wdiff rfc7403.original rfc7403.txt

STRAW Working Group
Internet Engineering Task Force (IETF) H. Kaplan
Internet Draft
Request for Comments: 7403 Oracle
Intended status:
Category: Standards Track July 10, November 2014
Expires: January 10, 2015
ISSN: 2070-1721

A Media-based Media-Based Traceroute Function
for the Session Initiation Protocol (SIP)
draft-ietf-straw-sip-traceroute-03

Abstract

SIP already provides the ability to perform hop-by-hop traceroute for
SIP messages using the Max-Forwards header field to determine the
reachability path of requests to a target. A mechanism for
media-loopback media-
loopback calls has also been defined separately, which enables test
calls to be generated that result in media being looped back to the
originator. This document describes a means of performing hop-
by-hop hop-by-hop
traceroute-style test calls using the media-loopback mechanism to
test the media path when SIP sessions go through media-
relaying B2BUAs. media-relaying back-
to-back user agents (B2BUAs).

Status of this This Memo

This Internet-Draft is submitted to IETF in full conformance with
the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents an Internet Standards Track document.

This document is a product of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.

Internet-Drafts are draft documents valid for a maximum
(IETF). It represents the consensus of six
months the IETF community. It has
received public review and may be updated, replaced, or obsoleted has been approved for publication by other documents
at any time. It the
Internet Engineering Steering Group (IESG). Further information on
Internet Standards is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work available in progress."

The list Section 2 of RFC 5741.

Information about the current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.

The list status of Internet-Draft Shadow Directories can this document, any errata,
and how to provide feedback on it may be accessed obtained at
http://www.ietf.org/shadow.html.

This Internet-Draft will expire on January 10, 2015.
http://www.rfc-editor.org/info/rfc7403.

This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.

Table of Contents

1. Introduction................................................2 Introduction ....................................................2
2. Terminology.................................................3 Terminology .....................................................3
3. The SIP Traceroute Mechanism................................4 Mechanism ....................................3
3.1. Processing a Received Max-Forwards Header Field........4 Field ............4
3.2. Answering the INVITE...................................5 INVITE .......................................5
4. Security Considerations.....................................5 Considerations .........................................5
5. IANA Considerations.........................................6
6. Acknowledgments.............................................6
7. References..................................................6
7.1. References ......................................................6
5.1. Normative References...................................6 References .......................................6
Acknowledgments ....................................................7
Author's Address..................................................7 Address....................................................7

1. Introduction

In many deployments, the media for SIP-created sessions does not flow
directly from the originating user's UAC User Agent Client (UAC) to the
answering
user's UAS. User Agent Server (UAS). Often, SIP B2BUAs in the SIP
signaling path also insert themselves in the media plane path by
manipulating SDP, Session Description Protocol (SDP), either for injecting
media such as rich ringtones or music-on-hold, music-on-hold or for relaying media
in order to provide functions such as transcoding, IPv4-IPv6
conversion, NAT traversal, SRTP Secure Realtime Transport Protocol (SRTP)
termination, media steering, etc.

As more SIP domains get deployed and interconnected, the odds of a
SIP session crossing such media-plane B2BUAs increases, increases as well as the
number of such B2BUAs any given SIP session may go through. In other
words, any given SIP session may cross any number of B2BUA's B2BUAs both in
the SIP signaling plane as well as the media plane.

When a failure or degradation occurs in the media plane, it is
difficult to determine where in the media path they it occurred. In order
to aid managing and troubleshooting SIP-based sessions and media
traversing such B2BUAs, it would be useful to progressively test the
media path as it reaches successive B2BUAs with a test controlled in a single-ended way from
solely by the source UA. User Agent (UA). A mechanism to perform media-loopback media-
loopback test sessions has been defined in [RFC6849], but it cannot
be used directly to test B2BUAs because typically because, typically, the B2BUAs do not
have an Address of Record (AoR) (AOR) to be targeted, nor is it known a
priori which B2BUAs will be traversed for any given session.

For example, suppose calls from Alice to Bob have media problems.
Alice would like to test the media path to each B2BUA in the path to
Bob separately, to determine which segment has the issues. Alice
cannot target the B2BUAs directly for each test call, because call; she doesn't
know which URIs to use to target them; them, nor would using such URIs
guarantee the same media path be used as a call to Bob. A better
solution would be to make a test call targeted to Bob, but with a SIP
traceroute-type mechanism that makes the call terminate at the
B2BUAs, such that she can perform test sessions to test the media
path to each downstream B2BUA.

This document defines how such a mechanism can be employed, using the [RFC6849]
mechanism in [RFC6849] along with the Max-Forwards SIP header field
such that a SIP User Agent UA can make multiple test calls, each reaching a
B2BUA further downstream. Each B2BUA in the path that supports the
mechanism in [RFC6849] would answer the media-loopback
call, and thus call; thus,
the originating SIP UA can test the media path up to that B2BUA.

2. Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].

B2BUA: a SIP Back-to-Back User Agent, which is the logical
combination of a User Agent Server (UAS) and User Agent
Client (UAC).

UAS: a SIP User Agent Server. Server

UAC: a SIP User Agent Client. Client

Traceroute: a mechanism to trace a path of hops from an originator to
a destination. For IP, this is typically done using the TTL
Time To Live (TTL) field of the IP header, starting at
the value 1 and incrementing by 1 as each IP hop responds
with an ICMP error. For SIP SIP, this can be done using Max-Forwards Max-
Forwards header field starting with the value 0, in a
similar fashion to the TTL field.

It is assumed the reader is already familiar with media-loopback
[RFC6849].

3. The SIP Traceroute Mechanism

The Max-Forwards header field can already be used to perform generate a
simple SIP-request traceroute mechanism by generating a SIP request initially
using a Max-Forwards value of 0, receiving a 483 Too Many Hops
response from the next-hop, and then incrementing the value for
subsequent SIP requests, requests; one would thereby reaching reach SIP devices further
and further downstream and downstream, receiving 483 from each of them.

The mechanism described in this document uses such a traceroute of a
Max-Forwards style traceroute to perform media-loopback testing. To perform a
SIP media-plane traceroute, the originating UAC (Alice) generates a
SIP INVITE to a target AoR AOR (Bob), with a Max-Forwards header field
value of 0 and with SDP based on [RFC6849]. The SIP next-hop will
either reject the request with a 483 Too Many Hops response, or response or, if
the next-hop is a B2BUA that supports this mechanism, mechanism and if the B2BUA
allows such testing from the requesting UAC, then the B2BUA will answer
the INVITE to establish the dialog and create a media-
loopback media-loopback
session.

The originating UAC can then end the media-loopback session, generate
another INVITE to the same target AoR AOR with a Max-Forwards header
field value of 1, which will reach the second SIP next hop, next-hop, and so
on.

A defined [RFC3326] SIP Reason header field cause value of '483' (as defined in
[RFC3326]) will be in the 200 answer from each B2BUA answering the
INVITE, until the INVITE reaches the final UAS (Bob), which does not
use the Reason cause value. value (see Section 3.2 for details) details).

Using this mechanism mechanism, a SIP UAC can test the path from itself to each
successive B2BUA on the path to a target. Such a mechanism could
also be useful for establishing a permanent test call between an
Enterprise and a Service Provider across a SIP Trunk, for example, or
for automated measurement systems to test the media path between
domains, etc.

3.1. Processing a Received Max-Forwards Header Field

As currently defined in [RFC3261], the UAS half of a B2BUA does not
technically need to inspect the Max-Forwards header field value for
received requests - requests: only Proxies do. This behavior was updated by
[draft-loop-detection],
[RFC7332], such that a compliant B2BUA needs to both inspect the
value in order to prevent loops, as well as copy and decrement the
value as if it were a Proxy. This document also requires such
behavior in order for the mechanism to succeed;
therefore therefore, a B2BUA
supporting the traceroute mechanism defined in this document MUST
also comply with [draft-loop-detection]. [RFC7332].

3.2. Answering the INVITE

If a SIP B2BUA receives a dialog-creating INVITE request with a Max-
Forwards header value of 0, with SDP for media-loopback based on
[RFC6849], and the policies of the B2BUA allow it to answer such a
request, then it is answered as if the original target of the request
were the local SIP B2BUA. The normal procedures of SIP apply, as
well as [RFC6849], as if the request had been targeted at the local
B2BUA device as the intended destination all along.

In the 200 response for the INVITE, the B2BUA MUST also add a Reason
header, per [RFC3326], with a protocol field value of "SIP", a cause
field value of "483", and a reason-text value of "Traceroute
Response". The purpose of the Reason header is to indicate to the
UAC that the request is being answered due to reaching a Max-
Forwards of 0, rather than being answered due to reaching the final
UAS. When the ultimate target UAS answers a loopback-based INVITE
with a Max-Forwards greater than or equal to 0, the Reason header
would not be added to the response and the UAC will know the
traceroute is complete.

If a B2BUA receives an INVITE with media-loopback SDP and a Max-
Forwards header field value of 0 0, as defined in this document, and it
does not accept the session (e.g., due to local policy), then it
SHOULD respond with a 483 Too Many Hops response, per the normal
[RFC3261]
rules of [RFC3261], as it would previously. In other words, in such
a
case case, it behaves no differently than it would have if it did not
support this document's new behavior.

4. Security Considerations

There are security implications for the mechanism defined in this
document. Answering media-loopback calls in a B2BUA consumes
resources on the B2BUA, and network bandwidth in between, and thus between and, thus,
exposes a vector for denial of service denial-of-service (DoS) attacks; therefore,
B2BUAs should provide configuration options to control who can make
such test calls, how many concurrent calls can be established and
maintained, and for how long. long calls can continue. Entities that deploy
B2BUAs should set these options to values that reduce the denial-of-service DoS risk to
an acceptable level. A For example, a B2BUA might perform digest-challenge digest-
challenge authentication with specific credentials for such calls, for
example; calls or
it might only allow specific sources to make such calls, at a
specific time. Such policies are typically vendor-specific vendor specific based on
local policies and deployment usage scenarios, scenarios and cannot
to be
explicitly defined in this document.

The security considerations of [RFC6849] also apply to this document.
Since B2BUAs are not end user end-user devices, there is no human user to
monitor the loopback session activity on the B2BUA as recommended in
[RFC6849]; instead, B2BUAs should log such events, events or provide some
form of administrative notification.

5. IANA Considerations

This document makes no request of IANA.

6. Acknowledgments

The general concept of performing media-loopback on a hop-by-hop
basis using a decrementing header traceroute style approach came out
of discussions several years ago, between the author, Kaynam
Hedayat, Nagarjuna Venna, and Patrick MeLampy. Other people that
have contributed to the topic over the years since then: Brett Tate,
Paul Kyzivat, Peter Dawes, Zaid Ally, Dianna Stiller, Jon Boone, and
several others whom I have lost the names of since.

Funding for the RFC Editor function is provided by the IETF
Administrative Support Activity (IASA).

7. References

7.1.

5.1. Normative References

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. 1997,
<http://www.rfc-editor.org/info/rfc2119>.

[RFC3261] Rosenberg, J., et al, Schulzrinne, H., Camarillo, G., Johnston,
A., Peterson, J., Sparks, R., Handley, M., and E.
Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002. 2002, <http://www.rfc-editor.org/info/rfc3261>.

[RFC3326] Schulzrinne, H., Oran, D., and G. Camarillo, G., "The Reason
Header Field for the Session Initiation Protocol (SIP)",
RFC 3326, December 2002. 2002,
<http://www.rfc-editor.org/info/rfc3326>.

[RFC6849] Kaplan, H., et al, Ed., Hedayat, K., Venna, N., Jones, P., and
N. Stratton, "An Extension to the Session Description
Protocol (SDP) and Real-time Transport Protocol (RTP) for
Media Loopback", RFC 6849, February 2013.

[draft-loop-detection] 2013,
<http://www.rfc-editor.org/info/rfc6849>.

[RFC7332] Kaplan, H., H. and V. Pascual, V., "Loop Detection Mechanisms for
Session Initiation Protocol (SIP) Back-to-Back User
Agents (B2BUAs)", draft-ietf-straw-b2bua-loop-detection-
02, September 2013. RFC 7332, August 2014,
<http://www.rfc-editor.org/info/rfc7332>.

Acknowledgments

The general concept of performing media-loopback on a hop-by-hop
basis using a decrementing header traceroute-style approach came out
of discussions several years ago, between the author, Kaynam Hedayat,
Nagarjuna Venna, and Patrick MeLampy. Other people that have
contributed to the topic over the years since then: Brett Tate, Paul
Kyzivat, Peter Dawes, Zaid Ally, Dianna Stiller, Jon Boone, and
several others whom I have lost the names of since.

Author's Address

Hadriel Kaplan
Oracle
Email:
EMail: hadrielk@yahoo.com