[Devel] Processing REGISTER requests
Bogdan-Andrei Iancu
bogdan at voice-system.ro
Tue Oct 11 11:13:27 CEST 2005
Hi everybody,
there was some bandwidth used on this topic, so let us focus on
practical solution which should solve the problems that were pointed
out, in a simple as possible manner.
I had a talk with Daniel, and based on what was discussed so far on this
thread, we tried to put things together and come up with a better
matching algorithm. I will use as reference Dan's email since it's a
good resume of the problems.
Shortly: we have couple of elements which can help identifying properly
the contact - the contact, the received address and the call-id. The
idea is how to use them (in what order) in order to be as close as
possible to the RFC specs, to do a matching in the most cases and to
have a fast matching also.
Here is the idea we came up is:
A) as done so far, based on the AOR, we get the set of contacts
registered by a user - this dismissed case 3) which cannot happen at all.
B) the first used element will be the contact (what was registered
by the client). why?
- this it's what the RFC says
- since this info is all the time present
the contact matching will be done via complete string
comparison. After this step, you may have sublist of records having the
same contacts (as pointed out in case 2) )
C) to received IP matching - use only the IP part of the received
address. This check will solve the case 2). Why only the IP part and not
also the port? in order to avoid seeing as separate records same contact
which was routed by the NAT via separate ports (as it was pointed out in
case 1) )
D) so far the algorithm will be able to properly match the contact,
excepting one case: if you have a 2 level nat where the second levels
have same network configuration and you have same phone with same user
is each of this networks, the contacts will be identical and the outside
IP the same - the port will be different, but this will be ignore by
step C). In this case, do a further Call-ID matching.
I think this algorithm covers as may problems as possible, and it's also
reasonable as logic (the selection steps and RFC compliance).
if there are some aspects that were missed or some space for
improvements, we will be happy to fix it.
regards,
bogdan
Dan Pascu wrote:
>I've checked the registrar module and noticed that openser uses only the
>contact to match a REGISTER request against an older REGISTER request (that
>is to know if it has to add an entry to user location or if it has to update
>an older entry).
>
>Now I think there are several problems with this approach and I can outline 3
>here (all refer to cases where phones are behind NAT):
>
>1. If you save the contact after calling fix_contact() you get the NAT address
>in the user location, but this address may change from one REGISTER request
>to another. I've seen this case with a NAT that uses a different port every
>request and that phone ended up with 200 contacts in the user location table.
>This is not something you'd want in your user location table, even though the
>proxy and phone will work correctly: the proxy will send 200 INVITE request
>when someone calls that phone and the phone will pick one branch to answer
>and reject the other 199, but the traffic is multiplied by 200.
>
>2. If you save the unmodified contact (the private address behind NAT) then
>there is a chance of contact collision. Consider someone with a SIP account
>and multiple phones in different locations. If he uses the same private IP
>address in multiple networks for his phones, those phones will overwrite each
>others entries in usrloc and only 1 phone will be available at a time (the
>one that sent the last REGISTER request).
>You may think that this situation is very rare, but I think it has big chances
>to appear because people tend to standardize the environment they work in for
>simplification. This makes it very likely that someone will use the same
>network classes in setting up private networks in different locations and
>that he uses the same IP addresses for his phones in those locations, so he
>knows that his phone is always found at the same address no matter what
>network he is in.
>
>3. If you save the unmodified contact (the private address behind NAT) then
>there is another chance of collision: if the proxy serves multiple domains
>and there are 2 users with the same username but in different domains and
>they use the same private IP address for their phone then both contacts will
>look like sip:username at ip:port and they will overwrite each others
>subscription as explained above.
>
>To overcome these problems I think we should use a different approach to
>identify the phone to which a REGISTER request belongs to. I've checked the
>RFC and there is the following recommendation for the Call-ID and CSeq fields
>with REGISTER requests:
>
> Call-ID: All registrations from a UAC SHOULD use the same Call-ID
> header field value for registrations sent to a particular
> registrar.
>
> If the same client were to use different Call-ID values, a
> registrar could not detect whether a delayed REGISTER request
> might have arrived out of order.
>
> CSeq: The CSeq value guarantees proper ordering of REGISTER
> requests. A UA MUST increment the CSeq value by one for each
> REGISTER request with the same Call-ID.
>
>As you can see they recommend (not mandate) that phones use the same callid
>for a given registrar. I've checked with the phones and almost all of them
>follow this recommendation.
>
>So I think we can use this in our advantage, by first checking the callid and
>if it's the same and the cseq is bigger than the old one, then update that
>entry and also overwrite the contact with the new one if different. Next, if
>there is no entry with that callid but there is an entry with the same
>contact field than update that entry. Of course we can use extra checks like
>cseq shouldn't be bigger than old_one+2, or that contact is the same with old
>one if using private IPs to make sure we find the right entry, but overall
>this way we have less chances to get the wrong entry than currently.
>
>Using this we can eliminate the above mentioned problems for phones that
>follow the RFC recommendation, while for the others we continue to function
>the same way as before.
>
>I've checked the user agents in use on my platform and how they behave in this
>regard and among them I found only one which doesn't follow this
>recommendation (DrayTek UA versions 1.1.5 through 1.2.1) and a lot that do
>(over 41 different user agents).
>
>
>
More information about the Devel
mailing list