idnits 2.17.1 draft-ietf-sipcore-dns-dual-stack-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == The 'Updates: ' line in the draft header should list only the _numbers_ of the RFCs which will be updated by this document (if approved); it should not include the word 'RFC' in the list. -- The draft header indicates that this document updates RFC6157, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC6157, updated by this document, for RFC5378 checks: 2005-07-13) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (February 2, 2015) is 3371 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 3484 (Obsoleted by RFC 6724) -- Obsolete informational reference (is this intentional?): RFC 6555 (Obsoleted by RFC 8305) Summary: 0 errors (**), 0 flaws (~~), 2 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 SIPCORE O. Johansson 3 Internet-Draft Edvina AB 4 Updates: RFC 6157 (if approved) G. Salgueiro 5 Intended status: Standards Track Cisco Systems 6 Expires: August 6, 2015 V. Gurbani 7 Bell Labs, Alcatel-Lucent 8 February 2, 2015 10 Locating Session Initiation Protocol (SIP) Servers in a Dual-Stack IP 11 Network 12 draft-ietf-sipcore-dns-dual-stack-02 14 Abstract 16 RFC 3263 defines how a Session Initiation Protocol (SIP) 17 implementation, given a SIP Uniform Resource Identifier (URI), should 18 locate the next hop SIP server using Domain Name System (DNS) 19 procedures. As SIP networks increasingly transition from IPv4-only 20 to dual-stack, a quality user experience must be ensured for dual- 21 stack SIP implementations. This document supplements the DNS 22 procedures described in RFC 3263 for dual-stack SIP implementations 23 and ensures that they properly align to the optimizations detailed by 24 Happy Eyeballs. 26 Status of This Memo 28 This Internet-Draft is submitted in full conformance with the 29 provisions of BCP 78 and BCP 79. 31 Internet-Drafts are working documents of the Internet Engineering 32 Task Force (IETF). Note that other groups may also distribute 33 working documents as Internet-Drafts. The list of current Internet- 34 Drafts is at http://datatracker.ietf.org/drafts/current/. 36 Internet-Drafts are draft documents valid for a maximum of six months 37 and may be updated, replaced, or obsoleted by other documents at any 38 time. It is inappropriate to use Internet-Drafts as reference 39 material or to cite them other than as "work in progress." 41 This Internet-Draft will expire on August 6, 2015. 43 Copyright Notice 45 Copyright (c) 2015 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the Simplified BSD License. 58 Table of Contents 60 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 61 2. Notational Conventions . . . . . . . . . . . . . . . . . . . 3 62 3. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 63 4. DNS Procedures in a Dual-Stack Network . . . . . . . . . . . 3 64 4.1. Dual-Stack SIP UA DNS Record Lookup Procedure . . . . . . 4 65 4.2. Indicating Address Family Preference in DNS SRV Records . 4 66 5. Update to RFC 6157 . . . . . . . . . . . . . . . . . . . . . 5 67 6. Security Considerations . . . . . . . . . . . . . . . . . . . 5 68 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 69 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 5 70 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 71 9.1. Normative References . . . . . . . . . . . . . . . . . . 6 72 9.2. Informative References . . . . . . . . . . . . . . . . . 6 73 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7 75 1. Introduction 77 The Session Initiation Protocol (SIP, [RFC3261]) and the additional 78 documents that extended the protocol assumed support for both IPv4 79 and IPv6. However, this support does not fully extend to the highly 80 hybridized environments that are symptomatic of the transitional 81 migratory phase from IPv4 to IPv6 networks. During this phase, many 82 server and client implementations run on dual-stack hosts. In such 83 environments, a dual-stack host will likely suffer greater connection 84 delay, and by extension an inferior user experience, than an 85 IPv4-only host. The need to remedy this diminished performance of 86 dual-stack hosts led to the development of the Happy Eyeballs 87 [RFC6555] algorithm, which has since been implemented in many 88 applications. 90 This document aims to provide a complete design solution by 91 clarifying the DNS lookup procedures of RFC 3263[RFC3263] to ensure 92 enhanced performance, and consequently user experience, in highly 93 hybridized dual-stack SIP networks. The procedures described herein 94 are such that a dual-stack client SHOULD look up both A and AAAA 95 records in DNS and then select the best way to set up a network flow. 97 The details of how the latter is done is considered out of scope for 98 this document. See the Happy Eyeballs algorithm and implementation 99 and design considerations in RFC 6555 [RFC6555] for more information 100 about issues with setting up dual-stack network flows. 102 This document updates [RFC6157] as described in Section Section 5. 104 2. Notational Conventions 106 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 107 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 108 document are to be interpreted as described in RFC 2119 [RFC2119]. 110 3. Terminology 112 RFC 3261 [RFC3261] defines additional terms used in this document 113 that are specific to the SIP domain such as "proxy"; "registrar"; 114 "redirect server"; "user agent server" or "UAS"; "user agent client" 115 or "UAC"; "back-to-back user agent" or "B2BUA"; "dialog"; 116 "transaction"; "server transaction". 118 This document uses the term "SIP Server" that is defined to include 119 the following SIP entities: user agent server, registrar, redirect 120 server, a SIP proxy in the role of user agent server, and a B2BUA in 121 the role of a user agent server. 123 This document also uses the following terminology to make clear 124 distinction between SIP entities supporting only IPv4, only IPv6 or 125 supporting both IPv4 and IPv6. 127 IPv4-only UA/UAC/UAS: An IPv4-only UA/UAC/UAS supports SIP signaling 128 and media only on the IPv4 network. It does not understand IPv6 129 addresses. 131 IPv6-only UA/UAC/UAS: An IPv6-only UA/UAC/UAS supports SIP signaling 132 and media only on the IPv6 network. It does not understand IPv4 133 addresses. 135 IPv4/IPv6 UA/UAC/UAS: A UA/UAC/UAS that supports SIP signaling and 136 media on both IPv4 and IPv6 networks; such a UA/UAC/UAS is known 137 (and will be referred to in this document) as a "dual-stack" 138 [RFC4213] UA/UAC/UAS. 140 4. DNS Procedures in a Dual-Stack Network 142 This specification introduces two normative DNS lookup procedures. 143 These are designed to improve the performance of dual-stack clients 144 in IPv4/IPv6 networks. 146 4.1. Dual-Stack SIP UA DNS Record Lookup Procedure 148 Once the transport protocol has been determined, the procedure for 149 discovering an ip address if the TARGET is not a numeric IP address 150 but the port is explicitly stated in the URI, is detailed in 151 Section 4.2 of RFC 3263[RFC3263]. The piece relevant to to this 152 discussion is: 154 "If the TARGET was not a numeric IP address, but a port is present 155 in the URI, the client performs an A or AAAA record lookup of the 156 domain name. The result will be a list of IP addresses, each of 157 which can be contacted at the specific port from the URI and 158 transport protocol determined previously." 160 Section 4.2 of RFC 3263 [RFC3263] also goes on to describe the 161 complete procedure for discovering an ip address if the TARGET is not 162 a numeric IP address, and no port is present in the URI. The piece 163 relevant to to this discussion is: 165 "If no SRV records were found, the client performs an A or AAAA 166 record lookup of the domain name. The result will be a list of IP 167 addresses, each of which can be contacted using the transport 168 protocol determined previously, at the default port for that 169 transport. Processing then proceeds as described above for an 170 explicit port once the A or AAAA records have been looked up." 172 Happy Eyeballs [RFC6555] has proven that looking up the "A or AAAA 173 record" is not an effective practice for dual-stack clients and that 174 it can add significant connection delay and greatly degrade user 175 experience. Therefore, this document makes the following normative 176 addendum to the DNS lookup procedures of Section 4.2 of RFC 3263 177 [RFC3263] for IPv4/IPv6 hybrid SIP networks and recommends it as a 178 best practice for such dual-stack networks: 180 The dual-stack client SHOULD perform an A and AAAA record lookup 181 of the domain name and add the respective IPv4/IPv6 addresses to 182 the list of IP addresses to be contacted. 184 4.2. Indicating Address Family Preference in DNS SRV Records 186 The Happy Eyeballs algorithm [RFC6555] is particularly effective when 187 dual-stack client applications have significant performance 188 differences in their IPv4 or IPv6 network paths. In this common 189 scenario it is often necessary for a dual-stack client to indicate a 190 preference for either IPv4 or IPv6. A service may use DNS SRV 191 records to indicate such a preference for an address family. This 192 way, a server with a high-latency and/or low-capacity IPv4 tunnel may 193 indicate a preference for being contacted using IPv6. A server that 194 wishes to do this can use the lowest SRV priority to publish 195 hostnames that only resolve in IPv6 and the next priority with host 196 names that resolve in both address families. 198 When indicating address family preference through SRV, IPv4-only and/ 199 or IPv6-only clients should be prepared to handle SRV record sets 200 that don't resolve into an ip address in the address family used by 201 that client. In such a case, the client should simply proceed to the 202 next priority and try the hostnames in the alternate address family. 204 5. Update to RFC 6157 206 [RFC6157] defers to the Source and Destination Address Selection 207 algorithms defined in [RFC6724] (the successor of [RFC3484]) when 208 allowing a client to choose a specific server (c.f. Section 5 in 209 [RFC6157]). 211 This document modifies the behavior of Section 5 in [RFC6157] to 212 allow for an additional (and preferred) way to contact servers, as 213 outlined in Section Section 4.2. Implementations MUST use the DNS 214 SRV records as described in Section Section 4.2 of this document 215 first before resorting to the Source and Destination Address 216 Selection algorithms defined in [RFC6724]. 218 6. Security Considerations 220 This document introduces two new normative procedures to the existing 221 DNS procedures used to locate SIP servers. While both of these 222 procedures are optimizations designed to improve the performance of 223 dual-stack clients, neither introduces any new security 224 considerations. 226 The specific security vulnerabilities, attacks and threat models of 227 the various protocols discussed in this document (SIP, DNS, SRV 228 records, Happy Eyeballs requirements and algorithm, etc.) are well 229 documented in their respective specifications. 231 7. IANA Considerations 233 This document does not require any actions by IANA. 235 8. Acknowledgments 237 The authors would like to acknowledge the support and contribution of 238 the SIP Forum IPv6 Working Group. This document is based on a lot of 239 tests and discussions at SIPit events, organized by the SIP Forum. 241 This document has benefited from the expertise and review feedback of 242 many participants of the IETF DISPATCH and SIPCORE WG mailing lists 243 as well as those on the SIP Forum IPv6 Task Group mailing list. The 244 authors wish to specifically call out the efforts and express their 245 gratitude for the detailed and thoughtful comments and corrections of 246 Dan Wing, Brett Tate, Rifaat Shekh-Yusef, Carl Klatsky, Dale Worley, 247 Mary Barnes, Keith Drage and Cullen Jennings. 249 The authors also thank the SIPCORE WG chairs, Paul Kyzivat and Adam 250 Roach, and assigned Area Director, Richard Barnes, for their support 251 and thorough evaluation of this work. 253 9. References 255 9.1. Normative References 257 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 258 Requirement Levels", BCP 14, RFC 2119, March 1997. 260 [RFC3263] Rosenberg, J. and H. Schulzrinne, "Session Initiation 261 Protocol (SIP): Locating SIP Servers", RFC 3263, June 262 2002. 264 [RFC6157] Camarillo, G., El Malki, K., and V. Gurbani, "IPv6 265 Transition in the Session Initiation Protocol (SIP)", RFC 266 6157, April 2011. 268 9.2. Informative References 270 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 271 A., Peterson, J., Sparks, R., Handley, M., and E. 272 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 273 June 2002. 275 [RFC3484] Draves, R., "Default Address Selection for Internet 276 Protocol version 6 (IPv6)", RFC 3484, February 2003. 278 [RFC4213] Nordmark, E. and R. Gilligan, "Basic Transition Mechanisms 279 for IPv6 Hosts and Routers", RFC 4213, October 2005. 281 [RFC6555] Wing, D. and A. Yourtchenko, "Happy Eyeballs: Success with 282 Dual-Stack Hosts", RFC 6555, April 2012. 284 [RFC6724] Thaler, D., Draves, R., Matsumoto, A., and T. Chown, 285 "Default Address Selection for Internet Protocol Version 6 286 (IPv6)", RFC 6724, September 2012. 288 Authors' Addresses 290 Olle E. Johansson 291 Edvina AB 292 Runbovaegen 10 293 Sollentuna SE-192 48 294 SE 296 Email: oej@edvina.net 298 Gonzalo Salgueiro 299 Cisco Systems 300 7200-12 Kit Creek Road 301 Research Triangle Park, NC 27709 302 US 304 Email: gsalguei@cisco.com 306 Vijay Gurbani 307 Bell Labs, Alcatel-Lucent 308 1960 Lucent Lane 309 Rm 9C-533 310 Naperville, IL 60563 311 US 313 Email: vkg@bell-labs.com