View
218
Download
0
Tags:
Embed Size (px)
Citation preview
SIP ChallengesSIP Challenges
Henning SchulzrinneColumbia University
SIP Summit, Austin, TXSept. 2001
OverviewOverview
SIP CW watch SIP performance SIP security challenges SIP deployment challenges
Dog food SIP standardization
SIP CW watchSIP CW watch IM & presence as new application Voice-over-DSL Voice-over-cable Internet PBX
Primarily large businesses Proprietary systems still dominate
3G WAPv2 is not the differentiator
SIP CW watchSIP CW watch PC-to-PC
Free calls disappearing Carrier backbones ? Tie lines
H.323 most common – simple, so anything works
Multimedia conferencing H.323 dominates Windows XP?
SIP (& VoIP) road blocksSIP (& VoIP) road blocks
Value Per-seat costs similar to PBX Incremental costs larger as long as
capacity Green field, capacity upgrades (but $
for UE!) QoS (perception) problems in WAN
Getting SIP servicesGetting SIP services Services constrained by least
common (PSTN) denominator No point waiting for killer application,
but enabling vertical applications Develop phones that allow services Revisit old CTI idea, but with easier
control? Deploy SIP services alongside PSTN:
IM for conferences (“Alice speaking”) Presence for call management
SIP performanceSIP performance For small systems (< 1000 lines?),
SIP performance is not likely to be an issue
But matters for carriers and large PBX: 20,000 users generate 5.5
registrations/second During busy hour, 60,000 calls 16/s BSC may host 1 million customers
SIP performance metricsSIP performance metrics Much harder than PSTN switch busy
hour call attempt (BHCA): Server may run on different hardware
and OS Backend database matters Variation in services – simple forwarding
to complex sip-cgi or CPL script Logging, network management Registrar and proxy on same host?
SIPstone = first attempt at measuring proxy, redirect and registrar performance
A@B@C@
SUT
• Useful for comparison & dimensioning
Typical load behavior hard to estimate capacity precisely, but want useful capacity
0
0.5
1
1.5
2
2.5
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9
resp
onse
tim
e
load/capacity
SIPstone composite metricSIPstone composite metric
UDP TCP
Registration with authentication
0.2 0.05
Outbound proxy 0.1 0.05
Redirect server 0.1 0.05
Proxy 480 (no answer) 0.1 0.05
Proxy 200 (OK) 0.2 0.10
SIPstoneSIPstone Many different operating
environments and traffic mixes: Enterprise LAN 3G proxies (I/P/S-CSCF) Carrier entry point (aol.com)
Thus, report both composite and individual metrics
Simplify: no retransmissions 1xx delay limited to 2s
SIPstone futureSIPstone future
Find set of representative metrics – no value in having lots of metrics that have strong correlation
Additional weightings for specific uses?
Service scripts (servlets, cgi, CPL)? See http://www.sipstone.org
Security challengesSecurity challenges Denial-of-Service (DOS) attacks
Most common security challenge can bring whole server down, not just annoy one user
Prevent state establishment if IP address is bogus
Use of NULL authentication to challenge Authentication
Email experience (S/MIME, PGP) What does authenticating [email protected] mean?
“same person that called me yesterday” A caller known to call from sip:columbia.edu
Security challengesSecurity challenges Transport protection
IPsec is interoperability-challenged, hard to configure
TLS with server certificates easy to deploy
TLS client certificates less useful SIP request integrity
Digest (and Basic) authentication don’t protect headers against modification add digest across selected headers, using same shared secret
SIP deployment challengesSIP deployment challenges NATs and firewalls stream-oriented
setup, “tell me my external address” Large-scale configuration
Web-browser-based config doesn’t scale Tftp
User management should derive from existing sources (LDAP, corporate DB)
SIP deployment challenge: SIP deployment challenge: 911911
SIP 911SIP 911 Easier add & moves harder to
know where phone is Ideally, Ethernet jack identifies itself
“hi, I’m jack in office 815 CEPSR” Short term, force user to enter
location when plugging in phone IETF geopriv working group is
addressing general location services & privacy issues
A call for helpA call for help
With help from dynamicsoft, Yale, Nortel, Clarent, we set up emergency phone bank at Columbia after WTC
Better: have network of gateways in place in case of natural disaster
Will coordinate through SIP Forum
SIP standardizationSIP standardization
Roughly, in order of maturity DHCP outbound proxy Resource reservation SIP REFER for call transfer SIMPLE: message sessions? RFC2543bis: rewrite for clarity in
progress 3G: loose service routing SDPng
SIP longer-term issuesSIP longer-term issues
What is conference control? H.323 model is one approach Can leverage SIP events for state
changes REFER for muting bridge participant?
ConclusionsConclusions
Some SIP applications slower than expected, but IM as dark horse
Motivation: avoid PSTNv3 Technology: need simpler QOS Standardization: finish services Deployment: make it scale