sip operation in the public internet
play

SIP Operation in the Public Internet An Update on What Makes - PowerPoint PPT Presentation

Jun 24, 2023 •320 likes •579 views

SIP Operation in the Public Internet An Update on What Makes Running SIP a Challenge and What it Takes To Deal With It Jiri Kuthan, iptel.org sip:jiri@iptel.org Outline Status update: where iptel.orgs operational experience comes from

  1. SIP Operation in the Public Internet An Update on What Makes Running SIP a Challenge and What it Takes To Deal With It Jiri Kuthan, iptel.org sip:jiri@iptel.org

  2. Outline • Status update: where iptel.org’s operational experience comes from and what works today • Trouble-stack: things which do not fly yet • Operational Practices • Conclusions Jiri Kuthan, NANOG Meeting, February 2003

  3. Background • iptel.org has been running SIP services on the public Internet since 2001. Users are able to pick an address username@iptel.org and a numerical alias. • The infrastructure serves public subscribers as well as internal users with additional privileges (PSTN termination, voicemail). • Services powered by open-source SIP server, SIP Express Router (ser). • Increase in population size since introduction of Windows Messenger: free Microsoft SIP client with support for VoIP, video, instant messaging and collaborative applications. Jiri Kuthan, NANOG Meeting, February 2003

  4. Good News … • Basic VoIP services work, so do complementary integrated services such as instant messaging, voicemail, etc. – Commercial deployments exist, mostly offering PSTN termination: Vonage, deltathree, denwa, Packet 8 – Trial services: FWD, PCH, WCOM, SIP Center – Tens of intranet deployment of SER reported, probably many more unknown • Billing machinery works too: Accounting easy, though not standardized. • Numbering plans easy to maintain and they complement domain names well. Jiri Kuthan, NANOG Meeting, February 2003

  5. … Good News • QoS mostly pleasant for broadband community: – Links between iptel.org site and iptel.org user community have packet loss close to zero and RTT mostly bellow 150 ms, rarely above 200 ms. • SIP interoperability well established across mature implementations • Interoperation with other technologies works too: – Competition on the PSTN gateway market established – Gateway to Jabber instant messaging up and running – Commercial H.323 gateways exist Jiri Kuthan, NANOG Meeting, February 2003

  6. Bad News • Nightmare – NATs (…) • Why I keep my PSTN black phone in my room’s corner: Reliability (…) • What Is It? Machines Do, Operators Don’t … Scalability (…) • End-devices still expensive • Future issues: spam, denial of service attacks Jiri Kuthan, NANOG Meeting, February 2003

  7. NAT Traversal NAT Traversal • NATs popular because they conserve IP address space and help residential users to save money charged for IP addresses. • Problem: SIP does not work over NATs without extra effort. Peer-to-peer applications’ signaling gets broken by NATs: Receiver addresses announced in signaling are invalid out of NATted networks. • Straight-forward solution: IPv6 – unclear when deployed if ever. • There are many scenarios for which no single solution exists (they primarily differ in design properties of NATs – symmetric, app-aware, etc.) Jiri Kuthan, NANOG Meeting, February 2003

  8. NAT Traversal Current NAT Traversal Practices … • Application Layer Gateways (ALGs) – built-in application awareness in NATs. – Requires ownership of specialized software/hardware and takes app-expertise from router vendors (Intertex, PIX). • Geeks’ choice: Manual configuration of NAT translations – Requires ability of NATs, phones, and humans to configure static NAT translation. (Some have it.) If a phone has no SIP/NAT configuration support, an address-translator can be used. • UPnP: Automated NAT control – Requires ownership of UPnP-enabled NATs and phones. NATs available today, phones rarely (Snom). Jiri Kuthan, NANOG Meeting, February 2003

  9. NAT Traversal … Current NAT Traversal Practices • STUN: Alignment of phones to NATs – Requires NAT-probing ability (STUN support) in end- devices and a simple STUN server. Implementations exist (snom, kphone). – Does not work over NATs implemented as “symmetric”. – Troubles if other party in other routing realm than STUN server. + Works even if NAT device not under user’s control. • Relay: Each party maintains client-server communication – Introduces a single point of failure; media relay subject to serious scalability and reliability issues + Works over most NATs Jiri Kuthan, NANOG Meeting, February 2003

  10. NAT Traversal NAT Practices: Overview ALG STUN UPnP Manual Relay Works over ISP’s N/A Ltd. (*) N/A N/A Maybe NATs? Symmetric NATs? N/A No N/A ok Ltd. Phone support No Yes Yes Yes Yes needed? NAT support Yes Ltd. (*) Yes Ltd. (+) No needed? poor � Scalability ? (o) Ok Ok Ok Big � User Effort Small Small Small Small *… does not work for symmetric NATs o … application-awareness affects scalability + … port translation must be configurable Jiri Kuthan, NANOG Meeting, February 2003

  11. NAT Traversal NAT Traversal Scenarios • There is no “one size fits it all” solution. All current practices suffer from many limitations. • iptel.org observations for residential users behind NATs: Affordability wins: SIP-aware users relying on public SIP server use ALGs or STUN. First UPnP uses sighted. • Our plan: hope for wider deployment of – STUN and STUN-friendly firewalls – ALGs – UPnP-enabled phones and NATs Jiri Kuthan, NANOG Meeting, February 2003

  12. Availability Murphy’s Law Holds Everything can go wrong. • Servers: • Hosts: – software/configuration – power failures upgrades – hard-disk failures – vulnerabilities • Networks: – both SIP and – line. supporting servers – IP access subject to failure: DNS, IP routing daemons Jiri Kuthan, NANOG Meeting, February 2003

  13. Availability IP Availability: SLAs • Industry averages for “Network Availability” SLAs are from 99.9% to 99.5% (an NRIC report) • SLAs mostly exclude regular maintenance and always Acts of God • Residential IP access rarely with SLAs Availability (percent) Actual Downtime (per year) 99.999 5 Minutes 99.9 9 Hours 99.5 1.8 Days Jiri Kuthan, NANOG Meeting, February 2003

  14. Availability matrix.net’s Reachability Statistics • Minimum 98.69% • Median 99.45% • Maximum 99.84% • Mean 99.40% Wenyu Jang, Henning Schulzrinne: “Assessment of VoIP Service Availability in the Current Internet”, in PAM 2003. … 99.5%

  15. Availability Fail-over Issues • Whatever the reason for a failure is, signaling needs to be available continuously. Most important components are: • Replication of user information – Doable; using SIP gains better interoperability and avoids issues with database caches. • Making clients use backup infrastructure on failure – SIP specification can do that (DNS/SRV) but today’s SIP phones cannot (except one). Jiri Kuthan, NANOG Meeting, February 2003

  16. Availability Fail-over Workarounds and Limitations • IP Address Take-over: Make backup server grab primary’s IP address when a failure detected – Cannot be geographically dispersed, unless coupled with re-routing – Primary server needs to be disconnected • DNS Update: Update server’s name with backup’s IP Address – DNS propagation may take too long, even if TTL=0 (which puts higher burden on clients) • Both methods rely on error detection which may be tricky – a pinging host may be distant from another client and have a different experience Jiri Kuthan, NANOG Meeting, February 2003

  17. Deployability Scalability Concerns • New applications, like presence, are very talkative – Presence status update frequent – Each update ventilated to multiple parties • Broken or misconfigured devices account for a fair load share; few of many real-world observations: – Broken digest clients resend wrong credentials in an infinite loop � heavy flood – Mis-configured password: a phone attempted to re-register every ten minutes (factor 6) � 2400 messages a day – Mis-configured Expires=30 (factor 120) • Replication, Boot avalanches, NAT refreshes Jiri Kuthan, NANOG Meeting, February 2003

  18. Deployability Achievable Scalability • Good news: well-designed SIP servers can cope with load in terms of thousands of calls per second (CPS) – Example: lab-tuned version of SIP Express Router achieved transactional throughput in thousands of Calls Per Second on a dual-CPU PC – capacity needed by telephony signaling of Bay Area • Pending concern: denial of service attacks – Example: hundreds of megabytes of RAM can be exhausted in tens of seconds with statefull processing Jiri Kuthan, NANOG Meeting, February 2003

  19. Deployability SIP Routing SMS Gateway • Benefit of SIP: Ability to PSTN Gateway link various service components together. Applications • The “glue” are signaling servers. Their primary capability is routing requests Other domains to appropriate services. IP Phone Pool SIP proxy • Issues: – Routing flexibility – how to determine right destination for a request – Troubleshooting when routing failures occur Jiri Kuthan, NANOG Meeting, February 2003

Recommend

AI3 Operation SOI-ASIA OW 2002 Achmad Husni Thamrin Agenda AI 3 Overview Internet

AI3 Operation SOI-ASIA OW 2002 Achmad Husni Thamrin Agenda AI 3 Overview Internet

AI3 Operation SOI-ASIA OW 2002 Achmad Husni Thamrin Agenda AI 3 Overview Internet Operation (Security) AI 3 Secure Network Operation About AI 3 Asian Internet Interconnection Initiatives Project http://www.ai3.net/

264 views • 22 slides
IP layer mobility operation and beyond Keiichi Shima Internet Initiative Japan / NAIST The

IP layer mobility operation and beyond Keiichi Shima Internet Initiative Japan / NAIST The

IP layer mobility operation and beyond Keiichi Shima Internet Initiative Japan / NAIST The Second Asia Future Internet School PROJECT Topics global operation beyond the infrastructure-based mobility Mobile IPv6 experiment toward the

863 views • 53 slides
Implementation and Operation of Mobility in WIDE The 14th Korea Internet Conference June 28,

Implementation and Operation of Mobility in WIDE The 14th Korea Internet Conference June 28,

Implementation and Operation of Mobility in WIDE The 14th Korea Internet Conference June 28, 2006 Keiichi Shima <keiichi@iijlab.net> Internet Initiative Japan Inc. / WIDE project Contents Background Implementation Operation

741 views • 55 slides
IT452 Advanced Web and Internet Systems Set 10: Web Servers (operation, configuration, and

IT452 Advanced Web and Internet Systems Set 10: Web Servers (operation, configuration, and

IT452 Advanced Web and Internet Systems Set 10: Web Servers (operation, configuration, and security) (Chapters 21) Key Questions Popular web servers? What does a web server do? How can I control it? URL re-writing /

374 views • 8 slides
IT452 Advanced Web and Internet Systems Set 6: Web Servers (operation, configuration, and

IT452 Advanced Web and Internet Systems Set 6: Web Servers (operation, configuration, and

IT452 Advanced Web and Internet Systems Set 6: Web Servers (operation, configuration, and security) (Chapters 16 and 18) Key Questions Popular web servers? What does a web server do? How can I control it? URL re-writing /

326 views • 7 slides
Internet Privacy Proxies, VPNs and Tor for private communications in the public Internet

Internet Privacy Proxies, VPNs and Tor for private communications in the public Internet

Free Technology Workshop Internet Privacy Proxies, VPNs and Tor for private communications in the public Internet Organised by Steven Gordon Room RS401 9am - 12noon Friday 20 June 2014 http://ict.siit.tu.ac.th/moodle/ Demos and Tasks

684 views • 10 slides
1 IBA Dublin 2012 Legislation and regulation related to the operation of public and private

1 IBA Dublin 2012 Legislation and regulation related to the operation of public and private

1 IBA Dublin 2012 Legislation and regulation related to the operation of public and private ports 3 October 2012 contribution by Marieke G. van den Dool 2 General Contractual arrangements for development and operation of large and medium

852 views • 43 slides
Internet of Things (IoT) Solution Architecture for Power Distribution Network Operation Shen en

Internet of Things (IoT) Solution Architecture for Power Distribution Network Operation Shen en

Internet of Things (IoT) Solution Architecture for Power Distribution Network Operation Shen en Guo uo China ina Ele lectric ctric Power er Research arch In Institute titute Background 1 2 Solution Architecture Key Technologies 3

298 views • 19 slides
Internet Overview Linking the world one computer at a time Unit Objectives: What is the

Internet Overview Linking the world one computer at a time Unit Objectives: What is the

Internet Overview Linking the world one computer at a time Unit Objectives: What is the Internet Features of the Internet Connecting from your home and public places Web browsers Practical uses of the Internet Internet

415 views • 14 slides
No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your

No Yes Do you use the Internet to do homework? Do you use the Internet to follow your favourite team? Do you use the internet to watch music videos? Do you use the Internet to read the news? Do you use the Internet to play games? Shared

997 views • 51 slides
What is Operation Crackdown Operation Crackdown is an online reporting tool provided by Sussex

What is Operation Crackdown Operation Crackdown is an online reporting tool provided by Sussex

Update provided by Jim Stobart What is Operation Crackdown Operation Crackdown is an online reporting tool provided by Sussex Police and supported by the Sussex Safer Roads Partnership. Crackdown allows members of the public to report

345 views • 16 slides
Government Inquiry into Operation Burnham and Related Matters Public Hearing 3 presentation,

Government Inquiry into Operation Burnham and Related Matters Public Hearing 3 presentation,

Government Inquiry into Operation Burnham and Related Matters Public Hearing 3 presentation, Monday 29 July 2019 Nicky Hager 1. Avoiding civilian casualties, assisting the injured and protecting detained people 1.1. I am presenting today, like

676 views • 16 slides
Optimal operation strategies for dynamic processes under uncertainty Public PhD Defence Candidate

Optimal operation strategies for dynamic processes under uncertainty Public PhD Defence Candidate

1 Optimal operation strategies for dynamic processes under uncertainty Public PhD Defence Candidate : Vinicius de Oliveira Supervisors: Sigurd Skogestad Johannes Jschke Department of Chemical Engineering, Faculty of Natural Sciences and

1.07k views • 73 slides
Protecting children on the internet Aly Harakeh Spokesperson Business Software Alliance Eastern

Protecting children on the internet Aly Harakeh Spokesperson Business Software Alliance Eastern

Protecting children on the internet Aly Harakeh Spokesperson Business Software Alliance Eastern Mediterranean Committee alyh@microsoft.com Is the internet as dangerous as people think? (Or what is the internet?) The internet is public

340 views • 19 slides
Operation: River Watch Presented By: Alex Mrotek Operation: River Watch Our Purpose: Operation:

Operation: River Watch Presented By: Alex Mrotek Operation: River Watch Our Purpose: Operation:

Operation: River Watch Presented By: Alex Mrotek Operation: River Watch Our Purpose: Operation: River Watch is a campus-based initiative in La Crosse, Wisconsin that seeks to prevent alcohol-related tragedies that result in accidental drowning

228 views • 11 slides
Government Inquiry into Operation Burnham and Related Matters Public Hearing 3 presentation,

Government Inquiry into Operation Burnham and Related Matters Public Hearing 3 presentation,

Government Inquiry into Operation Burnham and Related Matters Public Hearing 3 presentation, Tuesday 30 July 2019 Nicky Hager Predetermined and offensive use of force 1. The main focus of this Inquiry is civilian casualties. However, there is

342 views • 10 slides
OECD activities related to Internet Public Policy Issues Sam Paltridge OECD ITU Workshop on

OECD activities related to Internet Public Policy Issues Sam Paltridge OECD ITU Workshop on

OECD activities related to Internet Public Policy Issues Sam Paltridge OECD ITU Workshop on Internet Governance Geneva, 26-27 February 2004 1 Introducing the OECD ! The OECD groups 30 member countries sharing a commitment to democratic

211 views • 7 slides
SIP Operation in SIP Operation in SIP Operation in 2003 2003 2003 Iptel.org builders of

SIP Operation in SIP Operation in SIP Operation in 2003 2003 2003 Iptel.org builders of

SIP Operation in SIP Operation in SIP Operation in 2003 2003 2003 Iptel.org builders of SER Jiri Kuthan, Founder http://www.iptel.org/ 1 International SIP, January 2004, Paris About iptel.org About About iptel.org iptel.org iptel.org

460 views • 18 slides
Operation Public Education University of Pennsylvania Assessment and Accountability Systems to

Operation Public Education University of Pennsylvania Assessment and Accountability Systems to

Operation Public Education University of Pennsylvania Assessment and Accountability Systems to Transform Americas Schools NATIONAL ADVISORY BOARD Christopher Cross , Chair, Advisory Board, former President, Council on Basic Education Dan

350 views • 18 slides
Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet

Communication security over the Internet The big picture Me Internet Resource Internet Server Client Attack vectors MAN DNS LAN Client Internet Back Bone Router Networking WWW overview MITM (Man In The Middle) 3 2 4 5 LAN

244 views • 23 slides
How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been

5/15/2012 How do you Improve on the Internet? The eXpressive Internet Architecture: The Internet has been tremendously successful From Architecture to Network Has sustained tremendous growth g Supports very diverse set of applications

484 views • 10 slides
o Public Private Partnership, aka PPP or P3 ~ An arrangement in which a private operator is

o Public Private Partnership, aka PPP or P3 ~ An arrangement in which a private operator is

Definition of PPP o Public Private Partnership, aka PPP or P3 ~ An arrangement in which a private operator is hired by a public entity for all or most of the design, construction, operation, and financing of a public project Public

680 views • 13 slides
Will FTTH be the Principal Technology for Very High Speed Internet Access? Rich Clarke Center

Will FTTH be the Principal Technology for Very High Speed Internet Access? Rich Clarke Center

Will FTTH be the Principal Technology for Very High Speed Internet Access? Rich Clarke Center for Applied Internet Data Analysis Assistant Vice President Workshop on Internet Economics AT&T Global Public Policy UCSD, La Jolla, CA

633 views • 6 slides
Searching in a Public Library Searching in a Public Library Some Experiences with the Search

Searching in a Public Library Searching in a Public Library Some Experiences with the Search

Searching in a Public Library Searching in a Public Library Some Experiences with the Search Behaviour of Patrons of a Public Library At the public library in Waalre (NL) there is a dedicated catalogue system in operation now for 2 years. Alls

444 views • 30 slides

More recommend