Internet Engineering Task Force (IETF) H. Kaplan Request for Comments: 7403 Oracle Category: Standards Track November 2014 ISSN: 2070-1721
Internet Engineering Task Force (IETF) H. Kaplan Request for Comments: 7403 Oracle Category: Standards Track November 2014 ISSN: 2070-1721
A Media-Based Traceroute Function for the Session Initiation Protocol (SIP)
会话启动协议(SIP)的基于媒体的跟踪路由功能
Abstract
摘要
SIP already provides the ability to perform hop-by-hop traceroute for SIP messages using the Max-Forwards header field to determine the reachability path of requests to a target. A mechanism for media-loopback calls has also been defined separately, which enables test calls to be generated that result in media being looped back to the originator. This document describes a means of performing hop-by-hop traceroute-style test calls using the media-loopback mechanism to test the media path when SIP sessions go through media-relaying back-to-back user agents (B2BUAs).
SIP已经提供了使用Max Forwards标头字段为SIP消息执行逐跳跟踪路由的能力,以确定到目标的请求的可达路径。还单独定义了媒体环回调用机制,该机制允许生成测试调用,从而将媒体环回给发起人。本文档描述了在SIP会话通过媒体中继背靠背用户代理(B2BUA)时,使用媒体环回机制执行逐跳跟踪路由式测试调用的方法,以测试媒体路径。
Status of This Memo
关于下段备忘
This is an Internet Standards Track document.
这是一份互联网标准跟踪文件。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7403.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7403.
Copyright Notice
版权公告
Copyright (c) 2014 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2014 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................2 2. Terminology .....................................................3 3. The SIP Traceroute Mechanism ....................................4 3.1. Processing a Received Max-Forwards Header Field ............4 3.2. Answering the INVITE .......................................5 4. Security Considerations .........................................5 5. Normative References ............................................6 Acknowledgments ....................................................7 Author's Address....................................................7
1. Introduction ....................................................2 2. Terminology .....................................................3 3. The SIP Traceroute Mechanism ....................................4 3.1. Processing a Received Max-Forwards Header Field ............4 3.2. Answering the INVITE .......................................5 4. Security Considerations .........................................5 5. Normative References ............................................6 Acknowledgments ....................................................7 Author's Address....................................................7
In many deployments, the media for SIP-created sessions does not flow directly from the originating User Agent Client (UAC) to the answering User Agent Server (UAS). Often, SIP B2BUAs in the SIP signaling path also insert themselves in the media plane path by manipulating Session Description Protocol (SDP), either for injecting media such as rich ringtones or music-on-hold or for relaying media in order to provide functions such as transcoding, IPv4-IPv6 conversion, NAT traversal, Secure Realtime Transport Protocol (SRTP) termination, media steering, etc.
在许多部署中,SIP创建会话的介质不会直接从发起用户代理客户端(UAC)流向应答用户代理服务器(UAS)。通常,SIP信令路径中的SIP B2BUA还通过操纵会话描述协议(SDP)将其自身插入媒体平面路径中,用于注入媒体,如富格铃声或音乐保持,或用于中继媒体,以便提供诸如转码、IPv4-IPv6转换、NAT穿越等功能,安全实时传输协议(SRTP)终止、媒体控制等。
As more SIP domains get deployed and interconnected, the odds of a SIP session crossing such media-plane B2BUAs increases as well as the number of such B2BUAs any given SIP session may go through. In other words, any given SIP session may cross any number of B2BUAs both in the SIP signaling plane as well as the media plane.
随着越来越多的SIP域被部署和互连,SIP会话穿越此类媒体平面B2BUAs的几率以及任何给定SIP会话可能通过的此类B2BUAs的数量增加。换句话说,任何给定的SIP会话可以在SIP信令平面以及媒体平面中跨越任意数量的b2bua。
When a failure or degradation occurs in the media plane, it is difficult to determine where in the media path it occurred. In order to aid managing and troubleshooting SIP-based sessions and media
当介质平面发生故障或降级时,很难确定故障发生在介质路径的何处。为了帮助管理和排除基于SIP的会话和媒体故障
traversing such B2BUAs, it would be useful to progressively test the media path as it reaches successive B2BUAs with a test controlled solely by the source User Agent (UA). A mechanism to perform media-loopback test sessions has been defined in [RFC6849], but it cannot be used directly to test B2BUAs because, typically, the B2BUAs do not have an Address of Record (AOR) to be targeted, nor is it known a priori which B2BUAs will be traversed for any given session.
通过这样的B2BUA,当媒体路径到达连续的B2BUA时,使用仅由源用户代理(UA)控制的测试逐步测试媒体路径将是有用的。[RFC6849]中定义了一种执行媒体环回测试会话的机制,但它不能直接用于测试B2BUA,因为B2BUA通常没有目标记录地址(AOR),也不知道任何给定会话将遍历哪个B2BUA。
For example, suppose calls from Alice to Bob have media problems. Alice would like to test the media path to each B2BUA in the path to Bob separately, to determine which segment has the issues. Alice cannot target the B2BUAs directly for each test call; she doesn't know which URIs to use to target them, nor would using such URIs guarantee the same media path be used as a call to Bob. A better solution would be to make a test call targeted to Bob, but with a SIP traceroute-type mechanism that makes the call terminate at the B2BUAs, such that she can perform test sessions to test the media path to each downstream B2BUA.
例如,假设Alice给Bob的电话有媒体问题。Alice想分别测试Bob路径中每个B2BUA的媒体路径,以确定哪个段存在问题。Alice不能直接针对每个测试调用的B2BUA;她不知道使用哪个URI来定位它们,也不知道使用这样的URI可以保证将相同的媒体路径用作对Bob的调用。更好的解决方案是针对Bob进行测试调用,但使用SIP跟踪路由类型机制,使调用在B2BUA处终止,以便她可以执行测试会话来测试到每个下游B2BUA的媒体路径。
This document defines how such a mechanism can be employed, using the mechanism in [RFC6849] along with the Max-Forwards SIP header field such that a SIP UA can make multiple test calls, each reaching a B2BUA further downstream. Each B2BUA in the path that supports the mechanism in [RFC6849] would answer the media-loopback call; thus, the originating SIP UA can test the media path up to that B2BUA.
本文档定义了如何使用这种机制,使用[RFC6849]中的机制以及Max Forwards SIP header字段,使得SIP UA可以进行多个测试调用,每个测试调用到达更下游的B2BUA。路径中支持[RFC6849]中机制的每个B2BUA将应答媒体环回呼叫;因此,发起SIP UA可以测试到达该B2BUA的媒体路径。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释。
B2BUA: a SIP Back-to-Back User Agent, which is the logical combination of a User Agent Server (UAS) and User Agent Client (UAC).
B2BUA:SIP背靠背用户代理,是用户代理服务器(UAS)和用户代理客户端(UAC)的逻辑组合。
UAS: a SIP User Agent Server
UAS:SIP用户代理服务器
UAC: a SIP User Agent Client
UAC:SIP用户代理客户端
Traceroute: a mechanism to trace a path of hops from an originator to a destination. For IP, this is typically done using the Time To Live (TTL) field of the IP header, starting at the value 1 and incrementing by 1 as each IP hop responds with an ICMP error. For SIP, this can be done using Max-Forwards header field starting with the value 0, in a similar fashion to the TTL field.
追踪路由:追踪从发端到目的地的跳跃路径的机制。对于IP,这通常使用IP头的生存时间(TTL)字段来完成,从值1开始,随着每个IP跃点响应ICMP错误而递增1。对于SIP,这可以使用以值0开头的Max Forwards标头字段来完成,方式与TTL字段类似。
It is assumed the reader is already familiar with media-loopback [RFC6849].
假定读者已经熟悉媒体环回[RFC6849]。
The Max-Forwards header field can already be used to generate a simple SIP-request traceroute by generating a SIP request initially using a Max-Forwards value of 0, receiving a 483 Too Many Hops response from the next-hop, and then incrementing the value for subsequent SIP requests; one would thereby reach SIP devices further and further downstream, receiving 483 from each of them.
Max-Forwards报头字段已经可用于生成简单的SIP请求跟踪路由,方法是:最初使用Max-Forwards值0生成SIP请求,从下一个跃点接收483个过多跃点响应,然后增加后续SIP请求的值;因此,人们将越来越远地到达下游的SIP设备,从每个SIP设备接收483个SIP设备。
The mechanism described in this document uses such a traceroute of a Max-Forwards style to perform media-loopback testing. To perform a SIP media-plane traceroute, the originating UAC (Alice) generates a SIP INVITE to a target AOR (Bob), with a Max-Forwards header field value of 0 and with SDP based on [RFC6849]. The SIP next-hop will either reject the request with a 483 Too Many Hops response or, if the next-hop is a B2BUA that supports this mechanism and if the B2BUA allows such testing from the requesting UAC, the B2BUA will answer the INVITE to establish the dialog and create a media-loopback session.
本文档中描述的机制使用Max Forwards样式的跟踪路由来执行媒体环回测试。为了执行SIP媒体平面跟踪路由,发起UAC(Alice)生成一个到目标AOR(Bob)的SIP INVITE,最大转发头字段值为0,SDP基于[RFC6849]。SIP下一跳将拒绝带有483个过多跳响应的请求,或者,如果下一跳是支持此机制的B2BUA,并且如果B2BUA允许来自请求UAC的此类测试,B2BUA将响应该邀请以建立对话并创建媒体环回会话。
The originating UAC can then end the media-loopback session, generate another INVITE to the same target AOR with a Max-Forwards header field value of 1, which will reach the second SIP next-hop, and so on.
然后,发起UAC可以结束媒体环回会话,生成另一个到同一目标AOR的邀请,最大转发头字段值为1,这将到达第二个SIP下一跳,依此类推。
A SIP Reason header field cause value of '483' (as defined in [RFC3326]) will be in the 200 answer from each B2BUA answering the INVITE, until the INVITE reaches the final UAS (Bob), which does not use the Reason cause value (see Section 3.2 for details).
SIP原因标头字段原因值“483”(如[RFC3326]中所定义)将出现在应答邀请的每个B2BUA的200个应答中,直到邀请到达最终UAS(Bob),该UAS不使用原因值(详情见第3.2节)。
Using this mechanism, a SIP UAC can test the path from itself to each successive B2BUA on the path to a target. Such a mechanism could also be useful for establishing a permanent test call between an Enterprise and a Service Provider across a SIP Trunk, for example, or for automated measurement systems to test the media path between domains, etc.
使用此机制,SIP UAC可以测试从自身到目标路径上每个后续B2BUA的路径。例如,这种机制还可用于在企业和服务提供商之间跨SIP中继建立永久测试呼叫,或用于自动测量系统以测试域之间的媒体路径等。
As currently defined in [RFC3261], the UAS half of a B2BUA does not technically need to inspect the Max-Forwards header field value for received requests: only Proxies do. This behavior was updated by [RFC7332], such that a compliant B2BUA needs to both inspect the value in order to prevent loops, as well as copy and decrement the value as if it were a Proxy. This document also requires such
正如[RFC3261]中当前定义的那样,B2BUA的UAS半部分在技术上不需要检查接收请求的最大转发头字段值:只有代理才需要。此行为由[RFC7332]更新,因此符合要求的B2BUA既需要检查值以防止循环,也需要复制和减少值,就像它是代理一样。本文件还要求这样做
behavior in order for the mechanism to succeed; therefore, a B2BUA supporting the traceroute mechanism defined in this document MUST also comply with [RFC7332].
为使该机制成功而采取的行为;因此,支持本文件中定义的跟踪路由机制的B2BUA也必须符合[RFC7332]。
If a SIP B2BUA receives a dialog-creating INVITE request with a Max-Forwards header value of 0, with SDP for media-loopback based on [RFC6849], and the policies of the B2BUA allow it to answer such a request, then it is answered as if the original target of the request were the local SIP B2BUA. The normal procedures of SIP apply, as well as [RFC6849], as if the request had been targeted at the local B2BUA device as the intended destination all along.
如果SIP B2BUA接收到一个创建INVITE请求的对话框,该对话框的最大转发头值为0,SDP基于[RFC6849]进行媒体环回,并且B2BUA的策略允许其响应这样的请求,则该请求的响应就像该请求的原始目标是本地SIP B2BUA一样。SIP的正常过程以及[RFC6849]都适用,就好像请求一直以本地B2BUA设备作为预期目的地一样。
In the 200 response for the INVITE, the B2BUA MUST also add a Reason header, per [RFC3326], with a protocol field value of "SIP", a cause field value of "483", and a reason-text value of "Traceroute Response". The purpose of the Reason header is to indicate to the UAC that the request is being answered due to reaching a Max-Forwards of 0, rather than being answered due to reaching the final UAS. When the ultimate target UAS answers a loopback-based INVITE with a Max-Forwards greater than or equal to 0, the Reason header would not be added to the response and the UAC will know the traceroute is complete.
在INVITE的200响应中,B2BUA还必须根据[RFC3326]添加一个原因头,协议字段值为“SIP”,原因字段值为“483”,原因文本值为“Traceroute response”。原因标头的目的是向UAC表明,请求是由于到达最大转发0而被应答的,而不是由于到达最终UAS而被应答的。当最终目标UAS以大于或等于0的最大转发数回答基于环回的邀请时,原因标头将不会添加到响应中,UAC将知道跟踪路由已完成。
If a B2BUA receives an INVITE with media-loopback SDP and a Max-Forwards header field value of 0, as defined in this document, and it does not accept the session (e.g., due to local policy), then it SHOULD respond with a 483 Too Many Hops response, per the normal rules of [RFC3261], as it would previously. In other words, in such a case, it behaves no differently than it would have if it did not support this document's new behavior.
如果B2BUA接收到媒体环回SDP和最大转发头字段值为0的INVITE,如本文档中所定义,并且它不接受会话(例如,由于本地策略),则它应按照[RFC3261]的正常规则,以483个过多跃点响应,如前所述。换句话说,在这种情况下,它的行为与不支持此文档的新行为时没有任何不同。
There are security implications for the mechanism defined in this document. Answering media-loopback calls in a B2BUA consumes resources on the B2BUA, and network bandwidth in between and, thus, exposes a vector for denial-of-service (DoS) attacks; therefore, B2BUAs should provide configuration options to control who can make such test calls, how many concurrent calls can be established and maintained, and how long calls can continue. Entities that deploy B2BUAs should set these options to values that reduce the DoS risk to an acceptable level. For example, a B2BUA might perform digest-challenge authentication with specific credentials for such calls or it might only allow specific sources to make such calls, at a
本文档中定义的机制存在安全隐患。在B2BUA中应答媒体环回呼叫会消耗B2BUA上的资源,以及介于和之间的网络带宽,从而暴露拒绝服务(DoS)攻击的载体;因此,B2BUA应提供配置选项,以控制谁可以进行此类测试调用、可以建立和维护多少并发调用以及调用可以持续多长时间。部署B2BUA的实体应将这些选项设置为将DoS风险降低到可接受水平的值。例如,B2BUA可能会使用此类呼叫的特定凭据执行摘要质询身份验证,或者它可能只允许特定来源在特定时间进行此类呼叫
specific time. Such policies are typically vendor specific based on local policies and deployment usage scenarios and cannot be explicitly defined in this document.
具体时间。此类策略通常是基于本地策略和部署使用场景的特定于供应商的策略,无法在本文档中明确定义。
The security considerations of [RFC6849] also apply to this document. Since B2BUAs are not end-user devices, there is no human user to monitor the loopback session activity on the B2BUA as recommended in [RFC6849]; instead, B2BUAs should log such events or provide some form of administrative notification.
[RFC6849]的安全注意事项也适用于本文件。由于B2BUA不是最终用户设备,因此[RFC6849]中建议的B2BUA上没有人工用户监控环回会话活动;相反,B2BUA应该记录此类事件或提供某种形式的管理通知。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997, <http://www.rfc-editor.org/info/rfc2119>.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月<http://www.rfc-editor.org/info/rfc2119>.
[RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Session Initiation Protocol", RFC 3261, June 2002, <http://www.rfc-editor.org/info/rfc3261>.
[RFC3261]Rosenberg,J.,Schulzrinne,H.,Camarillo,G.,Johnston,A.,Peterson,J.,Sparks,R.,Handley,M.,和E.Schooler,“SIP:会话启动协议”,RFC 3261,2002年6月<http://www.rfc-editor.org/info/rfc3261>.
[RFC3326] Schulzrinne, H., Oran, D., and G. Camarillo, "The Reason Header Field for the Session Initiation Protocol (SIP)", RFC 3326, December 2002, <http://www.rfc-editor.org/info/rfc3326>.
[RFC3326]Schulzrinne,H.,Oran,D.,和G.Camarillo,“会话启动协议(SIP)的原因头字段”,RFC3326,2002年12月<http://www.rfc-editor.org/info/rfc3326>.
[RFC6849] Kaplan, H., Ed., Hedayat, K., Venna, N., Jones, P., and N. Stratton, "An Extension to the Session Description Protocol (SDP) and Real-time Transport Protocol (RTP) for Media Loopback", RFC 6849, February 2013, <http://www.rfc-editor.org/info/rfc6849>.
[RFC6849]Kaplan,H.,Ed.,Hedayat,K.,Venna,N.,Jones,P.,和N.Stratton,“媒体环回会话描述协议(SDP)和实时传输协议(RTP)的扩展”,RFC 6849,2013年2月<http://www.rfc-editor.org/info/rfc6849>.
[RFC7332] Kaplan, H. and V. Pascual, "Loop Detection Mechanisms for Session Initiation Protocol (SIP) Back-to-Back User Agents (B2BUAs)", RFC 7332, August 2014, <http://www.rfc-editor.org/info/rfc7332>.
[RFC7332]Kaplan,H.和V.Pascual,“会话启动协议(SIP)背对背用户代理(B2BUAs)的循环检测机制”,RFC 7332,2014年8月<http://www.rfc-editor.org/info/rfc7332>.
Acknowledgments
致谢
The general concept of performing media-loopback on a hop-by-hop basis using a decrementing header traceroute-style approach came out of discussions several years ago, between the author, Kaynam Hedayat, Nagarjuna Venna, and Patrick MeLampy. Other people that have contributed to the topic over the years since then: Brett Tate, Paul Kyzivat, Peter Dawes, Zaid Ally, Dianna Stiller, Jon Boone, and several others whom I have lost the names of since.
几年前,作者Kaynam Hedayat、Nagarjuna Venna和Patrick MeLampy进行了讨论,提出了在逐跳基础上使用递减头跟踪路由方式执行媒体环回的一般概念。从那以后的几年里,其他对这个话题做出贡献的人有:布雷特·泰特、保罗·基齐瓦特、彼得·道斯、扎伊德·艾利、黛安娜·斯蒂勒、乔恩·布恩,还有其他几个我从那以后就不知道名字的人。
Author's Address
作者地址
Hadriel Kaplan Oracle EMail: hadrielk@yahoo.com
Hadriel Kaplan Oracle电子邮件:hadrielk@yahoo.com