SIP Challenges

1
SIP Challenges

• Henning Schulzrinne
• Columbia University
• SIP Summit, Austin, TX
• Sept. 2001

2
Overview

• SIP CW watch
• SIP performance
• SIP security challenges
• SIP deployment challenges
• Dog food
• SIP standardization

3
SIP CW watch

• IM presence as new application ?
• Voice-over-DSL ?
• Voice-over-cable ?
• Internet PBX ?
• Primarily large businesses
• Proprietary systems still dominate
• 3G ?
• WAPv2 is not the differentiator

4
SIP CW watch

• PC-to-PC
• Free calls disappearing ?
• Carrier backbones ?
• Tie lines ?
• H.323 most common simple, so anything works
• Multimedia conferencing ?
• H.323 dominates
• Windows XP?

5
SIP ( VoIP) road blocks

• Value
• Per-seat costs similar to PBX
• Incremental costs larger as long as capacity
• Green field, capacity upgrades (but for UE!)
• QoS (perception) problems in WAN

6
Getting SIP services

• Services constrained by least common (PSTN)
  denominator
• No point waiting for killer application, but
  enabling vertical applications
• Develop phones that allow services
• Revisit old CTI idea, but with easier control?
• Deploy SIP services alongside PSTN
• IM for conferences (Alice speaking)
• Presence for call management

7
SIP performance

• For small systems (lt 1000 lines?), SIP
  performance is not likely to be an issue
• But matters for carriers and large PBX
• 20,000 users generate 5.5 registrations/second
• During busy hour, ? 60,000 calls ? 16/s
• BSC may host 1 million customers

8
SIP performance metrics

• Much harder than PSTN switch busy hour call
  attempt (BHCA)
• Server may run on different hardware and OS
• Backend database matters
• Variation in services simple forwarding to
  complex sip-cgi or CPL script
• Logging, network management
• Registrar and proxy on same host?

9

• SIPstone first attempt at measuring proxy,
  redirect and registrar performance

SUT

• Useful for comparison dimensioning

10

• Typical load behavior ?hard to estimate capacity
  precisely, but want useful capacity

11
SIPstone composite metric
UDP TCP
Registration with authentication 0.2 0.05
Outbound proxy 0.1 0.05
Redirect server 0.1 0.05
Proxy 480 (no answer) 0.1 0.05
Proxy 200 (OK) 0.2 0.10
12
SIPstone

• Many different operating environments and traffic
  mixes
• Enterprise LAN
• 3G proxies (I/P/S-CSCF)
• Carrier entry point (aol.com)
• Thus, report both composite and individual
  metrics
• Simplify no retransmissions
• 1xx delay limited to 2s

13
SIPstone future

• Find set of representative metrics no value in
  having lots of metrics that have strong
  correlation
• Additional weightings for specific uses?
• Service scripts (servlets, cgi, CPL)?
• See http//www.sipstone.org

14
Security challenges

• Denial-of-Service (DOS) attacks
• Most common security challenge ? can bring whole
  server down, not just annoy one user
• Prevent state establishment if IP address is
  bogus
• Use of NULL authentication to challenge
• Authentication
• Email experience (S/MIME, PGP) ?
• What does authenticating spamrus_at_hotmail.com
  mean?
• same person that called me yesterday
• A caller known to call from sipcolumbia.edu

15
Security challenges

• Transport protection
• IPsec is interoperability-challenged, hard to
  configure
• TLS with server certificates easy to deploy
• TLS client certificates less useful
• SIP request integrity
• Digest (and Basic) authentication dont protect
  headers against modification ? add digest across
  selected headers, using same shared secret

16
SIP deployment challenges

• NATs and firewalls ?stream-oriented setup, tell
  me my external address
• Large-scale configuration
• Web-browser-based config doesnt scale
• Tftp
• User management ?should derive from existing
  sources (LDAP, corporate DB)

17
SIP deployment challenge 911
18
SIP 911

• Easier add moves ? harder to know where phone
  is
• Ideally, Ethernet jack identifies itself hi, Im
  jack in office 815 CEPSR
• Short term, force user to enter location when
  plugging in phone
• IETF geopriv working group is addressing general
  location services privacy issues

19
A call for help

• With help from dynamicsoft, Yale, Nortel,
  Clarent, we set up emergency phone bank at
  Columbia after WTC
• Better have network of gateways in place in case
  of natural disaster
• Will coordinate through SIP Forum

20
SIP standardization

• Roughly, in order of maturity
• DHCP outbound proxy
• Resource reservation
• SIP REFER for call transfer
• SIMPLE message sessions?
• RFC2543bis rewrite for clarity in progress
• 3G loose service routing
• SDPng

21
SIP longer-term issues

• What is conference control?
• H.323 model is one approach
• Can leverage SIP events for state changes
• REFER for muting bridge participant?

22
Conclusions

• Some SIP applications slower than expected, but
  IM as dark horse
• Motivation avoid PSTNv3
• Technology need simpler QOS
• Standardization finish services
• Deployment make it scale