Title: SIP for VoIP and Presence
1SIP for VoIP and Presence
- Jiri Kuthan, iptel.org/FhG
- With additions by Henning Schulzrinne
- sipjiri_at_iptel.org
- September 2003, December 2005
2Example Web Integration, Missed
Calls/Click-to-Dial
Motivation Applications
Click To Dial
3Scenario Internet Telephony Providers
Motivation Scenarios
- Borderless customer base Services available
anywhere on the public Internet to subscribers
very much like E-mail. - Low CAPEX and OPEX.
- PSTN connectivity typically offered as an extra
option (example deltathree charges lt.1 per
US2UK minute and 11 a month for a US 800 number) - Freebies FWD, PCH, iptel SipPhone.
- PSTN-termination deltathree, packet8, Vonage
IP Telephony Users With Softphones and Hardphones
Providers SIP Server keeps track of users
and Powers services
Gateways Terminate And Initate Calls in PSTN
4Scenario Use In Enterprises
Motivation Scenarios
PSTN
- Services available to all companys users,
on-site, off-site and multi-site toll bypass. - No telephone line required for home-workers and
remote offices. - Single infrastructure for data and voice.
- Effectiveness tools.
- Service operation can be outsourced in a
Centrex-like manner (MCI Advantage). Like with
web/email, single server may host multiple
domains.
RIPE Meeting
E1
WaveLAN
T1
DSL
5Basic SIP Call-Flow
Technology SIP
- SIP is HTTP-like, textual, client-server
protocol, using email-like addresses - So-called Proxy server takes care of setting up
sessions between users - Signaling independent on media both take
different path
Proxy
sipjiri_at_195.37.78.173
Caller_at_sip.com
6Basic Server Element SIP Proxy
Technology SIP
PSTN Gateway
SMS Gateway
- Proxy servers maintain central role in SIP
networks - They glue SIP components such as phones,
gateways, applications and other domains - They provide place for service implementation
(missed calls, forwarding, screening, etc.) and
service access control - SER www.iptel.org/ser/
Applications
proxy
IP Phone Pool
Other domains
7What Is SIP Good In?
Technology SIP
- Easy service integration its design roots in
SNMP and HTTP protocols it integrates easily
with applications built on top of them. - Reusability, e.g., instant messaging and presence
can be ran with the same protocol and
infrastructure. - High scalability protocol maintains only
transaction state in network. With SER, we
achieve thousands of calls per second on a PC. - Affordability Free SIP servers and softphones
exist.
8? Things That Work
Technology Concern Stack
- Basic VoIP services work, so do complementary
integrated services such as instant messaging,
voicemail, etc. - Numbering plans easy to maintain and they
complement domain names well. - QoS mostly pleasant. (Most broadband calls
feature 150 ms RTT and packet loss close to
zero.) - Solid SIP implementations interoperate fairly
well. - Billing machinery works too Accounting easy,
though not standardized. Gateways with accounting
support exist today - Interoperation with other technologies works too,
PSTN gateway market established (single-vendor
dominance too).
9? Concern Performance
Technology Concern Stack
- Performance are you really able to process all
the crap messages you receive over the public
Internet? - iptel.orgs operational observation 80 of
traffic is invalid messages caused by
misconfigured or broken devices. - Use of applications such as presence increase
per-user load compared to VoIP roughly by factor
of 100. - Other stress factors reboot avalanches, DoS.
- Nevertheless we have the capacity today our
measurements indicate proxy transactional
throughput of hundreds to thousands of calls per
second. Sufficient to power large subscriber
populations.
10History
- Carrying voice on IP-based packet networks first
identified by Cohen in 1977 - Commercialization and standardization began in
1995 Vocaltec the first company to ship IP2PSTN
gateways (proprietary) - SIP standardization began in IETF in 1995
- Adoption of SIP for use in 3GPP in late nineties
- Motivation
- Cost saving through telco by-passing
- Service Integration
D. Cohen, Issues in transnet packetized voice
communications, In Proceedings of the 5th Data
Communications Symposium
11IETF Where SIP Was Born
- The IETF is a large open international community
of network designers, operators, vendors, and
researchers concerned with the evolution of the
Internet architecture and the smooth operation of
the Internet. - Working Groups related to Internet telephony
- QoS Related DiffServ, IntServ, RSVP
- PSTN legacy SigTran, Megaco
- and Presence Leveraging
- interaction of PSTN and IP services PINT,SPIRITS
- MMUSIC Multiparty Multimedia Session Control
- MIDCOM Firewall/NAT Traversal
- SIP core Session Initiation Protocol
- SIPPING Future SIP extensions and related issues
- ENUM integration of E.164 numbering with
Internet services - SIMPLE SIP for Instant Messaging
- IPTEL Internet Telephony
- AVT Audio Video Transport
12Refresher IP Design Concepts
- Distributed end-2-end design
- Intelligence and states resides in end-devices
- Network maintains almost zero intelligence
(except routing) and state (except routing
tables). - End-devices speak to each other using whatever
applications they have. There is almost no logic
in the network affecting this behavior. - Result
- Flexibility. Introducing new applications is
easy. - Failure recovery. No state, no problem on
failure. - Scalability. No state, no memory scalability
issues.
13What Problems Do Need to Be Solved for VoIP?
- Session management
- Users may move from terminal to terminal with
different capabilities and change their
willingness to communicate - To set-up a communication session between two or
more users, a signaling protocol is needed
Session Initiation Protocol (SIP) supports
locating users, session negotiation
(audio/video/instant messaging, etc.) and
changing session state - Media Transport
- Getting packetized voice over lossy and congested
network in real-time - RTP protocol for transmitting real-time data
such as audio, video and games - End-to-end delivery underlying IP connects the
whole world
14Supporting Protocols How Do I ...
Technology Complementary Protocols
- find domain of called party? Like with email,
use DNS to resolve address of server responsible
for jiri_at_iptel.org! - authenticate users and generate Call Detail
Records? De-facto RADIUS standard. - get over NATs? STUN.
- More
- set phone clock NTP
- download configuration and firmware
TFTP/FTP/HTTP (no good standard for usage of
these protocols) - resolve phone numbers to SIP addresses? ENUM
- IETF Practice Decomposition Principle Separate
protocols are used for separate purposes. All of
them on top of IP.
15Protocol Zoo (Hourglass Model)
iLBC, G.711, ...
ENUM
WWW signaling interdomain AAA media
NAT
DNS
SIP
RADIUS
HTTP
RTP
STUN
TLS
UDP
SCTP
TCP
IPv4/IPv6
AALx
PPP
GPRS
V.x
SONET
Ethernet
ATM
16Packetized Communication
Signaling Protocol
Call Server
Media Transport
End Users
End Users
IP Router
- Note
- Every packet may take a completely different path
- Signaling takes typically different path than
media does - Both signaling and media as well as other
applications (FTP, web, email, ) look alike
up to transport layer and share the same fate
17Given All Supporting Protocols are In Place, What
Do I need on SIP Part?
- SIP Registrar
- accept registration requests from users
- maintains users whereabouts at a Location Server
(like GSM HLR) - SIP Proxy Server
- relays call signaling, i.e. acts as both client
and server - operates in a transactional manner, i.e., it
keeps no session state - transparent to end-devices
- does not generate messages on its own (except ACK
and CANCEL) - Allows for additional services (call forwarding,
AAA, forking, etc.) - SIP Redirect Server
- redirects callers to other servers
- Used rather rarely as operators appreciate
staying in communication path. May be used to
achieve very scalable load distribution. - All of these elements are logical and are
typically part of a single server!
18SIP Registrar
SIP registrar keeps track of users
whereabouts. This registration example
establishes presence of user with address
jiri_at_iptel.org for one hour and binds this
address to users current location 195.37.78.173.
Location Database
REGISTER sipiptel.org SIP/2.0 From
sipjiri_at_iptel.org To sipjiri_at_iptel.org Contact
ltsip195.37.78.173gt Expires 3600
SIP Registrar (domain iptel.org)
19Basic SIP Call-Flow (Proxy Mode)
SIP Proxy looks up next hops for requests to
served users in location database and forwards
the requests there.
Location Database
Proxy
sipjiri_at_195.37.78.173
Caller_at_sip.com
20SIP End-devices
- User Agent (user application)
- UA Client (originates calls)
- UA Server (listens for incoming calls)
- Types of UAs
- Softphone and hardphones
- Messaging clients
- PSTN gateways
- Media servers (voicemail)
- Etc.
21Service composition Added-value Server Chains
Callers administrative domain
Administrative domain of a PSTN gateway operator
gw01.asia.pstn.com
pstn.com
asia.pstn.com
4
3
2
1
Callers outbound proxy accomplishes firewall
traversal.
Destinations first-hit proxy identifies a
proxy serving dialed area.
Proxy in the target area distributes load in a
gateway farm.
Note signaling (in red) may take a completely
different path from media (in blue).
22Ability to Try Multiple Destinations Forking
- A proxy may fork a request to multiple
destinations either in parallel (reach me
everywhere) or serially (forward no reply). - A proxy can cancel pending parallel searches
after a successful response is received. - A proxy can iterate through redirection responses
(recursive forking). - The first OK is taken.
23Stateful versus Stateless Proxy Operational Mode
- SIP Proxies may operate either in stateful or
stateless mode which of the modes is used
depends on implementation or configuration. - stateless mode
- Usage good for heavy-load scenarios -- works
well for example if they act as application-layer
load distributors. - Behavior
- proxies just receive messages, perform routing
logic, send messages out and forget anything they
knew - they should cache results of SIP routing logic as
it is not able to distinguish between
retransmissions and new requests -- and would
result in new execution of SIP routing logic for
every retransmission
24Stateful versus Stateless Proxy Operational Mode
(cont.)
- stateful mode
- Usage good for implementing some services (e.g.,
forward on no reply) - Behavior
- proxies maintain state during entire transaction
they remember outgoing requests as well as
incoming requests that generated them until
transaction is over they do not keep state
during the whole call - a forking proxy should be stateful
- reduce retransmission time by acting on behalf of
sender closer to destination
25Stateful Proxy Refers to Transactions
SIP state forgotten as soon as transaction over
- SIP proxies deliver a one-time rendezvous
service (as opposed to state storage service). - Thus a stateful proxy just keeps state during a
SIP rendezvous transaction and completely
forgets it afterwards. - A SIP proxy is not aware of existing calls. In
case of failure, existing calls are NOT affected! - Subsequent transactions may take a direct path!
INVITE a_at_a.com
Legend SIP signaling SIP state media
26Subsequent Transactions Bypass Proxy
- Unless route recording is used, subsequent
transactions (e.g., BYE) take a direct path to
destination as indicated in Contact header
field. - Todays common practice is to turn record-routing
ALWAYS on to deal with devices that speak
different transport protocols and need a mediator
in-between them.
27SIP Message Structure
Response
Request
- INVITE sipUserB_at_there.com SIP/2.0
- Via SIP/2.0/UDP here.com5060
- From BigGuy ltsipUserA_at_here.comgttag123
- To LittleGuy ltsipUserB_at_there.comgt
- Call-ID 12345600_at_here.com
- CSeq 1 INVITE
- Subject Happy Christmas
- Contact BigGuy ltsipUserA_at_here.comgt
- Content-Type application/sdp
- Content-Length 147
SIP/2.0 200 OK Via SIP/2.0/UDP
here.com5060 From BigGuy ltsipUserA_at_here.comgtta
g123 To LittleGuy ltsipUserB_at_there.comgttag65a3
5 Call-ID 12345600_at_here.com CSeq 1 INVITE
Subject Happy Christmas Contact LittleGuy
ltsipUserB_at_there.comgt Content-Type
application/sdp Content-Length 134
Message Header Fields
v0 oUserA 2890844526 2890844526 IN IP4
here.com sSession SDP cIN IP4
100.101.102.103 t0 0 maudio 49172 RTP/AVP
0 artpmap0 PCMU/8000
- v0
- oUserB 2890844527 2890844527 IN IP4 there.com
- sSession SDP
- cIN IP4 110.111.112.113
- t0 0
- maudio 3456 RTP/AVP 0
- artpmap0 PCMU/8000
Payload
SDP (RFC2327) receive RTP G.711-encoded audio
at 100.101.102.10349172
28SIP addressing
- Users identified by SIP or tel URIs
- sipalice_at_example.com
- tel URIs describe E.164 number, not dialed
digits (RFC 2806bis) - tel URIs ? SIP URIs by outbound proxy
- A person can have any number of SIP URIs
- The same SIP URI can reach many different phones,
in different networks - sequential parallel forking
- SIP URIs can be created dynamically
- GRUUs
- conferences
- device identifiers (sipfoo_at_128.59.16.15)
- Registration binds SIP URIs (e.g., device
addresses) to SIP address-of-record (AOR)
tel110
sipsos_at_domain
domain ? 128.59.16.17 via NAPTR SRV
29SIP Addresses
- SIP gives you a globally reachable address.
- Callees bind their temporary address to the
global one using SIP REGISTER method. - Callers use this address to establish real-time
communication with callees. - URLs used as address data format examples
- sipjiri_at_iptel.org
- sipvoicemail_at_iptel.org?subjectcallme
- sipsales_at_hotel.xy geo.position48.54_-123.84_12
0 - must include host, may include user name, port
number, parameters (e.g., transport), etc. - may be embedded in Webpages, email signatures,
printed on your business card, etc. - address space unlimited
- non-SIP URLs can be used as well (mailto, http,
...)
30SIP RFC3261 Methods
- INVITE initiates sessions
- session description included in message body
- re-INVITEs used to change session state
- ACK confirms session establishment
- can only be used with INVITE
- CANCEL cancels a pending INVITE
- BYE terminates sessions
- REGISTER binds a permanent address to current
location may convey user data (CPL scripts) - OPTIONS capability inquiry
31SIP Extension Methods
- SUBSCRIBE/ instant messaging and presence
- NOTIFY/ (RFC3265, RFC3428, draft-ietf-simple-
) - MESSAGE
- REFER call transfer (RFC3515)
- PRACK provisional reliable responses
acknowledgement (RFC3262) - INFO mid-call signaling (RFC 2976)
32SIP Response Codes
- Borrowed from HTTP xyz explanatory text
- Receivers need to understand response class (x)
- x80 and higher codes avoid conflicts with future
HTTP response codes - 1yz Informational
- 100 Trying
- 180 Ringing (ringing tone played locally)
- 181 Call is Being Forwarded
- 2yz Success
- 200 ok
- 3yz Redirection
- 300 Multiple Choices
- 301 Moved Permanently
- 302 Moved Temporarily
33SIP Response Codes (cont.)
- 4yz Client error
- 400 Bad Request
- 401 Unauthorized
- 482 Loop Detected
- 486 Busy Here
- 5yz Server failure
- 500 Server Internal Error
- 6yz Global Failure
- 600 Busy Everywhere
34Summary of SIP Properties
- Textual (HTTP-like) client-server protocol
- Easy to debug, extend and process with textual
operating systems - End-2-end
- It puts most of intelligence into end-devices
(user agents) good for scalability and
extensibility - The network infrastructure designed to be
leight-weighted. Network functionality
(registrar, proxy) are typically logical parts of
a single server. - Internet addressing using URIs
- E.g., sipjiri_at_iptel.org
- Non-SIP URIs possible to (e.g., they may be used
to redirect a caller to webpage) - Address space unlimited and may be used to create
services (sipsales_at_hotel.xy geo.position48.54_
-123.84_120) - It delivers mobility User can register from one
or more locations with IP connectivity
35Example Call Transfer Call Flow
A is having a call with B. A decides to transfer
B to C. It sends a REFER to B with Cs address.
Eventually, A is notified on successful transfer
using NOTIFY (6).
B
timeline
36Call Transfer/REFER
draft-ietf-sip-cc-transfer, RFC3515
- Accomplished using the REFER method.
- The REFER method indicates that the recipient
(identified by the Request-URI) should contact a
third party using the contact information
provided in the method. - New header fields Refer-To, Refer-By.
- NOTIFY method used to report on result of
referral. - Note No changes to proxy behavior required.
- Variants
- With Consultation Hold (SIP Hold and unattended
transfer) - Attended Transfer, I.e., with a short conference
- Other REFER uses Click-to-dial
37The role of presence
- Guess, ring and annoy
- high probability of failure
- telephone tag
- inappropriate time (call during meeting)
- inappropriate media (audio in public place)
- current solutions
- voice mail ? tedious, doesnt scale, hard to
search and catalogue, no indication of when call
might be returned - automated call back ? rarely used, too inflexible
- ? most successful calls are now scheduled by email
- Presence-based
- facilitates unscheduled communications
- provide recipient-specific information
- only contact in real-time if destination is
willing and able - appropriately use synchronous vs. asynchronous
communication - guide media use (text vs. audio)
- predict availability in the near future (timed
presence)
Prediction almost all (professional)
communication will be presence-initiated or
pre-scheduled
38Context-aware communication
- context the interrelated conditions in which
something exists or occurs - anything known about the participants in the
(potential) communication relationship - both at caller and callee
39Basic presence
- Role of presence
- initially can I send an instant message and
expect a response? - now should I use voice or IM? is my call going
to interrupt a meeting? is the callee awake? - Yahoo, MSN, Google, Skype presence services
- on-line off-line
- useful in modem days but many people are
(technically) on-line 24x7 - thus, need to provide more context
- simple status (not at my desk)
- entered manually ? rarely correct
- if user has time to update presence, they are not
busy enough to use presence - does not provide enough context for directing
interactive communications
40Presence data model
calendar
cell
manual
person (presentity) (views)
alice_at_example.com audio, video, text
r42_at_example.com video
services
devices
41Presence data architecture
presence sources
PUBLISH
raw presence document
privacy filtering
create view (compose)
depends on watcher
XCAP
XCAP
select best source resolve contradictions
composition policy
privacy policy
(not defined yet)
draft-ietf-simple-presence-data-model
42Presence data architecture
candidate presence document
raw presence document
post-processing composition (merging)
watcher filter
SUBSCRIBE
remove data not of interest
difference to previous notification
final presence document
watcher
NOTIFY
43Rich presence
- More information
- automatically derived from
- sensors physical presence, movement
- electronic activity calendars
- Rich information
- multiple contacts per presentity
- device (cell, PDA, phone, )
- service (audio)
- activities, current and planned
- surroundings (noise, privacy, vehicle, )
- contact information
- composing (typing, recording audio/video IM, )
44RPID rich presence
45The role of presence for call routing
PUBLISH
- Two modes
- watcher uses presence information to select
suitable contacts - advisory caller may not adhere to suggestions
and still call when youre in a meeting - user call routing policy informed by presence
- likely less flexible machine intelligence
- if activities indicate meeting, route to tuple
indicating assistant - try most-recently-active contact first (seq.
forking)
PA
NOTIFY
translate RPID
LESS
CPL
INVITE
46Presence and privacy
- All presence data, particularly location, is
highly sensitive - Basic location object (PIDF-LO) describes
- distribution (binary)
- retention duration
- Policy rules for more detailed access control
- who can subscribe to my presence
- who can see what when
lttuple id"sg89ae"gt ltstatusgt ltgpgeoprivgt
ltgplocation-infogt ltgmllocationgt
ltgmlPoint gmlid"point1 srsName"ep
sg4326"gt ltgmlcoordinatesgt374630N
1222510W lt/gmlcoordinatesgt
lt/gmlPointgt lt/gmllocationgt
lt/gplocation-infogt ltgpusage-rulesgt
ltgpretransmission-allowedgtno lt/gpretransmissi
on-allowedgt ltgpretention-expirygt2003-06-2
3T045729Z lt/gpretention-expirygt
lt/gpusage-rulesgt lt/gpgeoprivgt lt/statusgt
lttimestampgt2003-06-22T205729Zlt/timestampgt lt/tupl
egt
47Location-based services
- Finding services based on location
- physical services (stores, restaurants, ATMs, )
- electronic services (media I/O, printer, display,
) - not covered here
- Using location to improve (network) services
- communication
- incoming communications changes based on where I
am - configuration
- devices in room adapt to their current users
- awareness
- others are (selectively) made aware of my
location - security
- proximity grants temporary access to local
resources
48Location-based SIP services
- Location-aware inbound routing
- do not forward call if time at callee location is
11 pm, 8 am - only forward time-for-lunch if destination is on
campus - do not ring phone if Im in a theater
- outbound call routing
- contact nearest emergency call center
- send delivery_at_pizza.com to nearest branch
- location-based events
- subscribe to locations, not people
- Alice has entered the meeting room
- subscriber may be device in room ? our lab stereo
changes CDs for each person that enters the room
49Program location-based services
50Instant Messaging and Presence
- Idea Use the same signaling infrastructure for
more services - SIP already supports
- Notion of presence and user location mechanisms
- Application-layer routing (incl. forking) and
message processing (e.g., CPL) - Optimized for speed
- Scalability by distributed design
51Instant Messaging
RFC3428
- Goal deliver short messages rapidly
- SIP Extension MESSAGE Method
- Message body of any MIME type (including Common
Profile for Instant Messaging, draft-ietf-impp-cpi
m ) - im type URLs used
MESSAGE sipuser2_at_domain.com SIP/2.0 Via
SIP/2.0/UDP user1pc.domain.com From
imuser1_at_domain.com To imuser2_at_domain.com
Contact sipuser1_at_user1pc.domain.com Call-ID
asd88asd77a_at_1.2.3.4 CSeq 1 MESSAGE
Content-Type text/plain Content-Length 18
Watson, come here.
52Subscribe-Notify
RFC3265
- Goal ability to be notified when a condition
occurs - Applications
- User presence and related applications
- Call-back (notify when the other party becomes
available) - VoiceMail Notification (notify when a voicemail
message is stored) draft-ietf-sipping-mwi - Traffic Alerts (notify on traffic jam)
- Extensions SUBSRIBE and NOTIFY methods,
Event and Allow-Events headers, 489 Bad
Event Response Code - Subscription subject to expiration similarly to
how REGISTER is
53Subscribe-Notify For Presence Services
draft-ietf-simple-presence
Presence server
4 OK
3 NOTIFY alice Event presence
subscriber
Step II subscriber is immediately notified on
current condition
54Service Programming
55Programming SIP Logic
- Services examples
- discard all calls from Monica during my business
hours - redirect authenticated friends to my cell phone,
anyone else to my secretary - Programming SIP services
- is not easy (our SIP Proxy server has 100k lines
of code!) lot of timers, dynamic allocation,
parsing and other inconveniences - Some companies and standardization bodies have
been seeking to standardize APIs (JTAPI, CTI,
JAIN, PARLAY) however, they APIs still feature
lot of programming difficulties and are tightly
coupled to specific programming environments such
as Java - IETF follow the textual interface tradition used
in HTTP (CGI, CPL)
They key is efficiency of service programming.
Dont be worried about buzzword compliance too
much.
56Service creation
- Tailor a shared infrastructure to individual
users - traditionally, only by vendors (and sometimes
carriers) - learn from web models killer app ?vertical apps
57Service Execution Layering
CPL scripts
CGI Scripts (Perl, Python, C, )
Servlets
User Code
Java Servlets
SIP-CGI
CPL
Interpreters
SIP Messages
SIP Actions
Protocol stack
SIP
58Call Processing Logic Example
The call processing logic may be designed using
various mechanisms CPL, SIP-CGI, servlet,
proprietary ones.
2 pass invitation to call processing logic
3 return an action
5
4a INVITE jku_at_cell
1 INVITE jku
4b INVITE voicemail_at_trash
59Where May Signaling Services Live?
- Some services have to live in the network
- call distribution
- services for dial-up users without always-on IP
connectivity - network servers may be located on users premises
(PBX-like) or operators premises
(Web-hosting-like, NetCentrex-like) - Some services can be implemented in both places
- forward on busy
- Some services work best in end-devices
- distinctive ringing
60Service Location Examples
Source H. Schulzrinne Industrial Strength IP
Telephony
61SIP Common Gateway Interface (CGI)
RFC 3050
- Follows Web-CGI. Unlike Web-CGI, SIP-CGI supports
proxying and processes responses as well. - Language-indpendent (Perl, C, ...)
- Communicates through input/output and environment
variables. - CGI programs unlimited in their power. Drawback
Buggy scripts may affect server behavior easily. - Persistency token (cookie) is passed between SIP
server and CGI to keep state across requests and
related responses.
62SIP-CGI I/O
- Script input environment variables (AUTH_TYPE,
CONTENT_LENGTH, REQUEST_URI, etc.) and SIP
message on stdin - Script output set of messages consisting of
action lines, CGI header fields and SIP header
fields on stdout - Action lines
- Generating a response status line
- Proxying
- CGI-PROXY-REQUEST ltdest-urlgt ltsip-versiongt
- Additional header fields may be followed they
will be merged with the original request. - Forward response CGI-FORWARD-RESPONSE lttokengt
ltsip-versiongt - Set cookie for subsequent messages
CGI-SET-COOKIE lttokengt ltsip-versiongt - Determine if the script should be called for the
next message belonging to the same transaction
CGI-AGAIN ("yes" "no") ltsip-versiongt
63Call Processing Language
draft-ietf-iptel-cpl
- Special-purpose call processing language.
- CPL scripts define a decision tree which may
result in signaling (proxy, redirect, reject) or
non-signaling (mail, log) action. - CPL scripts triggered by SIP messages.
- May be used by both SIP and H.323 servers.
- Target scenario users determine call processing
logic executed at a server. - Limited languages scope makes sure servers
security will not get compromised. - Portability allows users to move CPL scripts
across servers. - Scripts may be manually written, generated using
convenient GUI tools, supplied by 3rd parties,
...
64CPL Example
- ltincominggt
- ltaddress-switch field"origin"
subfield"host"gt - ltaddress subdomain-of"example.com"gt
- ltlocation url"sipjones_at_example.com"gt
- ltproxy timeout"10"gt
- ltbusygt ltsub ref"voicemail" /gt
lt/busygt - ltnoanswergt ltsub ref"voicemail"
/gt lt/noanswergt - ltfailuregt ltsub ref"voicemail"
/gt lt/failuregt - lt/proxygt
- lt/locationgt
- lt/addressgt
- ltotherwisegt
- ltsub ref"voicemail" /gt
- lt/otherwisegt
- lt/address-switchgt
- lt/incominggt
65Example Creating CPL Scripts
iptel.org CPL Composer
66Automating media interaction service examples
- If call from my boss, turn off the stereo ? call
handling with device control - As soon as Tom is online, call him ? call
handling with presence information - Vibrate instead of ring when I am in movie
theatre ? call handling with location information - At 900AM on 09/01/2005, find the multicast
session titled ABC keynote and invite all the
group members to watch ? call handling with
session information - When incoming call is rejected, send email to the
callee ? call handling with email
67LESS simplicity
- Generality (few and simple concepts)
- Uniformity (few and simple rules)
- Trigger rule
- Switch rule
- Action rule
- Modifier rule
- Familiarity (easy for user to understand)
- Analyzability (simple to analyze)
modifiers
switches
trigger
actions
68LESS Decision tree
- No loops
- Limited variables
- Not necessarily
- Turing-complete
69LESS Safety
- Type safety
- Strong typing in XML schema
- Static type checking
- Control flow safety
- No loop and recursion
- One trigger appear only once, no feature
interaction for a defined script - Memory access
- No direct memory access
- LESS engine safety
- Ensure safe resource usage
- Easy safety checking
- Any valid LESS scripts can be converted into
graphical representation of decision trees.
70LESS snapshot
incoming call
ltlessgt ltincominggt ltaddress-switchgt
ltaddress issipmyboss_at_abc.com"gt
ltdeviceturnoff devicesipstereo_room
1_at_abc.com/gt ltmedia mediaaudiogt
ltaccept/gt lt/mediagt lt/addressgt
lt/address-switchgt lt/incominggt lt/lessgt
If the call from my boss
Turn off the stereo
Accept the call with only audio
trigger, switch, modifier, action
71LESS packages
- Use packages to group elements
email
web
im
conference
calendar
location
session
72When Tom is online,
- ltlessgt
- ltEVENTnotificationgt
- ltaddress-switchgt
- ltaddress is"siptom_at_example.com"gt
- ltEVENTevent-switchgt
- ltEVENTevent is"open"gt
- ltlocation url"siptom_at_example.com"gt
- ltIMim message"Hi, Tom"/gt
- lt/locationgt
- lt/EVENTeventgt
- lt/EVENTevent-switchgt
-
- lt/lessgt
73When I am in a movie theatre,
- ltlessgt
- ltincominggt
- ltlocation-switchgt
- ltlocation placetypequietgt
- ltalert soundnone vibrateyes/gt
- lt/locationgt
- lt/location-switchgt
- lt/incominggt
- lt/lessgt
74(No Transcript)
75Interfacing with Google
911 caller location IM/presence location of
friends call Im here
76Interfacing with Google
show all files from caller Xiaotao Wu
77Embedding VoIP FAA training
controls pilot and ATC agents using multicast
and unicast (landlines)
78ENUM
RFC2916
- Problem caller is in PSTN (can use only digit
keys) and would like to reach a SIP callee - Answer ENUM. Create a global directory with
telephone numbers that map to SIP addresses (or
e-mail, etc.). - Lookup mechanism DNS maps E.164 numbers to a set
of user-provisioned URIs - The E.164 number queries are formed as a reversed
dot-separated number digits, to which string
.e164.arpa is appended, e.g. - 4319793321 ? 1.2.3.3.9.7.9.1.3.4.e164.arpa
79ENUM Call Flow
- DNS/ENUM helps ingress gateway to resolve SIP
address from E.164 number - Typically, owner of an ENUM entry can manipulate
the address association through a web
provisioning interface
DNS/ ENUM
?...7.1.9.4.e164.arpa
! sipjiri_at_iptel.org
PSTN 4917
INVITE sipjiri_at_iptel.org
Gateway with ENUM resolution
80Who Owns ENUM?
- ENUM Authority over is .e164.arpa is IAB jointly
with the ITU-TSB - Operation of the domain carried out by RIPE-NCC
http//www.ripe.net/enum/ - Country codes delegated through RIPE to national
providers subject to ITU-T TSBs decision. - Deployment problem number validation. How does
an ENUM provider know you can claim a number?
81SIP Security Tools
- Most commonly use security protocol digest
- Based on private shared secret
- Allows to establish user identity
- Does not provide message integrity or privacy
- TLS addresses shortcomings of digest but not
widely deployed yet - It is based on a transitive trust model upstream
client trusts downstream proxy servers, which
again trust their servers downstream from them - Servers see SIP in plain-text
- End-2-end security delivered with S/MIME
- With e2e security, proxy servers in the middle do
not see plain-text message bodies - Alternate security protocols for 3GPP (AKA,
RFC3310)
82Disclaimer Security Protocols Dont Implement
Social Engineering
SIP INVITE w/JPEG
INVITE sipUserB_at_there.com SIP/2.0 Via
SIP/2.0/UDP here.com5060 From BigGuy
ltsipUserA_at_here.comgt To LittleGuy
ltsipUserB_at_there.comgt Call-ID 12345600_at_here.com .
..
200 OK w/JPEG
SIP/2.0 200 OK Via SIP/2.0/UDP
here.com5060 From BigGuy ltsipUserA_at_here.comgt To
LittleGuy ltsipUserB_at_there.comgt Call-ID
12345601_at_here.com...
83SIP Digest Authentication
RFC 2617
- Required for user identification and admission
control for services. - Protocol
- challenge-response using MD5
- Based on secret shared between client and server
- No message integrity provided
1. REGISTER
- Request w/o credentials
- Challenge authenticate yourself
- Request resubmitted w/credentials
3. REGISTER w/credentials
Proxy
84Caution No Relationship Between URIs and Identity
- REGISTER sipiptel.org SIP/2.0
- From ltsipa_at_bc.degttagc775
- To ltsipa_at_bc.degt
- Authorization Digest username"gh",
realmbc.de", algorithm"md5", uri"sipbc.de",
nonce"3edab81b7a8427be362c2a924f3171d215a8f7d3",
response"4a868f9cbffd2b1f39c778abca78f75b".
- Cheating attempt user gh with tries to
register as user a - To do so, the cheater submits proper ghs
credentials but uses as address of record in To
header field - Registrar must enforce a policy that links digest
identity to permissible addresses of records
85Record-Routing
86Record-Routing
- Refresher by default, only the initial request
(INVITE) visits a proxy, subsequent requests
(BYE) travel directly to offload servers - Problems
- some applications need to see all signaling,
accounting for example - UAs may live in different protocol realms (TCP vs
UDP, IPv4 versus v6) and can communicate only
through the proxy server - Solution record-routing proxy servers append a
hint to processed requests which advices phones
to keep the servers in path for subsequent
communication
87Record-Routing Example
INVITE sipjiri_at_iptel.org From
joe_at_abc.comtag12 Contact ltsipjoe_at_1.2.3.4gt
INVITE sipjiri_at_iptel.org From
joe_at_abc.comtag12 Record-route
ltsiprr_at_1.2.3.4lrgt
BYE sipjoe_at_abc.com From joe_at_abc.comtag12 Route
ltsiprr_at_1.2.3.4lrgt
BYE sipjoe_at_abc.com From joe_at_abc.comtag12 Route
ltsiprr_at_1.2.3.4lrgt
88Record-Routing Apps
- Record-Routing can be also use to piggy-back
session-state in SIP messages to leave server
state-less - Example
- A RR-parameter can include timestamp for initial
invite - When CDRs are generated on receipt of BYE, the
call duration is calculated as current_time()-rr_
timestamp_parameter() - Note In security-sensitive application like
above, it is necessary to introduce message
integrity
893GPP Architecture
90Information Resources
- Author jiri_at_iptel.org
- Related IETF work http//www.iptel.org/ietf/
- SIP Express Router http//www.iptel.org/ser/
- SIP Products http//www.iptel.org/info/products
- SIP Tutorial http//www.iptel.org/sip/
- SIP Site http//www.cs.columbia.edu/sip/
91Glossary
- ALG Application-Level-Gateway
- CDR Call Detail Record
- CGI Common Gateway Interface
- CPL Call Processing Language
- DTMF Dual Tone Multi-Frequency
- ETSI European Telecommunications Standards
Institute - IETF Internet Engineering Task Force
- ITSP Internet Telephony Service Providers
- ITU International Telecommunication Union
- IVR Interactive Voice Reponse
- JAIN Java APIs for Integrated Network Framework
- LEC Local Exchange Carrier
- LNP Local Number Portability
- NAT Network Address Translation
- MGCP Media Gateway Control Protocol
- OSP Open Settlement Protocol
- PSTN Public Switched Telephone Network
- QoS Quality of Service
- RTCP RTP Control Protocol
- RTP Real-Time Transport Protocol
- RTSP Real-Time Streaming Protocol
- SDP Session Description Protocol
- SIP Session Initiation Protocol
- SS7 Signaling System Nr. 7
- TRIP Telephony Routing over IP
- VoIP Voice over IP