idnits 2.17.1 draft-ietf-avt-crtp-enhance-03.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document is more than 15 pages and seems to lack a Table of Contents. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 828 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 5 instances of lines with control characters in the document. ** The abstract seems to contain references ([RFC2508]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 581 has weird spacing: '...ime pkt upd...' == Line 627 has weird spacing: '...ime pkt upd...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- Couldn't find a document date in the document -- date freshness check skipped. -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'RFC2508' is mentioned on line 46, but not defined == Missing Reference: 'RFC2119' is mentioned on line 173, but not defined == Unused Reference: 'CRTP' is defined on line 723, but no explicit reference was found in the text == Unused Reference: 'IPCPHC' is defined on line 729, but no explicit reference was found in the text == Unused Reference: 'KEYW' is defined on line 732, but no explicit reference was found in the text == Unused Reference: 'RTP' is defined on line 735, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2509 (ref. 'IPCPHC') (Obsoleted by RFC 3544) ** Obsolete normative reference: RFC 1889 (ref. 'RTP') (Obsoleted by RFC 3550) Summary: 11 errors (**), 0 flaws (~~), 10 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Audio/Video Transport Working Group Tmima Koren 2 Internet Draft Cisco Systems 3 November 12, 2001 Stephen Casner 4 Expires June 2002 Packet Design 5 draft-ietf-avt-crtp-enhance-03.txt John Geevarghese 6 Telseon 7 Bruce Thompson 8 Patrick Ruddy 9 Cisco Systems 11 Compressing IP/UDP/RTP headers on links with high delay, 12 packet loss and reordering 14 Status of this memo 16 This document is an Internet Draft and is in full conformance with 17 all provisions of Section 10 of RFC 2026. Internet Drafts are 18 working documents of the Internet Engineering Task Force (IETF), its 19 Areas, and its Working Groups. Note that other groups may also 20 distribute working documents as Internet Drafts. 22 Internet Drafts are draft documents valid for a maximum of six 23 months. Internet Drafts may be updated, replaced, or obsolete by 24 other documents at any time. It is not appropriate to use Internet 25 Drafts as reference material or to cite them other than as "work in 26 progress". 28 The list of current Internet-Drafts can be accessed at: 29 http://www.ietf.org/ietf/1id-abstracts.txt 31 The list of Internet-Draft Shadow Directories can be accessed at: 32 http://www.ietf.org/shadow.txt 34 This draft is a work item of the IETF Audio/Video Transport working 35 group. The working group mailing list is avt@ietf.org. Subscribe via 36 the web at http://www.ietf.org/mailman/listinfo/avt. 38 Copyright Notice 40 Copyright (C) The Internet Society (1999-2001). All Rights Reserved. 42 Abstract 44 This document describes a header compression scheme for point to 45 point links with packet loss and long delays. It is based on CRTP, 46 the IP/UDP/RTP header compression described in [RFC2508]. CRTP does 47 not perform well on such links: packet loss results in context 48 corruption and due to the long delay, many more packets are 49 discarded before the context is repaired. To correct the behavior of 50 CRTP over such links, a few extensions to the protocol are specified 51 here. The extensions aim to reduce context corruption by changing 52 the way the compressor updates the context at the decompressor: 53 updates are repeated and include updates to full and differential 54 context parameters. With these extensions, CRTP performs well over 55 links with packet loss, packet reordering and long delays. 57 1.0 Introduction 59 RTP header compression (CRTP) as described in RFC 2508 was designed 60 to reduce the header overhead of IP/UDP/RTP datagrams by compressing 61 the three headers. The IP/UDP/RTP headers are compressed to 2-4 62 bytes most of the time. 64 CRTP was designed for reliable point to point links with short 65 delays. It does not perform well over links with high rate of packet 66 loss, packet reordering and long delays. 68 An example of such a link is a PPP session that is tunneled using an 69 IP level tunneling protocol such as L2TP. Packets within the tunnel 70 are carried by an IP network and hence may get lost and reordered. 71 The longer the tunnel, the longer the round trip time. 73 Another example is an IP network that uses layer 2 technologies such 74 as ATM and Frame Relay for the access portion of the network. Layer 75 2 transport networks such as ATM and Frame Relay behave like point 76 to point serial links in that they do not reorder packets. In 77 addition, Frame Relay and ATM virtual circuits used as IP access 78 technologies often have a low bit rate associated with them. These 79 virtual circuits differ from low speed serial links in that they may 80 span a larger physical distance than a point to point serial link. 81 Speed of light delays within the layer 2 transport network will 82 result in higher round trip delays between the endpoints of the 83 circuit. In addition, congestion within the layer 2 transport 84 network may result in an effective drop rate for the virtual circuit 85 which is significantly higher than error rates typically experienced 86 on point to point serial links. 88 CRTP is widely deployed and has relatively low computational 89 complexity. It is desirable to extend its usage over such links. 90 This can be achieved with a few simple extensions to the protocol. 92 1.1 CRTP Operation 94 During compression of an RTP stream, a session context is defined. 95 For each context, the session state is established and shared 96 between the compressor and the decompressor. Once the context state 97 is established, compressed packets may be sent. 99 The context state consists of the full IP/UDP/RTP headers, a few 100 first order differential values, a link sequence number, a 101 generation number and a delta encoding table. 103 The headers part of the context is set by the FULL_HEADER packet 104 that always starts a compression session. The first order 105 differential values (delta values) are set by sending COMPRESSED_RTP 106 packets that include updates to the delta values. 108 The context state must be synchronized between compressor and 109 decompressor for successful decompression to take place. If the 110 context gets out of sync, the decompressor is not able to restore 111 the compressed headers accurately. The decompressor invalidates the 112 context and sends a CONTEXT_STATE packet to the compressor 113 indicating that the context has been corrupted. To resume 114 compression, the compressor must reestablish the context. 116 During the time the context is corrupted, the decompressor discards 117 all the packets received for that context. Since the context repair 118 mechanism in CRTP involves feedback from the decompressor, context 119 repair takes at least as much time as the round trip time of the 120 link. If the round trip time of the link is long, and especially if 121 the link bandwidth is high, many packets will be discarded before 122 the context is repaired. On such links it is desirable to minimize 123 context invalidation. 125 1.2 How do contexts get corrupted? 127 As long as the fields in the combined IP/UDP/RTP headers change as 128 expected for the sequence of packets in a session, those headers can 129 be compressed, and the decompressor can fully restore the compressed 130 headers using the context state. When the headers don't change as 131 expected it's necessary to update some of the full or the delta 132 values of the context. For example, the RTP timestamp is expected to 133 increment by delta RTP timestamp (dT). If silence suppression is 134 used, packets are not sent during silence periods. Then when voice 135 activity resumes, packets are sent again, but the RTP timestamp is 136 incremented by a large value and not by dT. In this case an update 137 must be sent. 139 If a packet that includes an update to some context state values is 140 lost, the state at the decompressor is not updated. The shared state 141 is now different at the compressor and decompressor. When the next 142 packet arrives at the decompressor, the decompressor will fail to 143 restore the compressed headers accurately since the context state at 144 the decompressor is different than the state at the compressor. 146 1.3 Preventing context corruption 148 Note that the decompressor fails not when a packet is lost, but when 149 the next compressed packet arrives. If the next packet happens to 150 include the same context update as in the lost packet, the context 151 at the decompressor may be updated successfully and decompression 152 may continue uninterrupted. If the lost packet included an update to 153 a delta field such as the delta RTP timestamp (dT), the next packet 154 can't compensate for the loss since the update of a delta value is 155 relative to the previous packet which was lost. But if the update is 156 for an absolute value such as the full RTP timestamp or the RTP 157 payload type, this update can be repeated in the next packet 158 independently of the lost packet. Hence it is useful to be able to 159 update the absolute values of the context. 161 The next chapter describes several extensions to CRTP that add the 162 capability to selectively update absolute values of the context, 163 rather than sending a FULL_HEADER packet, in addition to the 164 existing updates of the delta values. This enhanced version of CRTP 165 is intended to minimize context invalidation and thus improve the 166 performance over lossy links with a long round trip time. 168 1.4 Specification of Requirements 170 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 171 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 172 document are to be interpreted as described in [RFC2119]. 174 2. Enhanced CRTP 176 This chapter specifies the changes in this enhanced version of CRTP. 177 They are: 179 - Extensions to the COMPRESSED_UDP packet to allow updating the 180 differential RTP values in the decompressor context and to 181 selectively update the absolute IP ID and RTP values. This 182 allows context sync to be maintained even with some packet 183 loss. 185 - A "headers checksum" to be inserted by the compressor and 186 removed by the decompressor when the UDP checksum is not 187 present so that validation of the decompressed headers is 188 still possible. This allows the decompressor to verify that 189 context sync has not been lost after a packet loss. 191 An algorithm is then described to use these changes with repeated 192 updates to achieve robust operation over links with packet loss and 193 long delay. 195 2.1 Extended COMPRESSED_UDP packet 197 It is possible to accommodate some packet loss between the 198 compressor and decompressor using the "twice" algorithm in RFC 2508 199 so long as the context remains in sync. In that algorithm, the delta 200 values are added to the previous context twice (or more) to effect 201 the change that would have occurred if the missing packets had 202 arrived. The result is verified with the UDP checksum. Keeping the 203 context in sync requires reliably communicating both the absolute 204 value and the delta value whenever the delta value changes. For many 205 environments, sufficient reliability can be achieved by repeating 206 the update with each of several successive packets. 208 The COMPRESSED_UDP packet satisfies the need to communicate the 209 absolute values of the differential RTP fields, but it is specified 210 in RFC 2508 to reset the delta RTP timestamp. That limitation can be 211 removed with the following simple change: RFC 2508 describes the 212 format of COMPRESSED_UDP as being the same as COMPRESSED_RTP except 213 that the M, S and T bits are always 0 and the corresponding delta 214 fields are never included. This enhanced version of CRTP changes 215 that specification to say that the T bit MAY be nonzero to indicate 216 that the delta RTP timestamp is included explicitly rather than 217 being reset to zero. 219 A second change adds another byte of flag bits to the COMPRESSED_UDP 220 packet to allow only selected individual uncompressed fields of the 221 RTP header to be included in the packet rather than carrying the 222 full RTP header as part of the UDP data. The additional flags do 223 increase computational complexity somewhat, but the corresponding 224 increase in bit efficiency is important when the differential field 225 updates are communicated multiple times in successive COMPRESSED_UDP 226 packets. With this change, there are flag bits to indicate 227 inclusion of both delta values and absolute values, so the flag 228 nomenclature is changed. The original S, T, I bits which indicate 229 the inclusion of deltas are renamed dS, dT, dI, and the inclusion of 230 absolute values is indicated by S, T, I. The M bit is absolute as 231 before. A new flag P indicates inclusion of the absolute RTP payload 232 type value and, as in the COMPRESSED_RTP packet, a four-bit CC field 233 copies the absolute value of the CC field in the RTP header. 235 The last of the three changes to the COMPRESSED_UDP packet deals 236 with updating the IP ID field. For this field, the COMPRESSED_UDP 237 packet as specified in RFC 2508 can already convey a new value for 238 the delta IP ID, but not the absolute value which is only conveyed 239 by the FULL_HEADER packet. Therefore, a new flag I is added to the 240 COMPRESSED_UDP packet to indicate inclusion of the absolute IP ID 241 value. The I flag replaces the dS flag which is not needed in the 242 COMPRESSED_UDP packet since the delta RTP sequence number always 243 remains 1 in the decompressor context and hence does not need to be 244 updated. 246 The format of the flags/sequence byte for the original 247 COMPRESSED_UDP packet is shown here for reference: 249 +---+---+---+---+---+---+---+---+ 250 | 0 | 0 | 0 |dI | link sequence | 251 +---+---+---+---+---+---+---+---+ 253 The new definition of the flags/sequence byte plus an extension 254 flags byte for the COMPRESSED_UDP packet is as follows, where the 255 new F flag indicates the inclusion of the extension flags byte: 257 +---+---+---+---+---+---+---+---+ 258 | F | I |dT |dI | link sequence | 259 +---+---+---+---+---+---+---+---+ 260 : M : S : T : P : CC : (if F = 1) 261 +...+...+...+...+...............+ 263 dI = delta IP ID 264 dT = delta RTP timestamp 265 I = absolute IP ID 266 F = additional flags byte 267 M = marker bit 268 S = absolute RTP sequence number 269 T = absolute RTP timestamp 270 P = RTP payload type 271 CC = number of CSRC identifiers 273 When F=0, there is only one flags byte, and the only available flags 274 are: dI, dT and I. In this case the packet includes the full RTP 275 header. As in RFC 2508, if dI=0, the decompressor does not change 276 deltaI. If dT=0, the decompressor sets deltaT to 0. 278 Some example packet formats will illustrate the use of the new 279 flags. First, when F=0, the "traditional" COMPRESSED_UDP packet 280 which carries the full RTP header as part of the UDP data: 282 0 1 2 3 4 5 6 7 283 +...............................+ 284 : msb of session context ID : (if 16-bit CID) 285 +-------------------------------+ 286 | lsb of session context ID | 287 +---+---+---+---+---+---+---+---+ 288 |F=0| I |dT |dI | link sequence | 289 +---+---+---+---+---+---+---+---+ 290 : : 291 + UDP checksum + (if nonzero in context) 292 : : 293 +...............................+ 294 : : 295 + "RANDOM" fields + (if encapsulated) 296 : : 297 +...............................+ 298 : delta IPv4 ID : (if dI = 1) 299 +...............................+ 300 : delta RTP timestamp : (if dT = 1) 301 +...............................+ 302 : : 303 + IPv4 ID + (if I = 1) 304 : : 305 +...............................+ 306 | UDP data | 307 : (uncompressed RTP header) : 309 When F=1, there is an additional flags byte and the available flags 310 are: dI, dT, I, M, S, T, P, CC. In this case the packet does not 311 include the full RTP header, but includes selected fields from the 312 RTP header as specified by the flags. As in RFC 2508, if dI=0 the 313 decompressor does not change deltaI. However, in contrast to RFC 314 2508, if dT=0 the decompressor KEEPS THE CURRENT deltaT in the 315 context (DOES NOT set deltaT to 0). 317 An enhanced COMPRESSED_UDP packet is similar in contents and 318 behavior to a COMPRESSED_RTP packet, but it has more flag bits, some 319 of which correspond to absolute values for RTP header fields. 321 COMPRESSED_UDP with individual RTP fields, when F=1: 323 0 1 2 3 4 5 6 7 324 +...............................+ 325 : msb of session context ID : (if 16-bit CID) 326 +-------------------------------+ 327 | lsb of session context ID | 328 +---+---+---+---+---+---+---+---+ 329 |F=1| I |dT |dI | link sequence | 330 +---+---+---+---+---+---+---+---+ 331 | M | S | T | P | CC | 332 +---+---+---+---+---------------+ 333 : : 334 + UDP checksum + (if nonzero in context) 335 : : 336 +...............................+ 337 : : 338 : "RANDOM" fields : (if encapsulated) 339 : : 340 +...............................+ 341 : delta IPv4 ID : (if dI = 1) 342 +...............................+ 343 : delta RTP timestamp : (if dT = 1) 344 +...............................+ 345 : : 346 + IPv4 ID + (if I = 1) 347 : : 348 +...............................+ 349 : : 350 + RTP sequence number + (if S = 1) 351 : : 352 +...............................+ 353 : : 354 + + 355 : : 356 + RTP timestamp + (if T = 1) 357 : : 358 + + 359 : : 360 +...............................+ 361 : RTP payload type : (if P = 1) 362 +...............................+ 363 : : 364 : CSRC list : (if CC > 0) 365 : : 366 +...............................+ 367 : : 368 : RTP header extension : (if X set in context) 369 : : 370 +-------------------------------+ 371 | | 372 / RTP data / 373 / / 374 | | 375 +-------------------------------+ 376 : padding : (if P set in context) 377 +...............................+ 379 Usage for the enhanced COMPRESSED_UDP packet: 381 It is useful for the compressor to periodically refresh the state of 382 the decompressor to avoid having the decompressor send CONTEXT_STATE 383 messages in the case of unrecoverable packet loss. Using the flags 384 F=0 and I=1, dI=1, dT=1, the COMPRESSED_UDP packet refreshes all the 385 context parameters. 387 When compression is done over a lossy link with a long round trip 388 delay, we want to minimize context invalidation. If the delta values 389 are changing frequently, the context might get invalidated often. In 390 such cases the compressor MAY choose to always send absolute values 391 and never delta values, using COMPRESSED_UDP packets with the flags 392 F=1, and any of S, T, I as necessary. 394 2.2 CRTP Headers Checksum 396 RFC 2508, in Section 3.3.5, describes how the UDP checksum may be 397 used to validate header reconstruction periodically or when the 398 "twice" algorithm is used. When a UDP checksum is not present (has 399 value zero) in a stream, such validation would not be possible. To 400 cover that case, this enhanced CRTP provides an option whereby the 401 compressor MAY replace the null UDP checksum with a 16-bit headers 402 checksum (HDRCKSUM) which is subsequently removed by the 403 decompressor after validation. 405 A new flag C in the FULL_HEADER packet, as specified below, 406 indicates when set that all COMPRESSED_UDP and COMPRESSED_RTP 407 packets sent in that context will have HDRCKSUM inserted. The 408 compressor MAY set the C flag when UDP packet carried in the 409 FULL_HEADER packet originally contained a checksum value of zero. 410 If the C flag is set, the FULL_HEADER packet itself MUST also have 411 the HDRCKSUM inserted. If a packet in the same stream subsequently 412 arrives at the compressor with a UDP checksum present, then a new 413 FULL_HEADER packet MUST be sent with the flag cleared to re- 414 establish the context. 416 The HDRCKSUM is calculated in the same way as a UDP checksum except 417 that it does not cover all of the UDP data. That is, the HDRCKSUM is 418 the 16-bit one's complement of the one's complement sum of the 419 pseudo-IP header (as defined for UDP), the UDP header, and the first 420 12 bytes of the UDP data which are assumed to hold the fixed part of 421 an RTP header. The extended part of the RTP header and the RTP data 422 will not be included in the HDRCKSUM. The HDRCKSUM is placed in the 423 COMPRESSED_UDP or COMPRESSED_RTP packet where a UDP checksum would 424 have been. The decompressor MUST zero out the UDP checksum field in 425 the reconstructed packets. 427 For a non-RTP context, there may be fewer than 12 UDP data bytes 428 present. The IP and UDP headers can still be compressed into a 429 COMPRESSED_UDP packet. For this case, the HDRCKSUM is calculated 430 over the pseudo-IP header, the UDP header, and the UDP data bytes 431 that are present. If the number of data bytes is odd, then a zero 432 padding byte is appended for the purpose of calculating the 433 checksum, but not transmitted. 435 The HDRCKSUM does not validate the RTP data. If the link layer is 436 configured to deliver packets without checking for errors, then 437 errors in the RTP data will not be detected. Over such links, the 438 compressor SHOULD add the HDRCKSUM if a UDP checksum is not present, 439 and the decompressor SHOULD validate each reconstructed packet to 440 make sure that at least the headers are correct. This ensures that 441 the packet will be delivered to the right destination. If only 442 HDRCKSUM is available, the RTP data will be delivered even if it 443 includes errors. This might be a desirable feature for applications 444 that can tolerate errors in the RTP data. The same holds for the 445 extended part of the RTP header. 447 Here is the format of the FULL_HEADER length fields with the new 448 flag C to indicate that a header checksum will be added in 449 COMPRESSED_UDP and COMPRESSED_RTP packets: 451 For 8-bit context ID: 453 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 454 |0|1| Generation| CID | First length field 455 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 457 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 458 | 0 |C| seq | Second length field 459 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ C=1: HDRCKSUM will be added 461 For 16-bit context ID: 463 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 464 |1|1| Generation| 0 |C| seq | First length field 465 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ C=1: HDRCKSUM will be added 467 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 468 | CID | Second length field 469 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 471 2.3 Achieving robust operation 473 Enhanced CRTP achieves robust operation by sending changes multiple 474 times to keep the compressor and decompressor in sync. This method 475 is characterized by a number "N" that represents the quality of the 476 link between the hosts. What it means is that the probability of 477 more than N adjacent packets getting lost on this link is small. For 478 every change in a full value or a delta value, if the compressor 479 includes the change in N+1 consecutive packets, then the 480 decompressor can keep its context state in sync with the compressor 481 using the "twice" algorithm so long as no more than N adjacent 482 packets are lost. 484 Since updates are repeated in N+1 packets, if at least one of these 485 N+1 update packets is received by the decompressor, both the full 486 and delta values in the context at the decompressor will get updated 487 and its context will stay synchronized with the context at the 488 compressor. We can conclude that as long as less than N+1 adjacent 489 packets are lost, the context at the decompressor is guaranteed to 490 be synchronized with the context at the compressor, and use of the 491 "twice" algorithm to recover from packet loss will successfully 492 update the context and restore the compressed packets. 494 The link sequence number cycles in 16 packets, so it's not always 495 clear how many packets were lost. For example, if the previous link 496 sequence number was 5 and the current number is 4, one possibility 497 is that 15 packets were lost, but another possibility is that due to 498 misordering packet 5 arrived before packet 4 and they are really 499 adjacent. If there is an interpretation of the link sequence numbers 500 that could be a gap of less than N+1, the "twice" algorithm may be 501 applied that many times and verified with the UDP checksum (or the 502 HDRCKSUM). 504 When more than N packets are lost, all of the repetitions of an 505 update might have been lost. The context state may then be different 506 at the compressor and decompressor. The decompressor can still try 507 to recover by making one or more guesses for how many packets were 508 lost and then applying the "twice" algorithm that many times. 509 However, since the IPv4 ID field is not included in the checksum, 510 this does not validate the IPv4 ID. 512 The conclusion is that for IPv4 if more than N packets were lost, 513 the decompressor SHOULD NOT try to recover using the "twice" 514 algorithm and instead SHOULD invalidate the context and send a 515 CONTEXT_STATE packet. In IPv6 the decompressor MAY always try to 516 recover from packet loss by using the "twice" algorithm and 517 verifying the result with the UDP checksum. 519 It is up to the implementation to derive an appropriate N for a 520 link. The value is maintained independently for each context and is 521 not required to be the same for all contexts. When compressing a new 522 stream, the compressor sets a value of N for that context and sends 523 N+1 FULL_HEADER packets. The compressor MUST also repeat each 524 subsequent COMPRESSED_UDP update N+1 times. The value of N may be 525 changed for an existing context by sending a new sequence of 526 FULL_HEADER packets. 528 The decompressor learns the value of N by counting the number of 529 times the FULL_HEADER packet is repeated and storing the resulting 530 value in the corresponding context. If some of the FULL_HEADER 531 packets are lost, the decompressor may still be able to determine 532 the correct value of N by observing the change in the 4-bit sequence 533 number carried in the FULL_HEADER packets. Any inaccuracy in the 534 counting will lead the decompressor to assume a smaller value of N 535 than the compressor is sending. This is safe in that the only 536 negative consequence is that the decompressor might send a 537 CONTEXT_STATE packet when it was not really necessary to do so. In 538 response, the compressor will send FULL_HEADER packets again, 539 providing another opportunity for the decompressor to count the 540 correct N. 542 The sending of FULL_HEADER packets is also triggered by a change in 543 one of the fields held constant in the context, such as the IP TOS. 544 If such a change should occur while the compressor is in the middle 545 of sending the N+1 FULL_HEADER packets, then the compressor MUST 546 send N+1 FULL_HEADER packets after making the change. This could 547 cause the decompressor to receive more than N+1 FULL_HEADER packets 548 in a row with the result that it assumes a larger value for N than 549 is correct. That could lead to an undetected loss of context 550 synchronization. Therefore, the compressor MUST change the 551 "generation" number in the context and in the FULL_HEADER packet 552 when it begins sending the sequence of N+1 FULL_HEADER packets so 553 the decompressor can detect the new sequence. For IPv4, this is a 554 change in behavior relative to RFC 2508. 556 CONTEXT_STATE packets SHOULD also be repeated N+1 times (using the 557 same sequence number) to provide a similar measure of robustness 558 against packet loss. 560 2.3.1 Examples 562 Here are some examples to demonstrate the robust operation of 563 enhanced CRTP using N+1 repetitions of updates. In this stream the 564 audio codec sends a sample every 10 milliseconds. The first 565 talkspurt is 1 second long. Then there are 2 seconds of silence, 566 then another talkspurt. We also assume in this first example that 567 the IPv4 ID field does not increment at a constant rate because the 568 host is generating other uncorrelated traffic streams at the same 569 time and therefore the delta IP ID changes for each packet. 571 In these examples, we will use some short notations: 573 FH FULL_HEADER 574 CR COMPRESSED_RTP 575 CU COMPRESSED_UDP 577 When operating on a link with low loss, we can just use 578 COMPRESSED_RTP packets in the basic CRTP method specified in RFC 579 2508. We might have the following packet sequence: 581 seq Time pkt updates and comments 582 # type 583 1 10 FH 584 2 20 CR dI dT=10 585 3 30 CR dI 586 4 40 CR dI 587 ... 588 100 1000 CR dI 590 101 3010 CR dI dT=2010 591 102 3020 CR dI dT=10 592 103 3030 CR dI 593 104 3040 CR dI 594 ... 596 In the above sequence, if a packet is lost we cannot recover 597 ("twice" will not work due to the unpredictable IP ID) and the 598 context must be invalidated. 600 Here is the same example using the enhanced CRTP method specified in 601 this document, when N=2. Note that the compressor only sends the 602 absolute IP ID (I) and not the delta IP ID (dI). 604 seq Time pkt CU flags updates and comments 605 # type F I dT dI M S T P 606 1 10 FH 607 2 20 FH repeat constant fields 608 3 30 FH repeat constant fields 609 4 40 CU 1 1 1 0 M 0 1 0 I T=40 dT=10 610 5 50 CU 1 1 1 0 M 0 1 0 I T=50 dT=10 repeat update T & dT 611 6 60 CU 1 1 1 0 M 0 1 0 I T=60 dT=10 repeat update T & dT 612 7 70 CU 1 1 0 0 M 0 0 0 I 613 8 80 CU 1 1 0 0 M 0 0 0 I 614 ... 615 100 1000 CU 1 1 0 0 M 0 0 0 I 617 101 3010 CU 1 1 0 0 M 0 1 0 I T=3010 T changed, keep deltas 618 102 3020 CU 1 1 0 0 M 0 1 0 I T=3020 repeat updated T 619 103 3030 CU 1 1 0 0 M 0 1 0 I T=3030 repeat updated T 620 104 3040 CU 1 1 0 0 M 0 0 0 I 621 105 3050 CU 1 1 0 0 M 0 0 0 I 622 ... 624 This second example is the same sequence, but assuming the delta IP 625 ID is constant. First the basic CRTP for a lossless link: 627 seq Time pkt updates and comments 628 # type 629 1 10 FH 630 2 20 CR dI dT=10 631 3 30 CR 632 4 40 CR 633 ... 634 100 1000 CR 636 101 3010 CR dT=2010 637 102 3020 CR dT=10 638 103 3030 CR 639 104 3040 CR 640 ... 642 For the equivalent sequence in enhanced CRTP, the more efficient 643 COMPRESSED_RTP packet can still be used once the deltas are all 644 established: 646 seq Time pkt CU flags updates and comments 647 # type F I dT dI M S T P 648 1 10 FH 649 2 20 FH repeat constant fields 650 3 30 FH repeat constant fields 651 4 40 CU 1 1 1 1 M 0 1 0 I dI T=40 dT=10 652 5 50 CU 1 1 1 1 M 0 1 0 I dI T=50 dT=10 repeat updates 653 6 60 CU 1 1 1 1 M 0 1 0 I dI T=60 dT=10 repeat updates 654 7 70 CR 655 8 80 CR 656 ... 657 100 1000 CR 659 101 3010 CU 1 0 0 0 M 0 1 0 T=3010 T changed, keep deltas 660 102 3020 CU 1 0 0 0 M 0 1 0 T=3020 repeat updated T 661 103 3030 CU 1 0 0 0 M 0 1 0 T=3030 repeat updated T 662 104 3040 CR 663 105 3050 CR 664 ... 666 3. Negotiating usage of enhanced-CRTP 668 The use of IP/UDP/RTP compression (CRTP) over a particular link is 669 a function of the link-layer protocol. It is expected that 670 negotiation of the use of CRTP will be defined separately 671 for each link layer. 673 For link layers that already have defined a negotiation for the use 674 of CRTP as specified in RFC 2508, an extension to that negotiation 675 will be required to indicate use of the enhanced CRTP defined in 676 this document since the syntax of the existing packet formats has 677 been extended. 679 4. Security Considerations 681 Because encryption eliminates the redundancy that this compression 682 scheme tries to exploit, there is some inducement to forego 683 encryption in order to achieve operation over a low-bandwidth link. 684 However, for those cases where encryption of data and not headers is 685 satisfactory, RTP does specify an alternative encryption method in 686 which only the RTP payload is encrypted and the headers are left in 687 the clear. That would allow compression to still be applied. 689 A malfunctioning or malicious compressor could cause the 690 decompressor to reconstitute packets that do not match the original 691 packets but still have valid IP, UDP and RTP headers and possibly 692 even valid UDP check-sums. Such corruption may be detected with 693 end-to-end authentication and integrity mechanisms which will not be 694 affected by the compression. Constant portions of authentication 695 headers will be compressed as described in [IPHCOMP]. 697 No authentication is performed on the CONTEXT_STATE control packet 698 sent by this protocol. An attacker with access to the link between 699 the decompressor and compressor could inject false CONTEXT_STATE 700 packets and cause compression efficiency to be reduced, probably 701 resulting in congestion on the link. However, an attacker with 702 access to the link could also disrupt the traffic in many other 703 ways. 705 A potential denial-of-service threat exists when using compression 706 techniques that have non-uniform receiver-end computational load. 707 The attacker can inject pathological datagrams into the stream which 708 are complex to decompress and cause the receiver to be overloaded 709 and degrading processing of other streams. However, this 710 compression does not exhibit any significant non-uniformity. 712 5. Acknowledgements 714 The authors would like to thank Van Jacobson, co-author of RFC 2508, 715 and the authors of RFC 2507, Mikael Degermark, Bjorn Nordgren, and 716 Stephen Pink. The authors would also like to thank Dana Blair, 717 Francois Le Faucheur, Tim Gleeson, Matt Madison, Hussein Salama, 718 Mallik Tatipamula, Mike Thomas, Alex Tweedly, Herb Wildfeuer, and 719 Dan Wing. 721 6. References 723 [CRTP] S. Casner, V. Jacobson, "Compressing IP/UDP/RTP Headers for 724 Low-Speed Serial Links", RFC2508, February 1999. 726 [IPHCOMP] M. Degermark, B. Nordgren, S. Pink, 727 "IP Header Compression", RFC2507, February 1999. 729 [IPCPHC] M. Engan, S. Casner, C. Bormann, 730 "IP Header Compression over PPP", RFC2509, February 1999. 732 [KEYW] S. Bradner, "Key words for use in RFCs to Indicate 733 Requirement Levels", RFC2119, BCP 14, March 1997. 735 [RTP] H. Schulzrinne, S. Casner, R. Frederick, V. Jacobson, 736 "RTP: A Transport Protocol for Real-Time Applications", RFC1889, 737 January 1996. 739 7. Authors' Addresses 741 Tmima Koren 742 Cisco Systems, Inc. 743 170 West Tasman Drive 744 San Jose, CA 95134-1706 745 United States of America 747 Email: tmima@cisco.com 749 Stephen L. Casner 750 Packet Design 751 2465 Latham Street, Third Floor 752 Mountain View, CA 94040 753 United States of America 755 Email: casner@acm.org 757 John Geevarghese 758 Telseon Inc. 759 480 S. California 760 Palo Alto, CA 94306 761 United States of America 763 Email: geevjohn@hotmail.com 765 Bruce Thompson 766 Cisco Systems, Inc. 767 170 West Tasman Drive 768 San Jose, CA 95134-1706 769 United States of America 771 Email: brucet@cisco.com 773 8. Copyright 775 Copyright (C) The Internet Society 1999-2001. All Rights Reserved. 776 This document and translations of it may be copied and furnished to 777 others, and derivative works that comment on or otherwise explain it 778 or assist in its implementation may be prepared, copied, published 779 and distributed, in whole or in part, without restriction of any 780 kind, provided that the above copyright notice and this paragraph 781 are included on all such copies and derivative works. However, this 782 document itself may not be modified in any way, such as by removing 783 the copyright notice or references to the Internet Society or other 784 Internet organizations, except as needed for the purpose of 785 developing Internet standards in which case the procedures for 786 copyrights defined in the Internet Standards process must be 787 followed, or as required to translate it into languages other than 788 English. 790 The limited permissions granted above are perpetual and will not be 791 revoked by the Internet Society or its successors or assigns. 793 This document and the information contained herein is provided on an 794 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 795 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 796 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 797 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 798 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.