draft-ietf-mmusic-sdp4nat-02.txt   draft-ietf-mmusic-sdp4nat-03.txt 
INTERNET DRAFT C. Huitema INTERNET DRAFT C. Huitema
<draft-ietf-mmusic-sdp4nat-02.txt> Microsoft <draft-ietf-mmusic-sdp4nat-03.txt> Microsoft
Expires August 25, 2002 February 25, 2002 Expires March 20, 2002 September 20, 2002
RTCP attribute in SDP RTCP attribute in SDP
Status of this memo Status of this memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. all provisions of Section 10 of RFC2026.
This document is an Internet-Draft. Internet-Drafts are working This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
skipping to change at page 1, line 41 skipping to change at page 1, line 41
The session description protocol (SDP) is used to describe the The session description protocol (SDP) is used to describe the
parameters of media streams used in multimedia sessions. When a parameters of media streams used in multimedia sessions. When a
session requires multiple ports, SDP assumes that these port have session requires multiple ports, SDP assumes that these port have
consecutive numbers. However, when the session crosses a network consecutive numbers. However, when the session crosses a network
address translation device that also uses port mapping, the ordering address translation device that also uses port mapping, the ordering
of ports can be destroyed by the translation. To handle this, we of ports can be destroyed by the translation. To handle this, we
propose an extension attribute to SDP. propose an extension attribute to SDP.
1 Introduction 1 Introduction
The session invitation protocol (SIP, [RFC2543]) is often used to The session invitation protocol (SIP, [RFC3261]) is often used to
establish multi-media sessions on the Internet. There are often establish multi-media sessions on the Internet. There are often
cases today in which one or both end of the connection are hidden cases today in which one or both end of the connection are hidden
behind a network address translation device [RFC2766]. In this case, behind a network address translation device [RFC2766]. In this case,
the SDP text must document the IP addresses and UDP ports as they the SDP text must document the IP addresses and UDP ports as they
appear on the "public Internet" side of the NAT; in this memo, we appear on the "public Internet" side of the NAT; in this memo, we
will suppose that the host located behind a NAT has a way to obtain will suppose that the host located behind a NAT has a way to obtain
these numbers; a possible way to learn these numbers is briefly these numbers; a possible way to learn these numbers is briefly
outlined in section 3. However, just learning the numbers is not outlined in section 3. However, just learning the numbers is not
enough. enough.
skipping to change at page 3, line 56 skipping to change at page 3, line 56
sufficient, i.e. whether or not there is a need to document more sufficient, i.e. whether or not there is a need to document more
than one ancillary port per media type, and whether relaxing the RTP than one ancillary port per media type, and whether relaxing the RTP
requirements is legitimate. requirements is legitimate.
3.1 How do we discover port numbers? 3.1 How do we discover port numbers?
The proposed solution assumes that we can discover the "translated The proposed solution assumes that we can discover the "translated
port numbers", i.e. the value of the ports as they appear on the port numbers", i.e. the value of the ports as they appear on the
"external side" of the NAT. There are multiple ways to achieve this "external side" of the NAT. There are multiple ways to achieve this
result. One possibility is to ask the cooperation of a well result. One possibility is to ask the cooperation of a well
connected third party, using a four step process: connected third party that will act as a server according to [STUN].
We thus obtain a three step process:
1) The host allocate two UDP ports numbers for an RTP/RTCP pair, 1) The host allocate two UDP ports numbers for an RTP/RTCP pair,
2) The host sends a UDP message from each port to the third party, 2) The host sends a UDP message from each port to the STUN server,
3) The third party reads the source address and port of the packet, 3) The STUN server reads the source address and port of the packet,
and copies them in the text of a reply, obscuring them if and copies them in the text of a reply,
necessary to avoid modification by the NAT,
4) The host parses the reply and learns the external address and 4) The host parses the reply according to the STUN protocol and
port corresponding to each of the two UDP port. learns the external address and port corresponding to each of the
two UDP port.
This algorithm supposes that the NAT will use the same translation This algorithm supposes that the NAT will use the same translation
for packets sent to the third party and to the "SDP peer" with which for packets sent to the third party and to the "SDP peer" with which
the host wants to establish a connection. The experience shows that the host wants to establish a connection. The experience shows that
this is the case for a large fraction of NATs. this is the case for a large fraction of NATs.
3.2 Do we need to support multiple ports? 3.2 Do we need to support multiple ports?
Most media streams are transmitted using a single pair of RTP and Most media streams are transmitted using a single pair of RTP and
RTCP ports. It is possible, however, to transmit a single media over RTCP ports. It is possible, however, to transmit a single media over
skipping to change at page 4, line 55 skipping to change at page 5, line 4
one RTP/RTCP stream. one RTP/RTCP stream.
3.3 Why not expand the media definition? 3.3 Why not expand the media definition?
The RTP ports are documented in the media description line, and it The RTP ports are documented in the media description line, and it
would seem convenient to document the RTCP port at the same place, would seem convenient to document the RTCP port at the same place,
rather than create an RTCP attribute. We considered this design rather than create an RTCP attribute. We considered this design
alternative and rejected it for two reasons: adding an extra port alternative and rejected it for two reasons: adding an extra port
number and an option address in the media description would be number and an option address in the media description would be
awkward, and more importantly it would create problems with existing awkward, and more importantly it would create problems with existing
applications, which would have to reject the entire media
applications, which would have to reject the entire media
description if they did not understand the extension. On the description if they did not understand the extension. On the
contrary, adding an attribute has a well defined failure mode: contrary, adding an attribute has a well defined failure mode:
implementations that don't understand the "a=rtcp" attribute will implementations that don't understand the "a=rtcp" attribute will
simply ignore it; they will fail to send RTCP packets to the simply ignore it; they will fail to send RTCP packets to the
specified address, but they will at least be able to receive the specified address, but they will at least be able to receive the
media in the RTP packets. media in the RTP packets.
3.4 Is a tolerant RTP legitimate? 3.4 Is a tolerant RTP legitimate?
Our solution explicitly asks implementers to disregard a part of the Our solution explicitly asks implementers to disregard a part of the
skipping to change at page 5, line 31 skipping to change at page 5, line 32
This approach has been validated with the AVT working group of the This approach has been validated with the AVT working group of the
IETF, which is in charge of maintaining the RTP standard. We expect IETF, which is in charge of maintaining the RTP standard. We expect
that the revised version of the RTP standard will lift the that the revised version of the RTP standard will lift the
restrictions on port numbers imposed in [RFC1889], e.g. specify that restrictions on port numbers imposed in [RFC1889], e.g. specify that
for applications in which the RTP and RTCP destination port numbers for applications in which the RTP and RTCP destination port numbers
are specified via explicit, separate parameters (using a signaling are specified via explicit, separate parameters (using a signaling
protocol or other means), the application MAY disregard the protocol or other means), the application MAY disregard the
restrictions that the port numbers be even/odd and consecutive restrictions that the port numbers be even/odd and consecutive
although the use of an even/odd port pair is still encouraged. although the use of an even/odd port pair is still encouraged.
4 Security Considerations 4 UNSAF considerations
The RTCP attribute in SDP is used to enable establishment of
RTP/RTCP flows through NAT, in conjunction with an address discovery
mechanism such as STUN. This mechanism is a short term fix to the
NAT traversal problem, which requires thus consideration of the
general issues linked to "Unilateral self-address fixing" [UNSAF].
The RTCP attribute addresses a very specific problem, the
documentation of port numbers as they appear after address
translation by a port-mapping NAT. The RTCP attribute SHOULD NOT be
used for other applications.
We expect that, with time, one of two exit strategies can be
developed. The IETF may develop an explicit "middlebox control"
protocol, that will enable applications to obtain a pair of port
numbers appropriate for RTP and RTCP. Another possibility is the
deployment of IPv6, which will enable use of "end to end"
addressing, and guarantee that the two hosts will be able to use
appropriate ports. In both cases, there will be no need for
documenting a "non standard" RTCP port with the RTCP attribute.
5 Security Considerations
This SDP extension is not believed to introduce any significant This SDP extension is not believed to introduce any significant
security risk to multi-media applications. One could conceive that a security risk to multi-media applications. One could conceive that a
malevolent third party would use the extension to redirect the RTCP malevolent third party would use the extension to redirect the RTCP
fraction of an RTP exchange, but this require intercepting and fraction of an RTP exchange, but this require intercepting and
rewriting the signaling packet carrying the SDP text; if an rewriting the signaling packet carrying the SDP text; if an
interceptor can do that, many more attacks are available, including interceptor can do that, many more attacks are available, including
a wholesale change of the addresses and port numbers at which the a wholesale change of the addresses and port numbers at which the
media will be sent. media will be sent.
5 IANA Considerations In order to avoid attacks of this sort, when SDP is used in a
signaling packet where it is of the form application/sdp, end-to-end
integrity using S/MIME [RFC3369] is the technical method to be
implemented and applied. This is compatible with SIP [RFC3261].
6 IANA Considerations
This document defines a new SDP parameter, the attribute field This document defines a new SDP parameter, the attribute field
"rtcp", which per [RFC2327] should be registered by IANA. This "rtcp", which per [RFC2327] should be registered by IANA. This
attribute field is designed for use at media level only. attribute field is designed for use at media level only.
6 Copyright 7 Copyright
The following copyright notice is copied from RFC 2026 [Bradner, The following copyright notice is copied from RFC 2026 [Bradner,
1996], Section 10.4, and describes the applicable copyright for this 1996], Section 10.4, and describes the applicable copyright for this
document. document.
Copyright (C) The Internet Society March 21, 2001. All Rights Copyright (C) The Internet Society March 21, 2001. All Rights
Reserved. Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it
skipping to change at page 6, line 29 skipping to change at page 7, line 5
The limited permissions granted above are perpetual and will not be The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assignees. revoked by the Internet Society or its successors or assignees.
This document and the information contained herein is provided on an This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
7 Intellectual Property 8 Intellectual Property
The following notice is copied from RFC 2026 [Bradner, 1996], The following notice is copied from RFC 2026 [Bradner, 1996],
Section 10.4, and describes the position of the IETF concerning Section 10.4, and describes the position of the IETF concerning
intellectual property claims made against this document. intellectual property claims made against this document.
The IETF takes no position regarding the validity or scope of any The IETF takes no position regarding the validity or scope of any
intellectual property or other rights that might be claimed to intellectual property or other rights that might be claimed to
pertain to the implementation or use other technology described in pertain to the implementation or use other technology described in
this document or the extent to which any license under such rights this document or the extent to which any license under such rights
might or might not be available; neither does it represent that it might or might not be available; neither does it represent that it
skipping to change at page 6, line 55 skipping to change at page 7, line 31
to obtain a general license or permission for the use of such to obtain a general license or permission for the use of such
proprietary rights by implementers or users of this specification proprietary rights by implementers or users of this specification
can be obtained from the IETF Secretariat. can be obtained from the IETF Secretariat.
The IETF invites any interested party to bring to its attention any The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary copyrights, patents or patent applications, or other proprietary
rights which may cover technology that may be required to practice rights which may cover technology that may be required to practice
this standard. Please address the information to the IETF Executive this standard. Please address the information to the IETF Executive
Director. Director.
8 Acknowledgements 9 Acknowledgements
The original idea for using the "rtcp" attribute was developed by The original idea for using the "rtcp" attribute was developed by
Ann Demirtjis. The draft was reviewed by the MMUSIC and AVT working Ann Demirtjis. The draft was reviewed by the MMUSIC and AVT working
groups of the IETF. groups of the IETF.
9 References 10 References
[RFC2543] M. Handley, H. Schulzrinne, E. Schooler, J. Rosenberg "SIP: [RFC3261] J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston,
Session Initiation Protocol", RFC 2543, March 1999. J. Peterson, R. Sparks, M. Handley, E. Schooler. SIP: Session
Initiation Protocol. RFC 3261, June 2002.
[RFC2327] M. Handley, V. Jacobson, "SDP: Session Description [RFC2327] M. Handley, V. Jacobson, "SDP: Session Description
Protocol", RFC 2327, April 1998. Protocol", RFC 2327, April 1998.
[RFC3369] R. Housley. Cryptographic Message Syntax (CMS). RFC 3369,
August 2002.
[RFC1889] H. Schulzrinne, S. Casner, R. Frederick, V. Jacobson. "RTP: [RFC1889] H. Schulzrinne, S. Casner, R. Frederick, V. Jacobson. "RTP:
A Transport Protocol for Real-Time Applications", RFC 1889, January A Transport Protocol for Real-Time Applications", RFC 1889, January
1996. 1996.
[RFC2766] G. Tsirtsis, P. Srisuresh. "Network Address Translation - [RFC2766] G. Tsirtsis, P. Srisuresh. "Network Address Translation -
Protocol Translation (NAT-PT)", RFC 2766, February 2000. Protocol Translation (NAT-PT)", RFC 2766, February 2000.
[RFC2119] S. Bradner, "Key words for use in RFCs to Indicate [RFC2119] S. Bradner, "Key words for use in RFCs to Indicate
Requirement Levels", RFC 2119, March 1997. Requirement Levels", RFC 2119, March 1997.
[RFC2234] D. Crocker, P. Overell, "Augmented BNF for Syntax [RFC2234] D. Crocker, P. Overell, "Augmented BNF for Syntax
Specifications: ABNF", RFC 2234, November 1997. Specifications: ABNF", RFC 2234, November 1997.
10 Author's Addresses [UNSAF] L. Daigle, "IAB considerations for UNilateral self-address
fixing (UNSAF) across network address translation," Internet Draft,
Internet Engineering Task Force, Approved Sep 2002.
draft-iab-unsaf-considerations-02.txt
11 Author's Addresses
Christian Huitema Christian Huitema
Microsoft Corporation Microsoft Corporation
One Microsoft Way One Microsoft Way
Redmond, WA 98052-6399 Redmond, WA 98052-6399
Email: huitema@microsoft.com Email: huitema@microsoft.com
Table of Contents:
1 Introduction .................................................... 1
2 Description of the solution ..................................... 2
2.1 The RTCP attribute ............................................ 2
2.2 Oddity tolerant RTP ........................................... 3
3 Discussion of the solution ...................................... 3
3.1 How do we discover port numbers? .............................. 3
3.2 Do we need to support multiple ports? ......................... 4
3.3 Why not expand the media definition? .......................... 4
3.4 Is a tolerant RTP legitimate? ................................. 5
4 UNSAF considerations ............................................ 5
5 Security Considerations ......................................... 5
6 IANA Considerations ............................................. 6
7 Copyright ....................................................... 6
8 Intellectual Property ........................................... 7
9 Acknowledgements ................................................ 7
10 References ..................................................... 7
11 Author's Addresses ............................................. 8
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/