One document matched: draft-ietf-straw-b2bua-loop-detection-03.xml
<?xml version="1.0" encoding="iso-8859-1"?>
<!-- comment -->
<!DOCTYPE rfc SYSTEM "rfc2629.dtd"[]>
<?rfc toc="yes" ?>
<?rfc compact="yes" ?>
<?rfc sortrefs="no" ?>
<rfc ipr="trust200902" category="std" docName="draft-ietf-straw-b2bua-loop-detection-03" obsoletes="" updates="" submissionType="IETF" xml:lang="en">
<front>
<title abbrev="Loop Detection for B2BUAs">
Loop Detection Mechanisms for Session Initiation Protocol (SIP) Back-to-Back User Agents (B2BUAs)
</title>
<author initials="H." surname="Kaplan" fullname="Hadriel Kaplan">
<organization>Oracle</organization>
<address>
<postal>
<street></street>
<code></code>
<city></city>
<country></country>
</postal>
<email>hadriel.kaplan@oracle.com</email>
</address>
</author>
<author initials="V." surname="Pascual" fullname="Victor Pascual">
<organization>Quobis</organization>
<address>
<postal>
<street></street>
<code></code>
<city></city>
<country></country>
</postal>
<email>victor.pascual@quobis.com</email>
</address>
</author>
<date year="2013" />
<area>Transport</area>
<workgroup>STRAW Working Group</workgroup>
<keyword>SIP</keyword>
<keyword>B2BUA</keyword>
<keyword>loop-detection</keyword>
<abstract>
<t>
SIP Back-to-Back User Agents (B2BUAs) can cause unending SIP request
routing loops because, as User Agent Clients, they can generate SIP
requests with new Max-Forwards values. This document discusses the
difficulties associated with loop detection for B2BUAs, and
requirements for them to prevent infinite loops.
</t>
</abstract>
</front>
<middle>
<section title="Introduction" toc="default">
<t>
SIP provides a means of preventing infinite request forwarding
loops in <xref target="RFC3261" pageno="false" format="default"/>,
and a means of mitigating parallel forking amplification floods in
<xref target="RFC5393" pageno="false" format="default"/>. Neither
document normatively defines specific behavior for B2BUAs, however.
</t>
<t>
Unbounded SIP request loops have actually occurred in SIP
deployments, numerous times. The cause of loops is usually mis-
configuration, but the reason they have been unbounded/unending is
they crossed B2BUAs that reset the Max-Forwards value in the SIP
requests they generated on their UAC side. Although such behavior
is technically legal per <xref target="RFC3261" pageno="false"
format="default"/> because a B2BUA is a UAC, the resulting unbounded
loops have caused service outages and make troubleshooting difficult.
</t>
<t>
Furthermore, <xref target="RFC5393" pageno="false" format="default"/>
also provides a mechanism to mitigate the impact of parallel forking
amplification issues, through the use of a "Max-Breadth" header field.
If a B2BUA does not pass on this header field, parallel forking amplification
is not mitigated with the <xref target="RFC5393" pageno="false"
format="default"/> mechanism.
</t>
<t>
This document defines normative requirements for Max-Forwards and
Max-Breadth header field behaviors of B2BUAs, in order to mitigate
the effect of loops and parallel forking amplification.
</t>
</section>
<section title="Conventions" toc="default">
<t>
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in
BCP 14, RFC 2119 <xref target="RFC2119" pageno="false" format="default" />.
</t>
<t>B2BUA terminology and taxonomy used in this document is based on <xref target="I-D.ietf-straw-b2bua-taxonomy"/>
</t>
</section>
<section title="Background" toc="default">
<t>
Within the context of B2BUAs, the scope of the SIP protocol ends at
the UAS side of the B2BUA, and a new one begins on the UAC side. A
B2BUA is thus capable of choosing what it wishes to do on its UAC
side independently of its UAS side, and still remain compliant to
<xref target="RFC3261" pageno="false" format="default"/> and its extensions.
For example, any B2BUA type defined in <xref target="I-D.ietf-straw-b2bua-taxonomy"/>
other than Proxy-B2BUA may create the SIP request
on its UAC side without copying any of the Via header field values received on its
UAS side. Indeed there are valid reasons for it to do so; however this prevents
the Via-based loop-detection mechanism defined in <xref target="RFC3261"
pageno="false" format="default"/> and updated by <xref target="RFC5393"
pageno="false" format="default"/> from detecting SIP request loops any earlier
than by reaching a Max-Forwards limit.
</t>
<t>
Some attempts have been made by B2BUA vendors to detect request
loops in other ways: by keeping track of the number of outstanding
dialog-forming requests for a given caller/called URI pair; or by
detecting when they receive and send their own media addressing
information too many times in certain cases when they are a signaling/media-plane B2BUA; or by encoding a request instance identifier in some
field they believe will pass through other nodes, and detecting when
they see the same value too many times.
</t>
<t>
All of these methods are brittle and prone to error, however. They
are brittle because the definition of when a value has been seen
"too many times" is very hard to accurately determine; requests can
and do fork before and after B2BUAs process them, and requests
legitimately spiral in some cases, leading to incorrect
determination of loops. The mechanisms are prone to error because
there can be other B2BUAs in the loop's path that interfere with the
particular mechanism being used.
</t>
<t>
Ultimately, the last defense against loops becoming unbounded is to
limit how many SIP hops any request can traverse, which is the
purpose of the SIP Max-Forwards field value. If B2BUAs were to at
least copy and decrement the Max-Forwards header field value from
their UAS to the UAC side, loops would not continue indefinitely.
</t>
</section>
<section title="B2BUA Loop-Detection Behavior " toc="default">
<t>
It is RECOMMENDED that B2BUAs implement the loop-detection mechanism for the Via header field, as defined for a Proxy in <xref target="RFC5393"
pageno="false" format="default"/>.
</t>
</section>
<section title="B2BUA Max-Forwards Behavior" toc="default">
<t> This section applies for dialog-forming and out-of-dialog SIP requests. B2BUAs MAY perform the same actions for in-dialog requests, but doing so may cause issues with devices that set Max-Forwards values based upon the number of received Via or Record-Route headers.
</t>
<t>
All B2BUA types MUST copy the received Max-Forwards header field
from the received SIP request on their UAS side, to any request(s)
they generate on their UAC side, and decrement the value, as if they
were a Proxy following <xref target="RFC3261" pageno="false"
format="default"/>.
</t>
<t>
Being a UAS, B2BUAs MUST also check the received Max-Forwards header
field and reject or respond to the request if the value is zero, as
defined in <xref target="RFC3261" pageno="false" format="default"/>.
</t>
<t>
If the received request did not contain a Max-Forwards header field,
one MUST be created in any request generated in the UAC side, which
SHOULD be 70, as described for Proxies in section 16.6 part 3 of
<xref target="RFC3261" pageno="false" format="default"/>.
</t>
</section>
<section title="B2BUA Max-Breadth Behavior " toc="default">
<t>
All B2BUA types MUST copy the received Max-Breadth header field from
the received SIP request on their UAS side, to any request(s) they
generate on their UAC side, as if they were a Proxy following
<xref target="RFC5393" pageno="false" format="default"/>.
</t>
<t>
B2BUAs of all types MUST follow the requirements imposed on Proxies
as described in section 5.3.3 of <xref target="RFC5393" pageno="false"
format="default"/>, including generating the header field if none is
received, limiting its maximum value, etc.
</t>
<t>
B2BUAs that generate parallel requests on their UAC side for a
single incoming request on the UAS side MUST also follow the rules
for Max-Breadth handling in <xref target="RFC5393" pageno="false"
format="default"/> as if they were a parallel forking Proxy.
</t>
</section>
<section title="Security Considerations" toc="default">
<t>
The security implications for parallel forking amplification are
documented in section 7 of <xref target="RFC5393" pageno="false"
format="default"/>. This document does not add any additional
issues beyond those discussed in <xref target="RFC5393"
pageno="false" format="default"/>.
</t>
<t>
Some B2BUAs reset the Max-Forwards and Max-Breadth header field
values in order to obfuscate the number of hops a request has
already traversed, as a privacy or security concern. Such goals are
at odds with the mechanisms in this document, and administrators can
decide which they consider more important: obfuscation vs. loop
detection. In order to comply with this RFC, manufacturers MUST
comply with the normative rules defined herein by default, but MAY
provide user-configurable overrides as they see fit.
</t>
</section>
<section title="IANA Considerations" toc="default">
<t>
This document makes no request of IANA.
</t>
</section>
<section title="Acknowledgments" toc="default">
<t>
Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA). Thanks to Brett Tate (Broadsoft) and Andrew Hutton (Unify) and Anton Roman (Quobis) for their review of the document.
</t>
</section>
</middle>
<back>
<references title="Normative References">
<?rfc include="reference.RFC.2119"?>
<?rfc include="reference.RFC.3261"?>
<?rfc include="reference.RFC.5393"?>
</references>
<references title="Informative References">
<?rfc include='reference.I-D.ietf-straw-b2bua-taxonomy'?>
</references>
</back>
</rfc>| PAFTECH AB 2003-2026 | 2026-04-23 08:24:39 |