idnits 2.17.1 draft-ietf-sipcore-dns-dual-stack-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- -- The draft header indicates that this document updates RFC3263, but the abstract doesn't seem to directly say this. It does mention RFC3263 though, so this could be OK. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year (Using the creation date from RFC3263, updated by this document, for RFC5378 checks: 2000-10-06) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (April 15, 2016) is 2930 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 3484 (Obsoleted by RFC 6724) -- Obsolete informational reference (is this intentional?): RFC 6555 (Obsoleted by RFC 8305) Summary: 0 errors (**), 0 flaws (~~), 1 warning (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 SIPCORE O. Johansson 3 Internet-Draft Edvina AB 4 Updates: 3263 (if approved) G. Salgueiro 5 Intended status: Standards Track Cisco Systems 6 Expires: October 17, 2016 V. Gurbani 7 Bell Labs, Alcatel-Lucent 8 D. Worley, Ed. 9 Ariadne 10 April 15, 2016 12 Locating Session Initiation Protocol (SIP) Servers in a Dual-Stack IP 13 Network 14 draft-ietf-sipcore-dns-dual-stack-05 16 Abstract 18 RFC 3263 defines how a Session Initiation Protocol (SIP) 19 implementation, given a SIP Uniform Resource Identifier (URI), should 20 locate the next-hop SIP server using Domain Name System (DNS) 21 procedures. As SIP networks increasingly transition from IPv4-only 22 to dual-stack, a quality user experience must be ensured for dual- 23 stack SIP implementations. This document updates the DNS procedures 24 described in RFC 3263 for dual-stack SIP implementations in 25 preparation for forthcoming specifications for applying Happy 26 Eyeballs principles to SIP. 28 Status of This Memo 30 This Internet-Draft is submitted in full conformance with the 31 provisions of BCP 78 and BCP 79. 33 Internet-Drafts are working documents of the Internet Engineering 34 Task Force (IETF). Note that other groups may also distribute 35 working documents as Internet-Drafts. The list of current Internet- 36 Drafts is at http://datatracker.ietf.org/drafts/current/. 38 Internet-Drafts are draft documents valid for a maximum of six months 39 and may be updated, replaced, or obsoleted by other documents at any 40 time. It is inappropriate to use Internet-Drafts as reference 41 material or to cite them other than as "work in progress." 43 This Internet-Draft will expire on October 17, 2016. 45 Copyright Notice 47 Copyright (c) 2016 IETF Trust and the persons identified as the 48 document authors. All rights reserved. 50 This document is subject to BCP 78 and the IETF Trust's Legal 51 Provisions Relating to IETF Documents 52 (http://trustee.ietf.org/license-info) in effect on the date of 53 publication of this document. Please review these documents 54 carefully, as they describe your rights and restrictions with respect 55 to this document. Code Components extracted from this document must 56 include Simplified BSD License text as described in Section 4.e of 57 the Trust Legal Provisions and are provided without warranty as 58 described in the Simplified BSD License. 60 Table of Contents 62 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 63 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 64 3. DNS Procedures in a Dual-Stack Network . . . . . . . . . . . 4 65 3.1. Dual-Stack SIP UA DNS Record Lookup Procedure . . . . . . 4 66 3.2. Indicating Address Family Preference in DNS SRV Records . 5 67 4. Clarification of RFC 6157 . . . . . . . . . . . . . . . . . . 5 68 5. Security Considerations . . . . . . . . . . . . . . . . . . . 7 69 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 70 7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7 71 8. Revision History . . . . . . . . . . . . . . . . . . . . . . 7 72 8.1. Changes from draft-ietf-sipcore-dns-dual-stack-04 to 73 draft-ietf-sipcore-dns-dual-stack-05 . . . . . . . . . . 7 74 8.2. Changes from draft-ietf-sipcore-dns-dual-stack-03 to 75 draft-ietf-sipcore-dns-dual-stack-04 . . . . . . . . . . 8 76 8.3. Changes from draft-ietf-sipcore-dns-dual-stack-02 to 77 draft-ietf-sipcore-dns-dual-stack-03 . . . . . . . . . . 8 78 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 79 9.1. Normative References . . . . . . . . . . . . . . . . . . 9 80 9.2. Informative References . . . . . . . . . . . . . . . . . 9 81 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10 83 1. Introduction 85 The Session Initiation Protocol (SIP, [RFC3261]) and the additional 86 documents that extended it provide support for both IPv4 and IPv6. 87 However, this support does not fully extend to the highly hybridized 88 environments that are characteristic of the transitional migratory 89 phase from IPv4 to IPv6 networks. During this phase, many server and 90 client implementations run on dual-stack hosts. In such 91 environments, a dual-stack host will likely suffer greater connection 92 delay, and by extension an inferior user experience, than an 93 IPv4-only host. The need to remedy this diminished performance of 94 dual-stack hosts led to the development of the Happy Eyeballs 95 [RFC6555] algorithm, which has since been implemented in many 96 protocols and applications. 98 This document updates the DNS lookup procedures of RFC 3263 [RFC3263] 99 in preparation for the specification of the application of Happy 100 Eyeballs to SIP to provide enhanced performance, and consequently 101 user experience, in highly hybridized dual-stack SIP networks. The 102 procedures described herein are such that a dual-stack client should 103 look up both A and AAAA records in DNS and then select the best way 104 to set up a network flow. The details of how the latter is done is 105 considered out of scope for this document. See the Happy Eyeballs 106 algorithm and implementation and design considerations in RFC 6555 107 [RFC6555] for more information about issues with setting up dual- 108 stack network flows. 110 Section 4 of this document clarifies the interaction of [RFC3263] 111 with [RFC6157]. 113 2. Terminology 115 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 116 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 117 document are to be interpreted as described in RFC 2119 [RFC2119]. 119 RFC 3261 [RFC3261] defines additional terms used in this document 120 that are specific to the SIP domain such as "proxy", "registrar", 121 "redirect server", "user agent server" or "UAS", "user agent client" 122 or "UAC", "back-to-back user agent" or "B2BUA", "dialog", 123 "transaction", and "server transaction". 125 This document uses the term "SIP server" that is defined to include 126 the following SIP entities: user agent server, registrar, redirect 127 server, a SIP proxy in the role of user agent server, and a B2BUA in 128 the role of a user agent server. 130 This document also uses the following terminology to make clear 131 distinction between SIP entities supporting only IPv4, only IPv6 or 132 supporting both IPv4 and IPv6: 134 IPv4-only UA/UAC/UAS: An IPv4-only UA/UAC/UAS supports SIP signaling 135 and media only on the IPv4 network. It does not understand IPv6 136 addresses. 138 IPv6-only UA/UAC/UAS: An IPv6-only UA/UAC/UAS supports SIP signaling 139 and media only on the IPv6 network. It does not understand IPv4 140 addresses. 142 IPv4/IPv6 UA/UAC/UAS: A UA/UAC/UAS that supports SIP signaling and 143 media on both IPv4 and IPv6 networks; such a UA/UAC/UAS is known 144 (and will be referred to in this document) as a "dual-stack" 145 [RFC4213] UA/UAC/UAS. 147 The term "address records" means the DNS records which translate a 148 domain name into addresses within the address family(ies) that the 149 entity supports (as A records provide IPv4 addresses and AAAA records 150 provide IPv6 addresses), regardless of whether the address family was 151 defined before or after this document was approved. 153 3. DNS Procedures in a Dual-Stack Network 155 This specification introduces two normative DNS lookup procedures. 156 These are designed to improve the performance of dual-stack clients 157 in IPv4/IPv6 networks. 159 3.1. Dual-Stack SIP UA DNS Record Lookup Procedure 161 Once the transport protocol has been determined, the procedure for 162 discovering an IP address if the TARGET is not a numeric IP address 163 but the port is explicitly stated in the URI, is detailed in 164 Section 4.2 of RFC 3263 [RFC3263]. The piece relevant to this 165 discussion is: 167 If the TARGET was not a numeric IP address, but a port is present 168 in the URI, the client performs an A or AAAA record lookup of the 169 domain name. The result will be a list of IP addresses, each of 170 which can be contacted at the specific port from the URI and 171 transport protocol determined previously. 173 Section 4.2 of RFC 3263 [RFC3263] also goes on to describe the 174 procedure for discovering an IP address if the TARGET is not a 175 numeric IP address, and no port is present in the URI. The piece 176 relevant to to this discussion is: 178 If no SRV records were found, the client performs an A or AAAA 179 record lookup of the domain name. The result will be a list of IP 180 addresses, each of which can be contacted using the transport 181 protocol determined previously, at the default port for that 182 transport. Processing then proceeds as described above for an 183 explicit port once the A or AAAA records have been looked up. 185 Happy Eyeballs [RFC6555] documents that looking up the "A or AAAA 186 record" is not an effective practice for dual-stack clients and that 187 it can add significant connection delay and greatly degrade user 188 experience. Therefore, this document makes the following normative 189 addendum to the DNS lookup procedures of Section 4.2 of RFC 3263 191 [RFC3263] for IPv4/IPv6 hybrid SIP networks and recommends it as a 192 best practice for such dual-stack networks: 194 The dual-stack client SHOULD look up all address records (i.e., 195 for all address family(ies) that it supports) for the domain name 196 and add the resulting addresses to the list of IP addresses to be 197 contacted. A client MUST be prepared for DNS lookups to return 198 addresses in families that it does not support; such addresses 199 MUST be ignored as unusable and the supported addresses used as 200 specified herein. 202 3.2. Indicating Address Family Preference in DNS SRV Records 204 The Happy Eyeballs algorithm [RFC6555] is particularly effective when 205 dual-stack client applications have significant performance 206 differences in their IPv4 or IPv6 network paths. In this common 207 scenario it is often necessary for a dual-stack client to indicate a 208 preference for either IPv4 or IPv6. A service may use DNS SRV 209 records to indicate such a preference for an address family. This 210 way, a server with a high-latency and/or low-capacity IPv4 tunnel may 211 indicate a preference for being contacted using IPv6. A server that 212 wishes to do this can use the lowest SRV priority to publish 213 hostnames that only resolve in IPv6 and the next priority with host 214 names that resolve in both address families. 216 4. Clarification of RFC 6157 218 Section 5 of [RFC6157] specifies that the addresses from the address 219 records for a single target DNS name for a server's DNS name must be 220 contacted in the order specified by the Source and Destination 221 Address Selection algorithms defined in [RFC6724] (the successor of 222 [RFC3484]). Typically, this is done by using the getaddrinfo() 223 function to translate the target DNS name into a list of IPv4 and/or 224 IPv6 addresses in the order in which they are to be contacted, as 225 that function implements [RFC6724]. 227 Thus, if SRV lookup on the server's DNS name is successful, the major 228 ordering of the complete list of destination addresses is determined 229 by the priority and weight fields of the SRV records (as specified in 230 [RFC2782]) and the (minor) ordering among the destinations derived 231 from the "target" field of a single SRV record is determined by 232 [RFC6724]. 234 For example, consider a server with DNS name example.com, with TCP 235 transport specified. The relevant SRV records are: 237 _sip._tcp.example.com. 300 IN SRV 10 1 5060 sip-1.example.com. 238 _sip._tcp.example.com. 300 IN SRV 20 1 5060 sip-2.example.com. 240 The address records for sip-1.example.com, as ordered by [RFC6724], 241 are 243 sip-1.example.com. 300 IN AAAA 2001:0db8:58:c02::face 244 sip-1.example.com. 300 IN AAAA 2001:0db8:c:a06::2:cafe 245 sip-1.example.com. 300 IN AAAA 2001:0db8:44:204::d1ce 246 sip-1.example.com. 300 IN A 192.0.2.45 247 sip-1.example.com. 300 IN A 203.0.113.109 248 sip-1.example.com. 300 IN A 198.51.100.24 250 and the address records for sip-2.example.com, as ordered by 251 [RFC6724], are: 253 sip-2.example.com. 300 IN AAAA 2001:0db8:58:c02::dead 254 sip-2.example.com. 300 IN AAAA 2001:0db8:c:a06::2:beef 255 sip-2.example.com. 300 IN AAAA 2001:0db8:44:204::c0de 256 sip-2.example.com. 300 IN A 192.0.2.75 257 sip-2.example.com. 300 IN A 203.0.113.38 258 sip-2.example.com. 300 IN A 198.51.100.140 260 Thus, the complete list of destination addresses has this ordering: 262 2001:0db8:58:c02::face 263 2001:0db8:c:a06::2:cafe 264 2001:0db8:44:204::d1ce 265 192.0.2.45 266 203.0.113.109 267 198.51.100.24 268 2001:0db8:58:c02::dead 269 2001:0db8:c:a06::2:beef 270 2001:0db8:44:204::c0de 271 192.0.2.75 272 203.0.113.38 273 198.51.100.140 275 In particular, the destination addresses derived from sip- 276 1.example.com and those derived from sip-2.example.com are not 277 interleaved; [RFC6724] does not operate on the complete list. This 278 would be true even if the two SRV records had the same priority and 279 were (randomly) ordered based on their weights, as the address 280 records of two target DNS names are never interleaved. 282 5. Security Considerations 284 This document introduces two new normative procedures to the existing 285 DNS procedures used to locate SIP servers. While both of these 286 procedures are optimizations designed to improve the performance of 287 dual-stack clients, neither introduces any new security 288 considerations. 290 The specific security vulnerabilities, attacks and threat models of 291 the various protocols discussed in this document (SIP, DNS, SRV 292 records, Happy Eyeballs requirements and algorithm, etc.) are well 293 documented in their respective specifications. 295 6. IANA Considerations 297 This document does not require any actions by IANA. 299 7. Acknowledgments 301 The authors would like to acknowledge the support and contribution of 302 the SIP Forum IPv6 Working Group. This document is based on a lot of 303 tests and discussions at SIPit events, organized by the SIP Forum. 305 This document has benefited from the expertise and review feedback of 306 many participants of the IETF DISPATCH and SIPCORE WG mailing lists 307 as well as those on the SIP Forum IPv6 Task Group mailing list. The 308 authors wish to specifically call out the efforts and express their 309 gratitude for the detailed and thoughtful comments and corrections of 310 Dan Wing, Brett Tate, Rifaat Shekh-Yusef, Carl Klatsky, Mary Barnes, 311 Keith Drage, Cullen Jennings, Simon Perreault, Paul Kyzivat, Adam 312 Roach, and Richard Barnes. 314 8. Revision History 316 [Note to RFC Editor: Please remove this entire section upon 317 publication as an RFC.] 319 8.1. Changes from draft-ietf-sipcore-dns-dual-stack-04 to draft-ietf- 320 sipcore-dns-dual-stack-05 322 Simplified the acknowledgments. 324 Improve wording and punctuation. 326 Rewrote Section 4 based on critiques on the Sipcore list. Included 327 an example by Adam Roach. 329 Replaced "RR's" with "records" per suggestion by Jean Mahoney. 331 8.2. Changes from draft-ietf-sipcore-dns-dual-stack-03 to draft-ietf- 332 sipcore-dns-dual-stack-04 334 Changed the "updates" specification to add RFC 3263 and remove RFC 335 6157. 337 Added Simon Perreault to the acknowledgments. 339 Minor wording changes. 341 8.3. Changes from draft-ietf-sipcore-dns-dual-stack-02 to draft-ietf- 342 sipcore-dns-dual-stack-03 344 Described the relationship to RFC 3263 as "update", since the 345 existing wording in 3263 is not what we want. Arguably, the new 346 wording is what was intended in 3263, but the existing wording either 347 does not say that or says it in a way that is easily misunderstood. 349 Described the relationship to RFC 6157 as "clarification", since the 350 described interaction between 3263 and 6157 appears to be the only 351 reasonable interpretation. 353 Revised wording, punctuation, and capitalization in various places. 355 Clarified that this draft does not document Happy Eyeballs for SIP, 356 but is preparatory for it. 358 Attempted to use "update" for text that is definitively a change to 359 the preexisting text and "clarify" for text that is a more clear 360 statement of the (presumed) intention of the preexisting text. 362 Removed normative words from section 1, the introduction. 364 Copied definition of "address records" from RFC 2782 (SRV records) to 365 allow the specifications to expand automatically to include any new 366 address families. 368 Relocated the text requiring a client to ignore addresses that it 369 discovers in address families it does not support from section 4.2 370 (which describes why the situation arises) to section 4.1 (which 371 describes how clients look up RRs). 373 Clarified the interaction with RFC 6157 (source and destination 374 address selection in IPv6) to specify what must have been intended: 375 The major sort of the destinations is the ordering determined by 376 priority/weight in the SRV records; the addresses derived from a 377 single SRV record's target are minorly sorted based on RFC 6157. 379 Removed editor's name from the acknowledgments list. 381 9. References 383 9.1. Normative References 385 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 386 Requirement Levels", BCP 14, RFC 2119, 387 DOI 10.17487/RFC2119, March 1997, 388 . 390 [RFC2782] Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for 391 specifying the location of services (DNS SRV)", RFC 2782, 392 DOI 10.17487/RFC2782, February 2000, 393 . 395 [RFC3263] Rosenberg, J. and H. Schulzrinne, "Session Initiation 396 Protocol (SIP): Locating SIP Servers", RFC 3263, 397 DOI 10.17487/RFC3263, June 2002, 398 . 400 [RFC6157] Camarillo, G., El Malki, K., and V. Gurbani, "IPv6 401 Transition in the Session Initiation Protocol (SIP)", 402 RFC 6157, DOI 10.17487/RFC6157, April 2011, 403 . 405 9.2. Informative References 407 [RFC3261] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, 408 A., Peterson, J., Sparks, R., Handley, M., and E. 409 Schooler, "SIP: Session Initiation Protocol", RFC 3261, 410 DOI 10.17487/RFC3261, June 2002, 411 . 413 [RFC3484] Draves, R., "Default Address Selection for Internet 414 Protocol version 6 (IPv6)", RFC 3484, 415 DOI 10.17487/RFC3484, February 2003, 416 . 418 [RFC4213] Nordmark, E. and R. Gilligan, "Basic Transition Mechanisms 419 for IPv6 Hosts and Routers", RFC 4213, 420 DOI 10.17487/RFC4213, October 2005, 421 . 423 [RFC6555] Wing, D. and A. Yourtchenko, "Happy Eyeballs: Success with 424 Dual-Stack Hosts", RFC 6555, DOI 10.17487/RFC6555, April 425 2012, . 427 [RFC6724] Thaler, D., Ed., Draves, R., Matsumoto, A., and T. Chown, 428 "Default Address Selection for Internet Protocol Version 6 429 (IPv6)", RFC 6724, DOI 10.17487/RFC6724, September 2012, 430 . 432 Authors' Addresses 434 Olle E. Johansson 435 Edvina AB 436 Runbovaegen 10 437 Sollentuna SE-192 48 438 SE 440 Email: oej@edvina.net 442 Gonzalo Salgueiro 443 Cisco Systems 444 7200-12 Kit Creek Road 445 Research Triangle Park, NC 27709 446 US 448 Email: gsalguei@cisco.com 450 Vijay Gurbani 451 Bell Labs, Alcatel-Lucent 452 1960 Lucent Lane 453 Rm 9C-533 454 Naperville, IL 60563 455 US 457 Email: vkg@bell-labs.com 459 Dale R. Worley (editor) 460 Ariadne Internet Services 461 738 Main St. 462 Waltham, MA 02451 463 US 465 Email: worley@ariadne.com