draft-ietf-sip-srv-04.txt   draft-ietf-sip-srv-05.txt 
Internet Engineering Task Force SIP WG Internet Engineering Task Force SIP WG
Internet Draft J.Rosenberg,H.Schulzrinne Internet Draft J.Rosenberg
draft-ietf-sip-srv-04.txt dynamicsoft,Columbia U. dynamicsoft
January 24, 2002 H.Schulzrinne
Expires: July 2002 Columbia U.
draft-ietf-sip-srv-05.txt
February 21, 2002
Expires: August 2002
SIP: Locating SIP Servers SIP: Locating SIP Servers
STATUS OF THIS MEMO STATUS OF THIS MEMO
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 40 skipping to change at page 2, line 5
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Abstract Abstract
The Session Initiation Protocol (SIP) uses DNS procedures to allow a The Session Initiation Protocol (SIP) uses DNS procedures to allow a
client to resolve a SIP URI into the IP address, port, and transport client to resolve a SIP URI into the IP address, port, and transport
protocol of the next hop to contact. It also uses DNS to allow a protocol of the next hop to contact. It also uses DNS to allow a
server to send a response to a backup client if the primary client server to send a response to a backup client if the primary client
has failed. This document describes those DNS procedures in detail. has failed. This document describes those DNS procedures in detail.
Table of Contents
1 Introduction ........................................ 3
2 Problems DNS is Needed to Solve ..................... 3
3 Terminology ......................................... 6
4 Client Usage ........................................ 6
4.1 Selecting a Transport Protocol ...................... 7
4.2 Determining Port and IP ............................. 10
4.3 Details of RFC 2782 Process ......................... 11
4.4 Consideration for Stateless Proxies ................. 11
5 Server Usage ........................................ 12
6 Constructing SIP URIs ............................... 13
7 Security Considerations ............................. 14
8 The Transport Determination Application ............. 15
9 IANA Considerations ................................. 15
10 Acknowledgements .................................... 16
11 Author's Addresses .................................. 16
12 Normative References ................................ 16
13 Non-Normative References ............................ 17
1 Introduction 1 Introduction
The Session Initiation Protocol (SIP) [1] is a client-server protocol (NOTE TO RFC EDITOR: Please replace all instances of RFC BBBB with
used for the initiation and management of communications sessions the RFC number for draft-ietf-sip-rfc2543bis.)
between users. SIP end systems are called user agents, and
intermediate elements are known as proxy servers. A typical SIP
configuration, referred to as the SIP "trapezoid" is shown in Figure
1. In this diagram, a caller in domain A (UA1) wishes to call Joe in
domain B (joe@B). To do so, it communicates with proxy 1 in its
domain (domain A). Proxy 1 forwards the request to the proxy for the
domain of the called party (domain B), which is proxy 2. Proxy 2
forwards the call to the called party, UA 2.
The Session Initiation Protocol (SIP) (RFC BBBB [1]) is a client-
server protocol used for the initiation and management of
communications sessions between users. SIP end systems are called
user agents, and intermediate elements are known as proxy servers. A
typical SIP configuration, referred to as the SIP "trapezoid" is
shown in Figure 1. In this diagram, a caller in domain A (UA1) wishes
to call Joe in domain B (joe@B). To do so, it communicates with proxy
1 in its domain (domain A). Proxy 1 forwards the request to the proxy
for the domain of the called party (domain B), which is proxy 2.
Proxy 2 forwards the call to the called party, UA 2.
As part of this call flow, proxy 1 needs to determine a SIP server
for domain B. To do this, proxy 1 makes use of DNS procedures, using
both SRV [2] and NAPTR [3] records. This document describes the
specific problems that SIP uses DNS to help solve, and provides a
solution.
2 Problems DNS is Needed to Solve
DNS is needed to help solve two aspects of the general call flow
described in the Introduction. The first is for proxy 1 to discover
the SIP server in domain B, in order to forward the call for joe@B.
The second is for proxy 2 to identify a backup for proxy 1 in the
event it fails after forwarding the request.
For the first aspect, proxy 1 specifically needs to determine the IP
address, port and transport protocol for the server in domain B. The
choice of transport protocol is particularly noteworthy. Unlike many
other protocols, SIP can run over a variety of transport protocols,
including TCP, UDP, and SCTP. SIP can also use TLS, on top of any
reliable transport, which is just TCP at the moment. Thus, clients
need to be able to automatically determine which transport protocols
are available. The proxy sending the request has a particular set of
transport protocols it supports and a preference for using those
transport protocols. Proxy 2 has its own set of transport protocols
it supports, and relative preferences for those transport protocols.
All proxies must implement both UDP and TCP, along with TLS over TCP,
so that there is always an intersection of capabilities. Some form of
DNS procedures are needed for proxy 1 to discover the available
transport protocols for SIP services at domain B, and the relative
preferences of those transport protocols. Proxy 1 intersects its list
of supported transport protocols with those of proxy 2 and then
............................ .............................. ............................ ..............................
. . . . . . . .
. +-------+ . . +-------+ . . +-------+ . . +-------+ .
. | | . . | | . . | | . . | | .
. | Proxy |------------- | Proxy | . . | Proxy |------------- | Proxy | .
. | 1 | . . | 2 | . . | 1 | . . | 2 | .
. | | . . | | . . | | . . | | .
. / +-------+ . . +-------+ \ . . / +-------+ . . +-------+ \ .
. / . . \ . . / . . \ .
. / . . \ . . / . . \ .
skipping to change at page 3, line 4 skipping to change at page 4, line 29
. +-------+ . . +-------+ . . +-------+ . . +-------+ .
. | | . . | | . . | | . . | | .
. | | . . | | . . | | . . | | .
. | UA 1 | . . | UA 2 | . . | UA 1 | . . | UA 2 | .
. | | . . | | . . | | . . | | .
. +-------+ . . +-------+ . . +-------+ . . +-------+ .
. Domain A . . Domain B . . Domain A . . Domain B .
............................ .............................. ............................ ..............................
Figure 1: The SIP trapezoid Figure 1: The SIP trapezoid
As part of this call flow, proxy 1 needs to determine a SIP server
for domain B. To do this, proxy 1 makes use of DNS procedures, using
both SRV [2] and NAPTR [3] records. This document describes the
specific problems that SIP uses DNS to help solve, and provides a
solution.
2 Problems DNS is Needed to Solve
DNS is needed to help solve two aspects of the general call flow chooses the protocol preferred by proxy 2.
described in the Introduction. The first is for proxy 1 to discover
the SIP server in domain B, in order to forward the call for joe@B.
The second is for proxy 2 to identify a backup for proxy 1 in the
event it fails after forwarding the request.
For the first aspect, proxy 1 specifically needs to determine the IP
address, port and transport protocol for the server in domain B.
Transport Protocol is particularly noteworthy. Unlike many other
protocols, SIP can run over a variety of transport protocols,
including TCP, UDP, TLS/TCP and SCTP. Thus, clients need to be able
to automatically determine which transport protocols are available.
The proxy sending the request has a particular set of transport
protocols it supports and a preference for using those transport
protocols. Proxy 2 has its own set of transport protocols it
supports, and relative preferences for those transport protocols. All
proxies must implement both UDP and TCP, so that there is always an
intersection of capabilities. Some form of DNS procedures are needed
for proxy 1 to discover the available transport protocols for SIP
services at domain B, and the relative preferences of those transport
protocols. Proxy 1 intersects its list of supported transport
protocols with those of proxy 2 and then chooses the protocol
preferred by proxy 2.
It is important to note that DNS lookups can be used multiple times It is important to note that DNS lookups can be used multiple times
throughout processing of a call. In general, an element that wishes throughout the processing of a call. In general, an element that
to send a request (called a client) may need to perform DNS wishes to send a request (called a client) may need to perform DNS
processing to determine the IP address, port, and transport protocol processing to determine the IP address, port, and transport protocol
of a next hop element, called a server (it can be a proxy or a user of a next hop element, called a server (it can be a proxy or a user
agent). Such processing could, in principle, occur at every hop agent). Such processing could, in principle, occur at every hop
between elements. between elements.
Since SIP is used for the establishment of interactive communications Since SIP is used for the establishment of interactive communications
services, the time it takes to complete a transaction between a services, the time it takes to complete a transaction between a
caller and called party is important. Typically, the time from when caller and called party is important. Typically, the time from when
the caller initiates a call until the time the called party is the caller initiates a call until the time the called party is
alerted should be no more than a few seconds. Given that there can be alerted should be no more than a few seconds. Given that there can be
skipping to change at page 4, line 17 skipping to change at page 5, line 30
version of the network in Figure 1, proxy 2 would be a cluster of version of the network in Figure 1, proxy 2 would be a cluster of
homogeneously configured proxies. DNS needs to provide the ability homogeneously configured proxies. DNS needs to provide the ability
for domain B to configure a set of servers, along with prioritization for domain B to configure a set of servers, along with prioritization
and weights in order to provide a crude level of capacity-based load and weights in order to provide a crude level of capacity-based load
balancing. balancing.
SIP assures high availability by having upstream elements detect SIP assures high availability by having upstream elements detect
failures. For example, assume that proxy 2 is implemented as a failures. For example, assume that proxy 2 is implemented as a
cluster of two proxies, proxy 2.1 and proxy 2.2. If proxy 1 sends a cluster of two proxies, proxy 2.1 and proxy 2.2. If proxy 1 sends a
request to proxy 2.1 and the request fails, it retries the request by request to proxy 2.1 and the request fails, it retries the request by
sending it to proxy 2.2. This request would fail, and that would be sending it to proxy 2.2. In many cases, proxy 1 will not know which
detected by proxy 1. Proxy 1 would then try proxy 2.2. In many cases, domains it will ultimately communicate with. That information would
proxy 1 will not know which domains it will ultimately communicate be known when a user actually makes a call to another user in that
with. That information would be known when a user actually makes a domain. Proxy 1 may never communicate with that domain again after
call to another user in that domain. Proxy 1 may never communicate the call completes. Proxy 1 may communicate with thousands of
with that domain again after the call completes. Proxy 1 may different domains within a few minutes, and proxy 2 could receive
communicate with thousands of different domains within a few minutes, requests from thousands of different domains within a few minutes.
and proxy 2 could receive requests from thousands of different Because of this "many-to-many" relationship, and the possibly long
domains within a few minutes. Because of this "many-to-many" intervals between communications between a pair of domains, it is not
relationship, and the possibly long intervals between communications generally possible for an element to maintain dynamic availability
between a pair of domains, it is not generally possible for an state for the proxies it will communicate with. When a proxy gets its
element to maintain dynamic availability state for the proxies it first call with a particular domain, it will try the servers in that
will communicate with. When a proxy gets its first call with a domain in some order until it finds one that is available. The
particular domain, it will try the servers in that domain in some identity of the available server would ideally be cached for some
order until it finds one that is available. The identity of the amount of time in order to reduce call setup delays of subsequent
available server would ideally be cached for some amount of time in calls. The client cannot query a failed server continuously to
order to reduce call setup delays of subsequent calls. The client determine when it becomes available again, since this does not scale.
cannot query a failed server continuously to determine when it Furthermore, the availability state must eventually be flushed in
becomes available again, since this does not scale. Furthermore, the order to redistribute load to recovered elements when they come back
availability state must eventually be flushed in order to online.
redistribute load to recovered elements when they come back online.
It is possible for elements to fail in the middle of a transaction. It is possible for elements to fail in the middle of a transaction.
For example, after proxy 2 forwards the request to UA 2, proxy 1 For example, after proxy 2 forwards the request to UA 2, proxy 1
fails. UA 2 sends its response to proxy 2, which tries to forward it fails. UA 2 sends its response to proxy 2, which tries to forward it
to proxy 1, which is no longer available. The second aspect of the to proxy 1, which is no longer available. The second aspect of the
flow in the introduction for which DNS is needed, is for proxy 2 to flow in the introduction for which DNS is needed, is for proxy 2 to
identify a backup for proxy 1 that it can send the response to. This identify a backup for proxy 1 that it can send the response to. This
problem is more realistic in SIP than it is in other transactional problem is more realistic in SIP than it is in other transactional
protocols. The reason is that a SIP response can take a long time to protocols. The reason is that some SIP responses can take a long time
be generated, because a human user frequently needs to be consulted to be generated, because a human user frequently needs to be
in order to generate that response. As such, it is not uncommon for consulted in order to generate that response. As such, it is not
tens of seconds to elapse between a call request and its acceptance. uncommon for tens of seconds to elapse between a call request and its
acceptance.
3 Terminology 3 Terminology
In this document, the key words "MUST", "MUST NOT", "REQUIRED", In this document, the key words "MUST", "MUST NOT", "REQUIRED",
"SHALL", "SHALLNOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", "SHALL", "SHALLNOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY",
and "OPTIONAL" are to be interpreted as described in RFC 2119 [4] and and "OPTIONAL" are to be interpreted as described in RFC 2119 [4] and
indicate requirement levels for compliant SIP implementations. indicate requirement levels for compliant SIP implementations.
4 Client Usage 4 Client Usage
Usage of DNS differs for clients and for servers. This section Usage of DNS differs for clients and for servers. This section
discusses client usage. We assume that the client is stateful (either discusses client usage. We assume that the client is stateful (either
a UAC or a stateful proxy). Stateless proxies are discussed in a User Agent Client (UAC) or a stateful proxy). Stateless proxies are
Section 4.4. discussed in Section 4.4.
The procedures here are invoked when a client needs to send a request The procedures here are invoked when a client needs to send a request
to a server identified by a SIP URI, or when an element wishes to to a resource identified by a SIP or SIPS (secure SIP) URI. This URI
send a request to a specific configured server, independent of the can identify the desired resource to which the request is targeted
SIP URI (called an outbound proxy), but the outbound proxy is (in which case, the URI is found in the Request-URI), or it can
identified by a domain name instead of a numeric IP address. identify an intermediate hop towards that resource (in which case,
Frequently, this is because the URI is contained in the Request-URI the URI is found in the Route header). The procedures defined here in
of a request to be sent. The procedures defined here in no way affect no way affect this URI (i.e., the URI is not rewritten with the
this URI (i.e., the URI is not rewritten with the result of the DNS result of the DNS lookup), they only result in an IP address, port
looksup), they only result in an IP address, port and transport and transport protocol where the request can be sent. RFC BBBB [1]
protocol where the request can be sent. provides guidelines on determining which URI needs to be resolved in
DNS to determine the host that the request needs to be sent to. In
The procedures here MUST be done exactly once per transaction. That some cases, also documented in [1], the request can be sent to a
is, once a server has successfully been contacted (success is defined specific intermediate proxy not identified by a SIP URI, but rather,
below), all retransmissions of the request and the ACK for non-2xx by a hostname or numeric IP address. In that case, a temporary URI,
responses MUST be sent to the same host. Furthermore, a CANCEL for a used for purposes of this specification, is constructed. That URI is
particular request MUST be sent to the same host that the request was of the form sip:<proxy>, where <proxy> is the FQDN or numeric IP
delivered to. address of the next-hop proxy. As a result, in all cases, the problem
boils down to resolution of a SIP or SIPS URI in DNS to determine the
IP address, port, and transport of the host to which the request is
to be sent.
Because the ACK request for 2xx responses constitutes a different The procedures here MUST be done exactly once per transaction, where
transaction, there is no requirement that it be delivered to the same transaction is as defined in [1]. That is, once a SIP server has
server that received the original request (indeed, if that server did successfully been contacted (success is defined below), all
not record-route, it will most definitely not get the ACK). retransmissions of the SIP request and the ACK for non-2xx SIP
responses to INVITE MUST be sent to the same host. Furthermore, a
CANCEL for a particular SIP request MUST be sent to the same SIP
server that the SIP request was delivered to.
If the request is being delivered to an outbound proxy, a temporary Because the ACK request for 2xx responses to INVITE constitutes a
URI, used for purposes of this specification, is constructed. That different transaction, there is no requirement that it be delivered
URI is of the form sip:<proxy>, where <proxy> is the domain of the to the same server that received the original request (indeed, if
outbound proxy. that server did not record-route, it will not get the ACK).
We defined TARGET as the value of the maddr parameter of the URI, if We defined TARGET as the value of the maddr parameter of the URI, if
present, otherwise, the host value of the hostport component of the present, otherwise, the host value of the hostport component of the
URI. It identifies the domain to be contacted. URI. It identifies the domain to be contacted. A description of the
SIP and SIPS URIs and a definition of these parameters can be found
in [1].
We determine the transport protocol, port and IP address of a We determine the transport protocol, port and IP address of a
suitable instance of TARGET in Sections 4.1 and 4.2. suitable instance of TARGET in Sections 4.1 and 4.2.
4.1 Selecting a Transport Protocol 4.1 Selecting a Transport Protocol
First, the client selects a transport protocol. First, the client selects a transport protocol.
If the URI specifies a transport protocol in the transport parameter, If the URI specifies a transport protocol in the transport parameter,
that transport protocol MUST be used. that transport protocol SHOULD be used.
Otherwise, if no transport protocol is specified, but the TARGET is a Otherwise, if no transport protocol is specified, but the TARGET is a
numeric IP address, the client SHOULD use UDP. numeric IP address, the client SHOULD use UDP for a SIP URI, and TCP
for a SIPS URI. Similarly, if no TARGET is specified, and the TARGET
is not numeric, but an explicit port is provided, the client SHOULD
use UDP for a SIP URI, and TCP for a SIPS URI. This is because UDP is
the only mandatory transport in RFC 2543 [6], and thus the only one
guaranteed to be interoperable for a SIP URI. It was also specified
as the default transport in RFC 2543 when no transport was present in
the SIP URI. However, another transport, such as TCP, MAY be used if
the guidelines of SIP mandate it for this particular request. That is
the case, for example, for requests that exceed the path MTU.
Otherwise, if no transport protocol is specified, and the target is Otherwise, if no transport protocol or port is specified, and the
not a numeric IP address, the client SHOULD perform a NAPTR query for target is not a numeric IP address, the client SHOULD perform a NAPTR
the domain in the SIP URI. The services relevant for the task of query for the domain in the URI. The services relevant for the task
transport protocol selection are those with NAPTR service fields with of transport protocol selection are those with NAPTR service fields
values "SIP+D2x", where x is a letter that corresponds to a transport with values "SIP+D2x" and "SIPS+D2X", where x is a letter that
protocol supported by the domain. This specification defines D2U for corresponds to a transport protocol supported by the domain. This
UDP, D2T for TCP, D2S for SCTP and D2L for TLS over TCP. We also specification defines D2U for UDP, D2T for TCP, and D2S for SCTP. We
establish an IANA registry for NAPTR service name to transport also establish an IANA registry for NAPTR service name to transport
protocol mappings. protocol mappings.
These NAPTR records provide a mapping from a domain to the SRV record These NAPTR records provide a mapping from a domain, to the SRV
for contacting a server with the specific transport protocol in the record for contacting a server with the specific transport protocol
NAPTR services field. The resource record will contain a replacement in the NAPTR services field. The resource record will contain an
value and an empty regular expression, which is the SRV record for empty regular expression and a replacement value, which is the SRV
that particular transport protocol. If the server supports multiple record for that particular transport protocol. If the server supports
transport protocols, there will be multiple NAPTR records, each with multiple transport protocols, there will be multiple NAPTR records,
a different service value. As per RFC 2915 [3], the client MUST each with a different service value. As per RFC 2915 [3], the client
discard any records whose services fields indicate transport discards any records whose services fields are not applicable. For
protocols not supported by the client. The NAPTR processing in RFC the purposes of this specification, several rules are defined. First,
2915 will result in selection of a transport protocol (and an SRV a client resolving a SIPS URI MUST discard any services that do not
record along with it) with most preferred transport protocol of the contain "SIPS" as the protocol in the service field. The converse is
server that is supported by the client. not true, however. A client resolving a SIP URI SHOULD retain records
with "SIPS" as the protocol, if the client supports TLS. Second, a
client MUST discard any service fields that identify a resolution
service whose value is not "D2X", for values of X that indicate
transport protocols supported by the client. The NAPTR processing as
described in RFC 2915 will result in discovery of the most preferred
transport protocol of the server that is supported by the client, as
well as an SRV record for the server. It will also allow the client
to discover if TLS is available and its preference for its usage.
As an example, consider example.com. A client wishes to contact a SIP As an example, consider a client that wishes to resolve
server in example.com. It performs a NAPTR query for that domain, and sip:user@example.com. The client performs a NAPTR query for that
the following records are returned: domain, and the following NAPTR records are returned:
;; order pref flags service regexp replacement ;; order pref flags service regexp replacement
IN NAPTR 90 50 "s" "SIP+D2T" "" _sip._tcp.school.edu IN NAPTR 50 50 "s" "SIPS+D2T" "" _sips._tcp.example.com.
IN NAPTR 100 50 "s" "SIP+D2U" "" _sip._udp.example.com IN NAPTR 90 50 "s" "SIP+D2T" "" _sip._tcp.example.com
IN NAPTR 110 50 "s" "SIP+D2S" "" tls-sip.example.com IN NAPTR 100 50 "s" "SIP+D2U" "" _sip._udp.example.com.
This indicates that the server supports TCP, UDP, and TLS, in that This indicates that the server supports TLS over TCP, TCP, and UDP,
order. If the client supports UDP and TLS, UDP will be used, based on in that order. Since the client supports TCP and UDP, TCP will be
an SRV lookup of _sip._udp.example.com. used, targeted to a host determined by an SRV lookup of
_sip._tcp.example.com. That lookup would return:
It is not necessary for the domain suffixes in the replacement field ;; Priority Weight Port Target
to match the domain of the original query (i.e., example.com above). IN SRV 0 1 5060 server1.example.com
However, for backwards compatibility with RFC 2543, a domain MUST IN SRV 0 2 5060 server2.example.com
maintain SRV records for the domain of the original query, even if
the NAPTR record is in a different domain. As an example, even though If a SIP proxy, redirect server, or registrar is to be contacted
the SRV record for TCP is _sip._tcp.school.edu, there MUST also be an through the lookup of NAPTR records, there MUST be at least three
SRV record at _sip._tcp.example.com. records - one with a "SIP+D2T" service field, one with a "SIP+D2U"
service field, and one with a "SIPS+D2T" service field. The records
with SIPS as the protocol in the service field SHOULD be preferred
(i.e., have a lower value of the order field) above records with SIP
as the protocol in the service field. A record with a "SIPS+D2U"
service field SHOULD NOT be placed into the DNS, since it is not
possible to use TLS over UDP.
The domain suffixes in the NAPTR replacement field SHOULD match the
domain of the original query. The reason s It is not necessary for
the domain suffixes in the NAPTR replacement field to match the
domain of the original query (i.e., example.com above). However, for
backwards compatibility with RFC 2543, a domain MUST maintain SRV
records for the domain of the original query, even if the NAPTR
record is in a different domain. As an example, even though the SRV
record for TCP is _sip._tcp.school.edu, there MUST also be an SRV
record at _sip._tcp.example.com.
RFC 2543 will look up the SRV records for the domain RFC 2543 will look up the SRV records for the domain
directly. If these do not exist because the NAPTR directly. If these do not exist because the NAPTR
replacement points to a different domain, the client will replacement points to a different domain, the client will
fail. fail.
For NAPTR records with SIPS protocol fields, if the server is using a
site certificate, the domain name in the query and the domain name in
the replacement field MUST both be valid based on the site
certificate handed out by the server in the TLS exchange. Similarly,
the domain name in the SRV query and the domain name in the target in
the SRV record MUST both be valid based on the same site certificate.
Otherwise, an attacker could modify the DNS records to contain
replacement values in a different domain, and the client could not
validate that this was the desired behavior, or the result of an
attack.
If no NAPTR records are found, the client constructs SRV queries for If no NAPTR records are found, the client constructs SRV queries for
those transport protocols it supports, and does a query for each. those transport protocols it supports, and does a query for each.
Queries are done using the service identifier "_sip". A particular Queries are done using the service identifier "_sip" for SIP URIs and
transport is supported if the query is successful. The client MAY use "_sips" for SIPS URIS. A particular transport is supported if the
any transport protocol it desires which is supported by the server. query is successful. The client MAY use any transport protocol it
desires which is supported by the server.
This is a change from RFC 2543, which used to merge the This is a change from RFC 2543. It specified that a client
priority values across different SRV records. would lookup SRV records for all transports it supported,
and merge the priority values across those records. Then,
it would choose the most preferred record.
If no SRV records are found, the client SHOULD use TCP for a SIPS
URI, and UDP for a SIP URI. However, another transport protocol, such
as TCP, MAY be used if the guidelines of SIP mandate it for this
particular request. That is the case, for example, for requests that
exceed the path MTU.
4.2 Determining Port and IP 4.2 Determining Port and IP
Once the transport protocol has been determined, the next step is to Once the transport protocol has been determined, the next step is to
determine the IP address and port. determine the IP address and port.
If TARGET is a numeric IP address, the client uses that address. If If TARGET is a numeric IP address, the client uses that address. If
the URI also contains a port, it uses that port. If no port is the URI also contains a port, it uses that port. If no port is
specified, it uses the default port for the particular transport specified, it uses the default port for the particular transport
protocol. protocol.
If the TARGET was not a numeric IP address, but a port is present in If the TARGET was not a numeric IP address, but a port is present in
the URI, the client performs an A or AAAA record lookup of the domain the URI, the client performs an A or AAAA record lookup of the domain
name. The result will be a list of IP address, each of which can be name. The result will be a list of IP addresses, each of which can be
contacted at the specific port from the URI and transport protocol contacted at the specific port from the URI and transport protocol
determined previously. Processing then proceeds as described in determined previously. The client SHOULD try the one of the records.
Section 4.3 of this document. If an attempt should fail, based on the definition of failure in
Section 4.3, another SHOULD be tried.
There is a weird case where, where the URI had a domain
name and a port. SRV records will potentially be used to
determine the transport protocol, based on the algorithms
above, but A records used for the actual lookup. That seems
odd.
If the TARGET was not a numeric IP address, and no port was present If the TARGET was not a numeric IP address, and no port was present
in the URI, the client performs an SRV query using the service in the URI, the client performs an SRV query on the records returned
identifier "_sip" and the transport protocol as determined from from the NAPTR processing of Section 4.1, if such processing was
Section 4.1, as specified in RFC 2782 [2]. The procedures of RFC performed. If it was not, because a transport was specified
2782, as described in the Section titled "Usage rules" are followed, explicitly, the client performs an SRV query for that specific
augmented by the additional procedures of Section 4.3 of this transport, using the service identifier "_sips" for SIPS URIs. For a
document. SIP URI, if the client wishes to use TLS, it also uses the service
identifier "_sips" for that specific transport, otherwise, it uses
"_sip". The procedures of RFC 2782, as described in the Section
titled "Usage rules" are followed, augmented by the additional
procedures of Section 4.3 of this document.
This is a change. Previously, if the port was explicit, but This is a change from RFC 2543. Previously, if the port was
with a value of 5060, SRV records were used. Now, A records explicit, but with a value of 5060, SRV records were used.
will be used. A result of this is that the URL comparison Now, A records will be used.
rules need to change to reflect that sip:user@example.com
and sip:user@example.com:5060 are NOT equivalent any If no SRV records were found, the client performs an A or AAAA record
longer. I think this should not cause any serious lookup of the domain name. The result will be a list of IP addresses,
interoperability issues, but further consideration is each of which can be contacted at the specific port from the URI and
needed. transport protocol determined previously. Processing then proceeds as
described above for an explicit port once the A or AAAA records have
been looked up.
4.3 Details of RFC 2782 Process 4.3 Details of RFC 2782 Process
RFC 2782 spells out the details of how a set of SRV records are RFC 2782 spells out the details of how a set of SRV records are
sorted and then tried. However, it only states that the client should sorted and then tried. However, it only states that the client should
"try to connect to the (protocol, address, service)" without giving "try to connect to the (protocol, address, service)" without giving
any details on what happens in the event of failure. Those details any details on what happens in the event of failure. Those details
are described here for SIP. are described here for SIP.
The client client MAY maintain a table indicating the status of a
particular host (that is, whether it was ever successfully contacted,
or whether attempts to contact it resulted in a failure). The table
is indexed with the IP address, port, and transport for a particular
host. If a particular host is listed with a status of "failed", that
entry SHOULD be discarded after one hour, so that the host can be
used once more if it has recovered.
When processing the list of SRV entries (or A records, depending on
how the URI was resolved), the client MAY remove any entries for
hosts which are marked as "failed" in the table. The remaining
entries are then tried according to RFC 2782.
For SIP requests, failure occurs if the transaction layer reports a For SIP requests, failure occurs if the transaction layer reports a
503 error response or a transport failure of some sort (generally, 503 error response or a transport failure of some sort (generally,
due to ICMP errors or TCP connection failures). Failure also occurs due to fatal ICMP errors in UDP use or connection failures in TCP).
if the transaction layer times out without ever having received any Failure also occurs if the transaction layer times out without ever
response, provisional or final (i.e., timer B or timer F fires). If a having received any response, provisional or final (i.e., timer B or
failure occurs, the client SHOULD create a new request, which is timer F in RFC BBBB [1] fires). If a failure occurs, the client
identical to the previous, but has a different value of the Via SHOULD create a new request, which is identical to the previous, but
branch ID than the previous (and therefore constitutes a new SIP has a different value of the Via branch ID than the previous (and
transaction). That request is sent to the next element in the list as therefore constitutes a new SIP transaction). That request is sent to
specified by RFC 2782. the next element in the list as specified by RFC 2782.
4.4 Consideration for Stateless Proxies 4.4 Consideration for Stateless Proxies
The process of the previous sections is highly stateful. When a The process of the previous sections is highly stateful. When a
server is contacted successfully, all requests for the transaction, server is contacted successfully, all retransmissions of the request
as well as CANCEL requests for that transaction, MUST go to the same for the transaction, as well as ACK for a non-2xx final response, and
server. The identity of the successfully contacted server is a form CANCEL requests for that transaction, MUST go to the same server.
of transaction state. This presents a challenge for stateless
proxies, which still need to meet the requirement for sending all The identity of the successfully contacted server is a form of
requests in the transaction to the same server. transaction state. This presents a challenge for stateless proxies,
which still need to meet the requirement for sending all requests in
the transaction to the same server.
The problem is similar, but different, to the problem of HTTP
transactions within a cookie session getting routed to different
servers based on DNS randomization. There, such distribution is not a
problem. Farms of servers generally have common back-end data stores,
where the session data is stored. Whenever a server in the farm
receives an HTTP request, it takes the session identifier, if
present, and extracts the needed state to process the request. A
request without a session identifier creates a new one. The problem
with stateless proxies is at a lower layer; it is retransmitted
requests within a transaction that are being potentially spread
across servers. Since none of these retransmissions carries a
"session identifier" (a complete dialog identifier in SIP terms), a
new dialog would be created identically at each server. This could,
for example result in multiple phone calls to be made to the same
phone. Therefore, it is critical to prevent such a thing from
happening in the first place.
The requirement is not difficult to meet in the simple case where The requirement is not difficult to meet in the simple case where
there were no failures when attempting to contact a server. Whenever there were no failures when attempting to contact a server. Whenever
the stateless proxy receives the request, it performs the appropriate the stateless proxy receives the request, it performs the appropriate
DNS queries as described above. Unfortunately, the procedures of RFC DNS queries as described above. However, the procedures of RFC 2782
2782 and RFC 2915 are not guaranteed to be deterministic. This is are not guaranteed to be deterministic. This is because records that
because records that contain the same priority and weight (in the contain the same priority have no specified order. The stateless
case of SRV) or order and preference (in the case of NAPTR) have no proxy MUST define a deterministic order to the records in that case,
specified order. The stateless proxy MUST define a deterministic using any algorithm at its disposal. One suggestion is to alphabetize
order to the records in that case, using any algorithm at its them, or, more generally, sort them by Ascii-compatible encoding. To
disposal. One suggestion is to alphabetize them, for example. To make make processing easier for stateless proxies, it is RECOMMENDED that
processing easier for stateless proxies, it is RECOMMENDED that
domain administrators make the weights of SRV records with equal domain administrators make the weights of SRV records with equal
priority different (for example, using weights of 1000 and 1001 if priority different (for example, using weights of 1000 and 1001 if
two servers are equivalent, rather than assigning both a weight of two servers are equivalent, rather than assigning both a weight of
1000), and similarly for NAPTR records. If the first server is 1000), and similarly for NAPTR records. If the first server is
contacted successfully, the proxy can remain stateless. However, if contacted successfully, the proxy can remain stateless. However, if
the first server is not contacted successfully, and a subsequent the first server is not contacted successfully, and a subsequent
server is, the proxy cannot remain stateless for this transaction. If server is, the proxy cannot remain stateless for this transaction. If
it were stateless, a retransmission could very well go to a different it were stateless, a retransmission could very well go to a different
server if the failed one recovers between retransmissions. As such, server if the failed one recovers between retransmissions. As such,
whenever a proxy does not successfully contact the first server, it whenever a proxy does not successfully contact the first server, it
skipping to change at page 9, line 48 skipping to change at page 12, line 37
Unfortunately, it is still possible for a stateless proxy to deliver Unfortunately, it is still possible for a stateless proxy to deliver
retransmissions to different servers, even if it follows the retransmissions to different servers, even if it follows the
recommendations above. This can happen if the DNS TTLs expire in the recommendations above. This can happen if the DNS TTLs expire in the
middle of a transaction, and the entries had changed. This is middle of a transaction, and the entries had changed. This is
unavoidable. Network implementors should be aware of this limitation, unavoidable. Network implementors should be aware of this limitation,
and not use stateless proxies that access DNS if this error is deemed and not use stateless proxies that access DNS if this error is deemed
critical. critical.
5 Server Usage 5 Server Usage
RFC 2543bis defines procedures for sending responses from a server RFC BBBB [1] defines procedures for sending responses from a server
back to the client. Typically, for unicast requests, the response is back to the client. Typically, for unicast UDP requests, the response
sent back to the source IP address where the request came from, using is sent back to the source IP address where the request came from,
the port contained in the Via header. However, it is important to using the port contained in the Via header. For reliable transports,
provide failover support when the client element fails between the response is sent over the connection the request arrived on.
sending the request and receiving the response. However, it is important to provide failover support when the client
element fails between sending the request and receiving the response.
The procedures here are invoked when a server sends a response to the A server, according to RFC BBBB [1], will send a response on the
client and that response fails. "Fails" is defined here as any connection it arrived on (in the case of reliable transport
response which causes an ICMP error message to be returned, or when protocols), and for unreliable transport protocols, to the source
the transport connection the request came in on closes before the address of the request, and port in the Via header field. The
response can be sent. procedures here are invoked when a server attempts to send to that
location and that response fails (the specific conditions are
detailed in RFC BBBB). "Fails" is defined as any closure of the
transport connection the request came in on before the response can
be sent, or communication of a fatal error from the transport layer.
In these cases, the server examines the value of the sent-by In these cases, the server examines the value of the sent-by
construction in the topmost Via header. If it contains a numeric IP construction in the topmost Via header. If it contains a numeric IP
address, the server attempts to send the response to that address, address, the server attempts to send the response to that address,
using the transport protocol from the Via header, and the port from using the transport protocol from the Via header, and the port from
sent-by, if present, else the default for that transport protocol. sent-by, if present, else the default for that transport protocol.
The transport protocol in the Via header can indicate "TLS", which
refers to TLS over TCP. When this value is present, the server MUST
use TLS over TCP to send the response.
If, however, the sent-by field contained a domain name and a port If, however, the sent-by field contained a domain name and a port
number, the server queries for A records with that name. It tries to number, the server queries for A or AAAA records with that name. It
send the response to each element on the resulting list of IP tries to send the response to each element on the resulting list of
addresses, using the port from the Via, and the transport protocol IP addresses, using the port from the Via, and the transport protocol
from the Via. As in the client processing, the next entry in the list from the Via (again, a value of TLS refers to TLS over TCP). As in
is tred if the one before it results in a failure. the client processing, the next entry in the list is tried if the one
before it results in a failure.
If, however, the sent-by field contained a domain name and no port, If, however, the sent-by field contained a domain name and no port,
the server queries for SRV records using the service identifier the server queries for SRV records at that domain name using the
"_sip" and the transport protocol from the topmost Via header. The service identifier "_sips" if the Via transport is "TLS", "_sip"
otherwise, and the transport from the topmost Via header ("TLS"
implies that the transport protocol in the SRV query is TCP). The
resulting list is sorted as described in [2], and the response is resulting list is sorted as described in [2], and the response is
sent to the topmost element on the new list described there. If that sent to the topmost element on the new list described there. If that
results in a failure, the next entry on the list is tried. results in a failure, the next entry on the list is tried.
6 Constructing SIP URIs 6 Constructing SIP URIs
In many cases, and element needs to construct a SIP URI for inclusion In many cases, an element needs to construct a SIP URI for inclusion
in a Contact header in a REGISTER, or in a Record-Route header in an in a Contact header in a REGISTER, or in a Record-Route header in an
INVITE. According to [1], these URIs have to have the property that INVITE. According to RFC BBBB [1], these URIs have to have the
they resolve to the specific element that inserted them. However, if property that they resolve to the specific element that inserted
they are constructed with just an IP address, for example: them. However, if they are constructed with just an IP address, for
example:
sip:1.2.3.4 sip:1.2.3.4
sip:user@foo.com;maddr=1.2.3.4
then should the element fail, there is no way to route the request or then should the element fail, there is no way to route the request or
response through a backup. response through a backup.
SRV provides a way to fix this. Instead of using an IP address, a SRV provides a way to fix this. Instead of using an IP address, a
domain name that resolves to an SRV record can be used: domain name that resolves to an SRV record can be used:
sip:server23.provider.com sip:server23.provider.com
sip:user@foo.com;maddr=server23.provider.com
The SRV records for a particular target can be set up so that there The SRV records for a particular target can be set up so that there
is a single record with a low value for the priority field, and this is a single record with a low value for the priority field (indicated
record points to the specific element that constructed the URI. the preferred choice), and this record points to the specific element
However, there are additional records with higher priority that point that constructed the URI. However, there are additional records with
to backup elements that would be used in the event of failure. This higher priority that point to backup elements that would be used in
allows the constraint of [1] to be met while allowing for robust the event of failure. This allows the constraint of RFC BBBB [1] to
operation. be met while allowing for robust operation.
7 Security Considerations 7 Security Considerations
The authors do not believe that this specification introduces any DNS NAPTR records are used to allow a client to discover that the
additional security issues beyond those already described in RFC 2782 server supports TLS. An attacker could potentially modify these
and RFC 2915. records, resulting in a client using a non-secure transport when TLS
is, in fact available and preferred.
8 Registration of NATPR D2X Resolution Service This is partially mitigated by the presence of the sips URI scheme,
which is always sent only over TLS. An attacker cannot force a bid
down through deletion or modification of DNS records. In the worst
case, they can prevent communication from occurring by deleting all
records. A sips URI itself is generally exchanged within a secure
context, frequently on a business card or secure web page, or within
a SIP message which has already been secured with TLS. See RFC BBBB
[1] for details. The sips URI is therefore preferred when security is
truly needed, but we allow TLS to be used for requests resolved by a
SIP URI to allow security that is better than no TLS at all.
Name: Domain Name to Transport Protocol The bid down attack can also be mitigated through caching. A client
* Mnemonic: D2X, where X is managed by an IANA registration process which frequently contacts the same domain SHOULD cache whether or not
* Number of Operands: 1 its NAPTR records contain SIPS in the services field. If such records
* Type of Each Operand: Each operand is a domain were present, but in later queries cease to appear, it is a sign of a
* Format of Each Operand: Each operand is a domain name in standard potential attack. In this case, the client SHOULD generate some kind
format of alert or alarm, and MAY reject the request.
* Algorithm: Opaque
* Input String: The domain name from the SIP URI being used to An additional problem is that proxies, which are intermediaries
generate the NAPTR query. between the users of the system, are frequently the clients that
* Output: One or more SRV record keys perform the NAPTR queries. It is therefore possible for a proxy to
* Constraints: All records MUST only use the S flag. The P flag is ignore SIPS entries even though they are present, resulting in
expressly forbidden. downgraded security. There is very little that can be done to prevent
* Error Conditions: such attacks. Clients are simply dependent on proxy servers for call
o No overlap in transport protocol between client and server completion, and must trust that they implement the protocol properly
* Security Considerations: none in order for security to be provided. Falsifying DNS records can be
done by tampering with wire traffic (in the absence of DNSSEC),
whereas compromising and commandeering a proxy server requires a
break-in, and is seen as the considerably less likely downgrade
threat.
8 The Transport Determination Application
This section more formally defines the NAPTR usage of this
specification, using the Dynamic Delegation Discovery System (DDDS)
framework as a guide [7]. DDDS represents the evolution of the NAPTR
resource record. DDDS defines applications, which can make use of the
NAPTR record for specific resolution services. This application is
called the Transport Determination Application, and its goal is to
map an incoming SIP or SIPS URI to a set of SRV records for the
various servers that can handle the URI.
The following is the information that DDDS requests an application to
provide:
Application Unique String: The Application Unique String (AUS)
is the input to the resolution service. For this
application, it is the URI to resolve.
First Well Known Rule: The first well known rule extracts a key
from the AUS. For this application, the first well known
rule extracts the host portion of the SIP or SIPS URI.
Valid Databases: The key resulting from the first well known
rule is looked up in a single database, the DNS [8].
Expected Output: The result of the application is an SRV record
for the server to contact.
9 IANA Considerations 9 IANA Considerations
The usage of NAPTR records described here requires well known values The usage of NAPTR records described here requires well known values
for the service fields for each transport supported by SIP. The table for the service fields for each transport supported by SIP. The table
of mappings from service field values to transport protocols is to be of mappings from service field values to transport protocols is to be
maintained by IANA. New entries in the table MAY be added at any time maintained by IANA. New entries in the table MAY be added through the
when new transport protocols become available. Such additions are publication of standards track RFCs, as described in RFC 2434 [5].
subject to expert review.
The registration MUST include the following information: The registration in the RFC MUST include the following information:
Service Field: The service field being registered. An example Service Field: The service field being registered. An example
for a new fictitious transport protocol called NCTP might for a new fictitious transport protocol called NCTP might
be "SIP+D2N". be "SIP+D2N".
Protocol: The specific transport protocol associated with that Protocol: The specific transport protocol associated with that
service field. This MUST include the name and acronym for service field. This MUST include the name and acronym for
the protocol, along with reference to a document that the protocol, along with reference to a document that
describes the transport protocol. For example - "New describes the transport protocol. For example - "New
Connectionless Transport Protocol (NCTP), RFC5766". Connectionless Transport Protocol (NCTP), RFC5766".
Name and Contact Information: The name, address, email address Name and Contact Information: The name, address, email address
and telephone number for the person performing the and telephone number for the person performing the
registration. registration.
The following values are to be placed into the registry: The following values are to be placed into the registry:
Services Field Protocol Services Field Protocol
SIP+D2T TCP SIP+D2T TCP
SIPS+D2T TCP
SIP+D2U UDP SIP+D2U UDP
SIP+D2L TLS over TCP (RFC 2246)
SIP+D2S SCTP (RFC 2960) SIP+D2S SCTP (RFC 2960)
10 Changes Since -03 10 Acknowledgements
o Added IANA registration process.
o Included text discussing the problem of DNS TTL expiration for
stateless proxies.
o Clarified that maintenance of the table of availability for
servers is not a cache, and it is totally unrelated to DNS
processing.
o Changed the construction of the services field in NAPTR to
include the transport protocol, so its SIP+D2X, where X
depends on the transport protocol.
o Relaxed the constraint that the domain suffix in the NAPTR
records equal that of the target.
o Added a section on how to construct URIs for insertion into
Contact and Record-Route headers.
11 Acknowledgements
The authors would like to thank Patrik Faltstrom for his useful The authors would like to thank Randy Bush, Leslie Daigle, Patrik
comments. Faltstrom, Jo Hornsby, Rohan Mahy, Allison Mankin, Michael Mealling,
Thomas Narten and Jon Peterson for their useful comments.
12 Author's Addresses 11 Author's Addresses
Jonathan Rosenberg Jonathan Rosenberg
dynamicsoft dynamicsoft
72 Eagle Rock Avenue 72 Eagle Rock Avenue
First Floor First Floor
East Hanover, NJ 07936 East Hanover, NJ 07936
email: jdrosen@dynamicsoft.com email: jdrosen@dynamicsoft.com
Henning Schulzrinne Henning Schulzrinne
Columbia University Columbia University
M/S 0401 M/S 0401
1214 Amsterdam Ave. 1214 Amsterdam Ave.
New York, NY 10027-7003 New York, NY 10027-7003
email: schulzrinne@cs.columbia.edu email: schulzrinne@cs.columbia.edu
13 Bibliography 12 Normative References
[1] J. Rosenberg, H. Schulzrinne, et al. , "SIP: Session initiation [1] J. Rosenberg, H. Schulzrinne, et al. , "SIP: Session initiation
protocol," Internet Draft, Internet Engineering Task Force, Oct. protocol," Internet Draft, Internet Engineering Task Force, Oct.
2001. Work in progress. 2001. Work in progress.
[2] A. Gulbrandsen, P. Vixie, and L. Esibov, "A DNS RR for specifying [2] A. Gulbrandsen, P. Vixie, and L. Esibov, "A DNS RR for specifying
the location of services (DNS SRV)," Request for Comments 2782, the location of services (DNS SRV)," Request for Comments 2782,
Internet Engineering Task Force, Feb. 2000. Internet Engineering Task Force, Feb. 2000.
[3] M. Mealling and R. Daniel, "The naming authority pointer (NAPTR) [3] M. Mealling and R. Daniel, "The naming authority pointer (NAPTR)
DNS resource record," Request for Comments 2915, Internet Engineering DNS resource record," Request for Comments 2915, Internet Engineering
Task Force, Sept. 2000. Task Force, Sept. 2000.
[4] S. Bradner, "Key words for use in RFCs to indicate requirement [4] S. Bradner, "Key words for use in RFCs to indicate requirement
levels," Request for Comments 2119, Internet Engineering Task Force, levels," Request for Comments 2119, Internet Engineering Task Force,
Mar. 1997. Mar. 1997.
[5] T. Narten and H. Alvestrand, "Guidelines for writing an IANA
considerations section in RFCs," Request for Comments 2434, Internet
Engineering Task Force, Oct. 1998.
13 Non-Normative References
[6] M. Handley, H. Schulzrinne, E. Schooler, and J. Rosenberg, "SIP:
session initiation protocol," Request for Comments 2543, Internet
Engineering Task Force, Mar. 1999.
[7] M. Mealling, "Dynamic delegation discovery system (DDDS) part
one: The comprehensive DDDS standard," Internet Draft, Internet
Engineering Task Force, Oct. 2001. Work in progress.
[8] M. Mealling, "Dynamic delegation discovery system (DDDS) part
three: The DNS database," Internet Draft, Internet Engineering Task
Force, Oct. 2001. Work in progress.
Full Copyright Statement Full Copyright Statement
Copyright (c) The Internet Society (2002). All Rights Reserved. Copyright (c) The Internet Society (2002). All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph are kind, provided that the above copyright notice and this paragraph are
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/