Professional Documents
Culture Documents
Yang-SIP
Yang-SIP
Yang Yang
Master’s Thesis submitted in partial fulfillment of the requirements for the degree
of Master of Science in Technology.
SIP outbound as an extension of SIP enables the client initiated connections in SIP
signaling system. This feature is desirable in the case of NAT or firewall present between
the public and the private side. In such situation, connections are only allowed from
the private side to the public side. SIP outbound proposes a mechanism which keeps
the client initiated connections between a UA and proxies and later reuses the same
connections to push data to the UA from the proxy sides. This mechanism ensures the
successful traversal of NAT/firewall.
In this thesis we implemented SIP outbound protocol as an extension of SIP and in-
tegrated to the WeSAHMI experimental infrastructure and then evaluated the perfor-
mance of the system as a whole.
Keywords: SIP, SIP outbound, STUN keepalive, backoff mechanism, flow token, NAT.
ii
Acknowledgements
Yang Yang
iii
Contents
Abbreviations vi
List of Figures ix
List of Tables x
1 Introduction 1
1.1 Research problem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Brief motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3 Structure of the thesis . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2 Background 5
3 System Model 8
3.1 WeSAHMI architecture . . . . . . . . . . . . . . . . . . . . . . . . . 8
3.2 WeSAHMI security architecture . . . . . . . . . . . . . . . . . . . . . 9
3.3 SIP outbound . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
iv
4.3.3 Keepalive mechanisms . . . . . . . . . . . . . . . . . . . . . . 19
4.4 Registrar behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
4.5 Authoritative proxy behavior . . . . . . . . . . . . . . . . . . . . . . 20
5 Implementation 22
5.1 Open source libraries . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
5.2 User agent routine . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
5.2.1 Termination of a flow . . . . . . . . . . . . . . . . . . . . . . 23
5.2.2 Failures of a flow . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.2.3 Re-registation . . . . . . . . . . . . . . . . . . . . . . . . . . . 24
5.3 TCP keepalive . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
5.4 STUN keepalive over UDP . . . . . . . . . . . . . . . . . . . . . . . . 25
5.4.1 Overview of the mechanism . . . . . . . . . . . . . . . . . . . 25
5.4.2 STUN server and client . . . . . . . . . . . . . . . . . . . . . 26
5.4.3 STUN attributes . . . . . . . . . . . . . . . . . . . . . . . . . 27
5.4.4 STUN retransmission mechanism . . . . . . . . . . . . . . . . 27
5.5 Edge proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28
6 Experimentation 29
6.1 Experimental infrastructure deployment . . . . . . . . . . . . . . . . 29
6.2 Experiment for SIP over UDP with SIP outbound features . . . . . . 30
6.2.1 Experiment for STUN keepalive . . . . . . . . . . . . . . . . 33
6.3 Experiment TCP keepalive . . . . . . . . . . . . . . . . . . . . . . . 34
7 Discussion 37
8 Conclusions 39
8.1 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
8.2 Future work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
A Appendix 44
A.1 Important data structures . . . . . . . . . . . . . . . . . . . . . . . . 44
A.2 Important modifications to the eXosip and osip libraries . . . . . . . 45
A.3 APIs for base64 encoding . . . . . . . . . . . . . . . . . . . . . . . . 45
A.4 APIs for STUN keepalive . . . . . . . . . . . . . . . . . . . . . . . . 45
v
Abbreviations
vi
IP Internet Protocol
NAT Network Address Translation, enables a local are network to use one
set of IP addresses for internal traffic and a second set of addresses
for external traffic.
SIP URI A uniform resource identifier with the scheme ”sip:”. SIP systems
use the domain component along with DNS to determine where to
send SIP messages.
vii
UUID Universally Unique Identifier.
viii
List of Figures
ix
List of Tables
x
Chapter 1
Introduction
The increase of the Internet usages result in the assimilation of telephony services
into the Internet Protocol [6] technology, which stimulates the generation of signaling
protocols to set up and tear down multimedia sessions. Some communities propose
solutions in accordance with their own priorities and interests. Session Initiation
Protocol (SIP), born in a computer science laboratory within a decade, satisfies the
growing thirst for a new generation of IP based services [4].
The SIP is a signaling protocol used for establishing sessions in an IP network. It
is developed by IETF as part of the Internet Multimedia Conferencing Architecture
[29]. It incorporates elements of two well-known protocols: the Web’s Hyper Text
Transfer Protocol (HTTP)formatting protocol [23] and the Simple Mail Transfer
Protocol (SMTP) e-mail protocol [22] [1]. Its first major use has been signaling in
Internet telephony [30]. But gradually SIP’s utility does not end with telephony: it
is already employed as a basic technology for instance messaging and presence.
SIP resolves two significant issues in establishing these real time communication
sessions. First of all, it helps participants going to communicate locate each other
on the Internet (rendezvous). Then it allows those participants to negotiate how
they are willing to communicate.
Nowadays, more and more carriers and providers offer SIP-based services such as
local and long distance telephony, presence and instant messaging, voice message,
push-to-talk, rich media conferencing, and so on. All these media communications
resort to SIP as a signaling protocol, since SIP allows proxy servers to to initiate
TCP connections and send asynchronous UDP datagram to User Agents (UAs).
SIP will be used as the primary signaling technology in the next generation mobile
communication.
However, because of the presence of Network Address Translators (NATs) and fire-
1
CHAPTER 1. INTRODUCTION 2
walls, network is segmented, which causes SIP servers, such as registrars or proxies,
can not initiate connections to UAs. A firewall device will block connections to the
UA between the UA and the proxy servers. Similarly NATs only allow connections
from the private address side to the public side.
Researches about the effect of NAT have been done in recent years. Several
extensions are proposed to the original SIP specification [8], which allows a UA to
receive incoming signaling requests from the server side.
extension of STUN, known as the Traversal Using Relays around NAT (TURN),
allows a SIP client behind a NAT/firewall to receive incoming data over TCP or
UDP connections [11]. However, it only supports the connection of a client behind a
NAT to a single peer. And the cost of providing a TURN relay server is so high that
the TURN would only be desirable as a last resort. The Interactive Connectivity
Establishment (ICE) methodology [26] can be used to discover optimal means of
connectivity using various techniques, such as STUN and TURN [27].
In the worst case, a SIP client may find itself behind a NAT/firewall that prevents
all incoming traffic except packets of a TCP stream the client opened. The SIP
outbound extension is proposed [5], which reuses the connection initiated by the
UA to the EP after the UA establishes a connection to the EP successfully by
sending REGISTER requests. Since the server can not reach the UA, it is the UA’s
duty to keep the connection active. When a UA initiates a connection to the proxy,
the proxy can later reuse this flow to push SIP message to the UA. So the UA has
to assure the flow is always active.
This thesis represented the SIP outbound extension based the internet draft [5]
and did reasonable experiment and evaluation against the new features to inspect
the complexity and usability of SIP outbound. Some updates were proposed to the
specification for implementation needs.
Background
Originally, NAT devices are used to connect an isolated address to an external realm
with globally unique registered addresses [21]. So it effectively extends the address
space. Because SIP packets go out from a NATed client with their private IP ad-
dresses packed into the message headers (Via and Contact headers) and SDP bodies
[9], a NAT device are not aware of them. So when the packets get to their destina-
tion, they are processed and responded to completely useless source addresses.
The effect of NAT and firewalls to signaling system become active research topic
[17] [28] [34]. Several solutions were proposed to allow SIP to traverse NAT and fire-
wall effectively [5], [26]. Solutions to this include using TCP for SIP instead of UDP,
employing keep alive program to maintain NAT bindings, or using STUN/TURN
servers.
The key to successful NAT/firewall traversal is that the remote host know which
global port and IP address has been assigned by the NAT for a given flow. The
extension of SIP, called ICE [26] relies on two new protocols being developed in the
IETF, STUN and TURN. STUN allows a host to learn the global IP address and
UDP port assigned by its outermost NAT box. The address can be subsequently
conveyed by SIP to allow direct UDP connectivity between hosts. TURN allows a
host to select a globally-addressable TCP relay, which can subsequently be used to
bridge a TCP connection between two NATed hosts. Unlike STUN, TURN does
not allow direct connectivity between NATed hosts.
Different from the ICE extension, SIP outbound inserts an extra network entity,
edge proxy, to traverse NAT and firewall, with a client-initiated connection mecha-
nism. The SIP client initiates secured connections to EPs (at least two) by sending
REGISTER requests. These secured connections will be maintained by the client
and EPs so that later EPs can push data to the client through these connections.
5
CHAPTER 2. BACKGROUND 6
This feature requires the EP to work not only as a SIP proxy but also as a keep
alive server. And the EP has to be able to distinguish different connections initiated
by different clients. The EP identifies different connections by assigning different
flow tokens for each connection. Communications to untrusted external domains
are allocated to EPs since clients are invisible to outer domain. Failure tolerance
mechanism is also considered in [5] by proposing multiple registrations and multiple
physical hosts deployment.
As part of the security model of WeSAHMI architecture, this thesis represented
the implementation of SIP outbound as an extension of SIP. The WeSAHMI project
implemented an application for an airport environment. In the airport scenario, a
crucial matter is the delivery of real-time information updates to the passengers and
employees of the airport. Such kind of information updates include flights’ delay or
cancellation, the changes of departure gates of the flights and such. The time delay
caused by the process of information delivery is also crucial. The airline information
system would push the information of the updated situation to passengers on time.
In the WeSASHMI project, two principal services for communication are required
between the Finnair application server and the passengers: pull and push services.
Both of these services are carried out through SIP.
SIP enables clients to register to certain services. Once registered, clients can
pull information from the content server, and the server can send asynchronous
notifications to the client. As shown in the left side of Figure 2.1, the client sends
a SUBSCRIBE message, which is acknowledged by the notifier with a NOTIFY
message. This is the push service.
The pull-service is similar. The client has to know what content to pull from the
notifier. The notifier can send descriptions of available content by using push service.
Once the client knows what services are available, it can decide what content to pull
from the notifier. As shown in right side of Figure 2.1, the notifier first sends a
NOTIFY message which carries a description of the available services. Later, the
client sends a SUBSCRIBE request to query the service, which is acknowledged by
a NOTIFY with the real data of the service.
The security architecture of WeSAHMI system is used to establish authentication
and authorization between clients and the WeSAHMI server. SIP outbound proposes
an additional networking element (Edge Proxy) consisting of transport and security
mechanisms. The EP will be inserted between the UA and the notifier topologically.
So the procedure pull services above has to be adjusted as shown in Figure ??. The
push service is similar, so it is not illustrated in the figure. All incoming and outgoing
messages have to be forwarded to the EP.
CHAPTER 2. BACKGROUND 7
System Model
WeSAHMI server: a central role as relaying data from the external model to
client brower,
8
CHAPTER 3. SYSTEM MODEL 9
content server has arrived, the daemon will deliver the message to the client appli-
cation, such as the browser. Figure 3.1 shows where we deploy the SIP outbound
component in the WeSAHMI architecture.
The client daemon uses keep alive mechanism to keep the flow to its outbound
EPs always active. So when the content server wants to push messages to clients,
it can always reach the client from the public side through a secured channel.
Chapter 4
This chapter briefly describes SIP outbound extension. We adjusted the structure
of the SIP outbound draft [5], and organized it to be convenient for implementation.
11
CHAPTER 4. SIP CLIENT-INITIATED OUTBOUND 12
SIP outbound [5] introduces two new parameters for the Contact header field: In-
stance Identifier (instance-id) and Registration Identifier (reg-id). In a signaling
system supporting SIP outbound, each UA is identified uniquely by a persistent
instance-id URN. This instance-id must be persistent even if the UA reboots or
power cycled, and must not change as the device moves from one network to an-
other. The UA uses a UUID URN [19] as its instance-id and attaches it to the
Contact header field as a ”+sip.instance” media feature tag.
The UUID URN does not require central registration process so no centralized
authority is required to administer them. In our mobile wireless environment, this is
a favorable feature to minimize additional entities. Furthermore, a UUID is a fixed
size of 128 bits URN which is reasonably small compared to other alternatives. And
the unique ability to generate a new UUID without a registration process allows for
CHAPTER 4. SIP CLIENT-INITIATED OUTBOUND 13
Backoff mechanism
The UA employs backoff mechanism to avoid avalanche restart on EPs. That is, the
UA needs to wait amount of time before trying to establish a new flow to replace
the failed one.
The following algorithm is used to calculate the waiting time in seconds:
T IM Ebase : is set to 30 seconds if all of the flows to every URI in the outbound
proxy set have failed; otherwise, if at least one of the flows has not failed, it
is set to 90 seconds.
This algorithm itself has no security assurance, so an attacker can hijack another
user’s call without a hitch. Unless, we employ SIP level security protection, this
algorithm must not be used. But security mechanism in SIP level is expensive. So
we preferred the second algorithm.
Algorithm 2:
verify if the HMAC is correct by recomputing the HMAC and checking if they match
each other. If the HMACs mismatch, EPs should send a 403 (Forbidden) response.
Otherwise, they should forward the request on the flow that was specified by the
information in the flow identifier. To ensure the mid-dialog requests are routed over
the existing flow, [13] proposes the EP adds a Record-Route entry to each dialog
initiating request. The Record-Route contains a SIP URI which is comprised of a
flow token and a domain name. If this flow no longer exists, the EP should send a
430 (Flow Failed) response to the request side.
SIP outbound updates the definition of a binding in [8]. The updated binding
behavior is shown in the following table 5.1, according to the presence of instance-id
and reg-id.
According to the table 5.1, a Contact header field value with an instance-id but
no reg-id is still valid. But this is not applied to the reverse situation which only has
a reg-id but no instance-id. So the reg-id parameter will be simply ignored when the
instance-id is not present. Moreover, the registrar must also be prepared to receive,
for the same AOR, some registrations that use instance-id and reg-id and some do
not. This implies the registrar has to work as a normal SIP registrar and a registrar
supporting SIP outbound when needed.
The registrar must store all the Contact header field information, and store the
time at which the binding was last updated. If a Path header field is present, the
registrar stores this information as well. If the registrar receives a re-registration, it
must update any information that uniquely identifies the network flow over which
the request arrived, and should update the time the binding was last updated.
The registrar must include the ’outbound’ option-tag in a Supported header field
value in its responses to REGISTER requests for which it has performed outbound
processing. This explicitly informs EPs and UAs that this registrar supports SIP
outbound.
by the AP and then sends a request through EP1. An AP selects a contact to use
normally, with a few additional rules:
The proxy must not populate the target set with more than one contact with
the same AOR and instance-id at a time. If a request for a particular AOR and
instance-id fails with a 430 (Flow Failed) response, the proxy should replace
the failed branch with another target (if one is available) with the same AOR
and instance-id, but a different reg-id.
If the proxy receives a final response from a branch other than a 408 (Request
Timeout) or a 430 (Flow Failed) response, the proxy must not forward the
same request to another target representing the same AOR and instance-id.
The targeted instance has already provided its response.
Chapter 5
Implementation
In this chapter, we will describe how the SIP outbound [5] was implemented as an
extension of the existing SIP framework. And how our implementation integrated
to the WeSAHMI architecture.
22
CHAPTER 5. IMPLEMENTATION 23
tation of the SSL and TLS [32] and the DTLS [7] protocols. We used APIs provided
by OpenSSL to construct HMAC for the flow token.
optional and only indicates the desired expiration time of the registration. If it is
absent, the Contact header uses the Expires header as the default value.
If any of the above situation occurs, that is a UA receives any of the above
messages, the UA considers that this flow is failed. So it clears up this flow, and
waits for the right time to re-register by using the backoff mechanism.
5.2.3 Re-registation
We implemented the backoff mechanism described in section 4.2.2. So before the
UA registers again, it has to wait for certain amount of time. The UA has to use
the same reg-id as its previous flow. So the registrar knows this is a new flow to
replace the old one.
CHAPTER 5. IMPLEMENTATION 25
Many other alternative methods can also be used to modify the parameters. We
just picked the one convenient for you.
the effect of keeping the bindings in the NAT alive. The STUN binding responses
inform the UA that the EP is still responsive, and also inform the UA if its transport
address towards the EP has changed. In our case, a change of transport address
suggests a failure of flow. The time interval between STUN Binding requests is a
random time between 24 and 29 seconds [12].
The binding refresh usage requires to multiplex STUN traffic on the same trans-
port address as SIP. So first STUN messages must be separated from SIP messages.
A quite distinguishable feature of SIP packets is that all STUN messages start with
the first byte either 0 or 1, but the first byte of a SIP packet has never a value of 0
or 1. This may not be suffice if there are valid application layer data packets which
could be confused with STUN packets. STUN defines a special field called the magic
cookie which is a fixed 32-bit value, 0x2112A442. So even if the SIP packet can have
the same value with the magic cookie in its second 32 bit word, there is only a one
in 232 chances that they are the same.
For SIP over UDP, eXosip opened one UDP socket and we accessed it through
eXosip.net interface[0].net socket. The variable of eXosip is globally visible when
eXosip library is initiated. STUN messages are sent through this socket periodically.
To reduce processing consumption on the UA (which is a mobile phone in WeSAHMI
senario) all the registrations share the same timer. That is, when the timer expires,
the UA traverses all of its registrations and sends STUN Binding requests through
all these registration.
So the receiver (either STUN client or server) may generate the above events,
CHAPTER 5. IMPLEMENTATION 27
after parsing the buffer. If it is a STUN Binding request, the server encodes the
STUN Binding response including STUN attributes and sends it over the same flow.
After receiving the STUN response with any of the above attributes, the STUN
client decides its next action, by checking the attributes present in Binding response.
Experimentation
29
CHAPTER 6. EXPERIMENTATION 30
and the EP. Namely an always active UDP or TCP flow. The dash bi-directional
arrowed lines indicate indirect flows between the EPs and registrar, because the flow
is established when needed.. We did not deploy APs, since we ignored the location
service.
Figure 6.2 illustrates a basic registration and SUBSCRIBE/NOTIFY procedure
we experimented against our system. In following sections, we present these mes-
sages in details.
that is EPs can work as STUN keepalive servers. In table 6.2, the reg-id parameter
is set to 2 in the Contact header of the SIP body sent to its secondary EP. So we
later use this parameter to identify different flows established by the same UA. This
information is recorded by the registrar with its Contact header. According to the
Supported header, we can see the UA supports Path header. So EPs can later use
this function if needed. We used a very simple authentication mechanism, adding a
Auth header to the request. The registrar is configured to recognize the value of this
field so that other requests with different values will be denied. A more intelligent
mechanism is expected in the future work.
After received the REGISTER requests, the two EPs proxy REGISTER requests
to the registrar and delivered responses from the registrar to the UA. The responses
received by the UA from the registrar through two EPs are listed as follows:
In table 6.3 and 6.4, we notice a new header, Path header, with three parameters
appeared in responses. That is because EPs generate and insert a flow token to
CHAPTER 6. EXPERIMENTATION 32
the Path header, and pack the Path header to REGISTER requests. After these
actions, EPs proxy requests to the registrar. The registrar records the flow token as
part of the binding information. Then the registrar forms responses by copying the
Path header, which eventually becomes the 200OK responses received by the UA.
The value of Supported header is set to outbound indicating that EPs supports SIP
outbound extension.
After the UA receives two 200OK responses, it sends SUBSCRIBE request as
shown in table 6.5 to its content service provider, Notifier, through its primary EP.
To use primary or secondary EP is decided randomly. In the case of the failure of
one EP, the UA can use another one. In our experiment, the logical Notifier hosts in
the registrar physically. Comparing to the REGISTER request, a new field affiliates
with the first parameter of Route header. It is the flow token the UA extracted from
the Path header of 200OK response. We do not list the response for SUBSCRIBE
request, since it is mainly the normal SIP response.
CHAPTER 6. EXPERIMENTATION 33
SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.1.0.10:5060;rport=5060;branch=z9hG4bK1835142445
Route: <sip:10.1.0.11;lr;keep-stun>
From: <sip:caller@10.1.0.10>;tag=37305113
To: <sip:caller@10.1.0.10>
Call-ID: 1951009167@10.1.0.10
CSeq: 1 REGISTER
Contact: <sip:caller@10.1.0.10:5060>;
+sip-instance=”<urn:uuid:c00bb5b6-677f-4ab3-bdd7-f9ae756ea544>”;
reg-id=1
Path:<sip:m+KF6bT1Jd+31XUKAQAKxBMKCQCGxNM=@10.1.0.11:5060;lr;ob>
Max-forwards: 70
User-agent: eXosip/3.0.1
Expires: 3600
auth: ffn:hash
Supported: outbound
Content-Length: 0
Table 6.6 lists the NOTIFY request sent by the notifier. Similarly, we notice the
flow token in the Route header. This request is forwarded to the UA’s primary EP,
who sends it to its final destination by parsing the flow token to find out the exact
flow
SIP/2.0 200 OK
Via: SIP/2.0/UDP 10.1.0.10:5060;rport=5060;branch=z9hG4bK1094232440
Route: <sip:10.1.0.5;lr;keep-stun>
From: <sip:caller@10.1.0.10>;tag=37305113
To: <sip:caller@10.1.0.10>
Call-ID: 1951009167@10.1.0.10
CSeq: 2 REGISTER
Contact: <sip:caller@10.1.0.10:5060>;
+sip-instance=”<urn:uuid:c00bb5b6-677f-4ab3-bdd7-f9ae756ea544>”;
reg-id=2
Path: <sip:n+IF6bT2Ud+31XUKAQAKxBMKAQAGxBM=@10.1.0.5:5060;lr;ob>
Max-forwards: 70
User-agent: eXosip/3.0.1
Expires: 3600
auth: ffn:hash
Supported: outbound
Content-Length: 0
later when errors occur in STUN messages. For the rest of the STUN message, we
just padded zero to align it to 20 bytes. The data structure used in the program is
listed in appendix A.
The STUN Binding response is similar with the Binding request except for the
field of STUN message type which is 0x0101.
Table 6.6: NOTIFY request sent from the Notifier to the UA.
Discussion
SIP outbound [5] does not specify the configuration mechanism of outbound proxy
registration URIs. The configuration procedure can be considered as an implemen-
tation practices issue. A trusted third party can be used to distribute the outbound-
proxy-set to UAs in the initial stage. In WeSAHMI scenario, the WeSAHMI server,
who provides a backbone for the whole platform, can be used as the third party.
Each URI in the outbound-proxy-set can be resolved to several different physical
hosts. This means one URI represents one logical EP. But one logical EP can be
deployed to several physical hosts. Such kind of deployment enhances the scalability
and reliability, since a single server’s failure can not hinder the whole system. To
deploy the system in this fashion, DNS service is needed so that the various URIs
in the outbound proxy set can not resolve to the same host.
Every UA may have at least two and up to four logical EPs. To choose which one
to proxy requests, is not specified in the SIP outbound draft. In our implementation,
we just simply picked the primary EP to proxy requests unless it fails. But in a
large system, which has a lot of UAs, the primary EP may overload but other EPs
just run in vain.
To optimize the system, we may design a way to assign work load evenly. We
might regulate a limited number of direct flows from a EP to UAs. When the fixed
number is reached, the EP refuses a UA’s connection and responses with a kind
of message informing the UA to try another EP in its outbound proxy set. This
response message may use 200OK SIP response with a special header different from
normal responses to requests. As to the value of fixed number of direct flows, it
should be decided after practical measurement or mathematical model.
We only implemented STUN over UDP. So client retransmission is desirable to
achieve reliability. The STUN is transparent to transport protocols. So it is possible
37
CHAPTER 7. DISCUSSION 38
to implement it over TCP. If we implement STUN over TCP, we do not need to add
client retransmission to STUN, since TCP is connection oriented.
Chapter 8
Conclusions
8.1 Summary
In this thesis, we addressed SIP outbound protocol and its applications. Then
we described our implementation of SIP outbound as a component of WeSAHMI
system. SIP outbound, as an extension of SIP, updates several behaviors of general
SIP. It makes the traverse behind NAT possible. And then we described how our
implementation was integrated to the WeSAHMI architecture and how it worked
with the whole system. In the end, we designed several experiments for evaluation
of our implementation. The experiments are mainly about client initiated connection
features of SIP outbound and keepalive mechanisms.
During the procedure of implementation, most difficulties we encountered were
the lack of documentation for these open source libraries, including eXosip and
oSIP. This may be the common problem for most open source developers. Our
implementation is built in the application level of these two libraries , so only to
know what kind of application programming interfaces (APIs) they provide is enough
for us. But the documents are not clear and sufficient, about how to use these APIs
so that we had to inspect the source code thoroughly. It was time consuming to go
through such a big bunch of source code. However, this is good for us to learn how
the SIP transaction was implemented in the library. After learning these knowledge,
we may later be able to integrate all the SIP outbound features to the library. So
other application developers can use the library to build SIP application which
supports SIP outbound extension directly.
39
CHAPTER 8. CONCLUSIONS 40
[3] P. Vixie A. Gulbrandsen and L. Esibov. A DNS RR for specifying the location
of services (DNS SRV). Network Working Group, 2000.
[4] Shoma Chakravarty Abhijit Sur, Dean Skidmore. Web services based SOA for
next generation telecom networks. In IEEE international conference on services
computing, page 520, 2006.
[6] Marina del Rey. Internet Protocol. Network Working Group, September, 1981.
[8] J. Rosenberg et al. SIP: Session Initiation Protocol RFC 3261. Internet Engi-
neering Task Force, 2002.
[10] Alan B. Johnston Henry Sinnreich. Internet Communication Using SIP. 1th
edition, October, 2001.
41
BIBLIOGRAPHY 42
[13] K. Johns. Routing of mid dialog requests using sip-outbound. Internet Draft
(work in progress), Internet Engineering Task Force, 2006.
[14] Alan B. Johnston. Understanding the Session Initiation Protocol. 1th edition,
2001.
[15] S. Josefsson. The Base16, Base32, and Base64 Data Encodings RFC 3548.
Internet Draft (work in progress), Internet Engineering Task Force, 2006.
[17] Kundan Singh Milind Buddhikot, Adiseshu Hari and Scott Miller. MobileNAT:
A New Technique for Mobility Across Heterogeneous Address Spaces. Mobile
Networks and Applications, 10(3), 2005.
[18] David L. Mills. Computer Network Time Synchronization: The Network Time
Protocol. 1th edition, March, 2006.
[22] Jonathan B. Postel. Simple Mail Transfer Protocol. Network Working Group,
August, 1982.
[25] Howard Rheingold. Smart Mobs: The Next Social Revolution. 1th edition,
October, 2002.
[28] Yutaka Takeda Saikat Guha and Paul Francis. NUTSS: A SIP-based Approach
to UDP and TCP Network Connectivity. ACM SIGCOMM, 2004.
[30] Robert Sparks. SIP Basics and Beyond. ACM Press, 2007.
[32] E. Rescorla T. Dierks. The Transport Layer Security (TLS) Protocol Version
1.1. Network Working Group, April, 2006.
[35] D. Willis and B. Hoeneisen. Session Initiation Protocol (SIP) Extension Header
Field for Registering Non-Adjacent Contacts RFC 3327. Internet Engineering
Task Force, 2002.
Appendix A
Appendix
struct stun_msg_hdr
{
u_int16_t msgType;
u_int16_t msgLength;
u_int32_t magic_cookie;
u_int96_t id;
};
struct stun_msg
{
stun_msg_hdr_t msgHdr;
int hasMappedAddress;
stun_atr_address4_t mappedAddress;
int hasSourceAddress;
stun_atr_address4_t sourceAddress;
int hasChangedAddress;
stun_atr_address4_t changedAddress;
int hasErrorCode;
stun_atr_error_t errorCode;
int hasUnknownAttributes;
stun_atr_unknown_t unknownAttributes;
44
APPENDIX A. APPENDIX 45
int hasXorMappedAddress;
stun_atr_address4_t xorMappedAddress;
};