2 |
SIP: Understanding the Session Initiation Protocol |
•Modification of existing media sessions;
•Teardown of existing media sessions.
SIP has also been extended to request and deliver presence information (online/off-line status and location information such as that contained in a buddy list) as well as instant message sessions. These functions include:
•Publishing and uploading of presence information;
•Requesting delivery of presence information;
•Presence and other event notification;
•Transporting of instant messages.
While some of the examples discuss SIP from a telephony perspective, there will be many nontelephony uses for SIP. SIP will likely be used to establish a set of session types that bear almost no resemblance to a telephone call.
The following section will introduce the Internet multimedia protocol stack and discuss these protocols at a high level.
1.2 Internet Multimedia Protocol Stack
Figure 1.1 shows the five layer Internet multimedia protocol stack. The layers shown and protocols identified will be discussed.
1.2.1Physical Layer
The physical layer is the lowest layer of the protocol stack. It shows how devices are physically connected with each other. Common physical layer methods include copper (coax, twisted pair, or other wired connections), photons (fiber optics, laser light, or other photonic sources), or phonons (radio waves, microwaves, or other electromagnetic transmissions).
1.2.2Data/Link Layer
The next layer is the data/link layer, which could be an Ethernet local area network (LAN); a telephone line (V.90 or 56k modem) running Point-to-Point Protocol (PPP); a digital subscriber line (DSL); or even a wireless 802.11 network. This layer performs such functions as symbol exchange, frame synchronization, and physical interface specification. Ethernet typically adds a 13-octet header and a 3-octet footer to every packet sent. Note that an octet is 8 bits of data, sometimes called a byte.
SIP and the Internet |
3 |
1.2.3Network Layer
The next layer in Figure 1.1 is the network or Internet layer. Internet Protocol (IP) [2] is used at this layer to route a packet across the network using the destination IP address. IP is a connectionless, best-effort packet delivery protocol. IP packets can be lost, delayed, or received out of sequence. Each packet is routed on its own using the IP header appended to the physical packet. Most IP address examples in this book use the older version of IP, version 4 (IPv4). IPv4 addresses are four octets long, usually written in “dotted decimal” notation (for example, 207.134.3.5). At the IP layer, packets are not acknowledged. A checksum is calculated to detect corruption in the IP header, which could cause a packet to become misrouted. Corruption or errors in the IP payload, however, are not detected; a higher layer must perform this function if necessary, and it is usually done at the transport layer. IP uses a single-octet protocol number in the packet header to identify the transport layer protocol that should receive the packet.
IP version 6 (IPv6) [3] was developed by the IETF as a replacement for IPv4. It has been slowly gaining support and is supported now by most operating systems. The biggest initial networks of IPv6 are wireless telephony carriers who need the most important advantage of IPv6 over IPv4—a much enlarged addressing space. IPv6 increases the addressing space from 32 bits in IPv4 to 128 bits, providing for over 4 billion IPv6 addresses. An IPv6 address is typically written as a sequence of eight hexadecimal numbers separated by colons. For example, 0:0:0:0:aaaa:bbbb:cccc:dddd is an IPv6 address written in this format. It is also common to drop sequences of zeros with a single double colon. This same address can then be written as ::aaaa:bbbb:cccc:dddd. SIP can use either IPv4 or IPv6.
IP addresses used over the public Internet are assigned in blocks by regional internet registries (RIR). For example, the American Registry for Internet
Figure 1.1 The Internet multimedia protocol stack.
4 |
SIP: Understanding the Session Initiation Protocol |
Numbers (ARIN) allocates addresses in North America while Réseaux IP Européens Network Coordination Centre (RIP ENCC) allocates addresses in Europe. The Internet Assigned Number Association (IANA) manages the overall IP address pool, delegating blocks to the RIRs. Individual end users and enterprises use IP addresses allocated to them by their Internet Service Provider (ISP) from a regional registry.
As a result of this centralized assignment, IP addresses are globally unique. This enables a packet to be routed across the public Internet using only the destination IP address. Various protocols are used to route packets over an IP network, but they are outside of the scope of this book. Subnetting and other aspects of the structure of IP addresses are also not covered here. There are other excellent sources [4] that cover the entire suite of TCP/IP protocols in more detail.
Private IP addresses are addresses that are not routable on the public Internet but can be routable on a stub network LAN. A router performing network address translation (NAT) is used when a host with a private IP address needs to access resources on the public Internet. NAT temporarily binds or maps a host’s private IP address, which is only routable within the LAN with a public IP address that has been allocated to the NAT. The NAT rewrites IP packets as they pass through in both directions, allowing connections. A detailed description of NAT and how it affects SIP and Internet communications can be found in Chapter 10. There are three IPv4 address blocks which have been allocated for private addresses in [5]:
10.0.0.0 - 10.255.255.255 or 10/8 172.16.0.0 - 172.31.255.255 or 172.16/12 192.168.0.0 - 192.168.255.255 or 192.168/16
Configuration information for Internet Protocol can be manually configured in a host or it can be learned automatically. Typically a host needs to know its own IP address, default gateway, subnet mask, and DNS server addresses. One common protocol for this is Dynamic Host Configuration Protocol (DHCP) which is defined by RFC 2132 [6]. DHCP allows a host to autodiscover all these parameters upon initialization of the IP stack. There are various DHCP extensions which have been defined to autoconfigure other protocols, including SIP.
1.2.4Transport Layer
The next layer shown in Figure 1.1 is the transport layer. It uses a two-octet port number from the application layer to deliver the datagram or segment to the correct application layer protocol at the destination IP address. There are two commonly used transport layer protocols: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). In addition, there are two uncommon trans-
SIP and the Internet |
5 |
port protocols: Stream Control Transmission Protocol (SCTP) and Datagram Congestion Control Protocol (DCCP), which are beginning to be used on the Internet. There is also Transport Layer Security (TLS) which provides security on top of TCP. These protocols are introduced in the following sections.
1.2.4.1 Transmission Control Protocol
Transmission Control Protocol (TCP) [7] provides reliable, connection-oriented transport over IP. A TCP connection between two hosts over an IP network is sometimes known as a socket. TCP is a client/server protocol. Servers “listen” on a specific port number for an incoming request to open a socket. A client sends a request to open a new socket to the server on the well-known port. The combination of the source IP address, source port, destination IP address, and destination port identifies the socket connection. As such, it is possible for two hosts to have multiple TCP connections open between them.
TCP uses sequence numbers and positive acknowledgments to ensure that each block of data, called a segment, has been received. Lost segments are retransmitted until they are successfully received. Figure 1.2 shows the message exchange to establish and tear down a TCP connection. A TCP server listens on a well-known port for a TCP SYN (synchronization) message to open the connection. The SYN message contains the initial sequence number the client will use during the connection. The server responds with an ACK message to acknowledge the SYN with an acknowledgment number, and then follows up with its own SYN message containing its own initial sequence number. Often, these two messages are combined into one SYN-ACK message that does both functions. The client completes the three-way handshake with an ACK or a DATA packet with the AK flag set to the server acknowledging the server’s sequence number. Now that the connection is open, either client or server can send data in DATA packets (segments). The connection is closed when either side sends a FIN packet that receives an ACK. This exchange is shown in Figure 1.2.
TCP sends data in units called segments. The maximum segment size (MSS) is negotiated between the hosts during the handshake, and is usually based on the maximum transmission unit (MTU) of the local network. In general, the larger the segment size the more efficient the transport, except when packet loss is present when smaller segments can result in fewer retransmissions. A typical MTU value for the Internet is 1,500 octets.
TCP uses cumulative acknowledgements for reliability. The recipient sends ACK packets including the next sequence number it expects to receive. If a sender does not receive an ACK within a certain time period, the segment is resent. An example is shown in Figure 1.3.
TCP also has built in flow control. Flow control is used by a receiver to slow down the rate of transmission to allow the receiver to properly process or buffer incoming segments. TCP uses a sliding window for end-to-end control.
6 |
SIP: Understanding the Session Initiation Protocol |
|||||||
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Figure 1.2 TCP handshake example.
Figure 1.3 TCP reliability example.
Senders can only send the number of octets in the window before waiting for an ACK. A receiver can reduce the size of the window in ACK messages, even setting it to 0 to cause the sender to stop sending. Once the receiver has caught up, another ACK can be sent to increase the window size and resume the flow of segments. This is shown in Figure 1.4.
|
|
|
|
SIP and the Internet |
7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Figure 1.4 TCP flow control example.
TCP also has built in congestion control. TCP uses a slow-start algorithm to attempt to avoid congestion. When congestion occurs, TCP uses a fast retransmit and a fast recovery. The details of how these algorithms work can be found in any good TCP/IP reference such as [4].
TCP adds a 20-octet header field to each packet, and is a stream-oriented transport. An application using TCP to send messages must provide its own framing or separation between messages. Error segments are detected by a checksum covering both the TCP header and payload.
1.2.4.2 Transport Port Numbers
Ports numbers are used by the transport layer to multiplex and demultiplex multiple connections on a single host. Otherwise a pair of hosts could only have a single connection between them. Also, messages for different protocols can be separated by using different port numbers. Often these port numbers are associated with a specific protocol. Others are registered to a particular protocol. Ports are a 16 bit integer. Ports in the range 0 to 1024 are called well-known ports. Ports in the range of 1024 through 49151 are known as registered ports. Ports in the range of 49152 through 65535 are known as dynamic, private, or ephemeral ports. For example, Web servers use the well known port of 80, SIP uses the registered ports of 5060 and 5061, while RTP usually uses a dynamic port.
1.2.4.3 User Datagram Protocol
User Datagram Protocol (UDP) [8] provides unreliable transport across the Internet. It is a best-effort delivery service, since there is no acknowledgment of
8 |
SIP: Understanding the Session Initiation Protocol |
sent datagrams. Most of the complexity of TCP is not present, including sequence numbers, acknowledgments, and window sizes. UDP does detect datagrams with errors with a checksum. It is up to higher layer protocols to detect this datagram loss and initiate a retransmission if desired.
UDP does not provide congestion control or flow control—if any of these functions are needed, they must be built into the application layer protocol. UDP is best suited for short, single packet exchanges such as DNS or routing queries. It is also good for real-time, low latency transports protocols such as SIP and RTP.
UDP adds an 8 octet header field to datagrams. Applications and protocols that use UDP must do their own framing—they must break up information into individual UDP packets. For a message oriented protocol, this typically means one message or request per UDP datagram.
1.2.4.4 Transmission Layer Security
Transmission Layer Security (TLS) [9] is based on the Secure Sockets Layer (SSL) protocol first used in Web browsers. TLS uses TCP for transport although it has recently been extended to also run over UDP. TLS is commonly used today on the Internet for secure Web sites using the secure HTTP (https) URI scheme.
The TLS protocol has two layers: the TLS Transport Protocol and the TLS Handshake Protocol. The TLS Transport Protocol is used to provide a reliable and private transport mechanism. Data sent using the TLS Transport Protocol is encrypted so that a third party cannot intercept the data. A third party also cannot modify the transported data without one of the parties discovering this. The TLS Handshake Protocol is used to establish the connection, negotiate the encryption keys used by the TLS Transport Protocol, and provide authentication.
The key agreement scheme selects an encryption algorithm and generates a one-time key based on a secret passed between the two sides. During the handshake, the parties exchange certificates, which can be used for authentication. The cryptographic computations for a TLS connection are not trivial, and the multiple round trips needed to open a connection can add to message latency. Also, certificate verification can introduce processing delays. However, TLS transport has clear security advantages over UDP or TCP. TLS is widely supported due to its use in secure Web browsers and servers. TLS will be discussed more in Chapter 14.
1.2.4.5 Stream Control Transport Protocol
The Stream Control Transmission Protocol (SCTP) [10] is similar to TCP in that it provides reliable stream-based transport. However, it has some advantages over TCP transport for a message-based protocol. First, it has built-in message segmentation, so that individual messages are separated at the transport layer. Another advantage is that SCTP avoids the so-called “head of line blocking”