
Since the RSeq value cannot be encrypted or authenticated end-to-end,
nor can the RAck, man in the middle attacks are possible which can
cause the provisional responses to be reordered at the UAC. This can
be alleviated by the use of hop-by-hop encryption and authentication
mechanisms, such as IPSEC [3,3].
10 Acknowledgements
The authors would like to thank Jonathan Lennox and Adam Roach for
the comments on this document.
11 Author's Addresses
Jonathan Rosenberg
Lucent Technologies, Bell Laboratories
101 Crawfords Corner Rd.
Holmdel, NJ 07733
Rm. 4C-526
email: jdrosen@bell-labs.com
Henning Schulzrinne
Columbia University
M/S 0401
1214 Amsterdam Ave.
New York, NY 10027-7003
email: schulzrinne@cs.columbia.edu
J.Rosenberg,H.Schulzrinne [Page 11]
Internet Draft 100 Reliability May 20, 1999
12 Bibliography
[1] M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg, "SIP:
session initiation protocol," Request for Comments (Proposed
Standard) 2543, Internet Engineering Task Force, Mar. 1999.
[2] S. Bradner, "Key words for use in RFCs to indicate requirement
levels," Request for Comments (Best Current Practice) 2119, Internet
Engineering Task Force, Mar. 1997.
[3] R. Atkinson, "IP encapsulating security payload (ESP)," Request
for Comments (Proposed Standard) 1827, Internet Engineering Task
Force, Aug. 1995.
J.Rosenberg,H.Schulzrinne [Page 12]
| PAFTECH AB 2003-2026 | 2026-04-23 21:19:06 |