draft-ietf-sip-srv-03.txt   draft-ietf-sip-srv-04.txt 
Internet Engineering Task Force SIP WG Internet Engineering Task Force SIP WG
Internet Draft J.Rosenberg,H.Schulzrinne Internet Draft J.Rosenberg,H.Schulzrinne
draft-ietf-sip-srv-03.txt dynamicsoft,Columbia U. draft-ietf-sip-srv-04.txt dynamicsoft,Columbia U.
December 24, 2001 January 24, 2002
Expires: May 2002 Expires: July 2002
SIP: Locating SIP Servers SIP: Locating SIP Servers
STATUS OF THIS MEMO STATUS OF THIS MEMO
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 34 skipping to change at page 1, line 34
material or to cite them other than as "work in progress". material or to cite them other than as "work in progress".
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
To view the list Internet-Draft Shadow Directories, see To view the list Internet-Draft Shadow Directories, see
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Abstract Abstract
The Session Initiation Protocol (SIP) makes use of DNS procedures to The Session Initiation Protocol (SIP) uses DNS procedures to allow a
allow a client to resolve a SIP URI into the IP address, port, and client to resolve a SIP URI into the IP address, port, and transport
transport of the next hop to contact. It also uses DNS to allow a protocol of the next hop to contact. It also uses DNS to allow a
server to send a response to a backup client in the event of a server to send a response to a backup client if the primary client
failure of the primary client. This document describes those DNS pro- has failed. This document describes those DNS procedures in detail.
cedures in detail.
1 Introduction 1 Introduction
The Session Initiation Protocol (SIP) [1] is a client-server protocol The Session Initiation Protocol (SIP) [1] is a client-server protocol
used for the initiation and management of communications sessions used for the initiation and management of communications sessions
between users. SIP end systems are called user agents, and intermedi- between users. SIP end systems are called user agents, and
ate elements are known as proxy servers. A typical SIP configuration, intermediate elements are known as proxy servers. A typical SIP
referred to as the SIP "trapezoid" is shown in Figure 1. In this configuration, referred to as the SIP "trapezoid" is shown in Figure
diagram, a caller, UA1 wishes to call joe@B. To do so, it communi- 1. In this diagram, a caller in domain A (UA1) wishes to call Joe in
cates with proxy 1 in its domain (domain A). Proxy 1 forwards the domain B (joe@B). To do so, it communicates with proxy 1 in its
request to the proxy for the domain of the called party (domain B), domain (domain A). Proxy 1 forwards the request to the proxy for the
which is proxy 2. Proxy 2 forwards the call to the called party, UA domain of the called party (domain B), which is proxy 2. Proxy 2
2. forwards the call to the called party, UA 2.
As part of this call flow, proxy 1 needs to determine a SIP server
for domain B. To do this, proxy 1 makes use of DNS procedures, using
both the SRV [2] and NAPTR [3] records. This document describes the
specific problems that SIP uses DNS to help solve, and provides a
solution.
2 Problems DNS is Needed to Solve
DNS is needed to help solve several aspects of the general call flow
described in the Introduction.
First off, proxy 1 needs to discover the SIP server in domain B, in
order to forward the call for joe@B. Specifically, it needs to deter-
mine the IP address, port and transport for the server in domain B.
Transport is particularly noteworthy. Unlike other protocols, SIP can
run over a variety of transports, including TCP, UDP, TLS/TCP and
SCTP. Therefore, discovery of transports for a particular domain is
an important part of the processing. The proxy sending the request
has a particular set of transports it supports (all proxies must
implement both TCP and UDP) and a preference for using those tran-
sports. Proxy 2 has its own set of transports it supports (the
minimal overlap is UDP and TCP in this case), and relative prefer-
ences for those transports. Some form of DNS procedures are needed
for proxy 1 to discover the available transports for SIP services at
domain B, and the relative preferences of those transports. This
information can be merged with the supported transports and prefer-
ences at proxy 1, resulting in a selection of a transport.
It is important to note that DNS processing can be used multiple
times throughout processing of a call. In general, an element that
wishes to send a request (generally called a client) may need to per-
form DNS processing to determine the IP address, port, and transport
of a next hop element, generally called a server (it can be a proxy
or a user agent). Such processing could, in principle, occur at every
hop between elements.
Since SIP is used for the establishment of interactive communications
services, the time it takes to complete a transaction between a
caller and called party is important. Typically, the total delay
between when a user initiates the call, and when they get an indica-
tion that the called party is being alerted to the call, needs to be
............................ .............................. ............................ ..............................
. . . . . . . .
. +-------+ . . +-------+ . . +-------+ . . +-------+ .
. | | . . | | . . | | . . | | .
. | Proxy |------------- | Proxy | . . | Proxy |------------- | Proxy | .
. | 1 | . . | 2 | . . | 1 | . . | 2 | .
. | | . . | | . . | | . . | | .
. / +-------+ . . +-------+ \ . . / +-------+ . . +-------+ \ .
. / . . \ . . / . . \ .
. / . . \ . . / . . \ .
skipping to change at page 3, line 29 skipping to change at page 3, line 4
. +-------+ . . +-------+ . . +-------+ . . +-------+ .
. | | . . | | . . | | . . | | .
. | | . . | | . . | | . . | | .
. | UA 1 | . . | UA 2 | . . | UA 1 | . . | UA 2 | .
. | | . . | | . . | | . . | | .
. +-------+ . . +-------+ . . +-------+ . . +-------+ .
. Domain A . . Domain B . . Domain A . . Domain B .
............................ .............................. ............................ ..............................
Figure 1: The SIP trapezoid Figure 1: The SIP trapezoid
As part of this call flow, proxy 1 needs to determine a SIP server
for domain B. To do this, proxy 1 makes use of DNS procedures, using
both SRV [2] and NAPTR [3] records. This document describes the
specific problems that SIP uses DNS to help solve, and provides a
solution.
less than a few seconds. Given that there can be multiple hops, each 2 Problems DNS is Needed to Solve
of which is doing DNS processing in addition to other potentially
time-intensive operations, the amount of time available for DNS pro- DNS is needed to help solve two aspects of the general call flow
cessing at each hop is limited. described in the Introduction. The first is for proxy 1 to discover
the SIP server in domain B, in order to forward the call for joe@B.
The second is for proxy 2 to identify a backup for proxy 1 in the
event it fails after forwarding the request.
For the first aspect, proxy 1 specifically needs to determine the IP
address, port and transport protocol for the server in domain B.
Transport Protocol is particularly noteworthy. Unlike many other
protocols, SIP can run over a variety of transport protocols,
including TCP, UDP, TLS/TCP and SCTP. Thus, clients need to be able
to automatically determine which transport protocols are available.
The proxy sending the request has a particular set of transport
protocols it supports and a preference for using those transport
protocols. Proxy 2 has its own set of transport protocols it
supports, and relative preferences for those transport protocols. All
proxies must implement both UDP and TCP, so that there is always an
intersection of capabilities. Some form of DNS procedures are needed
for proxy 1 to discover the available transport protocols for SIP
services at domain B, and the relative preferences of those transport
protocols. Proxy 1 intersects its list of supported transport
protocols with those of proxy 2 and then chooses the protocol
preferred by proxy 2.
It is important to note that DNS lookups can be used multiple times
throughout processing of a call. In general, an element that wishes
to send a request (called a client) may need to perform DNS
processing to determine the IP address, port, and transport protocol
of a next hop element, called a server (it can be a proxy or a user
agent). Such processing could, in principle, occur at every hop
between elements.
Since SIP is used for the establishment of interactive communications
services, the time it takes to complete a transaction between a
caller and called party is important. Typically, the time from when
the caller initiates a call until the time the called party is
alerted should be no more than a few seconds. Given that there can be
multiple hops, each of which is doing DNS lookups in addition to
other potentially time-intensive operations, the amount of time
available for DNS lookups at each hop is limited.
Scalability and high availability are important in SIP. SIP services Scalability and high availability are important in SIP. SIP services
scale up through clustering techniques. In a more realistic version scale up through clustering techniques. Typically, in a realistic
of the network in Figure 1, proxy 2 would typically be a cluster of version of the network in Figure 1, proxy 2 would be a cluster of
homogeneously configured proxies. DNS needs to provide the ability homogeneously configured proxies. DNS needs to provide the ability
for domain B to configure a set of servers, along with prioritization for domain B to configure a set of servers, along with prioritization
and weights in order to provide a crude level of capacity based load and weights in order to provide a crude level of capacity-based load
balancing. balancing.
High availability is accomplished in SIP through detection of SIP assures high availability by having upstream elements detect
failures by upstream elements. For example, proxy 1 would send a failures. For example, assume that proxy 2 is implemented as a
request to proxy 2.1 (one of the proxies in the "cluster" proxy 2). cluster of two proxies, proxy 2.1 and proxy 2.2. If proxy 1 sends a
This request would fail, and that would be detected by proxy 1. Proxy request to proxy 2.1 and the request fails, it retries the request by
1 would then try another of the proxies, proxy 2.2. In many cases, sending it to proxy 2.2. This request would fail, and that would be
such as the one above, proxy 1 will not know which domains it will detected by proxy 1. Proxy 1 would then try proxy 2.2. In many cases,
ultimately communicate with. That information would be known when a proxy 1 will not know which domains it will ultimately communicate
user actually makes a call to another user in that domain. Proxy 1 with. That information would be known when a user actually makes a
may never communicate with that domain again after the call com- call to another user in that domain. Proxy 1 may never communicate
pletes. Proxy 1 could communicate with thousands of different domains with that domain again after the call completes. Proxy 1 may
within a few minutes, and proxy 2 could receive requests from communicate with thousands of different domains within a few minutes,
thousands of different domains within a few minutes. Because of this and proxy 2 could receive requests from thousands of different
"many-to-many" relationship, it is not generally possible for an ele- domains within a few minutes. Because of this "many-to-many"
ment to perpetually maintain dynamic availability state for the prox- relationship, and the possibly long intervals between communications
ies it will communicate with. When a proxy gets its first call with a between a pair of domains, it is not generally possible for an
element to maintain dynamic availability state for the proxies it
will communicate with. When a proxy gets its first call with a
particular domain, it will try the servers in that domain in some particular domain, it will try the servers in that domain in some
order until it finds one thats available. The identity of the avail- order until it finds one that is available. The identity of the
able server would ideally be cached for some amount of time in order available server would ideally be cached for some amount of time in
to reduce call setup delays of subsequent calls. However, the client order to reduce call setup delays of subsequent calls. The client
cannot actively "ping" the failed servers to determine when they come cannot query a failed server continuously to determine when it
back alive, because of scalability concerns. Furthermore, the availa- becomes available again, since this does not scale. Furthermore, the
bility state must eventually be flushed in order to redistribute load availability state must eventually be flushed in order to
to recovered elements when they come back online. redistribute load to recovered elements when they come back online.
It is possible for elements to fail in the middle of a transaction. It is possible for elements to fail in the middle of a transaction.
For example, after proxy 2 forwards the request to UA 2, proxy 1 For example, after proxy 2 forwards the request to UA 2, proxy 1
fails. UA 2 sends its response to proxy 2, which tries to forward it fails. UA 2 sends its response to proxy 2, which tries to forward it
to proxy 1, which is no longer available. Ideally, we would like to proxy 1, which is no longer available. The second aspect of the
proxy 2 to use DNS procedures to identify a backup server for proxy 1 flow in the introduction for which DNS is needed, is for proxy 2 to
that it can use to forward the response. This problem is more realis- identify a backup for proxy 1 that it can send the response to. This
tic in SIP than it is in other transactional protocols. The reason is problem is more realistic in SIP than it is in other transactional
that a SIP response can take a *long* time to be generated, because a protocols. The reason is that a SIP response can take a long time to
human user frequently needs to be consulted in order to generate that be generated, because a human user frequently needs to be consulted
response. As such, it is not uncommon for tens of seconds to elapse in order to generate that response. As such, it is not uncommon for
between a call request and its acceptance. tens of seconds to elapse between a call request and its acceptance.
3 Client Usage 3 Terminology
In this document, the key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALLNOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" are to be interpreted as described in RFC 2119 [4] and
indicate requirement levels for compliant SIP implementations.
4 Client Usage
Usage of DNS differs for clients and for servers. This section Usage of DNS differs for clients and for servers. This section
discusses client usage. The assumption is that the client is stateful discusses client usage. We assume that the client is stateful (either
(either a UAC or a stateful proxy). Considerations for stateless a UAC or a stateful proxy). Stateless proxies are discussed in
proxies are discussed in Section 3.4. Section 4.4.
The procedures here are invoked when a client needs to send a request The procedures here are invoked when a client needs to send a request
to a server for which it does not already know an explicit IP to a server identified by a SIP URI, or when an element wishes to
address, port, and transport. This occurs when an element wishes to send a request to a specific configured server, independent of the
send a request to a server identified by a SIP URI, or when an ele- SIP URI (called an outbound proxy), but the outbound proxy is
ment wishes to send a request to a specific configured server, identified by a domain name instead of a numeric IP address.
independent of the SIP URI, but the configured server is identified Frequently, this is because the URI is contained in the Request-URI
by a domain name instead of a numeric IP address. of a request to be sent. The procedures defined here in no way affect
this URI (i.e., the URI is not rewritten with the result of the DNS
looksup), they only result in an IP address, port and transport
protocol where the request can be sent.
The procedures here MUST only be done once per transaction. That is, The procedures here MUST be done exactly once per transaction. That
once a server has successfully been contacted (success is defined is, once a server has successfully been contacted (success is defined
below), all retransmissions of the request and the ACK for non-2xx below), all retransmissions of the request and the ACK for non-2xx
responses MUST be sent to the same server. Furthermore, a CANCEL for responses MUST be sent to the same host. Furthermore, a CANCEL for a
a particular request MUST be sent to the same server that the request particular request MUST be sent to the same host that the request was
was delivered to. delivered to.
Note that, because the ACK request for 2xx responses constitutes a Because the ACK request for 2xx responses constitutes a different
different transaction, there is no requirement that it be delivered transaction, there is no requirement that it be delivered to the same
to the same server that received the original request (indeed, if server that received the original request (indeed, if that server did
that server did not record-route, it will most definitely not get the not record-route, it will most definitely not get the ACK).
ACK).
If the request is being delivered to an outbound proxy, a temporary If the request is being delivered to an outbound proxy, a temporary
URI, used for purposes of this specification, is constructed. That URI, used for purposes of this specification, is constructed. That
URI is of the form sip:<proxy>, where <proxy> is the domain of the URI is of the form sip:<proxy>, where <proxy> is the domain of the
outbound proxy. outbound proxy.
The first step is to identify the TARGET. The TARGET is set to the We defined TARGET as the value of the maddr parameter of the URI, if
value of the maddr parameter of the URI, if present, otherwise, the present, otherwise, the host value of the hostport component of the
host value of the hostport construction. It represents the domain to URI. It identifies the domain to be contacted.
be contacted.
3.1 Selecting a Transport We determine the transport protocol, port and IP address of a
suitable instance of TARGET in Sections 4.1 and 4.2.
Next, a transport is selected. 4.1 Selecting a Transport Protocol
First, the client selects a transport protocol.
If the URI specifies a transport, that transport MUST be used. If the URI specifies a transport protocol in the transport parameter,
that transport protocol MUST be used.
Otherwise, if no transport is specified, but the TARGET is a numeric Otherwise, if no transport protocol is specified, but the TARGET is a
IP address, the client SHOULD use UDP. numeric IP address, the client SHOULD use UDP.
Otherwise, if no transport is specified, and the target is not a Otherwise, if no transport protocol is specified, and the target is
numeric IP address, the client SHOULD perform a NAPTR query. This not a numeric IP address, the client SHOULD perform a NAPTR query for
query is for the service "SIP+D2T", which provides a mapping from a the domain in the SIP URI. The services relevant for the task of
domain to a transport for contacting that domain. The transport is of transport protocol selection are those with NAPTR service fields with
the form of an SRV record, using the "S" NAPTR flag. The resource values "SIP+D2x", where x is a letter that corresponds to a transport
record will contain a replacement value (not a regular expression), protocol supported by the domain. This specification defines D2U for
which is the SRV record for a particular transport. If the server UDP, D2T for TCP, D2S for SCTP and D2L for TLS over TCP. We also
supports multiple transports, there will be multiple NAPTR records, establish an IANA registry for NAPTR service name to transport
each with a different order value. The client MUST discard any protocol mappings.
records that contain an SRV value with a transport not supported by
the client, but otherwise follow the processing rules of [3]. The
result is that the most preferred transport of the server that is
supported by the client will get used.
As an example, consider foo.com. A client wishes to contact a SIP These NAPTR records provide a mapping from a domain to the SRV record
server in foo.com. It performs a NAPTR query for that domain, and the for contacting a server with the specific transport protocol in the
following records are returned: NAPTR services field. The resource record will contain a replacement
value and an empty regular expression, which is the SRV record for
that particular transport protocol. If the server supports multiple
transport protocols, there will be multiple NAPTR records, each with
a different service value. As per RFC 2915 [3], the client MUST
discard any records whose services fields indicate transport
protocols not supported by the client. The NAPTR processing in RFC
2915 will result in selection of a transport protocol (and an SRV
record along with it) with most preferred transport protocol of the
server that is supported by the client.
As an example, consider example.com. A client wishes to contact a SIP
server in example.com. It performs a NAPTR query for that domain, and
the following records are returned:
;; order pref flags service regexp replacement ;; order pref flags service regexp replacement
IN NAPTR 90 50 "s" "SIP+D2T" "" _sip._tcp.foo.com IN NAPTR 90 50 "s" "SIP+D2T" "" _sip._tcp.school.edu
IN NAPTR 100 50 "s" "SIP+D2T" "" _sip._udp.foo.com IN NAPTR 100 50 "s" "SIP+D2U" "" _sip._udp.example.com
IN NAPTR 110 50 "s" "SIP+D2T" "" _sip._tls.foo.com IN NAPTR 110 50 "s" "SIP+D2S" "" tls-sip.example.com
This indicates that the server supports TCP, UDP, and TLS, in that This indicates that the server supports TCP, UDP, and TLS, in that
order of preference. If the client supports UDP and TLS, UDP will be order. If the client supports UDP and TLS, UDP will be used, based on
used, based on an SRV lookup of _sip._udp.foo.com. an SRV lookup of _sip._udp.example.com.
Somehow this doesn't seem right, since the client needs to
look at the replacement values to discard entries. Perhaps
the query should instead be done for sip.<domain>, and the
service field is "TCP+D2T" or "UDP+D2T"?
It is STRONGLY RECOMMENDED that the domain suffixes in the replace- It is not necessary for the domain suffixes in the replacement field
ment field (i.e., foo.com above) match the domain of the original to match the domain of the original query (i.e., example.com above).
query. Without that, backwards compatibility between RFC 2543 and However, for backwards compatibility with RFC 2543, a domain MUST
this specification will not be possible. maintain SRV records for the domain of the original query, even if
the NAPTR record is in a different domain. As an example, even though
the SRV record for TCP is _sip._tcp.school.edu, there MUST also be an
SRV record at _sip._tcp.example.com.
THis is because RFC 2543 clients will go directly to SRV RFC 2543 will look up the SRV records for the domain
records using the domain suffixes. If these are non- directly. If these do not exist because the NAPTR
existent, because the NAPTR replacement used a different replacement points to a different domain, the client will
suffix, communication will not take place. fail.
In the event that no NAPTR records are found, the client constructs If no NAPTR records are found, the client constructs SRV queries for
SRV records for those transports it supports, and does a query for those transport protocols it supports, and does a query for each.
each. Queries are done using the service identifier "_sip". If the Queries are done using the service identifier "_sip". A particular
query is successful, it means that the particular transport is sup- transport is supported if the query is successful. The client MAY use
ported. The client MAY use any transport it desires which is sup- any transport protocol it desires which is supported by the server.
ported by the server.
This is a change from RFC 2543, which used to merge the This is a change from RFC 2543, which used to merge the
priority values across different SRV records. priority values across different SRV records.
3.2 Determining port and IP 4.2 Determining Port and IP
Once the transport has been determined, the next step is to determine Once the transport protocol has been determined, the next step is to
the IP address and port. determine the IP address and port.
If TARGET is a numeric IP address, use that address. If the URI also If TARGET is a numeric IP address, the client uses that address. If
contains a port, use that port. If no port is specified, use the the URI also contains a port, it uses that port. If no port is
default port for the particular transport. specified, it uses the default port for the particular transport
protocol.
If the TARGET was not a numeric IP address, but a port is present in If the TARGET was not a numeric IP address, but a port is present in
the URI, first check the cache to determine if a server has been pre- the URI, the client performs an A or AAAA record lookup of the domain
viously contacted successfully for that TARGET and port. If one has name. The result will be a list of IP address, each of which can be
been, use that server. Otherwise, perform an A or AAAA record lookup contacted at the specific port from the URI and transport protocol
of the domain name. The result will be a list of IP address, each of determined previously. Processing then proceeds as described in
which can be contacted at the specific port from the URI and tran- Section 4.3 of this document.
sport determined previously. Processing then proceeds as described in
Section 3.3.
There is a weird case where, where the URI had a domain There is a weird case where, where the URI had a domain
name and a port. SRV records will potentially be used to name and a port. SRV records will potentially be used to
determine the transport, based on the algorithms above, but determine the transport protocol, based on the algorithms
A records used for the actual lookup. That seems odd. above, but A records used for the actual lookup. That seems
odd.
If the TARGET was not a numeric IP address, and no port was present If the TARGET was not a numeric IP address, and no port was present
in the URI, first check the cache to see if a server had been previ- in the URI, the client performs an SRV query using the service
ously contacted successfully for that TARGET. If one had been, use identifier "_sip" and the transport protocol as determined from
that. Otherwise, perform an SRV query using the service identifier Section 4.1, as specified in RFC 2782 [2]. The procedures of RFC
"_sip" and the transport as determined from Section 3.1, as specified 2782, as described in the Section titled "Usage rules" are followed,
in RFC 2782 [2]. The procedures of RFC 2782, as described in the Sec- augmented by the additional procedures of Section 4.3 of this
tion titled "Usage rules" are followed, augmented by the additional document.
procedures of Section 3.3.
This is a change. Previously, if the port was explicit, but This is a change. Previously, if the port was explicit, but
with a value of 5060, SRV records were used. Now, A records with a value of 5060, SRV records were used. Now, A records
will be used. A result of this is that the URL comparison will be used. A result of this is that the URL comparison
rules need to change to reflect that sip:user@foo and rules need to change to reflect that sip:user@example.com
sip:user@foo:5060 are NOT equivalent any longer. I think and sip:user@example.com:5060 are NOT equivalent any
this should not cause any serious interoperability issues, longer. I think this should not cause any serious
but further consideration is needed. interoperability issues, but further consideration is
needed.
3.3 Details of 2782 process 4.3 Details of RFC 2782 Process
RFC 2782 spells out the details of how a set of SRV records are RFC 2782 spells out the details of how a set of SRV records are
sorted and then tried. However, it only states that the client should sorted and then tried. However, it only states that the client should
"try to connect to the (protocol, address, service)" without giving "try to connect to the (protocol, address, service)" without giving
any details on what happens in the event of failure. Those details, any details on what happens in the event of failure. Those details
in the case of SIP, are described here. are described here for SIP.
The client client MAY maintain a table indicating the status of a
particular host (that is, whether it was ever successfully contacted,
or whether attempts to contact it resulted in a failure). The table
is indexed with the IP address, port, and transport for a particular
host. If a particular host is listed with a status of "failed", that
entry SHOULD be discarded after one hour, so that the host can be
used once more if it has recovered.
When processing the list of SRV entries (or A records, depending on
how the URI was resolved), the client MAY remove any entries for
hosts which are marked as "failed" in the table. The remaining
entries are then tried according to RFC 2782.
For SIP requests, failure occurs if the transaction layer reports a For SIP requests, failure occurs if the transaction layer reports a
503 error response or a transport failure of some sort (generally, 503 error response or a transport failure of some sort (generally,
due to ICMP errors or TCP connection failures). Failure also occurs due to ICMP errors or TCP connection failures). Failure also occurs
if the transaction layer times out without ever having received ANY if the transaction layer times out without ever having received any
response, provisional or final (i.e., timer B or timer F fires). If a response, provisional or final (i.e., timer B or timer F fires). If a
failure occurs, the client SHOULD create a new request, which is failure occurs, the client SHOULD create a new request, which is
identical to the previous, but has a different value of the Via identical to the previous, but has a different value of the Via
branch ID than the previous (and therefore constitutes a new SIP branch ID than the previous (and therefore constitutes a new SIP
transaction). That request is sent to the next element in the list as transaction). That request is sent to the next element in the list as
specified by rfc2782. specified by RFC 2782.
A server has been contacted "successfully" if a request sent to that
server generates any kind of response, provisional or final. A map-
ping of the tuple (TARGET, input TRANSPORT, input PORT) to a specific
server (IP address, transport, port) that was contacted successfully
SHOULD be cached for a duration equal to the TTL of the A record for
that server itself. Note, in the above tuple, input TRANSPORT and
input PORT refer to the transport and port values from the URI
itself, if present.
If a client attempts to contact the server listed in the cache, but
the request fails, the server MUST be removed from the cache, and the
entire DNS processing must restart by following the procedures in
Section 3.1 again.
3.4 Consideration for Stateless Proxies 4.4 Consideration for Stateless Proxies
The process of the previous sections is highly stateful. When a The process of the previous sections is highly stateful. When a
server is contacted successfully, all requests for the transaction server is contacted successfully, all requests for the transaction,
(plus a CANCEL for that transaction) MUST go to the same server. The as well as CANCEL requests for that transaction, MUST go to the same
identity of the successfully contacted server is a form of transac- server. The identity of the successfully contacted server is a form
tion state. This presents a challenge for stateless proxies, which of transaction state. This presents a challenge for stateless
still need to meet the requiretment for sending all requests in the proxies, which still need to meet the requirement for sending all
transaction to the same server. requests in the transaction to the same server.
The requirement is not difficult to meet in the simple case where The requirement is not difficult to meet in the simple case where
there were no failures when attempting to contact a server. Whenever there were no failures when attempting to contact a server. Whenever
the stateless proxy receives the request, it performs the appropriate the stateless proxy receives the request, it performs the appropriate
DNS queries as described above. Unfortunately, the procedures of RFC DNS queries as described above. Unfortunately, the procedures of RFC
2782 and RFC 2915 are not guaranteed to be deterministic. This is 2782 and RFC 2915 are not guaranteed to be deterministic. This is
because records that contain the same priority and weight (in the because records that contain the same priority and weight (in the
case of SRV) or order and preference (in the case of NAPTR) have no case of SRV) or order and preference (in the case of NAPTR) have no
specified order. The stateless proxy MUST define a deterministic specified order. The stateless proxy MUST define a deterministic
order to the records in that case, using any algorithm at its dispo- order to the records in that case, using any algorithm at its
sal. One suggestion is to alphabetize them, for example. To make life disposal. One suggestion is to alphabetize them, for example. To make
easier for stateless proxies, it is RECOMMENDED that domain adminis- processing easier for stateless proxies, it is RECOMMENDED that
trators make the weights of SRV records with equal priority different domain administrators make the weights of SRV records with equal
(for example, using weights of 1000 and 1001 if two servers are priority different (for example, using weights of 1000 and 1001 if
equivalent, rather than assigning both a weight of 1000), and simi- two servers are equivalent, rather than assigning both a weight of
larly for NAPTR records. If the first server is contacted success- 1000), and similarly for NAPTR records. If the first server is
fully, things are fine. However, if the first server is not contacted contacted successfully, the proxy can remain stateless. However, if
successfully, and a subsequent server is, the proxy cannot remain the first server is not contacted successfully, and a subsequent
stateless for this transaction. This is because a retransmission server is, the proxy cannot remain stateless for this transaction. If
could very well go to a different server if the failed one recovers it were stateless, a retransmission could very well go to a different
between retransmissions. As such, whenever a proxy does not success- server if the failed one recovers between retransmissions. As such,
fully contact the first server, it SHOULD act as a stateful proxy. whenever a proxy does not successfully contact the first server, it
SHOULD act as a stateful proxy.
4 Server Usage Unfortunately, it is still possible for a stateless proxy to deliver
retransmissions to different servers, even if it follows the
recommendations above. This can happen if the DNS TTLs expire in the
middle of a transaction, and the entries had changed. This is
unavoidable. Network implementors should be aware of this limitation,
and not use stateless proxies that access DNS if this error is deemed
critical.
5 Server Usage
RFC 2543bis defines procedures for sending responses from a server RFC 2543bis defines procedures for sending responses from a server
back to the client. Typically, for unicast requests, the response is back to the client. Typically, for unicast requests, the response is
sent back to the source IP address where the request came from, using sent back to the source IP address where the request came from, using
the port contained in the Via header. However, it is important to the port contained in the Via header. However, it is important to
provide failover support when the client element fails between send- provide failover support when the client element fails between
ing the request and receiving the response. sending the request and receiving the response.
The procedures here are invoked when a server sends a response to the The procedures here are invoked when a server sends a response to the
client and that response fails. "Fails" is defined here as any client and that response fails. "Fails" is defined here as any
response which causes an ICMP error message to be returned, or when response which causes an ICMP error message to be returned, or when
the transport connection the request came in on closes before the the transport connection the request came in on closes before the
response can be sent. response can be sent.
In these cases, the server examines the value of the sent-by con- In these cases, the server examines the value of the sent-by
struction in the topmost Via header. If it contains a numeric IP construction in the topmost Via header. If it contains a numeric IP
address, the server attempts to send the response to that address, address, the server attempts to send the response to that address,
using the transport from the Via header, and the port from sent-by, using the transport protocol from the Via header, and the port from
if present, else the default for that transport. sent-by, if present, else the default for that transport protocol.
If, however, the sent-by field contained a domain name and a port If, however, the sent-by field contained a domain name and a port
number, the server queries for A records with that name. It tries to number, the server queries for A records with that name. It tries to
send the response to each element on the resulting list of IP send the response to each element on the resulting list of IP
addresses, using the port from the Via, and the transport from the addresses, using the port from the Via, and the transport protocol
Via. As in the client processing, the next entry in the list is tred from the Via. As in the client processing, the next entry in the list
if the one before it results in a failure. is tred if the one before it results in a failure.
If, however, the sent-by field contained a domain name and no port, If, however, the sent-by field contained a domain name and no port,
the server queries for SRV records using the service identifier the server queries for SRV records using the service identifier
"_sip" and the transport from the topmost Via header. The resulting "_sip" and the transport protocol from the topmost Via header. The
list is sorted as described in [2], and the response is sent to the resulting list is sorted as described in [2], and the response is
topmost element on the new list described there. If that results in a sent to the topmost element on the new list described there. If that
failure, the next entry on the list is tried. results in a failure, the next entry on the list is tried.
5 Security Considerations 6 Constructing SIP URIs
In many cases, and element needs to construct a SIP URI for inclusion
in a Contact header in a REGISTER, or in a Record-Route header in an
INVITE. According to [1], these URIs have to have the property that
they resolve to the specific element that inserted them. However, if
they are constructed with just an IP address, for example:
sip:1.2.3.4
sip:user@foo.com;maddr=1.2.3.4
then should the element fail, there is no way to route the request or
response through a backup.
SRV provides a way to fix this. Instead of using an IP address, a
domain name that resolves to an SRV record can be used:
sip:server23.provider.com
sip:user@foo.com;maddr=server23.provider.com
The SRV records for a particular target can be set up so that there
is a single record with a low value for the priority field, and this
record points to the specific element that constructed the URI.
However, there are additional records with higher priority that point
to backup elements that would be used in the event of failure. This
allows the constraint of [1] to be met while allowing for robust
operation.
7 Security Considerations
The authors do not believe that this specification introduces any The authors do not believe that this specification introduces any
additional security issues beyond those already described in RFC 2782 additional security issues beyond those already described in RFC 2782
and RFC 2915. and RFC 2915.
6 Registration of NATPR D2T Resolution Service 8 Registration of NATPR D2X Resolution Service
Name: Domain Name to Transport Name: Domain Name to Transport Protocol
* Mnemonic: D2T * Mnemonic: D2X, where X is managed by an IANA registration process
* Number of Operands: 1 * Number of Operands: 1
* Type of Each Operand: Each operand is a domain * Type of Each Operand: Each operand is a domain
* Format of Each Operand: Each operand is a domain name in standard * Format of Each Operand: Each operand is a domain name in standard
format format
* Algorithm: Opaque * Algorithm: Opaque
* Input String: The domain name from the SIP URI being used to
generate the NAPTR query.
* Output: One or more SRV record keys * Output: One or more SRV record keys
* Constraints: All records MUST only use the S flag. The P flag is
expressly forbidden.
* Error Conditions: * Error Conditions:
o No overlap in transport between client and server o No overlap in transport protocol between client and server
* Security Considerations: none
* Security Considerations: 9 IANA Considerations
7 Author's Addresses The usage of NAPTR records described here requires well known values
for the service fields for each transport supported by SIP. The table
of mappings from service field values to transport protocols is to be
maintained by IANA. New entries in the table MAY be added at any time
when new transport protocols become available. Such additions are
subject to expert review.
The registration MUST include the following information:
Service Field: The service field being registered. An example
for a new fictitious transport protocol called NCTP might
be "SIP+D2N".
Protocol: The specific transport protocol associated with that
service field. This MUST include the name and acronym for
the protocol, along with reference to a document that
describes the transport protocol. For example - "New
Connectionless Transport Protocol (NCTP), RFC5766".
Name and Contact Information: The name, address, email address
and telephone number for the person performing the
registration.
The following values are to be placed into the registry:
Services Field Protocol
SIP+D2T TCP
SIP+D2U UDP
SIP+D2L TLS over TCP (RFC 2246)
SIP+D2S SCTP (RFC 2960)
10 Changes Since -03
o Added IANA registration process.
o Included text discussing the problem of DNS TTL expiration for
stateless proxies.
o Clarified that maintenance of the table of availability for
servers is not a cache, and it is totally unrelated to DNS
processing.
o Changed the construction of the services field in NAPTR to
include the transport protocol, so its SIP+D2X, where X
depends on the transport protocol.
o Relaxed the constraint that the domain suffix in the NAPTR
records equal that of the target.
o Added a section on how to construct URIs for insertion into
Contact and Record-Route headers.
11 Acknowledgements
The authors would like to thank Patrik Faltstrom for his useful
comments.
12 Author's Addresses
Jonathan Rosenberg Jonathan Rosenberg
dynamicsoft dynamicsoft
72 Eagle Rock Avenue 72 Eagle Rock Avenue
First Floor First Floor
East Hanover, NJ 07936 East Hanover, NJ 07936
email: jdrosen@dynamicsoft.com email: jdrosen@dynamicsoft.com
8 Bibliography Henning Schulzrinne
Columbia University
M/S 0401
1214 Amsterdam Ave.
New York, NY 10027-7003
email: schulzrinne@cs.columbia.edu
13 Bibliography
[1] J. Rosenberg, H. Schulzrinne, et al. , "SIP: Session initiation [1] J. Rosenberg, H. Schulzrinne, et al. , "SIP: Session initiation
protocol," Internet Draft, Internet Engineering Task Force, Oct. protocol," Internet Draft, Internet Engineering Task Force, Oct.
2001. Work in progress. 2001. Work in progress.
[2] A. Gulbrandsen, P. Vixie, and L. Esibov, "A DNS RR for specifying [2] A. Gulbrandsen, P. Vixie, and L. Esibov, "A DNS RR for specifying
the location of services (DNS SRV)," Request for Comments 2782, the location of services (DNS SRV)," Request for Comments 2782,
Internet Engineering Task Force, Feb. 2000. Internet Engineering Task Force, Feb. 2000.
[3] M. Mealling and R. Daniel, "The naming authority pointer (NAPTR) [3] M. Mealling and R. Daniel, "The naming authority pointer (NAPTR)
DNS resource record," Request for Comments 2915, Internet Engineering DNS resource record," Request for Comments 2915, Internet Engineering
Task Force, Sept. 2000. Task Force, Sept. 2000.
[4] S. Bradner, "Key words for use in RFCs to indicate requirement
levels," Request for Comments 2119, Internet Engineering Task Force,
Mar. 1997.
Full Copyright Statement
Copyright (c) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/