draft-ietf-mmusic-connectivity-precon-02.txt   draft-ietf-mmusic-connectivity-precon-03.txt 
MMUSIC Working Group F. Andreasen MMUSIC Working Group F. Andreasen
Internet-Draft Cisco System, Inc. Internet-Draft Cisco Systems, Inc.
Expires: December 3, 2006 G. Camarillo Intended status: Standards Track G. Camarillo
Ericsson Expires: May 22, 2008 Ericsson
D. Oran D. Oran
Cisco Systems, Inc
D. Wing D. Wing
Cisco Systems, Inc. Cisco Systems, Inc.
June 1, 2006 November 19, 2007
Connectivity Preconditions for Session Description Protocol Media Connectivity Preconditions for Session Description Protocol Media
Streams Streams
draft-ietf-mmusic-connectivity-precon-02.txt draft-ietf-mmusic-connectivity-precon-03.txt
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 40 skipping to change at page 1, line 39
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 3, 2006. This Internet-Draft will expire on May 22, 2008.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2006). Copyright (C) The IETF Trust (2007).
Abstract Abstract
This document defines a new connectivity precondition for the Session This document defines a new connectivity precondition for the Session
Description Protocol precondition framework described in RFC 3312 Description Protocol (SDP) precondition framework. A connectivity
(and its update, RFC4032). A connectivity precondition can be used precondition can be used to delay session establishment or
to delay session establishment or modification until media stream modification until media stream connectivity has been successfully
connectivity has been verified successfully. The method of verified. The method of verification may vary depending on the type
verification may vary depending on the type of transport used for the of transport used for the media. For unreliable datagram transports
media. For reliable connection-oriented transports such as TCP such as UDP, verification involves probing the stream with data or
verification is achieved by successful connection establishment. For control packets. For reliable connection-oriented transports such as
unreliable datagram transports such as UDP, verification involves TCP, verification can be achieved simply by successful connection
probing the stream with data or control packets. establishment or by probing the connection with data or control
packets, depending on the situation.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Connectivity Precondition Definition . . . . . . . . . . . . . 3 3. Connectivity Precondition Definition . . . . . . . . . . . . . 3
3.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 3 3.1. Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3.2. Operational semantics . . . . . . . . . . . . . . . . . . 4 3.2. Operational Semantics . . . . . . . . . . . . . . . . . . 4
3.3. Status type . . . . . . . . . . . . . . . . . . . . . . . 4 3.3. Status Type . . . . . . . . . . . . . . . . . . . . . . . 4
3.4. Direction tag . . . . . . . . . . . . . . . . . . . . . . 4 3.4. Direction Tag . . . . . . . . . . . . . . . . . . . . . . 5
3.5. Precondition strength . . . . . . . . . . . . . . . . . . 5 3.5. Precondition Strength . . . . . . . . . . . . . . . . . . 5
4. Verifying connectivity . . . . . . . . . . . . . . . . . . . . 6 4. Verifying Connectivity . . . . . . . . . . . . . . . . . . . . 6
4.1. Procedures for connection-oriented transports . . . . . . 7 4.1. Media Stream to Dialog Correlation . . . . . . . . . . . . 6
4.2. Procedures for datagram transports . . . . . . . . . . . . 8 4.2. Explicit Connectivity Verification Mechanisms . . . . . . 7
5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4.3. Verifying Connectivity for Connection-Oriented
6. Security Considerations . . . . . . . . . . . . . . . . . . . 14 Transports . . . . . . . . . . . . . . . . . . . . . . . . 9
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14 5. Connectivity and Other Precondition Types . . . . . . . . . . 9
8. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 15 6. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
8.1. Changes since -01 . . . . . . . . . . . . . . . . . . . . 15 7. Security Considerations . . . . . . . . . . . . . . . . . . . 14
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 14
9.1. Normative References . . . . . . . . . . . . . . . . . . . 15 9. Change Log . . . . . . . . . . . . . . . . . . . . . . . . . . 15
9.2. Informative References . . . . . . . . . . . . . . . . . . 15 9.1. Changes since -02 . . . . . . . . . . . . . . . . . . . . 15
9.2. Changes since -01 . . . . . . . . . . . . . . . . . . . . 15
10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 15
10.1. Normative References . . . . . . . . . . . . . . . . . . . 15
10.2. Informative References . . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 17 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 17
Intellectual Property and Copyright Statements . . . . . . . . . . 18 Intellectual Property and Copyright Statements . . . . . . . . . . 18
1. Introduction 1. Introduction
The concept of a Session Description Protocol (SDP) [2] precondition The concept of a Session Description Protocol (SDP) [RFC4566]
in the Session Initiation Protocol (SIP) [SIP] is defined in RFC3312 precondition in the Session Initiation Protocol (SIP) [RFC3261] is
[4] (updated by RFC4032 [6]). A precondition is a condition that has defined in [RFC3312] (updated by [RFC4032]). A precondition is a
to be satisfied for a given media stream in order for session condition that has to be satisfied for a given media stream in order
establishment or modification to proceed. When the precondition is for session establishment or modification to proceed. When the
not met, session progress is delayed until the precondition is precondition is not met, session progress is delayed until the
satisfied, or the session establishment fails. For example, RFC3312 precondition is satisfied or the session establishment fails. For
defines the Quality of Service precondition, which is used to ensure example, [RFC3312] defines the Quality of Service precondition, which
availability of network resources prior to establishing (i.e. is used to ensure availability of network resources prior to
alerting) a call. establishing a session (i.e., prior to starting alerting the callee).
SIP sessions are typically established in order to setup one or more SIP sessions are typically established in order to setup one or more
media streams. Even though a media stream may be negotiated media streams. Even though a media stream may be negotiated
successfully, through an SDP offer-answer exchange, the actual media successfully through an SDP offer-answer exchange, the actual media
stream itself may fail. For example, when there is one or more stream itself may fail. For example, when there is one or more
Network Address Translators (NATs) or firewalls in the media path, Network Address Translators (NATs) or firewalls in the media path,
the media stream may not be received by the far end. In cases where the media stream may not be received by the far end. In cases where
the media is carried over a connection-oriented transport such as TCP the media is carried over a connection-oriented transport such as TCP
[8], the connection-establishment procedures may fail. The [RFC0793], the connection-establishment procedures may fail. The
connectivity precondition defined in this document ensures that connectivity precondition defined in this document ensures that
session progress is delayed until media stream connectivity has been session progress is delayed until media stream connectivity has been
verified, or the session itself is abandoned. verified.
The connectivity precondition type defined in this document follows The connectivity precondition type defined in this document follows
the guidelines provided in RFC4032 [6] to extend the SIP the guidelines provided in [RFC4032] to extend the SIP preconditions
preconditions framework. framework.
2. Terminology 2. Terminology
In this document, the key words "MUST", "MUST NOT", "REQUIRED", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as document are to be interpreted as described in [RFC2119].
described in BCP 14, RFC 2119 [1] and indicate requirement levels for
compliant implementations.
3. Connectivity Precondition Definition 3. Connectivity Precondition Definition
3.1. Syntax 3.1. Syntax
The connectivity precondition type is defined by the string "conn" The connectivity precondition type is defined by the string "conn"
and hence we modify the grammar found in RFC 3312 as follows: and hence we modify the grammar found in [RFC3312] as follows:
precondition-type = "conn" | "qos" | token precondition-type = "conn" | "qos" | token
This precondition tag is registered with the IANA in Section 7. This precondition tag is registered with the IANA in Section 8.
3.2. Operational semantics 3.2. Operational Semantics
According to RFC4032 [6], documents defining new precondition types According to [RFC4032], documents defining new precondition types
need to describe the behavior of UAs from the moment session need to describe the behavior of UAs (User Agents) from the moment
establishment is suspended due to a set of preconditions until is session establishment is suspended due to a set of preconditions
resumed when these preconditions are met. An entity that wishes to until is resumed when these preconditions are met. An entity that
delay session establishment or modification until media stream wishes to delay session establishment or modification until media
connectivity has been established uses this precondition-type in an stream connectivity has been established uses this precondition-type
offer. When a mandatory connectivity precondition is received in an in an offer. When a mandatory connectivity precondition is received
offer, session establishment or modification is delayed until the in an offer, session establishment or modification is delayed until
connectivity precondition has been met, i.e., media stream the connectivity precondition has been met (i.e., until media stream
connectivity has been established in the desired direction(s). The connectivity has been established in the desired direction or
delay of session establishment defined here implies that alerting of directions). The delay of session establishment defined here implies
the called party does not occur until the precondition has been that alerting of the called party does not occur until the
satisfied. precondition has been satisfied.
Packets may be both sent and received on the media streams in Packets may be both sent and received on the media streams in
question, however such packets SHOULD be limited to packets that are question. However, such packets SHOULD be limited to packets that
necessary to verify connectivity between the two endpoints involved are necessary to verify connectivity between the two endpoints
on the media stream, i.e. the underlying media stream SHOULD NOT be involved on the media stream. That is, the underlying media stream
cut through. For example, STUN packets [STUN], RTP No-Op packets and SHOULD NOT be cut through. For example, STUN packets
corresponding RTCP reports, as well as TCP SYN and ACK packets can be [I-D.ietf-behave-rfc3489bis], RTP [RFC3550] No-Op
exchanged on media streams that support them as a way of verifying [I-D.ietf-avt-rtp-no-op] packets and their corresponding RTCP
connectivity. reports, as well as TCP SYN and ACK packets can be exchanged on media
streams that support them as a way of verifying connectivity.
When the media stream consists of multiple destination addresses, Some media streams are described by a single 'm' line but,
connectivity to all of them MUST be verified in order for the nevertheless, involve multiple addresses. For example, [RFC2733]
precondition to be met. In the case of RTP-based media streams, RTCP specifies how to send FEC (Forward Error Correction) information as a
connectivity however is not a requirement. separate stream (the address for the FEC stream is provided in an
'a=fmtp' line). When a media stream consists of multiple destination
addresses, connectivity to all of them MUST be verified in order for
the precondition to be met. In the case of RTP-based media streams,
RTCP connectivity MAY be verified, but it is not a requirement.
3.3. Status type 3.3. Status Type
RFC 3312 defines support for two kinds of status types, namely [RFC3312] defines support for two kinds of status types, namely
segmented and end-to-end. The connectivity precondition-type defined segmented and end-to-end. The connectivity precondition-type defined
here MUST be used with the end-to-end status type; use of the here MUST be used with the end-to-end status type; use of the
segmented status type is undefined. segmented status type is undefined.
3.4. Direction tag 3.4. Direction Tag
The direction attributes defined in RFC 3312 are interpreted as The direction attributes defined in [RFC3312] are interpreted as
follows: follows:
o send: The party who generated the session description (the offerer o send: the party that generated the session description is sending
in an offer-answer exchange) is sending packets on the media packets on the media stream to the other party, and the other
stream to the other party, and the other party has received at party has received at least one of those packets. That is, there
least one of those packets, i.e., there is connectivity in the is connectivity in the forward (sending) direction.
forward (sending) direction.
o recv: The other party (the answerer in an offer-answer exchange) o recv: the other party is sending packets on the media stream to
is sending packets on the media stream to this party, and this the party that generated the session description, and this party
party has received at least one of those packets, i.e., there is has received at least one of those packets. That is, there is
connectivity in the backwards (receiving) direction. connectivity in the backwards (receiving) direction.
o sendrecv: Both the send and recv conditions hold. In the case of
a connection-oriented transport such as TCP, once established the o sendrecv: both the send and recv conditions hold.
connection would usually have an associated direction tag of
sendrecv because it can carry data in both directions.
Note that a "send" connectivity precondition from the offerer's point Note that a "send" connectivity precondition from the offerer's point
of view corresponds to a "recv" connectivity precondition from the of view corresponds to a "recv" connectivity precondition from the
answerer's point of view, and vice versa. If media stream answerer's point of view, and vice versa. If media stream
connectivity in both directions is required before session connectivity in both directions is required before session
establishment or modification continues, the desired status MUST be establishment or modification continues, the desired status needs to
set to "sendrecv". be set to "sendrecv".
3.5. Precondition strength 3.5. Precondition Strength
Connectivity preconditions may have a strength-tag of either Connectivity preconditions may have a strength-tag of either
"mandatory" or "optional". "mandatory" or "optional".
When a mandatory connectivity precondition is offered, and the When a mandatory connectivity precondition is offered and the
answerer cannot satisfy the connectivity precondition, e.g., because answerer cannot satisfy the connectivity precondition (e.g., because
the offer does not include parameters that enable connectivity to be the offer does not include parameters that enable connectivity to be
verified without media cut through, the offer MUST be rejected as verified without media cut through) the offer MUST be rejected as
described in RFC 3312. described in [RFC3312].
When an optional connectivity precondition is offered, the answerer When an optional connectivity precondition is offered, the answerer
MUST generate its answer SDP as soon as possible; since session MUST generate its answer SDP as soon as possible. Since session
progress is not delayed in this case, it is not known whether the progress is not delayed in this case, it is not known whether the
associated media streams will have connectivity. If the answerer associated media streams will have connectivity. If the answerer
wants to delay session progress until connectivity has been verified, wants to delay session progress until connectivity has been verified,
the answerer MUST increase the strength of the connectivity the answerer MUST increase the strength of the connectivity
precondition by using a strength-tag of "mandatory" in the answer. precondition by using a strength-tag of "mandatory" in the answer.
Note that use of a "mandatory" precondition requires the presence of Note that use of a "mandatory" precondition requires the presence of
a SIP "Require" header with the option tag "precondition": Any SIP UA a SIP "Require" header with the option tag "precondition". Any SIP
that does not support a mandatory precondition will reject such UA that does not support a mandatory precondition will reject such
requests. To get around this issue, an optional connectivity requests. To get around this issue, an optional connectivity
precondition and the SIP "Supported" header with the option tag precondition and the SIP "Supported" header with the option tag
"precondition" can be used instead. Offers with connectivity "precondition" can be used instead.
preconditions in re-INVITEs or UPDATEs follow the rules given in
Section 6 of RFC 3312, i.e.: Offers with connectivity preconditions in re-INVITEs or UPDATEs
follow the rules given in Section 6 of [RFC3312]. That is:
"Both user agents SHOULD continue using the old session parameters "Both user agents SHOULD continue using the old session parameters
until all the mandatory preconditions are met. At that moment, until all the mandatory preconditions are met. At that moment,
the user agents can begin using the new session parameters." the user agents can begin using the new session parameters."
It should be noted, that connectivity may not exist between two 4. Verifying Connectivity
entities initially, e.g., when one or both entities are behind a
symmetric NAT. Subsequent packet exchanges however may create the
necessary address bindings in the NAT(s) thereby creating
connectivity. The ICE [7] methodology for example ensures that such
bindings are created following an offer/answer exchange.
4. Verifying connectivity Media stream connectivity is ascertained by use of a connectivity
verification mechanism between the media endpoints. A connectivity
verification mechanism may be an explicit mechanism, such as ICE
[I-D.ietf-mmusic-ice], or it may be an implicit mechanism, such as
TCP. Explicit mechanisms provide specifications for when
connectivity between two endpoints using an offer/answer exchange is
ascertained, whereas implicit mechanisms do not. The verification
mechanism is negotiated as part of the normal offer/answer exchange,
however it is not identified explicitly. More than one mechanism may
be negotiated, but the offerer and answerer need not use the same.
The following rules guide which connectivity verification mechanism
to use:
The above definitions of send and receive connectivity preconditions 1. if an explicit connectivity verification mechanism (e.g., ICE) is
beg two questions: How does the sender of a packet know the other negotiated, the precondition is met when the mechanism verifies
party received it, and how does the receiver of a packet know who connectivity successfully, otherwise
sent it (in particular, the correlation between an incoming media
packet and a particular SIP dialog may not be obvious) ?
Media stream connectivity can be ascertained in a variety of ways. 2. if a connection-oriented transport (e.g., TCP) is negotiated, the
This document does not mandate any particular mechanism for doing so, precondition is met when the connection is established.
however the appropriate machinery is likely to vary depending on the
type of transport used for media carriage. In order to comply with
the intent of an endpoint requiring connectivity preconditions, the
following general principles apply:
o The 3-way handshake connection establishment procedures of a 3. in other cases, an implicit verification mechanism may be
reliable transport protocol such as TCP are usually adequate to provided by the transport itself or the media stream data using
demonstrate bi-directional connectivity (and hence "sendrecv" the transport (e.g., RTP no-op)
media capability). Probe packets sent over the connection are
generally not required to satisfy the precondition.
o A pure datagram transport such as UDP (whether carrying RTP or
some other protocol) by itself provides no useful feedback about
connectivity. Hence, some sort of probe traffic is necessary to
ascertain whether packets are being received successfully.
o Connectivity preconditions are used to verify connectivity based
on the address information exchanged in offers and answers. When
overlapping IP address spaces are used (e.g. because one or both
endpoints are behind a Network Address Translator), it is possible
to inadvertently verify connectivity with an unrelated entity. In
order to address this issue, a correlation mechanism is needed
between media stream packets on one side and offers and answers on
the other side. ICE [7] defines one such correlation mechanism,
however use of it is above and beyond the connection-oriented
connectivity preconditions defined here.
o Some connection-oriented transport protocols may allow the data 4. if none of the above apply, connectivity cannot be verified
transfer phase to operate in an unreliable mode (today there is no reliably and the connectivity precondition will never be
standards-track IETF protocol which exhibits this characteristic). satisfied if requested.
In such cases the success of connection establishment may not
definitively demonstrate connectivity in the data phase, and hence
probe traffic MAY be necessary to ascertain if the precondition is
met.
o Hybrid protocols such as DCCP [14] provide their own feedback
channel and initialization procedures, which can serve to verify
connectivity without the use of explicit probe traffic.
The determination depends on the exact method being used to verify This document does not mandate any particular connectivity
connectivity. verification mechanism; however, in the following, we provide
additional considerations for verification mechanisms.
4.1. Procedures for connection-oriented transports 4.1. Media Stream to Dialog Correlation
TCP connections are bidirectional and hence there is no difference SIP and SDP do not provide any inherent capabilities for an incoming
between send and recv connectivity preconditions. Once the TCP media stream packet with a particular dialog. Thus, when an offerer
three-way hand shake has completed (SYN, SYN-ACK, ACK), the TCP is trying to ascertain connectivity, and an incoming media stream
connection is established and data can be sent and received by either packet is received, the offerer may not know which dialog had its
party, i.e. both a send and a receive connectivity precondition has "recv" connectivity verified. Explicit connectivity verification
been satisfied. Implementations SHOULD NOT require the receipt of mechanisms therefore typically provide a means to correlate the media
probe traffic in order to consider the precondition satisfied. stream, whose connectivity is being verified, with a particular SIP
dialog. However, some connectivity verification mechanisms may not
provide such a correlation. Therefore, in the absence of a dialog-
to-media-stream correlation mechanism (e.g., ICE), a UAS (User Agent
Server) MUST NOT require the offerer to confirm a connectivity
precondition.
SCTP [9] connections have similar semantics as TCP and SHOULD be 4.2. Explicit Connectivity Verification Mechanisms
treated the same as TCP.
When a connection-oriented transport is part of an offer, it may be Explicit connectivity verification mechanisms typically use probe
passive, active, or active/passive [12]. When it is passive, the traffic with some sort of feedback to inform the sender whether
offerer expects the answerer to initiate the connection reception was successful. Below we provide two examples of such
establishment, and when it is active, the offerer wants to initiate mechanisms, and how they are used with connectivity preconditions:
the connection establishment. When it is active/passive, the
answerer decides.
SIP and SDP do not provide any inherent capabilities for associating Interactive Connectivity Establishment (ICE) [I-D.ietf-mmusic-ice]
an incoming media stream packet with a particular dialog. Thus, when provides one or more candidate addresses in signaling between the
the offerer is passive and an incoming connection is being offerer and the answerer and then uses STUN Binding Requests to
established, the offerer cannot guarantee that the packet is determine which pairs of candidate addresses have connectivity. Each
associated with a particular dialog. When SIP forking is being used, STUN Binding Request contains a password which is communicated in the
this implies that the offerer cannot determine which of the early SDP as well; this enables correlation between STUN Binding Requests
dialogs now has its recv connectivity precondition satisfied - a and candidate addresses for a particular media stream. This
correlation mechanism is missing. This turns out not to be a problem furthermore provides correlation with a particular SIP dialog.
however, since the successful completion of the connection-
establishment procedure itself (e.g. receipt of SYN-ACK in the case
of TCP) informs the answerer that the precondition has been
satisfied, and hence there is no need for the offerer to explicitly
inform the answerer of this (by sending a SIP UPDATE message). In
the absence of a correlation mechanism (e.g. ICE), an answerer
therefore MUST NOT require the offerer to confirm a connectivity
precondition on a connection-oriented transport.
4.2. Procedures for datagram transports ICE implementations may be either Full or Lite (see [I-D.ietf-mmusic-
ice]). Full implementations generate and respond to STUN Binding
Requests, whereas Lite implementations only respond to them. With
ICE, one side is a controlling agent, and the other side is a
controlled agent. A Full implementation can take on either role,
whereas a Lite implementation can only be a controlled agent. The
controlling agent decides which valid candidate to use and informs
the controlled agent of it by identifying the pair as the nominated
pair. This leads to the following connectivity precondition rules:
Verification of connectivity on datagram transports usually entails o A Full implementation ascertains both "send" and "recv"
the sending of probe traffic with some form of feedback to inform the connectivity when it operates as a STUN client and has sent a STUN
sender whether reception was successful. Techniques that can be used Binding Request that resulted in a successful check for all the
to verify connectivity on datagram transports include: components of the media stream (as defined further in ICE).
o ICE [7]: ICE provides one or more candidate addresses in signaling o A Full or a Lite implementation ascertains "recv" connectivity
between the offerer and the answerer and then uses STUN Binding when it operates as a STUN server and has received a STUN Binding
Requests to determine which pairs of candidate addresses have Request that resulted in a successful response for all the
connectivity. Each STUN Binding Request contains a password which components of the media stream (as defined further in ICE).
is communicated in the SDP as well; this enables correlation
between STUN Binding Requests and candidate addresses for a o A Lite implementation ascertains "send" and "recv" connectivity
particular media stream. In ICE, connectivity is always checked when the controlling agent has informed it of the nominated pair
in both directions by following a state machine with a set of for all the components of the media stream.
states for the offerer and a set of states for the answerer: The
offerer ascertains "recv" connectivity for a particular transport A simpler and slightly more delay-prone alternative to the above
address pair by transitioning into the "validating" state, whereas rules is for all ICE implementations to ascertain "send" and "recv"
"send" connectivity is ascertained by transitioning into the connectivity for a media stream when the ICE state for that media
"valid" state. The answerer ascertains both "send" and "recv" stream has moved to Completed.
connectivity for a particular transport address pair by
transitioning into the "send-valid" state. As a consequence of Note that there is never a need for the UAS to request confirmation
this, there is never a need for the answerer to request of the connectivity precondition when using ICE: the answerer can
confirmation of the connectivity precondition when using ICE: the determine the status locally. Also note, that when ICE is used to
answerer can determine the status locally. When ICE is used to verify connectivity preconditions, the precondition is not satisfied
verify connectivity preconditions, the precondition is satisfied until connectivity has been verified for all the component transport
as soon as one of the candidates becomes valid, i.e. connectivity addresses used by the media stream. For example, with an RTP-based
has been verified for all the component transport addresses used media stream where RTCP is not suppressed, connectivity MUST be
by the media stream. For example, with an RTP-based media stream ascertained for both RTP and RTCP; this is a tightening of the
where RTCP is not suppressed, connectivity must be ascertained for general operational semantics provided in Section Section 3.2, which
both RTP and RTCP; this is a tightening of the general operational is imposed by ICE. Finally, it should be noted, that although
semantics provided in Section 3.2 imposed by ICE. Finally, it connectivity has been ascertained, a new offer/answer exchange may be
should be noted, that though connectivity has been ascertained, a required before media can flow (per ICE).
new offer/answer exchange may be required before media can
actually flow (per ICE). RTP no-op [I-D.ietf-avt-rtp-no-op] enables the sender of an RTP No-Op
o RTP no-op [13]: The sender of an RTP No-Op payload can verify send payload to verify send connectivity by examining the RTCP report(s)
connectivity by examining the RTCP report(s) being returned. In being returned. In particular, the source SSRC in the RTCP report
particular, the source SSRC in the RTCP report block is used for block is used for correlation. The RTCP report block also contains
correlation. The RTCP report block also contains the SSRC of the the SSRC of the sender of the report and the SSRC of incoming RTP
sender of the report and the SSRC of incoming RTP No-Op packets No-Op packets identifies the sender of the RTP packet. Thus, once
identifies the sender of the RTP packet. Thus, once send send connectivity has been ascertained, receipt of an RTP No-Op
connectivity has been ascertained, receipt of an RTP No-Op packet packet from the same SSRC provides the necessary correlation to
from the same SSRC provides the necessary correlation to determine determine receive connectivity. Alternatively, the duality of send
receive connectivity. Alternatively, the duality of send and and receive preconditions can be exploited, with one side confirming
receive preconditions can be exploited, with one side confirming
when his send precondition is satisfied, which in turn implies the when his send precondition is satisfied, which in turn implies the
other sides recv precondition is satisfied. other sides recv precondition is satisfied.
The above are merely examples of techniques that can be used. Other The above are merely examples of explicit connectivity verification
techniques which meet the requirements of Section 4 above can be used mechanisms. Other techniques can be used as well. It is however
as well. It is however RECOMMENDED that ICE be supported by entities RECOMMENDED that ICE be supported by entities that support
that support connectivity preconditions for datagram transports. Use connectivity preconditions. Use of ICE has the benefit of working
of ICE has the benefit of working for all datagram based media for all media streams (not just RTP) as well as facilitate NAT and
streams (not just RTP) as well as facilitate NAT and firewall firewall traversal, which may otherwise interfere with connectivity.
traversal, which may otherwise interfere with connectivity.
Furthermore, the ICE recommendation provides a baseline to ensure Furthermore, the ICE recommendation provides a baseline to ensure
that all entities that require probe traffic to support the that all entities that require probe traffic to support the
connectivity preconditions have at least one common way of connectivity preconditions have a common way of ascertaining
ascertaining connectivity. connectivity.
5. Examples 4.3. Verifying Connectivity for Connection-Oriented Transports
Connection-oriented transport protocols generally provide an implicit
connectivity verification mechanism. Connection establishment
involves sending traffic in both directions thereby verifying
connectivity at the transport protocol level. When the connection-
oriented protocol uses a three-way (or more) handshake for connection
establishment, there is no difference between the "send" and "recv"
precondition. In the case of TCP for example, once the TCP three-way
handshake has completed (SYN, SYN-ACK, ACK), the TCP connection is
established and data can be sent and received by either party (i.e.,
both a send and a receive connectivity precondition has been
satisfied). SCTP [RFC4960] connections have similar semantics as TCP
and SHOULD be treated the same.
When a connection-oriented transport is part of an offer, it may be
passive, active, or active/passive [RFC4145]. When it is passive,
the offerer expects the answerer to initiate the connection
establishment, and when it is active, the offerer wants to initiate
the connection establishment. When it is active/passive, the
answerer decides. As noted earlier, lack of a media-stream-to-dialog
correlation mechanism can make it difficult to guarantee with whom
connectivity has been ascertained. When the offerer takes on the
passive role, the offerer will not necessarily know which SIP dialog
originated an incoming connection request. If the offerer instead is
active, this problem is avoided.
5. Connectivity and Other Precondition Types
The role of a connectivity precondition is to ascertain media stream
connectivity before establishing or modifying a session. The
underlying intent is for the two parties to be able to exchange media
packets successfully. Connectivity by itself however may not fully
satisfy this. Quality of Service for example may be required for the
media stream; this can be addressed by use of the "qos" preconditions
defined in [RFC3312]. Similarly, succesful security parameter
negotiation may be another prequisite to meeting this; this can be
addressed by use of the "sec" preconditions defined in [RFC5027].
6. Examples
The first example uses the connectivity precondition with TCP in the The first example uses the connectivity precondition with TCP in the
context of a session involving a wireless access medium. Both UAs context of a session involving a wireless access medium. Both UAs
use a radio access network that does not allow them to send any data use a radio access network that does not allow them to send any data
(not even a TCP SYN) until a radio bearer has been setup for the (not even a TCP SYN) until a radio bearer has been setup for the
connection. Figure 1 shows the message flow of this example (the connection. Figure 1 shows the message flow of this example (the
PRACK transaction has been omitted for clarity): PRACK transaction has been omitted for clarity):
A B A B
| INVITE | | INVITE |
skipping to change at page 10, line 45 skipping to change at page 10, line 46
| | | |
| | | |
| 180 Ringing | TCP connection | 180 Ringing | TCP connection
|<-----------------------------------+ is up |<-----------------------------------+ is up
| | B alerts the user | | B alerts the user
| | | |
Figure 1: Message flow with two types of preconditions Figure 1: Message flow with two types of preconditions
A sends an INVITE requesting connection-establishment preconditions. A sends an INVITE requesting connection-establishment preconditions.
The setup attribute in the offer is set to holdconn because A cannot The setup attribute in the offer is set to holdconn [RFC4145] because
send or receive any data before setting up a radio bearer for the A cannot send or receive any data before setting up a radio bearer
connection. for the connection.
B agrees to use the connectivity precondition by sending a 183 B agrees to use the connectivity precondition by sending a 183
(Session Progress) response. The setup attribute in the answer is (Session Progress) response. The setup attribute in the answer is
also set to holdconn because B, like A, cannot send or receive any also set to holdconn because B, like A, cannot send or receive any
data before setting up a radio bearer for the connection. data before setting up a radio bearer for the connection.
When A's radio bearer is ready, A sends an UPDATE to B with a setup When A's radio bearer is ready, A sends an UPDATE to B with a setup
attribute with a value of actpass. This attribute indicates that A attribute with a value of actpass. This attribute indicates that A
can perform an active or a passive TCP open. A is letting B choose can perform an active or a passive TCP open. A is letting B choose
which endpoint will initiate the connection. which endpoint will initiate the connection.
skipping to change at page 11, line 20 skipping to change at page 11, line 22
Since B's radio bearer is not ready yet, B chooses to be the one Since B's radio bearer is not ready yet, B chooses to be the one
initiating the connection and indicates so with a setup attribute initiating the connection and indicates so with a setup attribute
with a value of active. At a later point, when B's radio bearer is with a value of active. At a later point, when B's radio bearer is
ready, B initiates the TCP connection towards A. ready, B initiates the TCP connection towards A.
Once the TCP connection is established successfully, B alerts the Once the TCP connection is established successfully, B alerts the
callee and sends a 180 (Ringing) response. callee and sends a 180 (Ringing) response.
The second example shows a basic SIP session establishment using SDP The second example shows a basic SIP session establishment using SDP
connectivity preconditions and RTP No-Op. Note that not all SDP connectivity preconditions and RTP No-Op. Note that not all SDP
details are provided in the following. below shows the message flow details are provided in the following. The message flow for this
for this scenario shown in Figure 2 below. scenario is shown in Figure 2 below.
A B A B
| | | |
|-------------(1) INVITE SDP1--------------->| |-------------(1) INVITE SDP1--------------->|
| | | |
|<------(2) 183 Session Progress SDP2--------| |<------(2) 183 Session Progress SDP2--------|
| | | |
|<~~~~~ Connectivity check to A ~~~~~~~~~~~~~| |<~~~~~ Connectivity check to A ~~~~~~~~~~~~~|
| | | |
skipping to change at page 12, line 39 skipping to change at page 12, line 39
| | | |
| | | |
Figure 2: Connectivity precondition with RTP no-op Figure 2: Connectivity precondition with RTP no-op
SDP1: A includes a mandatory end-to-end connectivity precondition SDP1: A includes a mandatory end-to-end connectivity precondition
with a desired status of "sendrecv"; this will ensure media stream with a desired status of "sendrecv"; this will ensure media stream
connectivity in both directions before continuing with the session connectivity in both directions before continuing with the session
setup. Since media stream connectivity in either direction is setup. Since media stream connectivity in either direction is
unknown at this point, the current status is set to "none". A's unknown at this point, the current status is set to "none". A's
local status table (see RFC 3312) for the connectivity precondition local status table (see [RFC3312]) for the connectivity precondition
is as follows: is as follows:
Direction | Current | Desired Strength | Confirm Direction | Current | Desired Strength | Confirm
-----------+----------+------------------+---------- -----------+----------+------------------+----------
send | no | mandatory | no send | no | mandatory | no
recv | no | mandatory | no recv | no | mandatory | no
and the resulting offer SDP is: and the resulting offer SDP is:
m=audio 20000 RTP/AVP 0 96 m=audio 20000 RTP/AVP 0 96
skipping to change at page 14, line 20 skipping to change at page 14, line 20
Since B asked for confirmation about the "send" connectivity (from Since B asked for confirmation about the "send" connectivity (from
A's point of view), A now sends an UPDATE (5) to B to confirm the A's point of view), A now sends an UPDATE (5) to B to confirm the
connectivity from A to B: connectivity from A to B:
m=audio 20000 RTP/AVP 0 96 m=audio 20000 RTP/AVP 0 96
a=rtpmap:96 no-op/8000 a=rtpmap:96 no-op/8000
c=IN IP4 192.0.2.1 c=IN IP4 192.0.2.1
a=curr:conn e2e send a=curr:conn e2e send
a=des:conn mandatory e2e sendrecv a=des:conn mandatory e2e sendrecv
6. Security Considerations 7. Security Considerations
In addition to the general security considerations for preconditions In addition to the general security considerations for preconditions
provided in RFC 3312, the following security issues, which are provided in [RFC3312], the following security issues, which are
specific to connectivity preconditions, should be considered. specific to connectivity preconditions, should be considered.
Connectivity preconditions rely on mechanisms beyond SDP, e.g. Connectivity preconditions rely on mechanisms beyond SDP such as
TCP[8] connection establishment, RTP No-Op [13] or STUN [10], to TCP[RFC0793] connection establishment, RTP No-Op
[I-D.ietf-avt-rtp-no-op], or STUN [I-D.ietf-behave-rfc3489bis] to
establish and verify connectivity between an offerer and an answerer. establish and verify connectivity between an offerer and an answerer.
An attacker that prevents those mechanism from succeeding can prevent An attacker that prevents those mechanism from succeeding can prevent
media sessions from being established and hence it is RECOMMENDED media sessions from being established and hence it is RECOMMENDED
that such mechanisms are adequately secured by message authentication that such mechanisms are adequately secured by message authentication
and integrity protection. Also, the mechanisms SHOULD consider how and integrity protection. Also, the mechanisms SHOULD consider how
to prevent denial of service attacks. Similarly, an attacker that to prevent denial of service attacks. Similarly, an attacker that
can forge packets for these mechanisms can enable sessions to be can forge packets for these mechanisms can enable sessions to be
established when there in fact is no media connectivity, which may established when there in fact is no media connectivity, which may
lead to a poor user experience. Authentication and integrity lead to a poor user experience. Authentication and integrity
protection of such mechanisms can prevent this type of attacks and protection of such mechanisms can prevent this type of attacks and
hence use of it is RECOMMENDED. hence use of it is RECOMMENDED.
It is also strongly RECOMMENDED that integrity protection be applied It is also strongly RECOMMENDED that integrity protection be applied
to the SDP session descriptions. S/MIME [5] is the natural choice to to the SDP session descriptions. S/MIME [RFC3853] is the natural
provide such end-to-end integrity protection, as described in RFC choice to provide such end-to-end integrity protection, as described
3261 [3]. in [RFC3261].
7. IANA Considerations 8. IANA Considerations
IANA is hereby requested to register a RFC 3312 precondition type IANA is hereby requested to register a new precondition type under
called "conn" with the name "Connectivity precondition". The the Precondition Types used with SIP subregistry, which is located
reference for this precondition type is the current document. under the Session Initiation Protocol (SIP) Parameters registry.
8. Change Log Precondition-Type Description Reference
----------------- ----------------------------------- ---------
conn Connectivity precondition [RFCxxxx]
8.1. Changes since -01 [Note to the RFC Editor: replace RFCxxxx with the number assigned to
this RFC.]
9. Change Log
9.1. Changes since -02
Connectivity preconditions are now mechanism agnostic. Clarified
when and how to use ICE, RTP no-op, and connection establishment
procedures to check connectivity. Clarified relation with other
precondition types.
9.2. Changes since -01
There are no changes since the previous version of the document. There are no changes since the previous version of the document.
9. References 10. References
9.1. Normative References 10.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[2] Handley, M. and V. Jacobson, "SDP: Session Description [RFC2733] Rosenberg, J. and H. Schulzrinne, "An RTP Payload Format
Protocol", RFC 2327, April 1998. for Generic Forward Error Correction", RFC 2733,
December 1999.
[3] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston,
Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: A., Peterson, J., Sparks, R., Handley, M., and E.
Session Initiation Protocol", RFC 3261, June 2002. Schooler, "SIP: Session Initiation Protocol", RFC 3261,
June 2002.
[4] Camarillo, G., Marshall, W., and J. Rosenberg, "Integration of [RFC3312] Camarillo, G., Marshall, W., and J. Rosenberg,
Resource Management and Session Initiation Protocol (SIP)", "Integration of Resource Management and Session Initiation
RFC 3312, October 2002. Protocol (SIP)", RFC 3312, October 2002.
[5] Peterson, J., "S/MIME Advanced Encryption Standard (AES) [RFC3550] Schulzrinne, H., Casner, S., Frederick, R., and V.
Jacobson, "RTP: A Transport Protocol for Real-Time
Applications", STD 64, RFC 3550, July 2003.
[RFC3853] Peterson, J., "S/MIME Advanced Encryption Standard (AES)
Requirement for the Session Initiation Protocol (SIP)", Requirement for the Session Initiation Protocol (SIP)",
RFC 3853, July 2004. RFC 3853, July 2004.
[6] Camarillo, G. and P. Kyzivat, "Update to the Session Initiation [RFC4032] Camarillo, G. and P. Kyzivat, "Update to the Session
Protocol (SIP) Preconditions Framework", RFC 4032, March 2005. Initiation Protocol (SIP) Preconditions Framework",
RFC 4032, March 2005.
[7] Rosenberg, J., "Interactive Connectivity Establishment (ICE): A [RFC4566] Handley, M., Jacobson, V., and C. Perkins, "SDP: Session
Methodology for Network Address Translator (NAT) Traversal for Description Protocol", RFC 4566, July 2006.
Offer/Answer Protocols", draft-ietf-mmusic-ice-08 (work in
progress), March 2006.
9.2. Informative References 10.2. Informative References
[8] Postel, J., "Transmission Control Protocol", STD 7, RFC 793, [RFC0793] Postel, J., "Transmission Control Protocol", STD 7,
September 1981. RFC 793, September 1981.
[9] Stone, J., Stewart, R., and D. Otis, "Stream Control [RFC4145] Yon, D. and G. Camarillo, "TCP-Based Media Transport in
Transmission Protocol (SCTP) Checksum Change", RFC 3309, the Session Description Protocol (SDP)", RFC 4145,
September 2002. September 2005.
[10] Rosenberg, J., Weinberger, J., Huitema, C., and R. Mahy, "STUN [RFC4960] Stewart, R., "Stream Control Transmission Protocol",
- Simple Traversal of User Datagram Protocol (UDP) Through RFC 4960, September 2007.
Network Address Translators (NATs)", RFC 3489, March 2003.
[11] Schulzrinne, H. and S. Casner, "RTP Profile for Audio and Video [RFC5027] Andreasen, F. and D. Wing, "Security Preconditions for
Conferences with Minimal Control", STD 65, RFC 3551, July 2003. Session Description Protocol (SDP) Media Streams",
RFC 5027, October 2007.
[12] Yon, D. and G. Camarillo, "TCP-Based Media Transport in the [I-D.ietf-avt-rtp-no-op]
Session Description Protocol (SDP)", RFC 4145, September 2005. Andreasen, F., "A No-Op Payload Format for RTP",
draft-ietf-avt-rtp-no-op-04 (work in progress), May 2007.
[13] Andreasen, F., "A No-Op Payload Format for RTP", [I-D.ietf-mmusic-ice]
draft-wing-avt-rtp-noop-03 (work in progress), May 2005. Rosenberg, J., "Interactive Connectivity Establishment
(ICE): A Protocol for Network Address Translator (NAT)
Traversal for Offer/Answer Protocols",
draft-ietf-mmusic-ice-19 (work in progress), October 2007.
[14] Kohler, E., "Datagram Congestion Control Protocol (DCCP)", [I-D.ietf-mmusic-ice-tcp]
draft-ietf-dccp-spec-13 (work in progress), December 2005. Rosenberg, J., "TCP Candidates with Interactive
Connectivity Establishment (ICE",
draft-ietf-mmusic-ice-tcp-04 (work in progress),
July 2007.
[I-D.ietf-behave-rfc3489bis]
Rosenberg, J., Mahy, R., Matthews, P., and D. Wing,
"Session Traversal Utilities for (NAT) (STUN)",
draft-ietf-behave-rfc3489bis-13 (work in progress),
November 2007.
Authors' Addresses Authors' Addresses
Flemming Andreasen Flemming Andreasen
Cisco System, Inc. Cisco Systems, Inc.
499 Thornall Street, 8th Floor 499 Thornall Street, 8th Floor
Edison, NJ 08837 Edison, NJ 08837
USA USA
Email: fandreas@cisco.com Email: fandreas@cisco.com
Gonzalo Camarillo Gonzalo Camarillo
Ericsson Ericsson
Hirsalantie 11 Hirsalantie 11
Jorvas 02420 Jorvas 02420
Finland Finland
Email: Gonzalo.Camarillo@ericsson.com Email: Gonzalo.Camarillo@ericsson.com
David Oran David Oran
Cisco Systems, Inc Cisco Systems, Inc.
7 Ladyslipper Lane 7 Ladyslipper Lane
Acton, MA 01720 Acton, MA 01720
USA USA
Email: oran@cisco.com Email: oran@cisco.com
Dan Wing Dan Wing
Cisco Systems, Inc. Cisco Systems, Inc.
170 West Tasman Drive 170 West Tasman Drive
San Jose, CA 94301 San Jose, CA 94301
USA USA
Email: dwing@cisco.com Email: dwing@cisco.com
Intellectual Property Statement Full Copyright Statement
Copyright (C) The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79. found in BCP 78 and BCP 79.
skipping to change at page 18, line 29 skipping to change at page 18, line 45
such proprietary rights by implementers or users of this such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr. http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at this standard. Please address the information to the IETF at
ietf-ipr@ietf.org. ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment Acknowledgment
Funding for the RFC Editor function is currently provided by the Funding for the RFC Editor function is provided by the IETF
Internet Society. Administrative Support Activity (IASA).
 End of changes. 85 change blocks. 
316 lines changed or deleted 373 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/