1 / 14

SIP Connection Reuse Efficiency

SIP Connection Reuse Efficiency. Rohan Mahy—Airespace (rohan@ekabal.com). Existing Connection Reuse Draft. Per WG consensus in San Diego, now only talks about connection reuse of mutually authenticated TLS connections for efficiency purposes

dedral
Télécharger la présentation

SIP Connection Reuse Efficiency

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SIP Connection Reuse Efficiency Rohan Mahy—Airespace (rohan@ekabal.com)

  2. Existing Connection Reuse Draft • Per WG consensus in San Diego, now only talks about connection reuse of mutually authenticated TLS connections for efficiency purposes • Includes informative reference to “outbound-connection” document • One open issue just received from Cullen

  3. Open Issue on Alias Name (1 of 2) • Current Text (Option 1): • Name of the alias (advertised value) is from the sent-by part of the Via header field value. Verify TLS peer name corresponds with sent-by • Via: SIP/2.0/TLS proxy-farm.example.org;alias • TLS cert could contain: • proxy-farm.example.org and proxy-farm.example.com

  4. Open Issue on Alias Name (2 of 2) • Cullen’s Proposal (option 2): • Name of the alias (advertised value) is from the TLS peer name. Verify sent-by part of the Via header field value corresponds with peer name • TLS peer name is sip.example.org • Via sent-by could be: • sip.example.org • 1.2.3.4 • server22.example.org

  5. SIP Outbound Connections Cullen Jennings (fluffy@cisco.com)

  6. Proxy<->UA Problems • Several things stop proxies from forming a new connection to an UA: • Lack of stable endpoint address • No TLS Certificate • Firewall • NAT

  7. Biloxi Alice Bob REGISTER (on conn 33) 2. INV 3. INV (on conn 33) Solution • When UA registers, the proxy keeps track of “connection” and uses this connection for things that the proxy forwards to this UA

  8. TCP Keep Alive • Option 1: CRLF • Option 2: existing method (REGISTER) • Option 3: new method (PING) • Recommendation: CRLF

  9. UDP Keep Alive • Option 1: CRLF or 0 byte message • Option 2: REGISTER • Option 3: STUN • Recommendation: STUN • Deals with case where residential NAT reboots

  10. Redundant Connections • Approach: Allow multiple registrations to indicate that they are equivalent connections to the device and any connection can be used • This allows connection to separate farm members for building high availability systems • Requires a unique device id in the registration • Question: to allow or not allow • Recommendation: Allow

  11. Quick Reconnect • When a device reboots, should it be able to kill previous registrations to this device • This reduces load on proxies after widespread device reboots • Approach is provide device id and connection id and new registration replaces any previous connection with same tuple • Recommendation: Yes

  12. What to use for Device ID? • Hard phones could use MAC or other hardware identifier that was administratively unique • Soft phone could use random number • UUID encompasses both of these and more in a NIH way • Recommendation: • Draft should suggest using UUID

  13. Backup Slides

  14. Biloxi Edge Alice Bob REGISTER (on 33) 2. REGISTER (on 44) 3. INV 3. INV (on 44) 3. INV (on 33) Intermediate Edge Proxies • Solution works the same way with proxies between registrar and UA Path header with unique value for this AOR, Contact, connection-id, instance-id Mapping installed on 200 to REGISTER Map using data from path header

More Related