Concepts and Terminology for Peer
to Peer SIP
By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”
The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html.
This Internet-Draft will expire on December 3, 2007.
Copyright © The IETF Trust (2007).
This document defines concepts and terminology for use of the Session Initiation Protocol in a peer-to-peer environment where the traditional proxy-registrar and message routing functions are replaced by a distributed mechanism that might be implemented using a distributed hash table or other distributed data mechanism with similar external properties. This document includes a high-level view of the functional relationships between the network elements defined herein, a conceptual model of operations, and an outline of the related open problems being addressed by the P2PSIP working group. As this document matures, it is expected to define the general framework for P2PSIP.
2. High Level Description
2.4. Relationship of Peer and Client Protocols
2.5. Relationship Between P2PSIP and SIP
2.6. Relationship Between P2PSIP and Other AoR Dereferencing Approaches
2.7. NAT Issues
3. Reference Model
5.1. The Distributed Database Function
5.2. Using the Distributed Database Function
5.3. NAT Traversal
5.4. Locating and Joining an Overlay
5.5. Possible Client Behavior
5.6. Interacting with non-P2PSIP entities
6. Additional Questions
6.1. Selecting between Multiple Peers offering the Same Service
6.2. Visibility of Messages to Intermediate Peers
6.3. Using C/S SIP and P2PSIP Simultaneously in a Single UA
6.4. Clients, Peers, and Services
6.5. Relationships of Domains to Overlays
6.6. Protocol Layering
7. Security Considerations
8. IANA Considerations
9. Changes in This Version
11.1. Normative References
11.2. Informative References
§ Authors' Addresses
§ Intellectual Property and Copyright Statements
One of the fundamental problems in multimedia communication between Internet nodes is that of discovering the host at which a given user can be reached. In the Session Initiation Protocol (SIP) [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.) this problem is expressed as the problem of mapping an Address of Record (AoR) for a user into one or more Contact URIs [RFC3986] (Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” January 2005.). The AoR is a name for the user that is independent of the host or hosts where the user can be contacted, while a Contact URI indicates the host where the user can be contacted.
In the common SIP-using architectures that we refer to as "Conventional SIP" or "Client/Server SIP", there is a relatively fixed hierarchy of SIP routing proxies and SIP user agents. To deliver a SIP INVITE to the host or hosts at which the user can be contacted, a SIP UA follows the procedures specified in [RFC3263] (Rosenberg, J. and H. Schulzrinne, “Session Initiation Protocol (SIP): Locating SIP Servers,” June 2002.) to determine the IP address of a SIP proxy, and then sends the INVITE to that proxy. The proxy will then, in turn, deliver the SIP INVITE to the hosts where the user can be contacted.
This document gives a high-level description of an alternative solution to this problem. In this alternative solution, the relatively fixed hierarchy of Client/Server SIP is replaced by a peer-to-peer overlay network. In this peer-to-peer overlay network, the various AoR to Contact URI mappings are not centralized at proxy/registrar nodes but are instead distributed amongst the peers in the overlay.
The details of this alternative solution are currently being worked out in the P2PSIP working group. This document describes the basic concepts of such a peer-to-peer overlay, and lists the open questions that still need to be resolved. As the work proceeds, it is expected that this document will develop into a high-level architecture document for the solution.
A P2PSIP Overlay is a collection of nodes organized in a peer-to-peer fashion for the purpose of enabling real-time communication using the Session Initiation Protocol (SIP). Collectively, the nodes in the overlay provide a distributed mechanism for mapping names to network locations. This provides for the mapping of Addresses of Record (AoRs) to Contact URIs, thereby providing the "location server" function of [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.). A P2PSIP Overlay also provides a transport function by which SIP messages can be transported between any two nodes in the overlay.
A P2PSIP Overlay consists of one or more nodes called P2PSIP Peers. The peers in the overlay collectively run a distributed database algorithm. This distributed database algorithm allows data to be stored on peers and retrieved in an efficient manner. It may also ensure that a copy of a data item is stored on more than one peer, so that the loss of a peer does not result in the loss of the data item to the overlay.
One use of this distributed database is to store the information required to provide the mapping between AoRs and Contact URIs for the distributed location function. This provides a location function within each overlay that is an alternative to the location functions described in [RFC3263] (Rosenberg, J. and H. Schulzrinne, “Session Initiation Protocol (SIP): Locating SIP Servers,” June 2002.). However, the model of [RFC3263] (Rosenberg, J. and H. Schulzrinne, “Session Initiation Protocol (SIP): Locating SIP Servers,” June 2002.) is used between overlays.
The nature of peer-to-peer computing is that each peer offers services to other peers to allow the overlay to collectively provide larger functions. In P2PSIP, peers offer storage and transport services to allow the distributed database function and distributed transport function to be implemented. It is expected that individual peers may also offer other services. Some of these additional services (for example, a STUN server service [I‑D.ietf‑behave‑rfc3489bis] (Rosenberg, J., “Session Traversal Utilities for (NAT) (STUN),” March 2007.)) may be required to allow the overlay to form and operate, while others (for example, a voicemail service) may be enhancements to the basic P2PSIP functionality.
To allow peers to offer these additional services, the distributed database may need to store information about services. For example, it may need to store information about which peers offer which services, and perhaps what sort of capacity each peer has for delivering each listed service.
An overlay may or may not also include one or more nodes called P2PSIP Clients. The role of a client in the P2PSIP model is still under discussion, with a number of suggestions for roles being put forth, and some arguing that clients are not needed at all. However, if they exist, then people agree that they will also be able to store and retrieve information from the overlay. Section 5.5 (Possible Client Behavior) discusses the possible roles of a client in more detail.
Peers in an overlay need to speak some protocol between themselves to maintain the overlay and to store and retrieve data. Until a better name is found, this protocol has been dubbed the P2PSIP Peer Protocol. The details of this protocol are still very much under debate: some have suggested that the protocol should be SIP with some extensions, while others have suggested that it should be an entirely new protocol.
If the P2PSIP model also contains clients, then a protocol is needed for client - peer communication. Until a better name is found, this protocol has been dubbed the P2PSIP Client Protocol. The details of this protocol are also very much under debate. However, if the client protocol exists, then it is agreed that it should be a logical subset of the peer protocol. In other words, the syntax of the peer and client protocols may be completely different, but any operation supported by client protocol is also supported by the peer protocol. This implies that clients cannot do anything that peers cannot also do.
Since P2PSIP is about peer-to-peer networks for real-time communication, it is expected that most (if not all) peers and clients will be coupled with SIP entities. For example, one peer might be coupled with a SIP UA, another might be coupled with a SIP proxy, while a third might be coupled with a SIP-to-PSTN gateway. For such nodes, we think of the peer or client portion of the node as being distinct from the SIP entity portion. However, there is no hard requirement that every P2PSIP node (peer or client) be coupled to a SIP entity, and some proposed architectures include peer nodes that have no SIP function whatsoever.
As noted above, the fundamental task of P2PSIP is turning an AoR into a Contact. This task might be approached using zeroconf techniques such as multicast DNS and DNS Service Discovery (as in Apple's Bonjour protocol), link-local multicast name resolution [RFC4795] (Aboba, B., Thaler, D., and L. Esibov, “Link-local Multicast Name Resolution (LLMNR),” January 2007.), and dynamic DNS [RFC2136] (Vixie, P., Thomson, S., Rekhter, Y., and J. Bound, “Dynamic Updates in the Domain Name System (DNS UPDATE),” April 1997.).
These alternatives were discussed in the P2PSIP Working Group, and not pursued as a general solution for a number of reasons related to scalability, the ability to work in a disconnected state, partition recovery, and so on. However, there does seem to be some continuing interest in the possibility of using DNS-SD and mDNS for bootstrapping of P2PSIP overlays.
Network Address Translators (NATs) are impediments to establishing and maintaining peer-to-peer networks, since NATs hinder direct communication between peers. Some peer-to-peer network architectures avoid this problem by insisting that all peers exist in the same address space. However, in the P2PSIP model, it has been agreed that peers can live in multiple address spaces interconnected by NATs. This implies that Peer Protocol connections must be able to traverse NATs. It also means that the peers must collectively provide a distributed transport function that allows a peer to send a SIP message to any other peer in the overlay - without this function two peers in different IP address spaces might not be able to exchange SIP messages.
The following diagram shows a P2PSIP Overlay consisting of a number of P2PSIP Peers and one P2PSIP Client. It also shows an ordinary SIP UA.
--->PSTN +------+ N +------+ +---------+ / | | A | | | Gateway |-/ | UA |####T#####| UA |#####| Peer |######## | Peer | N | Peer | | G | # P2PSIP | E | A | F | +---------+ # Client | | T | | # Protocol +------+ N +------+ # | # A # | NATNATNATNAT # | # # | \__/ NATNATNATNAT +-------+ v / \ # N | |=====/ UA \ +------+ A P2PSIP Overlay | Peer | /Client\ | | T | Q | |___C__| | UA | N | | | Peer | A +-------+ | D | T # | | N # +------+ A # P2PSIP # T # Peer # N +-------+ +-------+ # Protocol # A | | | | # #########T####| Proxy |########| Redir |####### N | Peer | | Peer | A | P | | R | T +-------+ +-------+ | / | SIP / \__/ / / /\ / ______________/ SIP / \/ / / UA \/ /______\ SIP UA A
Figure: P2PSIP Overlay Reference Model
Here, the large perimeter depicted by "#" represents a stylized view of the P2PSIP Overlay (the actual connections could be a mesh, a ring, or some other structure). Around the periphery of the P2PSIP Overlay rectangle, we have a number of P2PSIP Peers. Each peer is labeled with its coupled SIP entity -- for example, "Proxy Peer P" means that peer P which is coupled with a SIP proxy. In some cases, a peer or client might be coupled with two or more SIP entities. In this diagram we have a PSTN gateway coupled with peer "G", three peers ("D", "E" and "F") which are each coupled with a UA, a peer "P" which is coupled with a SIP proxy, an ordinary peer "Q", and one peer "R" which is coupled with a SIP Redirector. Note that because these are all P2PSIP Peers, each is responsible for storing P2PSIP Resource Records and transporting messages around the P2PSIP Overlay.
To the left, two of the peers ("D" and "E") are behind network address translators (NATs). These peers are included in the P2PSIP overlay and thus participate in storing resource records and routing messages, despite being behind the NATs.
Below the P2PSIP Overlay, we have a conventional SIP UA "A" which is not part of the P2PSIP Overlay, either directly as a peer or indirectly as a client. It speaks neither the P2PSIP Peer nor P2PSIP Client protocols. Instead, it uses SIP to interact with the P2PSIP Overlay.
On the right side, we have a P2PSIP client "C", which uses the P2PSIP Client Protocol depicted by "=" to communicate with Proxy Peer "Q". The P2PSIP client ̉CÓ could communicate with a different peer, for example peer "F", if it establishes a connection to "F" instead of or in addition to "Q". The exact role that this client plays in the network is still under discussion (see Section 5.5 (Possible Client Behavior)).
Both the SIP proxy coupled with peer "P" and the SIP redirector coupled with peer "R" can serve as adapters between ordinary SIP devices and the P2PSIP Overlay. Each accepts standard SIP requests and resolves the next-hop by using the P2PSIP overlay Peer Protocol to interact with the routing knowledge of the P2PSIP Overlay, then processes the SIP requests as appropriate (proxying or redirecting towards the next-hop). Note that proxy operation is bidirectional - the proxy may be forwarding a request from an ordinary SIP device to the P2PSIP overlay, or from the P2PSIP overlay to an ordinary SIP device.
The PSTN Gateway at peer "G" provides a similar sort of adaptation to and from the public switched telephone network (PSTN).
This section defines a number of concepts that are key to understanding the P2PSIP work.
- Overlay Network:
- An overlay network is a computer network which is built on top of another network. Nodes in the overlay can be thought of as being connected by virtual or logical links, each of which corresponds to a path, perhaps through many physical links, in the underlying network. For example, many peer-to-peer networks are overlay networks because they run on top of the Internet. Dial-up Internet is an overlay upon the telephone network. http://en.wikipedia.org/wiki/P2P_overlay
- P2P Network:
- A peer-to-peer (or P2P) computer network is a network that relies primarily on the computing power and bandwidth of the participants in the network rather than concentrating it in a relatively low number of servers. P2P networks are typically used for connecting nodes via largely ad hoc connections. Such networks are useful for many purposes. Sharing content files (see http://en.wikipedia.org/wiki/File_sharing) containing audio, video, data or anything in digital format is very common, and realtime data, such as telephony traffic, is also exchanged using P2P technology. http://en.wikipedia.org/wiki/Peer-to-peer. A P2P Network may also be called a "P2P Overlay" or "P2P Overlay Network" or "P2P Network Overlay", since its organization is not at the physical layer, but is instead "on top of" an existing Internet Protocol network.
- A suite of communications protocols related to the Session Initiation Protocol (SIP) [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.) that enable SIP to use peer-to-peer techniques for resolving the targets of SIP requests, providing SIP message transport, and providing other SIP-related functions. The exact contents of this protocol suite are still under discussion, but is likely to include the P2PSIP Peer Protocol and may include a P2PSIP Client Protocol (see definitions below).
- P2PSIP Overlay:
- A P2PSIP Overlay is an association, collection, or federation of nodes that provides SIP registration, SIP message transport, and similar functions using a P2P organization, as defined by "P2P Network" above.
- P2PSIP Overlay Name:
- A human-friendly name that identifies a specific P2PSIP Overlay. This is in the format of (a portion of) a URI, but may or may not have a related record in the DNS.
- P2PSIP Peer:
- A node participating in a P2PSIP Overlay that provides storage and transport services to other nodes in that P2PSIP Overlay. Each P2PSIP Peer has a unique identifier, known as a Peer-ID, within the P2PSIP Overlay. Each P2PSIP Peer may be coupled to one or more SIP entities. Within the P2PSIP Overlay, the peer is capable of performing several different operations, including: joining and leaving the overlay, transporting SIP messages within the overlay, storing information on behalf of the overlay, putting information into the overlay, and getting information from the overlay.
- P2PSIP Peer-ID:
- Information that uniquely identifies each P2PSIP Peer within a given P2PSIP Overlay. This value is not human-friendly -- in a DHT approach, this is a numeric value in the hash space. These Peer-IDs are completely independent of the identifier of any user of a user agent associated with a peer. (Note: This is often called a "Node-ID" in the P2P literature).
- P2PSIP Client:
- A node participating in a P2PSIP Overlay that is less capable than a P2PSIP Peer in some way. The role of a P2PSIP Client is still under debate, with a number of competing proposals, and some have suggested removing the concept entirely (see the discussion on this later in the document). If clients exist, then it has been agreed that they do have the ability to add, modify, inspect, and delete information in the overlay. Note that the term client does not imply that this node is a SIP UAC. Some have suggested that the word 'client' be changed to something else to avoid both this confusion and the implication of a client-server relationship.
- A human that interacts with the overlay through SIP UAs located on peers and clients (and perhaps other ways).
- P2PSIP User Name:
- A human-friendly name for a user. This name must be unique within the overlay, but may be unique in a wider scope. User Names are formatted so that they can be used within a URI (likely a SIP URI), perhaps in combination with the Overlay Name.
- P2PSIP Service:
- A capability contributed by a peer to an overlay or to the members of an overlay. It is expected that not all peers and clients will offer the same set of services, so a means of finding peers (and perhaps clients) that offer a particular service is required. Services might include routing of requests, storing of routing data, storing of other data, STUN discovery, STUN relay, and many other things. This model posits a requirement for a service locator function, possibly including supporting information such as the capacity of a peer to provide a specific service or descriptions of the policies under which a peer will provide that service. We currently expect that we will need to be able to search for available service providers within each overlay. We think we might need to be able to make searches based on network locality or path minimalization.
- P2PSIP Service Name:
- A unique, human-friendly, name for a service.
- P2PSIP Resource:
- Anything about which information can be stored in the overlay. Both Users and Services are examples of Resources.
- P2PSIP Resource-ID:
- A non-human-friendly value that uniquely identifies a resource and which is used as a key for storing and retrieving data about the resource. One way to generate a Resource-ID is by applying a mapping function to some other unique name (e.g., User Name or Service Name) for the resource. The Resource-ID is used by the distributed database algorithm to determine the peer or peers that are responsible for storing the data for the overlay.
- P2PSIP Resource Record:
- A block of data, stored using distributed database mechanism of the P2PSIP Overlay, that includes information relevant to a specific resource. We presume that there may be multiple types of resource records. Some may hold data about Users, and others may hold data about Services, and the working group may define other types. The types, usages, and formats of the records are a question for future study.
- P2PSIP Peer Protocol:
- The protocol spoken between P2PSIP Overlay peers to share information and organize the P2PSIP Overlay Network.
- P2PSIP Client Protocol:
- The protocol spoken between P2PSIP Clients and P2PSIP Peers. It is used to store and retrieve information from the P2P Overlay. The nature of this protocol, and even its existence, is under discussion. However, if it exists, it has been agreed that the Client Protocol is a functional subset of the P2P Peer Protocol, but may differ in syntax and protocol implementation (i.e., may not be syntactically related).
- P2PSIP Peer Protocol Connection / P2PSIP Client Protocol Connection:
- The TCP, UDP or other transport layer protocol connection over which the P2PSIP Peer Protocol (or respectively the Client protocol) is transported.
- P2PSIP Neighbors:
- The set of P2PSIP Peers that either a P2PSIP Peer or P2PSIP Client know of directly and can reach without further lookups.
- P2PSIP Joining Peer:
- A node that is attempting to become a P2PSIP Peer in a particular P2PSIP Overlay.
- P2PSIP Bootstrap Peer:
- A P2PSIP Peer in the P2PSIP Overlay that is the first point of contact for a P2PSIP Joining Peer. It selects the peer that will serve as the P2PSIP Admitting Peer and helps the joining peer contact the admitting peer.
- P2PSIP Admitting Peer:
- A P2PSIP Peer in the P2PSIP Overlay which helps the P2PSIP Joining Peer join the Overlay. The choice of the admitting peer may depend on the joining peer (e.g., depend the joining peer's P2PSIP Peer-ID). For example, the admitting peer might be chosen as the peer which is "closest" in the logical structure of the overlay to the future position of the joining peer. The selection of the admitting peer is typically done by the bootstrap peer. It is allowable for the bootstrap peer to select itself as the admitting peer.
- P2PSIP Bootstrap Server:
- A network node used by P2PSIP Joining Peers to locate a P2PSIP Bootstrap Peer. Typically, a P2PSIP Bootstrap Server acts as a proxy for messages between the P2PSIP Joining Peer and the P2PSIP Bootstrap Peer. The P2PSIP Bootstrap Server itself is typically a stable host with a DNS name that is somehow communicated (for example, through configuration) to peers that want to join the overlay. A P2PSIP Bootstrap Server is NOT required to be a peer or client, though it may be if desired.
- P2PSIP Peer Admission:
- The act of admitting a node (the "P2PSIP Joining Peer") into a P2PSIP Overlay as a P2PSIP Peer. After the admission process is over, the joining peer is a fully-functional peer of the overlay. During the admission process, the joining peer may need to present credentials to prove that it has sufficient authority to join the overlay.
- P2PSIP Resource Record Insertion:
- The act of inserting a P2PSIP Resource Record into the distributed database. Following insertion, the data will be stored at one or more peers. The data can be retrieved or updated using the P2PSIP Resource-ID as a key.
A P2PSIP Overlay functions as a distributed database. The database serves as a way to store information about things called Resources. A piece of information, called a Resource Record, can be stored by and retrieved from the database using a key associated with the Resource Record called its Resource-ID. Each Resource must have a unique Resource-ID. In addition to uniquely identifying the Resource, the Resource-ID is also used by the distributed database algorithm to determine the peer or peers that store the Resource Record in the overlay.
It is expected that the P2PSIP working group will standardize the way(s) certain types of resources are represented in the distributed database.
One type of resource representation that the working group is expected to standardize is information about users. Users are humans that can use the overlay to do things like making and receiving calls. Information stored in the resource record associated with a user might include things like the full name of the user and the location of the UAs that the user is using.
Before information about a user can be stored in the overlay, a user needs a User Name. The User Name is a human-friendly identifier that uniquely identifies the user within the overlay. The User Name is not a Resource-ID, rather the Resource-ID is derived from the User Name using some mapping function (often a cryptographic hash function) defined by the distributed database algorithm used by the overlay.
The overlay may also require that the user have a set of credentials. Credentials may be required to authenticate the user and/or to show that the user is authorized to use the overlay.
Another type of resource representation that the working group is expected to standardize is information about services. Services represent actions that a peer (and perhaps a client) can do to benefit other peers and clients in the overlay. Information that might be stored in the resource record associated with a service might include the peers (and perhaps clients) offering the service.
Each service has a human-friendly Service Name that uniquely identifies the service. Like User Names, the Service Name is not a resource-id, rather the resource-id is derived from the service name using some function defined by the distributed database algorithm used by the overlay.
It is expected that the working group will standardize at least one service. For each standardized service, the working group will likely specify the service name, the nature and format of the information stored in the resource record associated with the service, and the protocol used to access the service.
The overlay may require that the peer (or client) have a set of credentials for a service. For example, credentials might be required to show that the peer (or client) is authorized to offer the service, or to show that the peer (or client) is a providing a trustworthy implementation of the service.
It is expected that the P2PSIP WG will not standardize how a User Name is obtained, nor how the credentials associated with a User Name or a Service Name are obtained, but merely standardize at least one acceptable format for each. To ensure interoperability, it is expected that at least one of these formats will be specified as "mandatory-to-implement".
A class of algorithms known as Distributed Hash Tables http://en.wikipedia.org/wiki/P2P_overlay are one way to implement the Distributed Database. In particular, both the Chord and Bamboo algorithms have been suggested as good choices for the distributed database algorithm. However, no decision has been taken so far.
There are a number of ways the distributed database described in the previous section might be used to establish multimedia sessions using SIP. In this section, we give four possibilities as examples. It seems likely that the working group will standardize at least one way (not necessarily one of the four listed here), but no decisions have been taken yet.
The first option is to store the contact information for a user in the resource record for the user. A peer Y that is a contact point for this user adds contact information to this resource record. The resource record itself is stored with peer Z in the network, where peer Z is chosen by the distributed database algorithm.
When the SIP entity coupled with peer X has an INVITE message addressed to this user, it retrieves the resource record from peer Z. It then extracts the contact information for the various peers that are a contact point for the user, including peer Y, and forwards the INVITE onward.
This exchange is illustrated in the following figure. The notation "Put(U@Y)" is used to show the distributed database operation of updating the resource record for user U with the contract Y, and "Get(U)" illustrates the distributed database operation of retrieving the resource record for user U. Note that the messages between the peers X, Y and Z may actually travel via intermediate peers (not shown) as part of the distributed lookup process or so as to traverse intervening NATs.
Peer X Peer Z Peer Y | | | | | Put(U@Y) | | |<---------------| | | Put-Resp(OK) | | |--------------->| | | | | Get(U) | | |---------------->| | | Get-Resp(U@Y)| | |<----------------| | | INVITE(To:U) | | |--------------------------------->| | | |
The second option also involves storing the contact information for a user in the resource record of the user. However, SIP entity at peer X, rather than retrieving the resource record from peer Z, instead forwards the INVITE message to the proxy at peer Z. The proxy at peer Z then uses the information in the resource record and forwards the INVITE onwards to the SIP entity at peer Y and the other contacts.
Peer X Peer Z Peer Y | | | | | Put(U@Y) | | |<---------------| | | Put-Resp(OK) | | |--------------->| | | | | INVITE(To:U) | | |-----------------| INVITE(To:U) | | |--------------->| | | |
The third option is for a single peer W to place its contact information into the resource record for the user (stored with peer Z). A peer Y that is a contact point for the user retrieves the resource record from peer Z, extracts the contact information for peer W, and then uses the standard SIP registration mechanism [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.) to register with peer W. When the SIP entity at peer X has to forward an INVITE request, it retrieves the resource record and extracts the contact information for W. It then forwards the INVITE to the proxy at peer W, which proxies it onward to peer Y and the other contacts.
Peer X Peer Z Peer Y Peer W | | | | | | Put(U@W) | | | |<---------------------------------| | | Put-Resp(OK) | | | |--------------------------------->| | | | | | | | | | | | REGISTER(To:U) | | | |---------------->| | | | 200 | | | |<----------------| | | | | | | | | | Get(U) | | | |---------------->| | | | Get-Resp(U@W)| | | |<----------------| | | | INVITE(To:U) | | | |--------------------------------------------------->| | | | INVITE(To:U) | | | |<----------------| | | | |
The fourth option works as in option 3, with the exception that, rather than X retrieving the resource record from Z, peer X forwards the INVITE to a SIP proxy at Z, which proxies it onward to W and hence to Y.
Peer X Peer Z Peer Y Peer W | | | | | | Put(U@W) | | | |<---------------------------------| | | Put-Resp(OK) | | | |--------------------------------->| | | | | | | | | | | | REGISTER(To:U) | | | |---------------->| | | | 200 | | | |<----------------| | | | | | | | | | INVITE(To:U) | | | |---------------->| INVITE(To:U) | | | |--------------------------------->| | | | INVITE(To:U) | | | |<----------------| | | | |
The pros and cons of option 1 and 3 are briefly discussed in [Using‑an‑External‑DHT] (Singh, K. and H. Schulzrinne, “Using an External DHT as a SIP Location Service,” .).
Two approaches to NAT Traversal for P2PSIP Peer Protocol have been suggested. The working group has not made any decision yet on the approach that will be selected.
The first, the traditional approach adopted by most peer-to-peer networks today, divides up the peers in the network into two groups: those with public IP addresses and those without. The networks then select a subset of the former group and elevate them to "super peer" status, leaving the remaining peers as "ordinary peers". Since super peers all have public IP addresses, there are no NAT problems when communicating between them. The network then associates each ordinary peer with (usually just one) super peer in a client-server relationship. Once this is done, an ordinary peer X can communicate with another ordinary peer Y by sending the message to X's super peer, which forwards it to Y's super peer, which forwards it to Y. The connection between an ordinary peer and its super peer is initiated by the ordinary peer, which makes it easy to traverse any intervening NATs. In this approach, the number of hops between two peers is at most 3.
The second approach treats all peers as equal and establishes a partial mesh of connections between them. Messages from one peer to another are then routed along the edges in the mesh of connections until they reach their destination. To make the routing efficient and to avoid the use of standard Internet routing protocols, the partial mesh is organized in a structured manner. If the structure is based on any one of a number of common DHT algorithms, then the maximum number of hops between any two peers is log N, where N is the number of peers in the overlay.
The first approach is significantly more efficient than the second in overlays with large numbers of peers. However, the first approach assumes there are a sufficient number of peers with public IP addresses to serve as super peers. In some usage scenarios envisioned for P2PSIP, this assumption does not hold. For example, this approach fails completely in the case where every peer is behind a distinct NAT.
The second approach, while less efficient in overlays with larger numbers of peers, is efficient in smaller overlays and can be made to work in many use cases where the first approach fails.
Both of these approaches assume a method of setting up Peer Protocol connections between peers. Many such methods exist; the now expired [I‑D.iab‑nat‑traversal‑considerations] (Rosenberg, J., “Considerations for Selection of Techniques for NAT Traversal,” October 2005.) is an attempt to give a fairly comprehensive list along with a discussion of their pros and cons. After a consideration of the various techniques, the P2PSIP working group has decided to select the Unilateral Self-Address Fixing method [RFC3424] (Daigle, L. and IAB, “IAB Considerations for UNilateral Self-Address Fixing (UNSAF) Across Network Address Translation,” November 2002.) of NAT Traversal, and in particular the ICE [I‑D.ietf‑mmusic‑ice] (Rosenberg, J., “Interactive Connectivity Establishment (ICE): A Protocol for Network Address Translator (NAT) Traversal for Offer/Answer Protocols,” June 2007.) implementation of this approach.
The above discussion covers NAT traversal for Peer Protocol connections. For Client Protocol connections, the approach depends on the role adopted for clients and we defer the discussion on that point until the role becomes clearer.
In addition to Peer Protocol and Client Protocol messages, a P2PSIP Overlay must also provide a solution to the NAT Traversal problem for SIP messages. If it does not, there is no reliable way for a peer behind one NAT to send a SIP INVITE to a peer behind another NAT. One way to solve this problem is to transport SIP messages along Peer and Client Protocol connections: this could be done either by encapsulating the SIP messages inside Peer and Client Protocol messages or by multiplexing SIP with the Peer (resp.Client) Protocol on a Peer (resp. Client) Protocol connection.
Finally, it should be noted that the NAT traversal problem for media connections signaled using SIP is outside the scope of the P2PSIP working group. As discussed in [I‑D.ietf‑sipping‑nat‑scenarios] (Boulton, C., “Best Current Practices for NAT Traversal for SIP,” March 2007.), the current recommendation is to use ICE.
Before a peer can attempt to join a P2PSIP overlay, it must first obtain a Peer-ID and optionally a set of credentials. The Peer-ID is an identifier that will uniquely identify the peer within the overlay, while the credentials show that the peer is allowed to join the overlay.
The P2PSIP WG will not standardize how the peer-ID and the credentials are obtained, but merely standardize at least one acceptable format for each. To ensure interoperability, it is expected that at least one of these formats will be specified as "mandatory-to-implement".
Once a peer (the "joining peer") has a peer-ID and optionally a set of credentials, it can attempt to join the overlay. To do this, it needs to locate a bootstrap peer for the Overlay.
A bootstrap peer is a peer that serves as the first point of contact for the joining peer. The joining peer uses a bootstrap mechanism to locate a bootstrap peer. Locating a bootstrap peer might be done in any one of a number of different ways:
The joining peer might reasonably try each of the methods (and perhaps others) in some order or in parallel until it succeeds in finding a bootstrap peer.
The job of the bootstrap peer is simple: refer the joining peer to a peer (called the "admitting peer") that will help the joining peer join the network. The choice of admitting peer will often depend on the joining node - for example, the admitting peer may be a peer that will become a neighbor of the joining peer in the overlay. It is possible that the bootstrap peer might also serve as the admitting peer.
The admitting peer will help the joining peer learn about other peers in the overlay and establish connections to them as appropriate. The admitting peer and/or the other peers in the overlay will also do whatever else is required to help the joining peer become a fully-functional peer. The details of how this is done will depend on the distributed database algorithm used in the overlay.
At various stages in this process, the joining peer may be asked to present its credentials to show that it is authorized to join the overlay. Similarly, the various peers contacted may be asked to present their credentials so the joining peer can verify that it is really joining the overlay it wants to.
As mentioned above, a number of people have proposed a second type of P2PSIP entity, known as a "P2PSIP client". The question of whether the concept of a "client" is needed and, if it is needed, its exact nature, is still very much under debate. This section presents some of the alternatives that have been suggested for the possible role of a client.
In one approach, a client interacts with the P2PSIP overlay through an associated peer (or perhaps several such peers) using the Client Protocol. The client does not run the distributed database algorithm, does not store resource records, and is not involved in routing messages to other peers or clients. Through interactions with its associated peer, a client can insert, modify, examine, and remove resource records. A client can also send SIP messages to its associated peer for routing through the overlay. In this approach, a client is a node that wants to take advantage of the overlay, but is unable or unwilling to contribute resources back to the overlay.
One way to realize this alternative is for a peer to behave as a [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.) proxy/registrar. Clients then use standard SIP mechanisms to add, update, and remove registrations and to send SIP messages to peers and other clients. If this is done, there is no need for a separate Client Protocol and no need for P2PSIP to define a distinct "P2PSIP Client" concept.
In a second alternative, a client behaves in a way similar to the way described in first alternative, except that it does store resource records. In essence, the client contributes its storage capacity to its associated peer. A peer which needs to store a resource record may elect to store this on one or more of its associated clients instead, thus boosting its effective storage capacity.
In a third alternative, a client acts almost the same as a peer, except that it does not store any resource records. In this alternative, a client has a "peer-ID" and joins the overlay in the same way as a peer, perhaps establishing the same network of connections that a peer would. Clients participate in the distributed database algorithm, and can help in transporting messages to other peers and clients. However, the distributed database algorithm does not assign resource records to clients. The role of a client in this model has been described as "a peer with bad memory".
Another way to look at this distinction is that a client is simply a peer that is not currently offering some or all services to the overlay, possibly due to a run-time decision about available resources such as bandwidth or storage capacity. With this approach, the distinction between client and peer becomes much less distinct, and probably eliminates the requirement to have two distinct terms for the roles. Rather, we might speak in terms such as "high-function" vs "low-function" peers. This approach would also seem to eliminate the requirement for a distinct P2PSIP Client Protocol.
It has also been proposed that the client role could be fulfilled by conventional SIP UAs served by a peer that is also acting as a proxy/registrar. While this might fulfill the requirement, the authors contend that such as device is a "SIP UA", not a "P2PSIP Client" as defined in this document, and that exclusively using SIP UAs in this role eliminates the need for P2PSIP Clients and P2PSIP Client Protocol from the architecture.
It is possible for network nodes that are not peers or clients to interact with a P2PSIP overlay. Such nodes would do this through mechanisms not defined by the P2PSIP working group provided they can find a peer or client that supports that mechanism and which will do any related P2PSIP operations necessary. In this section, we briefly describe two ways this might be done. (Note that these are just examples and the descriptions here are not recommendations).
One example is a peer that also acts as a standard SIP proxy and registrar. SIP UAs can interact with it using mechanisms defined in [RFC3261] (Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” June 2002.). The peer inserts registrations for users learned from these UAs into the distributed database, and retrieves contact information when proxying INVITE messages.
Another example is a peer that has a fully-qualified domain name (FQDN) that matches the name of the overlay and acts as a SIP proxy for calls coming into the overlay. A SIP INVITE addressed to "user@overlay-name" arrives at the peer (using the mechanisms in [RFC3263] (Rosenberg, J. and H. Schulzrinne, “Session Initiation Protocol (SIP): Locating SIP Servers,” June 2002.)) and this peer then looks up the user in the distributed database and proxies the call onto it.
This section lists some additional questions that the proposed P2PSIP Working Group may need to consider in the process of defining the Peer and Client protocols.
If a P2PSIP network contains two or more peers that offer the same service, then how does a peer or client that wishes to use that service select the peer to use? This question comes up in a number of contexts:
It has been suggested that, at least initially, the working group should restrict itself to defining a mechanism that can return a list of peers offering a service and not define the mechanism for selecting a peer from that list.
When transporting SIP messages through the overlay, are the headers and/or bodies of the SIP messages visible to the peers that the messages happen to pass through? If they are, what types of security risks does this pose in the presence of peers that have been compromised in some way?
If a given UA is capable of operating in both P2PSIP and conventional SIP modalities (especially simultaneously), is it possible for it to use and respond to the same AOR using both conventional and P2PSIP? An example of such a topology might be a UA that registers an AOR (say, "sip:email@example.com") conventionally with a registrar and then inserts a resource record for that resource into a P2PSIP topology, such that both conventional SIP users and P2PSIP users (within the overlay or a federation thereof) would be able to contact the user without necessarily traversing some sort of gateway. Is this something that we want to make work?
It is possible to define the overlay operations as extensions to SIP as proposed in [I‑D.bryan‑p2psip‑dsip] (Bryan, D., “dSIP: A P2P Approach to SIP Registration and Resource Location,” February 2007.) or using a lower level transport protocol (or distinct P2P protocol layer below SIP) as described in [I‑D.matthews‑p2psip‑hip‑hop] (Cooper, E., “A Distributed Transport Function in P2PSIP using HIP for Multi-Hop Overlay Routing,” June 2007.), [I‑D.bryan‑p2psip‑reload] (Bryan, D., “REsource LOcation And Discovery (RELOAD),” June 2007.) and [I‑D.marocco‑p2psip‑xpp‑pcan] (Marocco, E. and E. Ivov, “XPP Extensions for Implementing a Passive P2PSIP Overlay Network based on the CAN Distributed Hash Table,” June 2007.). Which is the better or more appropriate model? It seems that this requires analysis along several axes, presumably described below in descending order of priority.:
Building a P2PSIP system has many security considerations, many of which we have only begun to consider. We anticipate that the protocol documents describing the actual protocols will deal more thoroughly with security topics.
One critical security issue that will need to be addressed is providing for the privacy and integrity of SIP messages being routed by peer nodes, when those peer nodes might well be hostile. This is a departure from Client/Server SIP, where the proxies are generally operated by enterprises or service providers with whom the users of SIP UAs have a trust relationship.
This document presently raises no IANA considerations.
This document draws heavily from the contributions of many participants in the P2PSIP Mailing List but the authors are especially grateful for the support of Spencer Dawkins, Cullen Jennings, and Henning Schulzrinne, all of whom spent time on phone calls about this document or provided text. In addition, Spencer contributed the Reference Model figure.
|[RFC3261]||Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., and E. Schooler, “SIP: Session Initiation Protocol,” RFC 3261, June 2002.|
|[RFC3263]||Rosenberg, J. and H. Schulzrinne, “Session Initiation Protocol (SIP): Locating SIP Servers,” RFC 3263, June 2002.|
|[RFC3986]||Berners-Lee, T., Fielding, R., and L. Masinter, “Uniform Resource Identifier (URI): Generic Syntax,” STD 66, RFC 3986, January 2005 (TXT, HTML, XML).|
|[I-D.bryan-p2psip-dsip]||Bryan, D., “dSIP: A P2P Approach to SIP Registration and Resource Location,” draft-bryan-p2psip-dsip-00 (work in progress), February 2007.|
|[I-D.bryan-p2psip-reload]||Bryan, D., “REsource LOcation And Discovery (RELOAD),” draft-bryan-p2psip-reload-00 (work in progress), June 2007.|
|[I-D.iab-nat-traversal-considerations]||Rosenberg, J., “Considerations for Selection of Techniques for NAT Traversal,” draft-iab-nat-traversal-considerations-00 (work in progress), October 2005.|
|[I-D.ietf-behave-rfc3489bis]||Rosenberg, J., “Session Traversal Utilities for (NAT) (STUN),” draft-ietf-behave-rfc3489bis-06 (work in progress), March 2007.|
|[I-D.ietf-mmusic-ice]||Rosenberg, J., “Interactive Connectivity Establishment (ICE): A Protocol for Network Address Translator (NAT) Traversal for Offer/Answer Protocols,” draft-ietf-mmusic-ice-16 (work in progress), June 2007.|
|[I-D.ietf-sipping-nat-scenarios]||Boulton, C., “Best Current Practices for NAT Traversal for SIP,” draft-ietf-sipping-nat-scenarios-06 (work in progress), March 2007.|
|[I-D.marocco-p2psip-xpp-pcan]||Marocco, E. and E. Ivov, “XPP Extensions for Implementing a Passive P2PSIP Overlay Network based on the CAN Distributed Hash Table,” draft-marocco-p2psip-xpp-pcan-00 (work in progress), June 2007.|
|[I-D.matthews-p2psip-hip-hop]||Cooper, E., “A Distributed Transport Function in P2PSIP using HIP for Multi-Hop Overlay Routing,” draft-matthews-p2psip-hip-hop-00 (work in progress), June 2007.|
|[RFC2136]||Vixie, P., Thomson, S., Rekhter, Y., and J. Bound, “Dynamic Updates in the Domain Name System (DNS UPDATE),” RFC 2136, April 1997 (TXT, HTML, XML).|
|[RFC3424]||Daigle, L. and IAB, “IAB Considerations for UNilateral Self-Address Fixing (UNSAF) Across Network Address Translation,” RFC 3424, November 2002.|
|[RFC4485]||Rosenberg, J. and H. Schulzrinne, “Guidelines for Authors of Extensions to the Session Initiation Protocol (SIP),” RFC 4485, May 2006.|
|[RFC4795]||Aboba, B., Thaler, D., and L. Esibov, “Link-local Multicast Name Resolution (LLMNR),” RFC 4795, January 2007.|
|[Using-an-External-DHT]||Singh, K. and H. Schulzrinne, “Using an External DHT as a SIP Location Service,” Columbia University Computer Science Dept. Tech Report 388).|
Copy available at http://mice.cs.columbia.edu/getTechreport.php?techreportID=388/
|David A. Bryan|
|College of William and Mary and SIPeerior Technologies|
|3000 Easter Circle|
|Williamsburg, Virginia 23188|
|Phone:||+1 757 565 0101|
|1135 Innovation Drive|
|Ottawa, Ontario K2K 3G7|
|Phone:||+1 613 592 4343 x224|
|111 Sylvan Avenue|
|Englewood Cliffs, New Jersey 07632|
|3100 Independence Pkwy #311-164|
|Plano, Texas 75075|
Copyright © The IETF Trust (2007).
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
This document and the information contained herein are provided on an “AS IS” basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at firstname.lastname@example.org.
Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).