IETF Logo Mail Archive

Re: [sipcore] #9: What should an SBC do when it resolves registered contacts?

Paul Kyzivat <pkyzivat@cisco.com> Mon, 30 August 2010 19:49 UTC

Return-Path: <pkyzivat@cisco.com>
X-Original-To: sipcore@core3.amsl.com
Delivered-To: sipcore@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C85923A69EE for <sipcore@core3.amsl.com>; Mon, 30 Aug 2010 12:49:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -110.508
X-Spam-Level:
X-Spam-Status: No, score=-110.508 tagged_above=-999 required=5 tests=[AWL=0.091, BAYES_00=-2.599, RCVD_IN_DNSWL_HI=-8, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6sXCbxX3Gfhr for <sipcore@core3.amsl.com>; Mon, 30 Aug 2010 12:49:19 -0700 (PDT)
Received: from rtp-iport-2.cisco.com (rtp-iport-2.cisco.com [64.102.122.149]) by core3.amsl.com (Postfix) with ESMTP id E43B03A69E4 for <sipcore@ietf.org>; Mon, 30 Aug 2010 12:49:18 -0700 (PDT)
Authentication-Results: rtp-iport-2.cisco.com; dkim=neutral (message not signed) header.i=none
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AvsEAL6oe0xAZnwN/2dsb2JhbACgaHGjKJtphTcEigk
X-IronPort-AV: E=Sophos;i="4.56,294,1280707200"; d="scan'208";a="153566101"
Received: from rtp-core-2.cisco.com ([64.102.124.13]) by rtp-iport-2.cisco.com with ESMTP; 30 Aug 2010 19:49:49 +0000
Received: from [161.44.174.142] (dhcp-161-44-174-142.cisco.com [161.44.174.142]) by rtp-core-2.cisco.com (8.13.8/8.14.3) with ESMTP id o7UJnnLV008557; Mon, 30 Aug 2010 19:49:49 GMT
Message-ID: <4C7C0B4F.8030406@cisco.com>
Date: Mon, 30 Aug 2010 15:49:35 -0400
From: Paul Kyzivat <pkyzivat@cisco.com>
User-Agent: Thunderbird 2.0.0.24 (Windows/20100228)
MIME-Version: 1.0
To: Hadriel Kaplan <HKaplan@acmepacket.com>
References: <064.095bc2caaa02e01e9bc1234e3c8941af@tools.ietf.org> <4C7BFAAA.4000409@cisco.com> <1C71FA27-29FA-41D4-90D2-FCECB4C8FEE7@acmepacket.com>
In-Reply-To: <1C71FA27-29FA-41D4-90D2-FCECB4C8FEE7@acmepacket.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Cc: "sipcore@ietf.org" <sipcore@ietf.org>, sipcore issue tracker <trac@tools.ietf.org>
Subject: Re: [sipcore] #9: What should an SBC do when it resolves registered contacts?
X-BeenThere: sipcore@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: SIP Core Working Group <sipcore.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sipcore>
List-Post: <mailto:sipcore@ietf.org>
List-Help: <mailto:sipcore-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sipcore>, <mailto:sipcore-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Aug 2010 19:49:21 -0000

[ as individual ]

Hadriel Kaplan wrote:
> Right, but the subtle difference is that in the SBC case what the UAS wants to find is the AoR it registered for, which is (probably) the first non-"rc" entry prior to the series of "rc" entries at the end.  Like this:
> History-Info: <sip:john.smith@ssp.com>
> History-Info: <sip:foo@10.1.1.1>;rc
> History-Info: <sip:bar@192.168.1.2>;rc
> 
> Whereas in a chain of AoR's, it would be looking for the one it registered which *is* "rc" tagged, like this:
> History-Info: <sip:jsmith@ssp.co.uk>
> History-Info: <sip:john.smith@ssp.com>;rc
> History-Info: <sip:bar@192.168.1.2>;rc
> 
> Right?

!!! RAT HOLE ALERT !!!

I think we are going to get into serious trouble if we start discussing 
how an SBC should behave WRT HI.

Given their frequent use to do topology hiding, I would expect to see 
lots of entries to be removed, or altered. In *this* case the UAS is on 
the side the SBC is protecting, so maybe it would all still be there, 
but its hard to predict what some hypothetical SBC will do.

	Thanks,
	Paul

> -hadriel
> 
> On Aug 30, 2010, at 2:38 PM, Paul Kyzivat wrote:
> 
>> [as individual]
>>
>> Note that an SBC is not required to get this behavior.
>> It can happen any time somebody REGISTERs a contact address that happens 
>> to be an AOR serviced by another registrar. While AFAIK this is not a 
>> frequent occurrence in the wild, its certainly possible and permitted.
>>
>> 	Thanks,
>> 	Paul
>>
>> sipcore issue tracker wrote:
>>> #9: What should an SBC do when it resolves registered contacts?
>>> ------------------------------------+---------------------------------------
>>> Reporter:  hkaplan@…               |       Owner:            
>>>     Type:  enhancement             |      Status:  new       
>>> Priority:  minor                   |   Milestone:  milestone1
>>> Component:  rfc4244bis              |     Version:  2.0       
>>> Severity:  In WG Last Call         |    Keywords:            
>>> ------------------------------------+---------------------------------------
>>> In many deployments, SBC's perform a registration caching model, whereby
>>> they have a local registration cache which is used to replace request-
>>> uri's for routing to endpoints.  The UA registers to the SBC using contact
>>> URI X, and the SBC sends contact URI Y to the full Registrar; so when a
>>> request to Y comes to the SBC, it replaces it with X.
>>>
>>> Under that model, do we expect the SBC to add an H-I of type "rc"?  If so,
>>> for the same fork branch, there will be two "rc" entries, one for Y and
>>> one for X. (if the SBC doesn't simply remove the Y entry)
>>>
>>> Therefore, I think there should be some text to make it clear that
>>> receiving a H-I list with multiple "rc" entries for the same branch tree
>>> is ok.  For example, receiving a index 1.1 of "rc" followed by a 1.1.1 of
>>> "rc", and maybe even a 1.1.1.1 of "rc".
>>>
> 
>

v2.23.0 | Report a Bug | By Email